[Bug 275616] bwn driver causes kernel panic after connect

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 275616] bwn driver causes kernel panic after connect"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 07 Dec 2023 22:44:49 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275616

Bjoern A. Zeeb <bz@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|New                         |Open
                 CC|                            |markj@FreeBSD.org

--- Comment #2 from Bjoern A. Zeeb <bz@FreeBSD.org> ---
Do you have IEEE80211_DEBUG enabled?

Also, if you have src+obj code, can you lookup and verify my assuptions based
on main w/o kasan in kernel:

ieee80211_crypto_ccmp.c:669 ff:
  68 #1 0xffffffff81580899 at ccmp_encap+0xe99  (memcpy or debug error after?)
 193 #2 0xffffffff815808df at ccmp_encap+0xedf  (also around the memcpy,
stats?)
ieee80211_crypto_ccmp.c:299:
  62 #1 0xffffffff81580953 at ccmp_encap+0xf53  (m_adj?)

I am just curious as the distribution later is quite wide, which indeed seems
to indicate that the data buffer at that point isn't valid.

  25 #1 0xffffffff80599a6c at rijndaelEncrypt+0x25c
  25 #1 0xffffffff80599af7 at rijndaelEncrypt+0x2e7
  25 #1 0xffffffff80599b7c at rijndaelEncrypt+0x36c
  24 #1 0xffffffff80599c01 at rijndaelEncrypt+0x3f1
  26 #1 0xffffffff80599ca5 at rijndaelEncrypt+0x495
  27 #1 0xffffffff80599d2c at rijndaelEncrypt+0x51c
  21 #1 0xffffffff80599db1 at rijndaelEncrypt+0x5a1
  20 #1 0xffffffff80599e36 at rijndaelEncrypt+0x626

Strangely the ccmp code has not seen functional changes in years.

-- 
You are receiving this mail because:
You are the assignee for the bug.