In mwifiex_init_new_priv_params() we update our private driver state to reflect the currently selected virtual interface type. Most notably we set the bss_mode to the mode we're going to put the firmware in. Now after we updated the driver state we actually start talking to the firmware and instruct it to set up the new mode. Those commands can and will sometimes fail, in which case we return with an error from mwifiex_change_vif_to_*. We currently update our virtual interface type counters after this return, which means the code is never reached when a firmware error happens and we never update the counters. Since we have updated our bss_mode earlier though, the counters now no longer reflect the actual state of the driver. This will break things on the next virtual interface change, because the virtual interface type we're switching away from didn't get its counter incremented, and we end up decrementing a 0-counter. To fix this, simply update the virtual interface type counters right after updating our driver structures, so that they are always in sync. Signed-off-by: Jonas Dreßler <verdre@xxxxxxx> --- .../net/wireless/marvell/mwifiex/cfg80211.c | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/drivers/net/wireless/marvell/mwifiex/cfg80211.c b/drivers/net/wireless/marvell/mwifiex/cfg80211.c index 8b9517c243c8..f2797102c5a2 100644 --- a/drivers/net/wireless/marvell/mwifiex/cfg80211.c +++ b/drivers/net/wireless/marvell/mwifiex/cfg80211.c @@ -1059,6 +1059,10 @@ mwifiex_change_vif_to_p2p(struct net_device *dev, if (mwifiex_init_new_priv_params(priv, dev, type)) return -1; + update_vif_type_counter(adapter, curr_iftype, -1); + update_vif_type_counter(adapter, type, +1); + dev->ieee80211_ptr->iftype = type; + switch (type) { case NL80211_IFTYPE_P2P_CLIENT: if (mwifiex_cfg80211_init_p2p_client(priv)) @@ -1082,10 +1086,6 @@ mwifiex_change_vif_to_p2p(struct net_device *dev, if (mwifiex_sta_init_cmd(priv, false, false)) return -1; - update_vif_type_counter(adapter, curr_iftype, -1); - update_vif_type_counter(adapter, type, +1); - dev->ieee80211_ptr->iftype = type; - return 0; } @@ -1116,16 +1116,17 @@ mwifiex_change_vif_to_sta_adhoc(struct net_device *dev, return -1; if (mwifiex_init_new_priv_params(priv, dev, type)) return -1; + + update_vif_type_counter(adapter, curr_iftype, -1); + update_vif_type_counter(adapter, type, +1); + dev->ieee80211_ptr->iftype = type; + if (mwifiex_send_cmd(priv, HostCmd_CMD_SET_BSS_MODE, HostCmd_ACT_GEN_SET, 0, NULL, true)) return -1; if (mwifiex_sta_init_cmd(priv, false, false)) return -1; - update_vif_type_counter(adapter, curr_iftype, -1); - update_vif_type_counter(adapter, type, +1); - dev->ieee80211_ptr->iftype = type; - return 0; } @@ -1152,15 +1153,17 @@ mwifiex_change_vif_to_ap(struct net_device *dev, return -1; if (mwifiex_init_new_priv_params(priv, dev, type)) return -1; + + update_vif_type_counter(adapter, curr_iftype, -1); + update_vif_type_counter(adapter, type, +1); + dev->ieee80211_ptr->iftype = type; + if (mwifiex_send_cmd(priv, HostCmd_CMD_SET_BSS_MODE, HostCmd_ACT_GEN_SET, 0, NULL, true)) return -1; if (mwifiex_sta_init_cmd(priv, false, false)) return -1; - update_vif_type_counter(adapter, curr_iftype, -1); - update_vif_type_counter(adapter, type, +1); - dev->ieee80211_ptr->iftype = type; return 0; } /* -- 2.31.1