kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #07778
[Bug 892928] Re: wireshark crashes with null pointer dereference in kernel
** Tags added: bios-outdated-4.6 needs-upstream-testing
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/892928
Title:
wireshark crashes with null pointer dereference in kernel
Status in “linux” package in Ubuntu:
Incomplete
Status in “wireshark” package in Ubuntu:
Invalid
Bug description:
I followed the following steps to get wireshark running in non-root mode:
* Create wireshark group
* Set permissions of dumpcap so only users in the wireshark group can run it
* setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
* Add my user to wireshark group
* restart
* open wireshark through the unity dash, and start capturing on my wireless network interface
Traffic started appearing in wireshark, I applied a filter, and made a
query using firefox that I expected to be caught by the filter. At
this point the whole system crashed.
When I brought the system back up, I checked the system logs. Here is what I got in syslog at the time of the crash:
Nov 20 17:47:44 bodie kernel: [ 288.576153] device wlan0 entered promiscuous mode
Nov 20 17:48:03 bodie kernel: [ 307.612283] BUG: unable to handle kernel NULL pointer dereference at 0000002c
Nov 20 17:48:03 bodie kernel: [ 307.612366] IP: [<f8f05184>] ieee80211_rx_h_michael_mic_verify+0x184/0x1d0 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.612452] *pdpt = 00000000373d1001 *pde = 0000000000000000
Nov 20 17:48:03 bodie kernel: [ 307.612510] Oops: 0002 [#1] SMP
Nov 20 17:48:03 bodie kernel: [ 307.612548] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
Nov 20 17:48:03 bodie kernel: [ 307.613191]
Nov 20 17:48:03 bodie kernel: [ 307.613209] Pid: 0, comm: kworker/0:1 Not tainted 3.0.0-12-generic-pae #20-Ubuntu MSI MS-7592/G41TM-E43 (MS-7592)
Nov 20 17:48:03 bodie kernel: [ 307.613306] EIP: 0060:[<f8f05184>] EFLAGS: 00010246 CPU: 3
Nov 20 17:48:03 bodie kernel: [ 307.613364] EIP is at ieee80211_rx_h_michael_mic_verify+0x184/0x1d0 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.613428] EAX: 00000000 EBX: f74edec8 ECX: 00000000 EDX: 00000000
Nov 20 17:48:03 bodie kernel: [ 307.613484] ESI: 00000000 EDI: ef30d044 EBP: f74ede54 ESP: f74ede24
Nov 20 17:48:03 bodie kernel: [ 307.613539] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Nov 20 17:48:03 bodie kernel: [ 307.613588] Process kworker/0:1 (pid: 0, ti=f74ec000 task=f74ce600 task.ti=f74e8000)
Nov 20 17:48:03 bodie kernel: [ 307.613655] Stack:
Nov 20 17:48:03 bodie kernel: [ 307.613675] c15555fd f74ede34 00000008 00000000 00000000 ec932000 f74edec8 ef30d044
Nov 20 17:48:03 bodie kernel: [ 307.613768] 55588794 f74edec8 ec932000 00000001 f74ede6c f8f192b5 f8f18b16 f74edec8
Nov 20 17:48:03 bodie kernel: [ 307.613859] f74edec8 ec932000 f74ede7c f8f19486 f74edec8 ec932000 f74edeac f8f1952c
Nov 20 17:48:03 bodie kernel: [ 307.613949] Call Trace:
Nov 20 17:48:03 bodie kernel: [ 307.613978] [<c15555fd>] ? _raw_spin_lock_irqsave+0x2d/0x40
Nov 20 17:48:03 bodie kernel: [ 307.614044] [<f8f192b5>] ieee80211_rx_handlers+0x125/0x2a0 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.614114] [<f8f18b16>] ? ieee80211_rx_h_check+0xc6/0x120 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.614184] [<f8f19486>] ieee80211_invoke_rx_handlers+0x56/0xa0 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.614257] [<f8f1952c>] ieee80211_prepare_and_rx_handle+0x5c/0xc0 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.614333] [<f8f196fb>] __ieee80211_rx_handle_packet+0x16b/0x2d0 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.614407] [<f8f19940>] ieee80211_rx+0xe0/0x180 [mac80211]
