Public bug reported: upon plugging of wireless USB dongle TP_LINK TL-WN722N kernel OOPS happens:
Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1223.380516] usb 1-2: new high-speed USB device number 6 using xhci_hcd Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1223.545443] usb 1-2: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1223.545448] usb 1-2: New USB device strings: Mfr=16, Product=32, SerialNumber=48 Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1223.545451] usb 1-2: Product: USB2.0 WLAN Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1223.545454] usb 1-2: Manufacturer: ATHEROS Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1223.545457] usb 1-2: SerialNumber: 12345 Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1224.258794] usb 1-2: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested Jul 19 13:24:09 ivo-Latitude-5590 kernel: [ 1224.259235] usbcore: registered new interface driver ath9k_htc Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.543903] usb 1-2: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544240] BUG: kernel NULL pointer dereference, address: 0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544246] #PF: supervisor write access in kernel mode Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544250] #PF: error_code(0x0002) - not-present page Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544253] PGD 0 P4D 0 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544259] Oops: 0002 [#1] SMP PTI Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544266] CPU: 4 PID: 14701 Comm: kworker/4:0 Tainted: G U OE 5.3.0-59-generic #53 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544269] Hardware name: Dell Inc. Latitude 5590/0MM81M, BIOS 1.13.1 03/13/2020 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544278] Workqueue: events request_firmware_work_func Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544293] RIP: 0010:ath9k_htc_probe_device+0x49/0xf0 [ath9k_htc] Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544299] Code: c6 60 91 0a c1 45 89 c6 48 83 ec 10 89 55 d4 31 d2 48 89 4d c8 e8 47 b8 a9 ff 48 85 c0 0f 84 a2 00 00 00 48 8b 58 48 49 89 c5 <4c> 89 23 48 89 43 08 48 8d 73 18 4c 89 7b 18 49 89 5f 08 48 89 df Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544303] RSP: 0018:ffffbd2a8650fde8 EFLAGS: 00010282 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544307] RAX: ffff9f159e2bcfe0 RBX: 0000000000000000 RCX: 0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544311] RDX: 0000000000200000 RSI: ffffffffac8b9cf0 RDI: ffff9f159e2be598 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544314] RBP: ffffbd2a8650fe20 R08: 0000000000000000 R09: ffff9f1599fca37a Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544317] R10: 0000000000000002 R11: ffff9f16f8031914 R12: ffff9f16fa185430 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544320] R13: ffff9f159e2bcfe0 R14: 0000000000000000 R15: ffff9f16f6c8e000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544324] FS: 0000000000000000(0000) GS:ffff9f181e300000(0000) knlGS:0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544330] CR2: 0000000000000000 CR3: 000000012c60a005 CR4: 00000000003606e0 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544334] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544337] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544339] Call Trace: Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544352] ath9k_htc_hw_init+0x11/0x30 [ath9k_htc] Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544361] ath9k_hif_usb_firmware_cb+0x9b/0x1a0 [ath9k_htc] Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544365] request_firmware_work_func+0x4b/0x90 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544374] process_one_work+0x1fd/0x3f0 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544380] worker_thread+0x34/0x410 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544386] kthread+0x121/0x140 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544392] ? process_one_work+0x3f0/0x3f0 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544396] ? kthread_park+0xb0/0xb0 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544404] ret_from_fork+0x35/0x40 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544409] Modules linked in: ath9k_htc(E) ath9k_common(E) ath9k_hw(E) ath vmw_vsock_vmci_transport vsock vmw_vmci ccm rfcomm cmac joydev bnep hid_multitouch ipmi_devintf ipmi_msghandler ip6table_filter ip6_tables dell_rbtn iptable_filter bpfilter snd_hda_codec_hdmi uvcvideo v4l2_common btusb videobuf2_vmalloc btrtl videobuf2_memops btbcm btintel videobuf2_v4l2 bluetooth videobuf2_common snd_hda_codec_realtek snd_hda_codec_generic videodev ecdh_generic ecc mc mei_hdcp x86_pkg_temp_thermal intel_powerclamp intel_rapl_msr