From: Kalle Valo <kvalo@codeaurora.org>
To: Pravas Kumar Panda <kumarpan@codeaurora.org>
Cc: ath11k@lists.infradead.org, linux-wireless@vger.kernel.org,
Pravas Kumar Panda <kumarpan@codeaurora.org>
Subject: Re: [PATCH] ath11k: Adding proper validation before accessing tx_stats
Date: Wed, 18 Mar 2020 11:53:11 +0000 (UTC) [thread overview]
Message-ID: <20200318115311.2D44CC44798@smtp.codeaurora.org> (raw)
In-Reply-To: <1584446369-7021-1-git-send-email-kumarpan@codeaurora.org>
Pravas Kumar Panda <kumarpan@codeaurora.org> wrote:
> Before dumping tx_stats proper validation was not been taken care of.
> Due to which we were encountering null pointer dereference(kernel panic).
> This scenario will arise when a station is getting disconnected and
> we are changing the STA state by ath11k_mac_op_sta_state and assigning
> tx_stats as NULL and after this the mac80211 will destroy the
> debugfs entry from where we are trying to read the stats.
>
> If anyone tries to dump tx_stats for that STA in between setting
> tx_stats to NULL and debugfs file removal without checking the NULL
> value it will run into a NULL pointer exception.
>
> Proceeding with the analysis of "ARM Kernel Panic".
> The APSS crash happened due to OOPS on CPU 3.
> Crash Signature : Unable to handle kernel NULL pointer dereference at
> virtual address 00000360
> During the crash,
> PC points to "ath11k_debug_htt_stats_init+0x16ac/0x1acc [ath11k]"
> LR points to "ath11k_debug_htt_stats_init+0x1688/0x1acc [ath11k]".
> The Backtrace obtained is as follows:
> [<ffffffbffcfd8590>] ath11k_debug_htt_stats_init+0x16ac/0x1acc [ath11k]
> [<ffffffc000156320>] do_loop_readv_writev+0x60/0xa4
> [<ffffffc000156a5c>] do_readv_writev+0xd8/0x19c
> [<ffffffc000156b54>] vfs_readv+0x34/0x48
> [<ffffffc00017d6f4>] default_file_splice_read+0x1a8/0x2e4
> [<ffffffc00017c56c>] do_splice_to+0x78/0x98
> [<ffffffc00017c63c>] splice_direct_to_actor+0xb0/0x1a4
> [<ffffffc00017c7b4>] do_splice_direct+0x84/0xa8
> [<ffffffc000156f40>] do_sendfile+0x160/0x2a4
> [<ffffffc000157980>] SyS_sendfile64+0xb4/0xc8
>
> Signed-off-by: Pravas Kumar Panda <kumarpan@codeaurora.org>
> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Patch applied to ath-next branch of ath.git, thanks.
fe0ebb51604f ath11k: Adding proper validation before accessing tx_stats
--
https://patchwork.kernel.org/patch/11442613/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
prev parent reply other threads:[~2020-03-18 11:53 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-17 11:59 [PATCH] ath11k: Adding proper validation before accessing tx_stats Pravas Kumar Panda
2020-03-17 11:59 ` Pravas Kumar Panda
2020-03-18 11:53 ` Kalle Valo
2020-03-18 11:53 ` Kalle Valo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200318115311.2D44CC44798@smtp.codeaurora.org \
--to=kvalo@codeaurora.org \
--cc=ath11k@lists.infradead.org \
--cc=kumarpan@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.