On Wed, Oct 7, 2009 at 11:01 PM, Johannes Berg
<johannes@xxxxxxxxxxxxxxxx> wrote:
> On Wed, 2009-10-07 at 20:28 +0100, Hin-Tak Leung wrote:
>> On Wed, Oct 7, 2009 at 8:16 PM, Hin-Tak Leung <hintak.leung@xxxxxxxxx> wrote:
>>
>> > It is probably just a transient problem with recent activities - I had
>> > a NULL pointer deref from loading rtl8187 of compat-wireless
>> > v2.6.32-rc3-39563-g98c2609 -
>> >
>> > BUG: unable to handle kernel NULL pointer dereference at 000000000000003d
>> > IP: [<ffffffff8147822c>] wext_ioctl_dispatch+0xd9/0x180
>> > PGD 61c2b067 PUD 6246f067 PMD 0
>> > Oops: 0000 [#1] SMP
>> > ...
>> > Call Trace:
>> > [<ffffffff814783f5>] wext_handle_ioctl+0x4d/0x98
>> > [<ffffffff813e53a5>] dev_ioctl+0x625/0x662
>> > [<ffffffff813cfa45>] sock_ioctl+0x225/0x248
>> > [<ffffffff811237a3>] vfs_ioctl+0x31/0xaa
>> > [<ffffffff811e1801>] ? security_d_instantiate+0x37/0x4d
>> > [<ffffffff81123c88>] do_vfs_ioctl+0x46c/0x4c3
>> > [<ffffffff81123d44>] sys_ioctl+0x65/0x9c
>> > [<ffffffff81012082>] system_call_fastpath+0x16/0x1b
>> >
>> > I'm sure whatever changes made this happen will go away soon, so I'll
>> > just re-try in a few days... but if anybody knows what commit causes
>> > this (and what fixes it!), I'd like to know.
>> >
>>
>> Hiya, It looks like I last used compat-wireless successfully was on
>> 25th (I am not saying it breaks after - I just haven't tried until
>> yesterday, possibly), and most of the recent changes are per-driver,
>> but there is a big code drop from Johannes dated 27th on 'wext:
>> refactor' . Changes from that or dependent changes?
>
> Probably -- but I don't see this problem on stock kernel and I'm not
> sure what could be causing it for compat-wireless.
>
> This will be the old copy of wext_ioctl_dispatch. It'd certainly help to
> get disassembly/the source line of the oops.
>
> johannes
>
The crash came from the fedora koji kernel 2.6.30.8-67.fc11.x86_64 (+
bleed-edge compat-wireless), so John can probably correct me if I am
doing wrong or he can probably provide a better answer based on the
info.
I installed the debug packages kernel-debuginfo-2.6.30.8-67.fc11 ,
kernel-debuginfo-common-x86_64-2.6.30.8-67.fc11 , then dump the whole
thing to work out the address, before selecting the adress as:
objdump -l -d --start-address=0xffffffff81478153
--stop-address=0xffffffff81478440 -S
/usr/lib/debug/lib/modules/2.6.30.8-67.fc11.x86_64/vmlinux
It looks like it is the 2nd of thes two lines around
/usr/src/debug/kernel-2.6.30/linux-2.6.30.x86_64/net/wireless/wext.c:448
which resulted in the null pointer dereference:
if (index < dev->wireless_handlers->num_private)
return dev->wireless_handlers->private[index];
Is there a more clever way of working out the addresses? I guess I
should have just subtracted and added a few k off the crash message,
rather than dumping the whole kernel to work out the addresses...
Attachment:
kernel-objdump-withlines
Description: Binary data