Nov 20 17:48:03 bodie kernel: [ 307.614463] [<f88ffa68>] rt2x00lib_rxdone+0x178/0x1f0 [rt2x00lib]
Nov 20 17:48:03 bodie kernel: [ 307.614522] [<f88e4265>] rt2x00pci_rxdone+0x65/0x90 [rt2x00pci]
Nov 20 17:48:03 bodie kernel: [ 307.614589] [<c1056e60>] ? local_bh_enable_ip+0x90/0x90
Nov 20 17:48:03 bodie kernel: [ 307.614639] [<f88d7aa8>] rt61pci_rxdone_tasklet+0x18/0x80 [rt61pci]
Nov 20 17:48:03 bodie kernel: [ 307.614698] [<c1056983>] tasklet_action+0x63/0x110
Nov 20 17:48:03 bodie kernel: [ 307.614743] [<c1056e60>] ? local_bh_enable_ip+0x90/0x90
Nov 20 17:48:03 bodie kernel: [ 307.614792] [<c1056ee1>] __do_softirq+0x81/0x1a0
Nov 20 17:48:03 bodie kernel: [ 307.614836] [<c1056e60>] ? local_bh_enable_ip+0x90/0x90
Nov 20 17:48:03 bodie kernel: [ 307.616244] <IRQ>
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c1057226>] ? irq_exit+0x76/0xa0
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c155cd5b>] ? do_IRQ+0x4b/0xc0
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c1057210>] ? irq_exit+0x60/0xa0
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c155ce29>] ? smp_apic_timer_interrupt+0x59/0x88
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c155cbb0>] ? common_interrupt+0x30/0x38
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c1011091>] ? mwait_idle+0x71/0x130
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c1008c6a>] ? cpu_idle+0x8a/0xc0
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c153a994>] ? start_secondary+0xe8/0xed
Nov 20 17:48:03 bodie kernel: [ 307.616244] Code: 01 00 b8 01 00 00 00 e9 e2 fe ff ff 8d 76 00 f6 c1 01 75 bb 83 e1 10 0f 85 d1 fe ff ff 8b 53 10 8d 04 b6 8b 4b 1c c1 e0 02 01 c2
Nov 20 17:48:03 bodie kernel: [ 307.616244] EIP: [<f8f05184>] ieee80211_rx_h_michael_mic_verify+0x184/0x1d0 [mac80211] SS:ESP 0068:f74ede24
Nov 20 17:48:03 bodie kernel: [ 307.616244] CR2: 000000000000002c
Nov 20 17:48:03 bodie kernel: [ 307.616244] BUG: scheduling while atomic: kworker/0:1/0/0x10000300
Nov 20 17:48:03 bodie kernel: [ 307.616244] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
Nov 20 17:48:03 bodie kernel: [ 307.616244] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
Nov 20 17:48:03 bodie kernel: [ 307.616244]
Nov 20 17:48:03 bodie kernel: [ 307.616244] Pid: 0, comm: kworker/0:1 Not tainted 3.0.0-12-generic-pae #20-Ubuntu MSI MS-7592/G41TM-E43 (MS-7592)
Nov 20 17:48:03 bodie kernel: [ 307.616244] EIP: 0060:[<c1011091>] EFLAGS: 00000246 CPU: 3
Nov 20 17:48:03 bodie kernel: [ 307.616244] EIP is at mwait_idle+0x71/0x130
Nov 20 17:48:03 bodie kernel: [ 307.616244] EAX: 00000000 EBX: 00000003 ECX: 00000000 EDX: 00000000
Nov 20 17:48:03 bodie kernel: [ 307.616244] ESI: c17f18b8 EDI: 6a82cada EBP: f74e9f7c ESP: f74e9f68
Nov 20 17:48:03 bodie kernel: [ 307.616244] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Nov 20 17:48:03 bodie kernel: [ 307.616244] Process kworker/0:1 (pid: 0, ti=f74ec000 task=f74ce600 task.ti=f74e8000)
Nov 20 17:48:03 bodie kernel: [ 307.616244] Stack:
Nov 20 17:48:03 bodie kernel: [ 307.616244] 00000003 00000003 00000003 c17f18b8 6a82cada f74e9f98 c1008c6a 55588794
Nov 20 17:48:03 bodie kernel: [ 307.616244] 6a82cada 2378b39c 00000000 00000000 f74e9fac c153a994 87a8cd8f 2378b39c
Nov 20 17:48:03 bodie kernel: [ 307.616244] 03040800 00000000 00000000 00000000 00000000 00000000 00000000 00000000
Nov 20 17:48:03 bodie kernel: [ 307.616244] Call Trace:
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c1008c6a>] cpu_idle+0x8a/0xc0
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c153a994>] start_secondary+0xe8/0xed
Nov 20 17:48:03 bodie kernel: [ 307.616244] Code: 00 e0 ff ff 31 d2 83 c0 08 89 d1 0f 01 c8 0f ae f0 89 f6 89 e0 25 00 e0 ff ff 8b 40 08 a8 08 0f 85 a4 00 00 00 31 c0 fb 0f 01 c9
