[DELL][BIONICS] Redpine driver got crashed during shutdown/reboot

Bug #1836215 reported by Ganapathi Raju Kondraju on 2019-07-11
22
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Unassigned
linux-oem (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Unassigned

Bug Description

SRU Justification:
------------------

Impact:
-------
      Kernel crash upon shutdown or rebooting the device.

Test case:
----------
      1) Power up the device, Redpine modules are loaded by default.
      2) Reboot or shutdown the device.
      3) Observe the behavior.

Result:
-------
       Redpine driver crashes the entire kernel and below is the crash log.
       ... skipping ...
       [ 47.002030] BUG: unable to handle kernel NULL pointer dereference
at 0000000000000038
       [ 47.010828] IP: rsi_shutdown+0x2c/0x100 [rsi_sdio]
       [ 47.016180] PGD 0 P4D 0
       [ 47.019025] Oops: 0000 1 SMP PTI
       [ 47.136275] CPU: 1 PID: 1 Comm: systemd-shutdow Not tainted
4.15.0-1035-oem #40-Ubuntu
       [ 47.145131] Hardware name: Dell Inc. Edge Gateway 3001/0YMHCG,
BIOS 01.00.08 10/23/2018
       [ 47.154096] RIP: 0010:rsi_shutdown+0x2c/0x100 [rsi_sdio]
       [ 47.160039] RSP: 0018:ffffb08d0000bd78 EFLAGS: 00010246
       [ 47.165887] RAX: 0000000000000000 RBX: ffffa08b77f1d000 RCX: 0000000000000000
       [ 47.173869] RDX: 0000000000000002 RSI: ffffffffc07aa77f RDI: 0000000000000001
       [ 47.181851] RBP: ffffb08d0000bd90 R08: 0000000000000000 R09: ffffb08d0000bc50
       [ 47.189834] R10: 0000000000000000 R11: 000000000000023a R12: ffffa08b6d940000
       [ 47.197816] R13: ffffa08b3cbfb408 R14: ffffffff8f556137 R15: ffffa08b3cbfb468
       [ 47.205801] FS: 00007f85cd093940(0000) GS:ffffa08b70b00000(0000)
knlGS:0000000000000000
       [ 47.214854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
       [ 47.221281] CR2: 0000000000000038 CR3: 000000006a930000 CR4: 00000000001006e0
       [ 47.229262] Call Trace:
       [ 47.232017] device_shutdown+0x14e/0x200
       [ 47.236416] kernel_power_off+0x35/0x70
       [ 47.240711] SYSC_reboot+0x132/0x210
       [ 47.244721] ? SYSC_rt_sigtimedwait+0x88/0xe0
       [ 47.249604] ? do_writev+0x61/0xf0
       [ 47.253411] ? do_writev+0x61/0xf0
       [ 47.257219] ? sigprocmask+0x6f/0xa0
       [ 47.261225] SyS_reboot+0xe/0x10
       [ 47.264841] do_syscall_64+0x73/0x130
       [ 47.268945] entry_SYSCALL_64_after_hwframe+0x3d/0xa2

Root cause analysis:
--------------------
       Device operating mode 8(bluetooth alone), our driver supports multiple modes like 13(WiFi + Bluetooth), WiFi related structures are not been initialized in Bluetooth alone mode(8), dereferencing them in rsi_shutdown function causes crash. In Redpine driver, this NULL check is missed. Hence, Added the fix for the same.

Fix:
----
       Added proper NULL check in rsi_shutdown function.

Regression Potential:
---------------------
        This is a very direct issue, since the driver is getting crashed while reboot. We rebooted multiples times, checked the driver stability. Every thing ran smooth.

description: updated

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1836215

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: patch

Attached logs and target device info.

summary: - [DELL][BIONICS][RSI] Redpine driver got crashed during shutdown/reboot
+ [DELL][BIONICS] Redpine driver got crashed during shutdown/reboot

This patch fixes the issue.

AceLan Kao (acelankao) on 2019-07-24
Changed in linux-oem (Ubuntu Bionic):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-oem - 4.15.0-1050.57

---------------
linux-oem (4.15.0-1050.57) bionic; urgency=medium

  * bionic/linux-oem: 4.15.0-1050.57 -proposed tracker (LP: #1839261)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 4.15.0-58.64 ]

  * unable to handle kernel NULL pointer dereference at 000000000000002c (IP:
    iget5_locked+0x9e/0x1f0) (LP: #1838982)
    - Revert "ovl: set I_CREATING on inode being created"
    - Revert "new primitive: discard_new_inode()"

 -- Chia-Lin Kao (AceLan) <email address hidden> Wed, 07 Aug 2019 18:14:17 +0800

Changed in linux-oem (Ubuntu Bionic):
status: Fix Committed → Fix Released
Changed in linux-oem (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Patches

Bug attachments