← Back to team overview

kernel-packages team mailing list archive

[Bug 892928] Re: wireshark crashes with null pointer dereference in kernel

 

** Tags added: bios-outdated-4.6 needs-upstream-testing

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/892928

Title:
  wireshark crashes with null pointer dereference in kernel

Status in “linux” package in Ubuntu:
  Incomplete
Status in “wireshark” package in Ubuntu:
  Invalid

Bug description:
  I followed the following steps to get wireshark running in non-root mode:
   * Create wireshark group
   * Set permissions of dumpcap so only users in the wireshark group can run it
   * setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
   * Add my user to wireshark group
   * restart
   * open wireshark through the unity dash, and start capturing on my wireless network interface

  Traffic started appearing in wireshark, I applied a filter, and made a
  query using firefox that I expected to be caught by the filter.  At
  this point the whole system crashed.

  When I brought the system back up, I checked the system logs.  Here is what I got in syslog at the time of the crash:
  Nov 20 17:47:44 bodie kernel: [  288.576153] device wlan0 entered promiscuous mode
  Nov 20 17:48:03 bodie kernel: [  307.612283] BUG: unable to handle kernel NULL pointer dereference at 0000002c
  Nov 20 17:48:03 bodie kernel: [  307.612366] IP: [<f8f05184>] ieee80211_rx_h_michael_mic_verify+0x184/0x1d0 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.612452] *pdpt = 00000000373d1001 *pde = 0000000000000000
  Nov 20 17:48:03 bodie kernel: [  307.612510] Oops: 0002 [#1] SMP
  Nov 20 17:48:03 bodie kernel: [  307.612548] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
  Nov 20 17:48:03 bodie kernel: [  307.613191]
  Nov 20 17:48:03 bodie kernel: [  307.613209] Pid: 0, comm: kworker/0:1 Not tainted 3.0.0-12-generic-pae #20-Ubuntu MSI MS-7592/G41TM-E43 (MS-7592)
  Nov 20 17:48:03 bodie kernel: [  307.613306] EIP: 0060:[<f8f05184>] EFLAGS: 00010246 CPU: 3
  Nov 20 17:48:03 bodie kernel: [  307.613364] EIP is at ieee80211_rx_h_michael_mic_verify+0x184/0x1d0 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.613428] EAX: 00000000 EBX: f74edec8 ECX: 00000000 EDX: 00000000
  Nov 20 17:48:03 bodie kernel: [  307.613484] ESI: 00000000 EDI: ef30d044 EBP: f74ede54 ESP: f74ede24
  Nov 20 17:48:03 bodie kernel: [  307.613539]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
  Nov 20 17:48:03 bodie kernel: [  307.613588] Process kworker/0:1 (pid: 0, ti=f74ec000 task=f74ce600 task.ti=f74e8000)
  Nov 20 17:48:03 bodie kernel: [  307.613655] Stack:
  Nov 20 17:48:03 bodie kernel: [  307.613675]  c15555fd f74ede34 00000008 00000000 00000000 ec932000 f74edec8 ef30d044
  Nov 20 17:48:03 bodie kernel: [  307.613768]  55588794 f74edec8 ec932000 00000001 f74ede6c f8f192b5 f8f18b16 f74edec8
  Nov 20 17:48:03 bodie kernel: [  307.613859]  f74edec8 ec932000 f74ede7c f8f19486 f74edec8 ec932000 f74edeac f8f1952c
  Nov 20 17:48:03 bodie kernel: [  307.613949] Call Trace:
  Nov 20 17:48:03 bodie kernel: [  307.613978]  [<c15555fd>] ? _raw_spin_lock_irqsave+0x2d/0x40
  Nov 20 17:48:03 bodie kernel: [  307.614044]  [<f8f192b5>] ieee80211_rx_handlers+0x125/0x2a0 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.614114]  [<f8f18b16>] ? ieee80211_rx_h_check+0xc6/0x120 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.614184]  [<f8f19486>] ieee80211_invoke_rx_handlers+0x56/0xa0 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.614257]  [<f8f1952c>] ieee80211_prepare_and_rx_handle+0x5c/0xc0 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.614333]  [<f8f196fb>] __ieee80211_rx_handle_packet+0x16b/0x2d0 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.614407]  [<f8f19940>] ieee80211_rx+0xe0/0x180 [mac80211]
  Nov 20 17:48:03 bodie kernel: [  307.614463]  [<f88ffa68>] rt2x00lib_rxdone+0x178/0x1f0 [rt2x00lib]
  Nov 20 17:48:03 bodie kernel: [  307.614522]  [<f88e4265>] rt2x00pci_rxdone+0x65/0x90 [rt2x00pci]
  Nov 20 17:48:03 bodie kernel: [  307.614589]  [<c1056e60>] ? local_bh_enable_ip+0x90/0x90
