On Wed, Oct 7, 2009 at 11:01 PM, Johannes Berg <johannes@xxxxxxxxxxxxxxxx> wrote: > On Wed, 2009-10-07 at 20:28 +0100, Hin-Tak Leung wrote: >> On Wed, Oct 7, 2009 at 8:16 PM, Hin-Tak Leung <hintak.leung@xxxxxxxxx> wrote: >> >> > It is probably just a transient problem with recent activities - I had >> > a NULL pointer deref from loading rtl8187 of compat-wireless >> > v2.6.32-rc3-39563-g98c2609 - >> > >> > BUG: unable to handle kernel NULL pointer dereference at 000000000000003d >> > IP: [<ffffffff8147822c>] wext_ioctl_dispatch+0xd9/0x180 >> > PGD 61c2b067 PUD 6246f067 PMD 0 >> > Oops: 0000 [#1] SMP >> > ... >> > Call Trace: >> > [<ffffffff814783f5>] wext_handle_ioctl+0x4d/0x98 >> > [<ffffffff813e53a5>] dev_ioctl+0x625/0x662 >> > [<ffffffff813cfa45>] sock_ioctl+0x225/0x248 >> > [<ffffffff811237a3>] vfs_ioctl+0x31/0xaa >> > [<ffffffff811e1801>] ? security_d_instantiate+0x37/0x4d >> > [<ffffffff81123c88>] do_vfs_ioctl+0x46c/0x4c3 >> > [<ffffffff81123d44>] sys_ioctl+0x65/0x9c >> > [<ffffffff81012082>] system_call_fastpath+0x16/0x1b >> > >> > I'm sure whatever changes made this happen will go away soon, so I'll >> > just re-try in a few days... but if anybody knows what commit causes >> > this (and what fixes it!), I'd like to know. >> > >> >> Hiya, It looks like I last used compat-wireless successfully was on >> 25th (I am not saying it breaks after - I just haven't tried until >> yesterday, possibly), and most of the recent changes are per-driver, >> but there is a big code drop from Johannes dated 27th on 'wext: >> refactor' . Changes from that or dependent changes? > > Probably -- but I don't see this problem on stock kernel and I'm not > sure what could be causing it for compat-wireless. > > This will be the old copy of wext_ioctl_dispatch. It'd certainly help to > get disassembly/the source line of the oops. > > johannes > The crash came from the fedora koji kernel 2.6.30.8-67.fc11.x86_64 (+ bleed-edge compat-wireless), so John can probably correct me if I am doing wrong or he can probably provide a better answer based on the info. I installed the debug packages kernel-debuginfo-2.6.30.8-67.fc11 , kernel-debuginfo-common-x86_64-2.6.30.8-67.fc11 , then dump the whole thing to work out the address, before selecting the adress as: objdump -l -d --start-address=0xffffffff81478153 --stop-address=0xffffffff81478440 -S /usr/lib/debug/lib/modules/2.6.30.8-67.fc11.x86_64/vmlinux It looks like it is the 2nd of thes two lines around /usr/src/debug/kernel-2.6.30/linux-2.6.30.x86_64/net/wireless/wext.c:448 which resulted in the null pointer dereference: if (index < dev->wireless_handlers->num_private) return dev->wireless_handlers->private[index]; Is there a more clever way of working out the addresses? I guess I should have just subtracted and added a few k off the crash message, rather than dumping the whole kernel to work out the addresses...
Attachment:
kernel-objdump-withlines
Description: Binary data