On Tue, Apr 26, 2022 at 3:34 PM Brian Norris <briannorris@xxxxxxxxxxxx> wrote: > > On Tue, Apr 26, 2022 at 3:20 PM Abhishek Kumar <kuabhs@xxxxxxxxxxxx> wrote: > > > > Double free crash is observed when FW recovery(caused by wmi > > timeout/crash) is followed by immediate suspend event. The FW recovery > > is triggered by ath10k_core_restart() which calls driver clean up via > > ath10k_halt(). When the suspend event occurs between the FW recovery, > > the restart worker thread is put into frozen state until suspend completes. > > The suspend event triggers ath10k_stop() which again triggers ath10k_halt() > > The double invocation of ath10k_halt() causes ath10k_htt_rx_free() to be > > called twice(Note: ath10k_htt_rx_alloc was not called by restart worker > > thread because of its frozen state), causing the crash. > ... > > Tested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1 > > Co-developed-by: Wen Gong <quic_wgong@xxxxxxxxxxx> > > Signed-off-by: Wen Gong <quic_wgong@xxxxxxxxxxx> > > Signed-off-by: Abhishek Kumar <kuabhs@xxxxxxxxxxxx> > > --- > > > > Changes in v2: > > - Fixed typo, replaced ath11k by ath10k in the comments. > > - Adjusted the position of my S-O-B tag. > > - Added the Tested-on tag. > > You could have retained my: > > Reviewed-by: Brian Norris <briannorris@xxxxxxxxxxxx> > > but no worries; it's just a few characters ;) Oh! sorry about that, I was under the impression that if the next iteration is posted, then I cannot just add the Reviewed-by tag provided in the previous iteration by myself.