  Nov 20 17:48:03 bodie kernel: [  307.614639]  [<f88d7aa8>] rt61pci_rxdone_tasklet+0x18/0x80 [rt61pci]
  Nov 20 17:48:03 bodie kernel: [  307.614698]  [<c1056983>] tasklet_action+0x63/0x110
  Nov 20 17:48:03 bodie kernel: [  307.614743]  [<c1056e60>] ? local_bh_enable_ip+0x90/0x90
  Nov 20 17:48:03 bodie kernel: [  307.614792]  [<c1056ee1>] __do_softirq+0x81/0x1a0
  Nov 20 17:48:03 bodie kernel: [  307.614836]  [<c1056e60>] ? local_bh_enable_ip+0x90/0x90
  Nov 20 17:48:03 bodie kernel: [  307.616244]  <IRQ>
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c1057226>] ? irq_exit+0x76/0xa0
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c155cd5b>] ? do_IRQ+0x4b/0xc0
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c1057210>] ? irq_exit+0x60/0xa0
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c155ce29>] ? smp_apic_timer_interrupt+0x59/0x88
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c155cbb0>] ? common_interrupt+0x30/0x38
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c1011091>] ? mwait_idle+0x71/0x130
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c1008c6a>] ? cpu_idle+0x8a/0xc0
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c153a994>] ? start_secondary+0xe8/0xed
  Nov 20 17:48:03 bodie kernel: [  307.616244] Code: 01 00 b8 01 00 00 00 e9 e2 fe ff ff 8d 76 00 f6 c1 01 75 bb 83 e1 10 0f 85 d1 fe ff ff 8b 53 10 8d 04 b6 8b 4b 1c c1 e0 02 01 c2
  Nov 20 17:48:03 bodie kernel: [  307.616244] EIP: [<f8f05184>] ieee80211_rx_h_michael_mic_verify+0x184/0x1d0 [mac80211] SS:ESP 0068:f74ede24
  Nov 20 17:48:03 bodie kernel: [  307.616244] CR2: 000000000000002c
  Nov 20 17:48:03 bodie kernel: [  307.616244] BUG: scheduling while atomic: kworker/0:1/0/0x10000300
  Nov 20 17:48:03 bodie kernel: [  307.616244] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
  Nov 20 17:48:03 bodie kernel: [  307.616244] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
  Nov 20 17:48:03 bodie kernel: [  307.616244]
  Nov 20 17:48:03 bodie kernel: [  307.616244] Pid: 0, comm: kworker/0:1 Not tainted 3.0.0-12-generic-pae #20-Ubuntu MSI MS-7592/G41TM-E43 (MS-7592)
  Nov 20 17:48:03 bodie kernel: [  307.616244] EIP: 0060:[<c1011091>] EFLAGS: 00000246 CPU: 3
  Nov 20 17:48:03 bodie kernel: [  307.616244] EIP is at mwait_idle+0x71/0x130
  Nov 20 17:48:03 bodie kernel: [  307.616244] EAX: 00000000 EBX: 00000003 ECX: 00000000 EDX: 00000000
  Nov 20 17:48:03 bodie kernel: [  307.616244] ESI: c17f18b8 EDI: 6a82cada EBP: f74e9f7c ESP: f74e9f68
  Nov 20 17:48:03 bodie kernel: [  307.616244]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
  Nov 20 17:48:03 bodie kernel: [  307.616244] Process kworker/0:1 (pid: 0, ti=f74ec000 task=f74ce600 task.ti=f74e8000)
  Nov 20 17:48:03 bodie kernel: [  307.616244] Stack:
  Nov 20 17:48:03 bodie kernel: [  307.616244]  00000003 00000003 00000003 c17f18b8 6a82cada f74e9f98 c1008c6a 55588794
  Nov 20 17:48:03 bodie kernel: [  307.616244]  6a82cada 2378b39c 00000000 00000000 f74e9fac c153a994 87a8cd8f 2378b39c
  Nov 20 17:48:03 bodie kernel: [  307.616244]  03040800 00000000 00000000 00000000 00000000 00000000 00000000 00000000
  Nov 20 17:48:03 bodie kernel: [  307.616244] Call Trace:
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c1008c6a>] cpu_idle+0x8a/0xc0
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c153a994>] start_secondary+0xe8/0xed
  Nov 20 17:48:03 bodie kernel: [  307.616244] Code: 00 e0 ff ff 31 d2 83 c0 08 89 d1 0f 01 c8 0f ae f0 89 f6 89 e0 25 00 e0 ff ff 8b 40 08 a8 08 0f 85 a4 00 00 00 31 c0 fb 0f 01 c9
  Nov 20 17:48:03 bodie kernel: [  307.616244] Call Trace:
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c1008c6a>] cpu_idle+0x8a/0xc0
  Nov 20 17:48:03 bodie kernel: [  307.616244]  [<c153a994>] start_secondary+0xe8/0xed
  Nov 20 17:48:03 bodie kernel: [  307.756350] BUG: scheduling while atomic: kworker/0:1/0/0x10000300
  Nov 20 17:48:03 bodie kernel: [  307.759743] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
  Nov 20 17:48:03 bodie kernel: [  307.774046] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear

