On 06/10/2018 10:10 AM, MichaĆ Kazior wrote:
Ben,
The patch is symptomatic. fq_tin_dequeue() already checks if the list
is empty before it tries to access first entry. I see no point in
using the _or_null() + WARN_ON.
The 0x3c deref is likely an offset off of NULL base pointer. Did you
check gd
On 06/08/2018 07:10 AM, Ben Greear wrote:
> Maybe whoever put this code together can take a stab at it.
>
This was one one the motivation for the Fixes: tag request.
By doing a git blame, you can find which commit(s) added this code,
and thus CC the author, who might not follow netdev@ closel
On 06/07/2018 05:13 PM, Cong Wang wrote:
On Thu, Jun 7, 2018 at 4:48 PM, wrote:
From: Ben Greear
While testing an ath10k firmware that often crashed under load,
I was seeing kernel crashes as well. One of them appeared to
be a dereference of a NULL flow object in fq_tin_dequeue.
I have
On 06/07/2018 04:59 PM, Cong Wang wrote:
On Thu, Jun 7, 2018 at 4:48 PM, wrote:
diff --git a/include/net/fq_impl.h b/include/net/fq_impl.h
index be7c0fa..cb911f0 100644
--- a/include/net/fq_impl.h
+++ b/include/net/fq_impl.h
@@ -78,7 +78,10 @@ static struct sk_buff *fq_tin_dequeue(struct fq
On Thu, Jun 7, 2018 at 4:48 PM, wrote:
> From: Ben Greear
>
> While testing an ath10k firmware that often crashed under load,
> I was seeing kernel crashes as well. One of them appeared to
> be a dereference of a NULL flow object in fq_tin_dequeue.
>
> I have since fixed the firmware flaw, but
On Thu, Jun 7, 2018 at 4:48 PM, wrote:
> diff --git a/include/net/fq_impl.h b/include/net/fq_impl.h
> index be7c0fa..cb911f0 100644
> --- a/include/net/fq_impl.h
> +++ b/include/net/fq_impl.h
> @@ -78,7 +78,10 @@ static struct sk_buff *fq_tin_dequeue(struct fq *fq,
> retur
From: Ben Greear
While testing an ath10k firmware that often crashed under load,
I was seeing kernel crashes as well. One of them appeared to
be a dereference of a NULL flow object in fq_tin_dequeue.
I have since fixed the firmware flaw, but I think it would be
worth adding the WARN_ON in case