Launchpad has imported 3 comments from the remote bug at https://bugzilla.kernel.org/show_bug.cgi?id=200855.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2018-08-19T01:25:33+00:00 phil wrote: Created attachment 277929 dmesg I see this oops hit every couple of days on my Intel 8265 (in master mode) running a vanilla 4.14.52 kernel (Alpine Linux 3.8); dmesg attached. Some searching turned up a very similar oops that someone had posted on pastebin, as well as on github (https://gist.github.com/aplund/7ba82370be0388abfa1974d13102ae9a), but I was unable to find a matching issue in the issue tracker. Reply at: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1733194/comments/20 ------------------------------------------------------------------------ On 2018-08-19T01:26:29+00:00 phil wrote: Created attachment 277931 iwlwifi.ko Reply at: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1733194/comments/21 ------------------------------------------------------------------------ On 2018-08-19T18:03:47+00:00 emmanuel.grumbach wrote: So we fail here (last line): 0000000000008e7d <iwl_trans_pcie_txq_enable>: 8e7d: e8 00 00 00 00 callq 8e82 <iwl_trans_pcie_txq_enable+0x5> 8e82: 41 57 push %r15 8e84: 41 56 push %r14 8e86: 49 89 fe mov %rdi,%r14 8e89: 41 55 push %r13 8e8b: 41 54 push %r12 8e8d: 49 89 cd mov %rcx,%r13 8e90: 55 push %rbp 8e91: 53 push %rbx 8e92: 41 89 d4 mov %edx,%r12d 8e95: 89 f3 mov %esi,%ebx 8e97: 48 83 ec 20 sub $0x20,%rsp 8e9b: 65 48 8b 04 25 28 00 mov %gs:0x28,%rax 8ea2: 00 00 8ea4: 48 89 44 24 18 mov %rax,0x18(%rsp) 8ea9: 31 c0 xor %eax,%eax 8eab: 48 63 c6 movslq %esi,%rax 8eae: 66 89 54 24 02 mov %dx,0x2(%rsp) 8eb3: 4c 8b bc c7 08 7e 00 mov 0x7e08(%rdi,%rax,8),%r15 8eba: 00 8ebb: f0 48 0f ab 87 08 8e lock bts %rax,0x8e08(%rdi) 8ec2: 00 00 8ec4: 73 28 jae 8eee <iwl_trans_pcie_txq_enable+0x71> 8ec6: 80 3d 00 00 00 00 00 cmpb $0x0,0x0(%rip) # 8ecd <iwl_trans_pcie_txq_enable+0x50> 8ecd: 75 1f jne 8eee <iwl_trans_pcie_txq_enable+0x71> 8ecf: 48 c7 c7 00 00 00 00 mov $0x0,%rdi 8ed6: 44 89 44 24 04 mov %r8d,0x4(%rsp) 8edb: c6 05 00 00 00 00 01 movb $0x1,0x0(%rip) # 8ee2 <iwl_trans_pcie_txq_enable+0x65> 8ee2: e8 00 00 00 00 callq 8ee7 <iwl_trans_pcie_txq_enable+0x6a> 8ee7: 0f 0b ud2 8ee9: 44 8b 44 24 04 mov 0x4(%rsp),%r8d 8eee: 44 89 c7 mov %r8d,%edi 8ef1: e8 00 00 00 00 callq 8ef6 <iwl_trans_pcie_txq_enable+0x79> 8ef6: 4d 85 ed test %r13,%r13 8ef9: 49 89 47 70 mov %rax,0x70(%r15) Clearly, r15 is 0. r15 is assigned as mov 0x7e08(%rdi,%rax,8),%r15 which teaches me that r15 much be the pointer to the txq. rdi is the first param to the function (trans) and apparently rax is the txq_id (the second parameter although this doesn't come natural from the calling convention, rax is has been assigned to be txq_id). The txq assignment is: struct iwl_txq *txq = trans_pcie->txq[txq_id]; Bottom line, txq is NULL... Note that we tried (and failed) to open AMPDU a bit before the crash and this is clearly not a classic scenario. I really don't see how trans_pcie->txq[txq_id] could be NULL... If only we knew what was the value of txq_id... Can you load iwlwifi with debug=0x80000000 ? Reply at: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1733194/comments/23 ** Changed in: linux Status: Unknown => Incomplete ** Changed in: linux Importance: Unknown => Medium -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1733194 Title: kernel NULL pointer dereference in iwlmvm iwl_mvm_enable_txq Status in Linux: Incomplete Status in linux package in Ubuntu: Confirmed Bug description: When in AP mode after some time, get this BUG: Nov 18 