I upgraded from 16.04, where I was not having this issue. I think that was running 4.10?
I tested with the upstream kernel, and the problem persists. Here is a backtrace from dmesg:
[Mon Nov 20 21:22:24 2017] BUG: unable to handle kernel NULL pointer dereference at 0000000000000070 [Mon Nov 20 21:22:24 2017] IP: iwl_trans_pcie_txq_enable+0x62/0x440 [iwlwifi] [Mon Nov 20 21:22:24 2017] PGD 0 P4D 0 [Mon Nov 20 21:22:24 2017] Oops: 0002 [#1] SMP [Mon Nov 20 21:22:24 2017] Modules linked in: ufs qnx4 hfsplus hfs minix ntfs msdos jfs xfs ccm xfrm_user xfrm4_tunnel tunnel4 ipcomp xfrm_ipcomp esp4 ah4 af_key xfrm_algo xt_policy xt_multiport ip6table_filter ip6_tables ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat ipt_REJECT nf_reject_ipv4 xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack iptable_filter nls_iso8859_1 arc4 cmdlinepart intel_spi_platform intel_spi spi_nor mtd intel_rapl intel_soc_dts_thermal intel_soc_dts_iosf intel_powerclamp coretemp kvm_intel bridge stp llc kvm snd_hda_codec_hdmi iwlmvm irqbypass mac80211 snd_hda_codec_realtek snd_hda_codec_generic punit_atom_debug iwlwifi intel_cstate cfg80211 lpc_ich snd_intel_sst_acpi snd_hda_intel btusb snd_intel_sst_core snd_hda_codec btrtl snd_soc_sst_atom_hifi2_platform [Mon Nov 20 21:22:24 2017] snd_hda_core hci_uart snd_soc_sst_match snd_hwdep btbcm serdev snd_soc_core mei_txe btqca btintel shpchp mei snd_compress bluetooth ac97_bus snd_pcm_dmaengine snd_pcm dw_dmac ecdh_generic dw_dmac_core snd_timer rfkill_gpio snd intel_int0002_vgpio mac_hid soundcore 8250_dw spi_pxa2xx_platform pwm_lpss_platform pwm_lpss ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear i915 crct10dif_pclmul drm_kms_helper igb crc32_pclmul syscopyarea sysfillrect dca ghash_clmulni_intel sysimgblt fb_sys_fops cryptd ptp pps_core drm i2c_algo_bit ahci libahci video i2c_hid sdhci_acpi hid sdhci [Mon Nov 20 21:22:24 2017] CPU: 3 PID: 585 Comm: kworker/3:2 Tainted: G W 4.14.0-041400-generic #201711122031 [Mon Nov 20 21:22:24 2017] Hardware name: NF541 NF541/NF541, BIOS BAR1NA02 02/25/2016 [Mon Nov 20 21:22:24 2017] Workqueue: events iwl_mvm_add_new_dqa_stream_wk [iwlmvm] [Mon Nov 20 21:22:24 2017] task: ffff9939ebd4d700 task.stack: ffffb8ed813c8000 [Mon Nov 20 21:22:24 2017] RIP: 0010:iwl_trans_pcie_txq_enable+0x62/0x440 [iwlwifi] [Mon Nov 20 21:22:24 2017] RSP: 0018:ffffb8ed813cbc00 EFLAGS: 00010246 [Mon Nov 20 21:22:24 2017] RAX: 00000000000009c4 RBX: 000000000000001f RCX: 0000000000000000 [Mon Nov 20 21:22:24 2017] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000002710 [Mon Nov 20 21:22:24 2017] RBP: ffffb8ed813cbc50 R08: 0000000000002710 R09: 0000000000000001 [Mon Nov 20 21:22:24 2017] R10: 0000000000000000 R11: ffff9939edd4e010 R12: 0000000000000000 [Mon Nov 20 21:22:24 2017] R13: ffff9939f0a80018 R14: 0000000000000000 R15: 0000000000000000 [Mon Nov 20 21:22:24 2017] FS: 