Nov 20 17:48:03 bodie kernel: [ 307.616244] Call Trace:
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c1008c6a>] cpu_idle+0x8a/0xc0
Nov 20 17:48:03 bodie kernel: [ 307.616244] [<c153a994>] start_secondary+0xe8/0xed
Nov 20 17:48:03 bodie kernel: [ 307.756350] BUG: scheduling while atomic: kworker/0:1/0/0x10000300
Nov 20 17:48:03 bodie kernel: [ 307.759743] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
Nov 20 17:48:03 bodie kernel: [ 307.774046] Modules linked in: rfcomm bnep bluetooth nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd arc4 rt61pci crc_itu_t rt2x00pci rt2x00lib mac80211 soundcore i915 drm_kms_helper drm cfg80211 snd_page_alloc eeprom_93cx6 psmouse joydev serio_raw i2c_algo_bit ppdev video parport_pc lp parport usbhid hid raid10 raid456 async_raid6_recov async_pq floppy r8169 raid6_pq async_xor xor async_memcpy async_tx raid1 raid0 multipath linear
After some google searching, I found that a bug with a matching error message was found and fixed recently by the wireshark developers. Here is a link to the bug:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476
The bug was fixed in wireshark version 1.6.3, but Ubuntu released version 1.6.2. Here are the release notes for wireshark 1.6.3, which references bug 6476, linked above.
http://www.wireshark.org/docs/relnotes/wireshark-1.6.3.html
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: wireshark 1.6.2-1
ProcVersionSignature: Ubuntu 3.0.0-12.20-generic-pae 3.0.4
Uname: Linux 3.0.0-12-generic-pae i686
ApportVersion: 1.23-0ubuntu4
Architecture: i386
Date: Sun Nov 20 19:38:20 2011
ProcEnviron:
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: wireshark
UpgradeStatus: Upgraded to oneiric on 2011-10-15 (37 days ago)
---
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24.
ApportVersion: 1.23-0ubuntu4
Architecture: i386
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: spence 1994 F.... pulseaudio
/dev/snd/pcmC0D0p: spence 1994 F...m pulseaudio
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info:
Card hw:0 'Intel'/'HDA Intel at 0xfe9f8000 irq 44'
Mixer name : 'Intel Eaglelake HDMI'
Components : 'HDA:10ec0889,14627592,00100004 HDA:80862803,80860101,00100000'
Controls : 41
Simple ctrls : 23
DistroRelease: Ubuntu 11.10
HibernationDevice: RESUME=UUID=ad3f9fb2-3d01-45e3-8fec-f8a87b458a0d
MachineType: MSI MS-7592
Package: linux (not installed)
ProcEnviron:
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: root=UUID=f2c5cc67-2076-48f1-bde5-f752602c4072 ro quiet splash
ProcVersionSignature: Ubuntu 3.0.0-12.20-generic-pae 3.0.4
RelatedPackageVersions:
linux-restricted-modules-3.0.0-12-generic-pae N/A
linux-backports-modules-3.0.0-12-generic-pae N/A
linux-firmware 1.60
RfKill:
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
Tags: oneiric running-unity
Uname: Linux 3.0.0-12-generic-pae i686
UpgradeStatus: Upgraded to oneiric on 2011-10-15 (37 days ago)
UserGroups: adm admin cdrom dialout disk floppy lpadmin netdev plugdev sambashare scanner video www-data
WpaSupplicantLog:
dmi.bios.date: 03/27/2009
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: V4.0
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: G41TM-E43 (MS-7592)
dmi.board.vendor: MSI
dmi.board.version: 20
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: MSI
dmi.chassis.version: 20
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrV4.0:bd03/27/2009:svnMSI:pnMS-7592:pvr20:rvnMSI:rnG41TM-E43(MS-7592):rvr20:cvnMSI:ct3:cvr20:
dmi.product.name: MS-7592
dmi.product.version: 20
dmi.sys.vendor: MSI
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/892928/+subscriptions