I'm curious if anyone has seen something similar?
BUG: kernel NULL pointer dereference, address: 00000000000000b0^M
#PF: supervisor read access in kernel mode^M
pcieport 0000:00:1c.0: AER: Uncorrected (Non-Fatal) error received: 0000:03:05.0^M
#PF: error_code(0x0000) - not-present page^M
PGD 0 P4D 0 ^M
Oops: 0000 [#1] PREEMPT SMP^M
CPU: 2 PID: 1075 Comm: irq/197-iwlwifi Tainted: G W O 5.19.3+ #9^M
Hardware name: Default string Default string/SKYBAY, BIOS 5.12 08/04/2020^M
RIP: 0010:iwl_pcie_rx_handle+0x3a4/0x8f0 [iwlwifi]^M
Code: 8d b6 80 00 00 00 48 8b 07 39 d1 4c 89 e2 0f 85 88 fe ff ff ff 50 10 44 0f b6 04 24 45 84 c0 0f 84 88 fe ff ff 48 8b 4c 24 20 <8b> 81 b0 00 00 00 48 8b 51
18 89 04 24 0f b7 04 24 83 e8 01 66 41^M
RSP: 0018:ffffc9000017ce30 EFLAGS: 00010202^M
RAX: 0000000000000000 RBX: 0000000000000040 RCX: 0000000000000000^M
RDX: 00000000000002ff RSI: 00000000fffffe00 RDI: ffffffffa09ed490^M
RBP: ffff88810c466db8 R08: 0000000000000001 R09: 0000000000000000^M
R10: ffffc9000017cde0 R11: ffffffff83194040 R12: ffffc9000017ce80^M
R13: ffff888111170028 R14: ffff888116ec0000 R15: ffff88812646d000^M
FS: 0000000000000000(0000) GS:ffff88845dc80000(0000) knlGS:0000000000000000^M
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033^M
CR2: 00000000000000b0 CR3: 0000000113b74001 CR4: 00000000003706e0^M
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000^M
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400^M
Call Trace:^M
<IRQ>^M
iwl_pcie_napi_poll_msix+0x24/0xc0 [iwlwifi]^M
__napi_poll+0x1f/0x150^M
net_rx_action+0x28e/0x2e0^M
__do_softirq+0xbb/0x28e^M
? disable_irq_nosync+0x10/0x10^M
do_softirq.part.0+0x38/0x50^M
</IRQ>^M
<TASK>^M
__local_bh_enable_ip+0x51/0x60^M
iwl_pcie_irq_rx_msix_handler+0xb5/0x110 [iwlwifi]^M
irq_thread_fn+0x15/0x50^M
irq_thread+0xde/0x1a0^M
? irq_thread_fn+0x50/0x50^M
? irq_thread_check_affinity+0x80/0x80^M
kthread+0xd1/0x100^M
? kthread_complete_and_exit+0x20/0x20^M
ret_from_fork+0x1f/0x30^M
</TASK>^M
(gdb) l *(iwl_pcie_irq_rx_msix_handler+0xb5)
0xa855 is in iwl_pcie_irq_rx_msix_handler (/home/greearb/git/linux-5.19.dev.y/drivers/net/wireless/intel/iwlwifi/pcie/rx.c:1650).
1645 iwl_pcie_clear_irq(trans, entry->entry);
1646 local_bh_enable();
1647
1648 lock_map_release(&trans->sync_cmd_lockdep_map);
1649
1650 return IRQ_HANDLED;
1651 }
1652
1653 /*
1654 * iwl_pcie_irq_handle_error - called for HW or SW error interrupt from card
(gdb) l *(iwl_pcie_rx_handle+0x3a4)
0x9284 is in iwl_pcie_rx_handle (/home/greearb/git/linux-5.19.dev.y/drivers/net/wireless/intel/iwlwifi/pcie/rx.c:1373).
1368 if (reclaim) {
1369 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
1370 int index = SEQ_TO_INDEX(sequence);
1371 int cmd_index = iwl_txq_get_cmd_index(txq, index);
1372
1373 kfree_sensitive(txq->entries[cmd_index].free_buf);
1374 txq->entries[cmd_index].free_buf = NULL;
1375
1376 /* Invoke any callbacks, transfer the buffer to caller,
1377 * and fire off the (possibly) blocking
(gdb)
Thanks,
Ben
--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc http://www.candelatech.com