coretemp kvm_intel kvm irqbypass snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep crct10dif_pclmul crc32_pclmul dell_laptop ledtrig_audio ghash_clmulni_intel dell_smm_hwmon snd_pcm snd_seq_midi snd_seq_midi_event snd_rawmidi aesni_intel snd_seq aes_x86_64 binfmt_misc crypto_simd dell_wmi cryptd glue_helper iwlmvm(OE) intel_cstate dell_smbios mac80211(OE) dcdbas input_leds intel_rapl_perf libarc4 snd_seq_device serio_raw snd_timer nls_iso8859_1 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544475] iwlwifi(OE) i915 wmi_bmof dell_wmi_descriptor intel_wmi_thunderbolt snd drm_kms_helper rtsx_pci_ms cfg80211(OE) soundcore idma64 drm memstick compat(OE) virt_dma mei_me i2c_algo_bit processor_thermal_device fb_sys_fops intel_rapl_common syscopyarea mei intel_xhci_usb_role_switch intel_lpss_pci sysfillrect ucsi_acpi intel_lpss sysimgblt typec_ucsi intel_soc_dts_iosf roles intel_pch_thermal typec dell_smo8800 intel_hid int3400_thermal int3403_thermal sparse_keymap mac_hid int340x_thermal_zone acpi_pad acpi_thermal_rel sch_fq_codel parport_pc ppdev lp parport ip_tables x_tables autofs4 hid_generic usbhid rtsx_pci_sdmmc nvme e1000e ahci nvme_core rtsx_pci libahci wmi i2c_hid hid video Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544532] CR2: 0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544537] ---[ end trace 5354759e58f2339a ]--- Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544548] RIP: 0010:ath9k_htc_probe_device+0x49/0xf0 [ath9k_htc] Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544553] Code: c6 60 91 0a c1 45 89 c6 48 83 ec 10 89 55 d4 31 d2 48 89 4d c8 e8 47 b8 a9 ff 48 85 c0 0f 84 a2 00 00 00 48 8b 58 48 49 89 c5 <4c> 89 23 48 89 43 08 48 8d 73 18 4c 89 7b 18 49 89 5f 08 48 89 df Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544557] RSP: 0018:ffffbd2a8650fde8 EFLAGS: 00010282 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544560] RAX: ffff9f159e2bcfe0 RBX: 0000000000000000 RCX: 0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544563] RDX: 0000000000200000 RSI: ffffffffac8b9cf0 RDI: ffff9f159e2be598 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544566] RBP: ffffbd2a8650fe20 R08: 0000000000000000 R09: ffff9f1599fca37a Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544569] R10: 0000000000000002 R11: ffff9f16f8031914 R12: ffff9f16fa185430 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544572] R13: ffff9f159e2bcfe0 R14: 0000000000000000 R15: ffff9f16f6c8e000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544576] FS: 0000000000000000(0000) GS:ffff9f181e300000(0000) knlGS:0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544582] CR2: 0000000000000000 CR3: 000000012c60a005 CR4: 00000000003606e0 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544585] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Jul 19 13:24:10 ivo-Latitude-5590 kernel: [ 1224.544588] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 The line in the kernel source where the NULL pointer dereference happens is: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/tree/drivers/net/wireless/ath/ath9k/htc_drv_init.c?h=master-next&id=30da5834ebc404b6bdb8cbcbea99bb5813e4dfcb#n945 I have bisected the issue to: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?h=master-next&id=04a29b0362f0ddaf6e8e489a1be5643362bc66ae However, the above change should not affect the crashing code, so it seems we're hitting gcc bug. Furthermore, patching with: diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_init.c b/drivers/net/wireless/ath/ath9k/htc_drv_init.c index 214c68269a69..6cf8cf501ad3 100644 --- a/drivers/net/wireless/ath/ath9k/htc_drv_init.c +++ b/drivers/net/wireless/ath/ath9k/htc_drv_init.c @@ -942,6 +942,14 @@ int ath9k_htc_probe_device(struct htc_target *htc_handle, struct device *dev, return -ENOMEM; priv = hw->priv; + printk("priv %px", priv); + + if (!priv) + { + ret = -ENOMEM; + goto err_free; + } + priv->hw = hw; priv->htc = htc_handle; priv->dev = dev; fixes the issue and wifi dongle is operational again. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-5.3.0-62-generic 5.3.0-62.56~18.04.1 ProcVersionSignature: Ubuntu 5.3.0-62.56~18.04.1-generic 5.3.18 Uname: Linux 5.3.0-62-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CurrentDesktop: GNOME-Flashback:GNOME Date: Sun Jul 19 15:45:08 2020 InstallationDate: Installed on 2018-10-22 (636 days ago) InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725) SourcePackage: linux-signed-hwe UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: linux-signed-hwe (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1888128 Title: kernel NULL pointer dereference in ath9k_htc_probe_device To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-signed-hwe/+bug/1888128/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