23:21:31 bifrost kernel: [18345.860393] BUG: unable to handle kernel NULL pointer dereference at 0000000000000070 Nov 18 23:21:31 bifrost kernel: [18345.860552] IP: iwl_trans_pcie_txq_enable+0x62/0x440 [iwlwifi] Nov 18 23:21:31 bifrost kernel: [18345.860644] PGD 0 Nov 18 23:21:31 bifrost kernel: [18345.860646] P4D 0 Nov 18 23:21:31 bifrost kernel: [18345.860682] Nov 18 23:21:31 bifrost kernel: [18345.860747] Oops: 0002 [#1] SMP Nov 18 23:21:31 bifrost kernel: [18345.860800] Modules linked in: nfnetlink_queue nfnetlink_log nfnetlink dummy ufs qnx4 hfsplus hfs minix ntfs msdos jfs xfs ccm xfrm_user xfrm4_tunnel tunnel4 ipcomp xfrm_ipcomp esp4 ah4 af_key xfrm_algo xt_policy xt_multiport ip6table_filter ip6_tables ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat ipt_REJECT nf_reject_ipv4 xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack iptable_filter nls_iso8859_1 cmdlinepart intel_spi_platform intel_spi spi_nor mtd arc4 intel_rapl intel_soc_dts_thermal intel_soc_dts_iosf intel_powerclamp coretemp kvm_intel bridge kvm stp llc iwlmvm irqbypass punit_atom_debug mac80211 intel_cstate snd_hda_codec_hdmi iwlwifi snd_hda_codec_realtek snd_hda_codec_generic cfg80211 btusb snd_hda_intel lpc_ich btrtl snd_hda_codec snd_intel_sst_acpi Nov 18 23:21:31 bifrost kernel: [18345.861897] mei_txe snd_hda_core mei snd_hwdep shpchp snd_intel_sst_core snd_soc_sst_atom_hifi2_platform hci_uart snd_soc_sst_match snd_soc_core btbcm serdev snd_compress btqca ac97_bus btintel snd_pcm_dmaengine snd_pcm dw_dmac dw_dmac_core snd_timer bluetooth snd soundcore mac_hid intel_int0002_vgpio ecdh_generic spi_pxa2xx_platform rfkill_gpio pwm_lpss_platform pwm_lpss 8250_dw ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear i915 drm_kms_helper crct10dif_pclmul igb syscopyarea sysfillrect crc32_pclmul sysimgblt fb_sys_fops dca ghash_clmulni_intel i2c_algo_bit cryptd ahci ptp drm pps_core libahci video Nov 18 23:21:31 bifrost kernel: [18345.862995] i2c_hid hid sdhci_acpi sdhci Nov 18 23:21:31 bifrost kernel: [18345.863068] CPU: 1 PID: 1202 Comm: kworker/1:2 Tainted: G W 4.13.0-16-generic #19-Ubuntu Nov 18 23:21:31 bifrost kernel: [18345.863203] Hardware name: NF541 NF541/NF541, BIOS BAR1NA02 02/25/2016 Nov 18 23:21:31 bifrost kernel: [18345.863326] Workqueue: events iwl_mvm_add_new_dqa_stream_wk [iwlmvm] Nov 18 23:21:31 bifrost kernel: [18345.863428] task: ffff96862c1c5800 task.stack: ffffa98a817c0000 Nov 18 23:21:31 bifrost kernel: [18345.863539] RIP: 0010:iwl_trans_pcie_txq_enable+0x62/0x440 [iwlwifi] Nov 18 23:21:31 bifrost kernel: [18345.863635] RSP: 0018:ffffa98a817c3be0 EFLAGS: 00010246 Nov 18 23:21:31 bifrost kernel: [18345.863718] RAX: 00000000000009c4 RBX: 000000000000001f RCX: 0000000000000000 Nov 18 23:21:31 bifrost kernel: [18345.863824] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000002710 Nov 18 23:21:31 bifrost kernel: [18345.863932] RBP: ffffa98a817c3c30 R08: 0000000000002710 R09: 0000000000000001 Nov 18 23:21:31 bifrost kernel: [18345.864039] R10: 0000000000000000 R11: ffff9686344ce010 R12: 0000000000000000 Nov 18 23:21:31 bifrost kernel: [18345.864145] R13: ffff96862c9d0018 R14: 0000000000000000 R15: 0000000000000000 Nov 18 23:21:31 bifrost kernel: [18345.864253] FS: 0000000000000000(0000) GS:ffff96863fc80000(0000) knlGS:0000000000000000 Nov 18 23:21:31 bifrost kernel: [18345.864373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Nov 18 23:21:31 bifrost kernel: [18345.864461] CR2: 0000000000000070 CR3: 000000023068b000 CR4: 00000000001006e0 Nov 18 23:21:31 bifrost kernel: [18345.864568] Call Trace: Nov 18 23:21:31 bifrost