Return-path: Received: from wolverine02.qualcomm.com ([199.106.114.251]:30837 "EHLO wolverine02.qualcomm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932297AbcLTIIC (ORCPT ); Tue, 20 Dec 2016 03:08:02 -0500 From: Mohammed Shafi Shajakhan To: CC: , , "Mohammed Shafi Shajakhan" Subject: [PATCH v3] ath10k: Fix crash during rmmod when probe firmware fails Date: Tue, 20 Dec 2016 13:39:11 +0530 Message-ID: <1482221351-24029-1-git-send-email-mohammed@qca.qualcomm.com> (sfid-20161220_090912_060346_7E6547B5) MIME-Version: 1.0 Content-Type: text/plain Sender: linux-wireless-owner@vger.kernel.org List-ID: From: Mohammed Shafi Shajakhan This fixes the below crash when ath10k probe firmware fails, NAPI polling tries to access a rx ring resource which was never allocated, fix this by disabling NAPI right away once the probe firmware fails by calling 'ath10k_hif_stop'. Its good to note that the error is never propogated to 'ath10k_pci_probe' when ath10k_core_register fails, so calling 'ath10k_hif_stop' to cleanup PCI related things seems to be ok BUG: unable to handle kernel NULL pointer dereference at (null) IP: __ath10k_htt_rx_ring_fill_n+0x19/0x230 [ath10k_core] __ath10k_htt_rx_ring_fill_n+0x19/0x230 [ath10k_core] Call Trace: [] ath10k_htt_rx_msdu_buff_replenish+0x42/0x90 [ath10k_core] [] ath10k_htt_txrx_compl_task+0x433/0x17d0 [ath10k_core] [] ? __wake_up_common+0x4d/0x80 [] ? cpu_load_update+0xdc/0x150 [] ? ath10k_pci_read32+0xd/0x10 [ath10k_pci] [] ath10k_pci_napi_poll+0x47/0x110 [ath10k_pci] [] net_rx_action+0x20f/0x370 Reported-by: Ben Greear Fixes: 3c97f5de1f28 ("ath10k: implement NAPI support") Signed-off-by: Mohammed Shafi Shajakhan --- drivers/net/wireless/ath/ath10k/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c index f7ea4de..15bccc9 100644 --- a/drivers/net/wireless/ath/ath10k/core.c +++ b/drivers/net/wireless/ath/ath10k/core.c @@ -2164,6 +2164,7 @@ static int ath10k_core_probe_fw(struct ath10k *ar) ath10k_core_free_firmware_files(ar); err_power_down: + ath10k_hif_stop(ar); ath10k_hif_power_down(ar); return ret; -- 1.9.1