Return-path: Received: from s3.sipsolutions.net ([5.9.151.49]:50282 "EHLO sipsolutions.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750962AbcDHHBw (ORCPT ); Fri, 8 Apr 2016 03:01:52 -0400 Message-ID: <1460098909.30678.2.camel@sipsolutions.net> (sfid-20160408_090156_026758_0B5986D0) Subject: Re: [PATCH] mac80211: debugfs var for the default aggregation timeout. From: Johannes Berg To: Avery Pennarun Cc: ath9k-devel , linux-wireless , Felix Fietkau Date: Fri, 08 Apr 2016 09:01:49 +0200 In-Reply-To: <1460098614.30678.1.camel@sipsolutions.net> (sfid-20160408_085710_192124_E4948ED0) References: <1455658091-28262-1-git-send-email-apenwarr@gmail.com> <1455658091-28262-2-git-send-email-apenwarr@gmail.com> <1456222441.2041.10.camel@sipsolutions.net> <1456257946.9910.23.camel@sipsolutions.net> <1459928436.17504.11.camel@sipsolutions.net> (sfid-20160408_033318_084748_CFEAEAF8) <1460098614.30678.1.camel@sipsolutions.net> (sfid-20160408_085710_192124_E4948ED0) Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Sender: linux-wireless-owner@vger.kernel.org List-ID: On Fri, 2016-04-08 at 08:56 +0200, Johannes Berg wrote: > On Thu, 2016-04-07 at 21:32 -0400, Avery Pennarun wrote: > > > > > Yes.  Here it is: > > http://apenwarr.ca/tmp/mac80211-agg-status-crash.ko > > > Unfortunately there are no debug symbols in this file, so it doesn't > help me much. I can't even seem to get objdump to disassemble it > correctly: looks like the file is in thumb, going from things > like R_ARM_THM_CALL relocations, but even -Mforce-thumb doesn't seem > to DRT; sta_agg_status_read+0xeb isn't even a valid instruction > offset in regular ARM mode. > It *seems* that it most likely crashes on the first access to tid_tx, which is consistent with the story of disabling TX aggregation timeouts reducing the chances. So I guess we have to look for some TX aggregation teardown RCU pointer problem? johannes