kernel: [18345.864633] iwl_mvm_enable_txq+0x212/0x3a0 [iwlmvm] Nov 18 23:21:31 bifrost kernel: [18345.864732] iwl_mvm_add_new_dqa_stream_wk+0x7e8/0x15e0 [iwlmvm] Nov 18 23:21:31 bifrost kernel: [18345.864843] ? iwl_mvm_add_new_dqa_stream_wk+0x7e8/0x15e0 [iwlmvm] Nov 18 23:21:31 bifrost kernel: [18345.864945] ? __switch_to+0x211/0x520 Nov 18 23:21:31 bifrost kernel: [18345.865008] ? put_prev_entity+0x23/0xf0 Nov 18 23:21:31 bifrost kernel: [18345.865075] process_one_work+0x1e7/0x410 Nov 18 23:21:31 bifrost kernel: [18345.865143] worker_thread+0x4a/0x410 Nov 18 23:21:31 bifrost kernel: [18345.865204] kthread+0x125/0x140 Nov 18 23:21:31 bifrost kernel: [18345.865260] ? process_one_work+0x410/0x410 Nov 18 23:21:31 bifrost kernel: [18345.869337] ? kthread_create_on_node+0x70/0x70 Nov 18 23:21:31 bifrost kernel: [18345.873431] ret_from_fork+0x25/0x30 Nov 18 23:21:31 bifrost kernel: [18345.877527] Code: 4c 8b b4 c7 08 7e 00 00 f0 48 0f ab 87 08 8e 00 00 73 0d 80 3d d6 3b 02 00 00 0f 84 a1 03 00 00 44 89 c7 e8 21 2f 6b dc 4d 85 e4 <49> 89 46 70 0f 84 d9 02 00 00 41 0f b6 04 24 89 45 b8 41 0f b6 Nov 18 23:21:31 bifrost kernel: [18345.886085] RIP: iwl_trans_pcie_txq_enable+0x62/0x440 [iwlwifi] RSP: ffffa98a817c3be0 Nov 18 23:21:31 bifrost kernel: [18345.890363] CR2: 0000000000000070 Nov 18 23:21:31 bifrost kernel: [18345.894670] ---[ end trace 128827eedfd09435 ]--- --- AlsaVersion: Advanced Linux Sound Architecture Driver Version k4.13.0-16-generic. AplayDevices: Error: [Errno 2] No such file or directory ApportVersion: 2.20.7-0ubuntu3.4 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/hwC0D2', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D3p', '/dev/snd/pcmC0D1p', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: Card0.Amixer.info: Error: [Errno 2] No such file or directory Card0.Amixer.values: Error: [Errno 2] No such file or directory DistroRelease: Ubuntu 17.10 HibernationDevice: RESUME=/dev/mapper/bifrost--vg-swap_1 InstallationDate: Installed on 2017-02-18 (274 days ago) InstallationMedia: Ubuntu-Server 16.04.2 LTS "Xenial Xerus" - Release amd64 (20170215.8) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 003: ID 05e3:0608 Genesys Logic, Inc. Hub Bus 001 Device 002: ID 8087:07dc Intel Corp. Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: NF541 NF541 Package: linux (not installed) ProcEnviron: TERM=xterm PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.13.0-16-generic.efi.signed root=/dev/mapper/hostname--vg-root ro ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4 RelatedPackageVersions: linux-restricted-modules-4.13.0-16-generic N/A linux-backports-modules-4.13.0-16-generic N/A linux-firmware 1.169 RfKill: Error: [Errno 2] No such file or directory Tags: artful Uname: Linux 4.13.0-16-generic x86_64 UnreportableReason: The report belongs to a package that is not installed. UpgradeStatus: Upgraded to artful on 2017-11-18 (0 days ago) UserGroups: _MarkForUpload: False dmi.bios.date: 02/25/2016 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: BAR1NA02 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: NF541 dmi.board.vendor: NF541 dmi.board.version: 1.0 dmi.chassis.type: 3 dmi.chassis.vendor: NF541 dmi.chassis.version: 1.0 dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrBAR1NA02:bd02/25/2016:svnNF541:pnNF541:pvr1.0:rvnNF541:rnNF541:rvr1.0:cvnNF541:ct3:cvr1.0: dmi.product.family: To be filled by O.E.M. dmi.product.name: NF541 dmi.product.version: 1.0 dmi.sys.vendor: NF541 To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1733194/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
