From: Johannes Berg <johannes@sipsolutions.net>
To: Avery Pennarun <apenwarr@gmail.com>
Cc: ath9k-devel <ath9k-devel@lists.ath9k.org>,
linux-wireless <linux-wireless@vger.kernel.org>,
Felix Fietkau <nbd@nbd.name>
Subject: Re: [PATCH] mac80211: debugfs var for the default aggregation timeout.
Date: Sat, 09 Apr 2016 06:56:56 +0200 [thread overview]
Message-ID: <1460177816.7409.4.camel@sipsolutions.net> (raw)
In-Reply-To: <CAHqTa-0oji0=-CMYbQ6PQw-R5_jsuUjAAtERwDvLieBD=ObCKw@mail.gmail.com> (sfid-20160409_032748_062530_E2AD90E8)
On Fri, 2016-04-08 at 21:27 -0400, Avery Pennarun wrote:
> > Just to be clear, this crash is only from *reading* the agg_status
> > files. I don't know if the crashiness reduces when disabling the
> > aggregation timeouts, since that's a separate bug (in which the
> > queue gets stuck and the 'pending' column of this file just keeps
> > increasing).
Oh, right, I was confusing the two. The reading one is even stranger
though, in a way. I have no explanation for it (yet). We could suspect
memory corruption, but why would it specifically hit issues here? Not
very plausible.
> Updated .ko file that definitely has debug symbols this time:
> http://apenwarr.ca/tmp/mac80211-agg-status-crash-debugsyms.ko
>
Ok, that confirms what I did manually in my previous email - that it
crashed on this:
141 p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.2x",
142 tid_tx ? tid_tx->dialog_token : 0);
(and by hand I'd already checked that it crashed dereferencing the
tid_tx->dialog_token, since tid_tx was the value 0x5b35da40.
If any people more familiar with ARM are reading this - does the value
0x5b35da40 ring a bell? Is that a userspace area? Or an area where the
stack would be? All other points around here seem to look like
0xac0c3c58, or maybe 0x838c6958, but not 0x5b35...., how could we end
up with that?
johannes
next prev parent reply other threads:[~2016-04-09 4:57 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-04 5:03 ath9k(?): AP stops sending traffic to iPhone 4S until another 802.11n-capable STA joins Avery Pennarun
2016-02-16 21:28 ` Avery Pennarun
2016-02-16 21:28 ` [PATCH] mac80211: debugfs var for the default aggregation timeout Avery Pennarun
2016-02-16 21:44 ` Johannes Berg
2016-02-17 2:05 ` Sujith Manoharan
2016-02-23 10:14 ` Johannes Berg
2016-02-23 18:43 ` Avery Pennarun
2016-02-23 20:05 ` Johannes Berg
2016-04-05 23:46 ` Avery Pennarun
2016-04-06 7:40 ` Johannes Berg
2016-04-08 1:32 ` Avery Pennarun
2016-04-08 6:56 ` Johannes Berg
2016-04-08 7:01 ` Johannes Berg
2016-04-08 7:15 ` Johannes Berg
2016-04-08 8:31 ` Avery Pennarun
2016-04-09 1:27 ` Avery Pennarun
2016-04-09 4:56 ` Johannes Berg [this message]
2016-04-10 0:31 ` Adrian Chadd
2016-04-10 1:59 ` bruce m beach
2016-04-19 1:29 ` Avery Pennarun
2016-02-16 22:05 ` ath9k(?): AP stops sending traffic to iPhone 4S until another 802.11n-capable STA joins Johannes Berg
2016-02-17 4:32 ` Avery Pennarun
2016-02-17 6:23 ` Krishna Chaitanya
2016-02-17 7:05 ` Avery Pennarun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1460177816.7409.4.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=apenwarr@gmail.com \
--cc=ath9k-devel@lists.ath9k.org \
--cc=linux-wireless@vger.kernel.org \
--cc=nbd@nbd.name \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).