On Wed, 29 Dec 2021 19:17:30 +0800, Pavel Machek wrote:
So we have !rx_queue->page_ring. But in efx_reuse_page, we do
index = rx_queue->page_remove & rx_queue->page_ptr_mask;
page = rx_queue->page_ring[index];
So index is now zero, but we'll derefernce null pointer anyway.
Thanks for your reply. I am so sorry to submit the wrong patch and cause the trouble. Now there are two ways to fix it. One is to directly return error when fails and finally cause the failure of the efx_start_all(). But I notice that efx_start_channels() -> efx_init_rx_queue() -> efx_init_rx_recycle_ring(), and efx_start_channels() starts many channels. Maybe the last channel fails without the enough memory, but the other are success and can work regularly. To work more efficiently, I think the second way is better that we just check every where using rx_queue->page_ring. In this way, we don't need to alloc and free the channels frequently and finish most of the job. The patch is something that likes as follow.
diff --git a/drivers/net/ethernet/sfc/rx_common.c b/drivers/net/ethernet/sfc/rx_common.c index 68fc7d317693..7172b5fcc104 100644 --- a/drivers/net/ethernet/sfc/rx_common.c +++ b/drivers/net/ethernet/sfc/rx_common.c @@ -45,6 +45,9 @@ static struct page *efx_reuse_page(struct efx_rx_queue *rx_queue) unsigned int index; struct page *page;
+ if (!rx_queue->page_ring) + return NULL; + index = rx_queue->page_remove & rx_queue->page_ptr_mask; page = rx_queue->page_ring[index]; if (page == NULL)