Re: BUG: 4.10 rtlwifi regression - NULL pointer dereference

From: Larry Finger
Date: Sun Jan 08 2017 - 21:03:25 EST

Next message: Sun Paul: "Re: Problem on SCTP"
Previous message: Zheng, Lv: "RE: 174cc7187e6f ACPICA: Tables: Back port acpi_get_table_with_size() and early_acpi_os_unmap_memory() from Linux kernel"
In reply to: lkml: "BUG: 4.10 rtlwifi regression - NULL pointer dereference"
Next in thread: lkml: "Re: BUG: 4.10 rtlwifi regression - NULL pointer dereference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/08/2017 07:41 PM, lkml@xxxxxxxxxxx wrote:

Hello list,

Gave 4.10-rc2 a shot today using the attached config. The kernel panics
with a NULL pointer dereference upon starting dhclient after
wpa_supplicant.

The network device is a USB dongle:
Bus 002 Device 002: ID 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]

Reverting 'ba9f93f rtlwifi: Fix enter/exit power_save' prevents the
crash.

Sorry I don't have a verbatim capture of the panic, but I was able to
catch the relevant parts and rtl_lps_leave() is dereferencing a NULL hw,
below setup_arp_tx() and rtl_is_special_data(). That's what led me to
reverting ba9f93f since it clearly plays with that stuff.

FWIW machine is a plain X61s thinkpad, 1.8Ghz.

You need the patch from http://marc.info/?l=linux-wireless&m=148234081512703&w=2. It was pushed with the notation that it needed to be included in 4.10; however, it has not yet percolated through the system.

Larry

Next message: Sun Paul: "Re: Problem on SCTP"
Previous message: Zheng, Lv: "RE: 174cc7187e6f ACPICA: Tables: Back port acpi_get_table_with_size() and early_acpi_os_unmap_memory() from Linux kernel"
In reply to: lkml: "BUG: 4.10 rtlwifi regression - NULL pointer dereference"
Next in thread: lkml: "Re: BUG: 4.10 rtlwifi regression - NULL pointer dereference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]