On Fri, 2016-04-08 at 09:01 +0200, Johannes Berg wrote: > On Fri, 2016-04-08 at 08:56 +0200, Johannes Berg wrote: > > > > On Thu, 2016-04-07 at 21:32 -0400, Avery Pennarun wrote: > > > > > > > > > > > Yes. Here it is: > > > http://apenwarr.ca/tmp/mac80211-agg-status-crash.ko > > > > > Unfortunately there are no debug symbols in this file, so it > > doesn't > > help me much. I can't even seem to get objdump to disassemble it > > correctly: looks like the file is in thumb, going from things > > like R_ARM_THM_CALL relocations, but even -Mforce-thumb doesn't > > seem > > to DRT; sta_agg_status_read+0xeb isn't even a valid instruction > > offset in regular ARM mode. > > > It *seems* that it most likely crashes on the first access to tid_tx, > which is consistent with the story of disabling TX aggregation > timeouts > reducing the chances. > > So I guess we have to look for some TX aggregation teardown RCU > pointer problem? >
Can't find anything. The only other thing I saw now is that the TID appears to be 7 (in r7), might be worth looking for whether that's a common thing or not? johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