0000000000000000(0000) GS:ffff9939ffd80000(0000) knlGS:0000000000000000 [Mon Nov 20 21:22:24 2017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [Mon Nov 20 21:22:24 2017] CR2: 0000000000000070 CR3: 00000002302c4000 CR4: 00000000001006e0 [Mon Nov 20 21:22:24 2017] Call Trace: [Mon Nov 20 21:22:24 2017] iwl_mvm_enable_txq+0x212/0x3a0 [iwlmvm] [Mon Nov 20 21:22:24 2017] iwl_mvm_add_new_dqa_stream_wk+0x809/0x1690 [iwlmvm] [Mon Nov 20 21:22:24 2017] ? iwl_mvm_add_new_dqa_stream_wk+0x809/0x1690 [iwlmvm] [Mon Nov 20 21:22:24 2017] ? update_load_avg+0x429/0x590 [Mon Nov 20 21:22:24 2017] ? __switch_to+0x1f3/0x4e0 [Mon Nov 20 21:22:24 2017] process_one_work+0x1e7/0x410 [Mon Nov 20 21:22:24 2017] worker_thread+0x32/0x410 [Mon Nov 20 21:22:24 2017] kthread+0x125/0x140 [Mon Nov 20 21:22:24 2017] ? process_one_work+0x410/0x410 [Mon Nov 20 21:22:24 2017] ? kthread_create_on_node+0x70/0x70 [Mon Nov 20 21:22:24 2017] ret_from_fork+0x25/0x30 [Mon Nov 20 21:22:24 2017] Code: 4c 8b b4 c7 08 7e 00 00 f0 48 0f ab 87 08 8e 00 00 73 0d 80 3d 76 7b 02 00 00 0f 84 a1 03 00 00 44 89 c7 e8 f1 3f 05 ce 4d 85 e4 <49> 89 46 70 0f 84 d9 02 00 00 41 0f b6 04 24 89 45 b8 41 0f b6 [Mon Nov 20 21:22:24 2017] RIP: iwl_trans_pcie_txq_enable+0x62/0x440 [iwlwifi] RSP: ffffb8ed813cbc00 [Mon Nov 20 21:22:24 2017] CR2: 0000000000000070 [Mon Nov 20 21:22:24 2017] ---[ end trace 4d628638dc7f89b5 ]---
I upgraded from 16.04, where I was not having this issue. I think that was running 4.10?
I tested with the upstream kernel, and the problem persists. Here is a backtrace from dmesg:
[Mon Nov 20 21:22:24 2017] BUG: unable to handle kernel NULL pointer dereference at 0000000000000070 pcie_txq_ enable+ 0x62/0x440 [iwlwifi] masquerade_ ipv4 iptable_nat nf_nat_ipv4 nf_nat ipt_REJECT nf_reject_ipv4 xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack iptable_filter nls_iso8859_1 arc4 cmdlinepart intel_spi_platform intel_spi spi_nor mtd intel_rapl intel_soc_ dts_thermal intel_soc_dts_iosf intel_powerclamp coretemp kvm_intel bridge stp llc kvm snd_hda_codec_hdmi iwlmvm irqbypass mac80211 snd_hda_ codec_realtek snd_hda_ codec_generic punit_atom_debug iwlwifi intel_cstate cfg80211 lpc_ich snd_intel_sst_acpi snd_hda_intel btusb snd_intel_sst_core snd_hda_codec btrtl snd_soc_ sst_atom_ hifi2_platform iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear i915 crct10dif_pclmul drm_kms_helper igb crc32_pclmul syscopyarea sysfillrect dca ghash_clmulni_intel sysimgblt fb_sys_fops cryptd ptp pps_core drm i2c_algo_bit ahci libahci video i2c_hid sdhci_acpi hid sdhci 041400- generic #201711122031 add_new_ dqa_stream_ wk [iwlmvm] trans_pcie_ txq_enable+ 0x62/0x440 [iwlwifi] 3cbc00 EFLAGS: 00010246 0(0000) GS:ffff9939ffd8 0000(0000) knlGS:000000000 0000000 enable_ txq+0x212/ 0x3a0 [iwlmvm] add_new_ dqa_stream_ wk+0x809/ 0x1690 [iwlmvm] add_new_ dqa_stream_ wk+0x809/ 0x1690 [iwlmvm] load_avg+ 0x429/0x590 to+0x1f3/ 0x4e0 one_work+ 0x1e7/0x410 thread+ 0x32/0x410 one_work+ 0x410/0x410 create_ on_node+ 0x70/0x70 fork+0x25/ 0x30 pcie_txq_ enable+ 0x62/0x440 [iwlwifi] RSP: ffffb8ed813cbc00
