diff options
author | Anilkumar Kolli <akolli@qti.qualcomm.com> | 2016-04-26 19:05:48 +0300 |
---|---|---|
committer | Kalle Valo <kvalo@qca.qualcomm.com> | 2016-05-06 18:55:36 +0300 |
commit | 4ad24a9d83bd4bf0a85e95bf144e18d3fda4fbf1 (patch) | |
tree | 3ff9dea4e9186e34c1405c3c51da29c856635f69 /drivers/net/wireless/ath | |
parent | de46d165658fbfcec8d083513fb96dec6d28d454 (diff) | |
download | linux-4ad24a9d83bd4bf0a85e95bf144e18d3fda4fbf1.tar.xz |
ath10k: fix kernel panic, move arvifs list head init before htt init
It is observed that while loading and unloading ath10k modules
in an infinite loop, before ath10k_core_start() completion HTT
rx frames are received, while processing these frames,
dereferencing the arvifs list code is getting hit before
initilizing the arvifs list, causing a kernel panic.
This patch initilizes the arvifs list before initilizing htt.
Fixes the below issue:
[<bf88b058>] (ath10k_htt_rx_pktlog_completion_handler+0x278/0xd08 [ath10k_core])
[<bf88b058>] (ath10k_htt_rx_pktlog_completion_handler [ath10k_core])
[<bf88c0dc>] (ath10k_htt_txrx_compl_task+0x5f4/0xeb0 [ath10k_core])
[<bf88c0dc>] (ath10k_htt_txrx_compl_task [ath10k_core])
[<c0234100>] (tasklet_action+0x8c/0xec)
[<c0234100>] (tasklet_action)
[<c02337c0>] (__do_softirq+0xf8/0x228)
[<c02337c0>] (__do_softirq) [<c0233920>] (run_ksoftirqd+0x30/0x90)
Code: e5954ad8 e2899008 e1540009 0a00000d (e5943008)
---[ end trace 71de5c2e011dbf56 ]---
Kernel panic - not syncing: Fatal exception in interrupt
Fixes: 500ff9f9389d ("ath10k: implement chanctx API")
Cc: <stable@vger.kernel.org>
Signed-off-by: Anilkumar Kolli <akolli@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
Diffstat (limited to 'drivers/net/wireless/ath')
-rw-r--r-- | drivers/net/wireless/ath/ath10k/core.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c index e94cb87380d2..58a220c2f39d 100644 --- a/drivers/net/wireless/ath/ath10k/core.c +++ b/drivers/net/wireless/ath/ath10k/core.c @@ -1758,6 +1758,10 @@ int ath10k_core_start(struct ath10k *ar, enum ath10k_firmware_mode mode, goto err_hif_stop; } + ar->free_vdev_map = (1LL << ar->max_num_vdevs) - 1; + + INIT_LIST_HEAD(&ar->arvifs); + /* we don't care about HTT in UTF mode */ if (mode == ATH10K_FIRMWARE_MODE_NORMAL) { status = ath10k_htt_setup(&ar->htt); @@ -1771,10 +1775,6 @@ int ath10k_core_start(struct ath10k *ar, enum ath10k_firmware_mode mode, if (status) goto err_hif_stop; - ar->free_vdev_map = (1LL << ar->max_num_vdevs) - 1; - - INIT_LIST_HEAD(&ar->arvifs); - return 0; err_hif_stop: |