  After some google searching, I found that a bug with a matching error message was found and fixed recently by the wireshark developers.  Here is a link to the bug:
  https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476

  The bug was fixed in wireshark version 1.6.3, but Ubuntu released version 1.6.2.  Here are the release notes for wireshark 1.6.3, which references bug 6476, linked above.
  http://www.wireshark.org/docs/relnotes/wireshark-1.6.3.html

  ProblemType: Bug
  DistroRelease: Ubuntu 11.10
  Package: wireshark 1.6.2-1
  ProcVersionSignature: Ubuntu 3.0.0-12.20-generic-pae 3.0.4
  Uname: Linux 3.0.0-12-generic-pae i686
  ApportVersion: 1.23-0ubuntu4
  Architecture: i386
  Date: Sun Nov 20 19:38:20 2011
  ProcEnviron:
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: wireshark
  UpgradeStatus: Upgraded to oneiric on 2011-10-15 (37 days ago)
  ---
  AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24.
  ApportVersion: 1.23-0ubuntu4
  Architecture: i386
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  spence     1994 F.... pulseaudio
   /dev/snd/pcmC0D0p:   spence     1994 F...m pulseaudio
  CRDA: Error: [Errno 2] No such file or directory
  Card0.Amixer.info:
   Card hw:0 'Intel'/'HDA Intel at 0xfe9f8000 irq 44'
     Mixer name	: 'Intel Eaglelake HDMI'
     Components	: 'HDA:10ec0889,14627592,00100004 HDA:80862803,80860101,00100000'
     Controls      : 41
     Simple ctrls  : 23
  DistroRelease: Ubuntu 11.10
  HibernationDevice: RESUME=UUID=ad3f9fb2-3d01-45e3-8fec-f8a87b458a0d
  MachineType: MSI MS-7592
  Package: linux (not installed)
  ProcEnviron:
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: root=UUID=f2c5cc67-2076-48f1-bde5-f752602c4072 ro quiet splash
  ProcVersionSignature: Ubuntu 3.0.0-12.20-generic-pae 3.0.4
  RelatedPackageVersions:
   linux-restricted-modules-3.0.0-12-generic-pae N/A
   linux-backports-modules-3.0.0-12-generic-pae  N/A
   linux-firmware                                1.60
  RfKill:
   0: phy0: Wireless LAN
    Soft blocked: no
    Hard blocked: no
  Tags:  oneiric running-unity
  Uname: Linux 3.0.0-12-generic-pae i686
  UpgradeStatus: Upgraded to oneiric on 2011-10-15 (37 days ago)
  UserGroups: adm admin cdrom dialout disk floppy lpadmin netdev plugdev sambashare scanner video www-data
  WpaSupplicantLog:

  dmi.bios.date: 03/27/2009
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: V4.0
  dmi.board.asset.tag: To Be Filled By O.E.M.
  dmi.board.name: G41TM-E43 (MS-7592)
  dmi.board.vendor: MSI
  dmi.board.version: 20
  dmi.chassis.asset.tag: To Be Filled By O.E.M.
  dmi.chassis.type: 3
  dmi.chassis.vendor: MSI
  dmi.chassis.version: 20
  dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrV4.0:bd03/27/2009:svnMSI:pnMS-7592:pvr20:rvnMSI:rnG41TM-E43(MS-7592):rvr20:cvnMSI:ct3:cvr20:
  dmi.product.name: MS-7592
  dmi.product.version: 20
  dmi.sys.vendor: MSI

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/892928/+subscriptions