[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20241017073920.176412-1-jtornosm@redhat.com>
Date: Thu, 17 Oct 2024 09:39:17 +0200
From: Jose Ignacio Tornos Martinez <jtornosm@...hat.com>
To: quic_jjohnson@...cinc.com
Cc: ath12k@...ts.infradead.org,
jjohnson@...nel.org,
jtornosm@...hat.com,
kvalo@...nel.org,
linux-kernel@...r.kernel.org,
linux-wireless@...r.kernel.org,
stable@...r.kernel.org
Subject: Re: [PATCH v2 2/2] wifi: ath12k: fix crash when unbinding
Hello Jeff,
> FYI I didn't comment on this previously but
> <https://www.kernel.org/doc/html/latest/process/submitting-patches.html#backtraces-in-commit-messages>
> has some guidance on trimming backtraces in commit messages.
Ok, I will trim the backtrace in a next version of the patch.
And I will fix the typos too.
> I still don't understand why this check is necessary.
>
> Why isn't just adding the "dp->tx_ring[i].tx_status = NULL" inside the loop
> sufficient?
>
> You previously wrote the "warning comes from free_large_kmalloc". Is that
> warning due to a NULL pointer, or due to a double free?
>
> I don't see how it could be from a NULL pointer since in kfree() the 1st thing
> it does is trace the entry, but then the 2nd thing it does is return "if
> (unlikely(ZERO_OR_NULL_PTR(object)))"
>
> So I'm suspecting a double free, and setting dp->tx_ring[i].tx_status = NULL
> should fix that issue.
Sorry, I didn't understand you at the beginning and I thought that you were
referring to the complete fix (including setting to NULL). You are right, it
is a double free and the test is not necessary, just set to NULL after
freeing.
Thanks
Best regards
José Ignacio
Powered by blists - more mailing lists