From: Adrian Chadd <adrian@freebsd.org>
To: ath9k-devel@lists.ath9k.org
Subject: [ath9k-devel] [PATCH] mac80211: debugfs var for the default aggregation timeout.
Date: Sat, 9 Apr 2016 17:31:37 -0700 [thread overview]
Message-ID: <CAJ-Vmon7Qyms95U4AuidkqMcGFPqXi3pWuEQastUdHe7B6hfFA@mail.gmail.com> (raw)
In-Reply-To: <1460177816.7409.4.camel@sipsolutions.net>
On 8 April 2016 at 21:56, Johannes Berg <johannes@sipsolutions.net> wrote:
> On Fri, 2016-04-08 at 21:27 -0400, Avery Pennarun wrote:
>
>> > Just to be clear, this crash is only from *reading* the agg_status
>> > files. I don't know if the crashiness reduces when disabling the
>> > aggregation timeouts, since that's a separate bug (in which the
>> > queue gets stuck and the 'pending' column of this file just keeps
>> > increasing).
>
> Oh, right, I was confusing the two. The reading one is even stranger
> though, in a way. I have no explanation for it (yet). We could suspect
> memory corruption, but why would it specifically hit issues here? Not
> very plausible.
>
>> Updated .ko file that definitely has debug symbols this time:
>> http://apenwarr.ca/tmp/mac80211-agg-status-crash-debugsyms.ko
>>
>
> Ok, that confirms what I did manually in my previous email - that it
> crashed on this:
>
> 141 p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.2x",
> 142 tid_tx ? tid_tx->dialog_token : 0);
>
> (and by hand I'd already checked that it crashed dereferencing the
> tid_tx->dialog_token, since tid_tx was the value 0x5b35da40.
>
> If any people more familiar with ARM are reading this - does the value
> 0x5b35da40 ring a bell? Is that a userspace area? Or an area where the
> stack would be? All other points around here seem to look like
> 0xac0c3c58, or maybe 0x838c6958, but not 0x5b35...., how could we end
> up with that?
.. that looks very userland-y to me. Is it just some pointer garbage perhaps?
Do you have a full crashdump? what's sta->ampdu_mlme look like?
-a
next prev parent reply other threads:[~2016-04-10 0:31 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAHqTa-22NpabO6B7nL=O26fnuGQHFOzpagWtsfQz4_BfrO6nTw@mail.gmail.com>
[not found] ` <1455658091-28262-1-git-send-email-apenwarr@gmail.com>
[not found] ` <1455658091-28262-2-git-send-email-apenwarr@gmail.com>
[not found] ` <1456222441.2041.10.camel@sipsolutions.net>
[not found] ` <CAHqTa-1CkJ-Pm6o7-pxcek4h+hmq6EtA0u12zGGraOUjDjeXSQ@mail.gmail.com>
[not found] ` <1456257946.9910.23.camel@sipsolutions.net>
2016-04-05 23:46 ` [ath9k-devel] [PATCH] mac80211: debugfs var for the default aggregation timeout Avery Pennarun
2016-04-06 7:40 ` Johannes Berg
2016-04-08 1:32 ` Avery Pennarun
2016-04-08 6:56 ` Johannes Berg
2016-04-08 7:01 ` Johannes Berg
2016-04-08 7:15 ` Johannes Berg
2016-04-08 8:31 ` Avery Pennarun
2016-04-09 1:27 ` Avery Pennarun
2016-04-09 4:56 ` Johannes Berg
2016-04-10 0:31 ` Adrian Chadd [this message]
2016-04-10 2:12 ` bruce m beach
2016-04-19 1:29 ` Avery Pennarun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJ-Vmon7Qyms95U4AuidkqMcGFPqXi3pWuEQastUdHe7B6hfFA@mail.gmail.com \
--to=adrian@freebsd.org \
--cc=ath9k-devel@lists.ath9k.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).