[Mon Nov 20 21:22:24 2017] IP: iwl_trans_
[Mon Nov 20 21:22:24 2017] PGD 0 P4D 0
[Mon Nov 20 21:22:24 2017] Oops: 0002 [#1] SMP
[Mon Nov 20 21:22:24 2017] Modules linked in: ufs qnx4 hfsplus hfs minix ntfs msdos jfs xfs ccm xfrm_user xfrm4_tunnel tunnel4 ipcomp xfrm_ipcomp esp4 ah4 af_key xfrm_algo xt_policy xt_multiport ip6table_filter ip6_tables ipt_MASQUERADE nf_nat_
[Mon Nov 20 21:22:24 2017] snd_hda_core hci_uart snd_soc_sst_match snd_hwdep btbcm serdev snd_soc_core mei_txe btqca btintel shpchp mei snd_compress bluetooth ac97_bus snd_pcm_dmaengine snd_pcm dw_dmac ecdh_generic dw_dmac_core snd_timer rfkill_gpio snd intel_int0002_vgpio mac_hid soundcore 8250_dw spi_pxa2xx_platform pwm_lpss_platform pwm_lpss ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_
[Mon Nov 20 21:22:24 2017] CPU: 3 PID: 585 Comm: kworker/3:2 Tainted: G W 4.14.0-
[Mon Nov 20 21:22:24 2017] Hardware name: NF541 NF541/NF541, BIOS BAR1NA02 02/25/2016
[Mon Nov 20 21:22:24 2017] Workqueue: events iwl_mvm_
[Mon Nov 20 21:22:24 2017] task: ffff9939ebd4d700 task.stack: ffffb8ed813c8000
[Mon Nov 20 21:22:24 2017] RIP: 0010:iwl_
[Mon Nov 20 21:22:24 2017] RSP: 0018:ffffb8ed81
[Mon Nov 20 21:22:24 2017] RAX: 00000000000009c4 RBX: 000000000000001f RCX: 0000000000000000
[Mon Nov 20 21:22:24 2017] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000002710
[Mon Nov 20 21:22:24 2017] RBP: ffffb8ed813cbc50 R08: 0000000000002710 R09: 0000000000000001
[Mon Nov 20 21:22:24 2017] R10: 0000000000000000 R11: ffff9939edd4e010 R12: 0000000000000000
[Mon Nov 20 21:22:24 2017] R13: ffff9939f0a80018 R14: 0000000000000000 R15: 0000000000000000
[Mon Nov 20 21:22:24 2017] FS: 000000000000000
[Mon Nov 20 21:22:24 2017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[Mon Nov 20 21:22:24 2017] CR2: 0000000000000070 CR3: 00000002302c4000 CR4: 00000000001006e0
[Mon Nov 20 21:22:24 2017] Call Trace:
[Mon Nov 20 21:22:24 2017] iwl_mvm_
[Mon Nov 20 21:22:24 2017] iwl_mvm_
[Mon Nov 20 21:22:24 2017] ? iwl_mvm_
[Mon Nov 20 21:22:24 2017] ? update_
[Mon Nov 20 21:22:24 2017] ? __switch_
[Mon Nov 20 21:22:24 2017] process_
[Mon Nov 20 21:22:24 2017] worker_
[Mon Nov 20 21:22:24 2017] kthread+0x125/0x140
[Mon Nov 20 21:22:24 2017] ? process_
[Mon Nov 20 21:22:24 2017] ? kthread_
[Mon Nov 20 21:22:24 2017] ret_from_
[Mon Nov 20 21:22:24 2017] Code: 4c 8b b4 c7 08 7e 00 00 f0 48 0f ab 87 08 8e 00 00 73 0d 80 3d 76 7b 02 00 00 0f 84 a1 03 00 00 44 89 c7 e8 f1 3f 05 ce 4d 85 e4 <49> 89 46 70 0f 84 d9 02 00 00 41 0f b6 04 24 89 45 b8 41 0f b6
[Mon Nov 20 21:22:24 2017] RIP: iwl_trans_
[Mon Nov 20 21:22:24 2017] CR2: 0000000000000070
[Mon Nov 20 21:22:24 2017] ---[ end trace 4d628638dc7f89b5 ]---