Search Linux Wireless

Re: [PATCH V2] ath6kl: Fix kernel panic during rx aggregation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 01/26/2012 09:47 AM, Vasanthakumar Thiagarajan wrote:
> "ath6kl: Define a structure for connection specific aggregation information"
> introduces this. In aggr_conn_init(), vif->aggr_cntxt is assigned to
> aggr_conn->aggr_info, but vif->aggr_cntxt is not initialized at this
> point, this would end up accessing an invalid pointer in aggregation
> receive path. Fix this by passing the correct aggr_info to aggr_conn_init().
> The panic trace would look like.
> 
> [<ffffffff8159e02e>] panic+0xa1/0x1c6
> [<ffffffff8103773d>] ? kmsg_dump+0xfd/0x160
> [<ffffffff815a2f6a>] oops_end+0xea/0xf0
> [<ffffffff8102b95d>] no_context+0x11d/0x2d0
> [<ffffffff8102bc5d>] __bad_area_nosemaphore+0x14d/0x230
> [<ffffffff815a5c4d>] ? do_page_fault+0x30d/0x520
> [<ffffffff8102bd53>] bad_area_nosemaphore+0x13/0x20
> [<ffffffff815a5cfd>] do_page_fault+0x3bd/0x520
> [<ffffffff8108bd60>] ? __lock_acquire+0x320/0x1680
> [<ffffffff812e3a9d>] ? trace_hardirqs_off_thunk+0x3a/0x3c
> [<ffffffff815a2385>] page_fault+0x25/0x30
> [<ffffffffa0487a5f>] ? aggr_slice_amsdu+0xdf/0x170 [ath6kl_core]
> [<ffffffffa0487bac>] aggr_deque_frms+0xbc/0x190 [ath6kl_core]
> [<ffffffffa0488404>] ath6kl_rx+0x3e4/0xae0 [ath6kl_core]
> [<ffffffffa047ae77>] ath6kl_htc_rxmsg_pending_handler+0x8b7/0xf10 [ath6kl_core]
> [<ffffffffa00c82f0>] ? mmc_do_release_host+0x70/0x90 [mmc_core]
> [<ffffffffa00c833a>] ? mmc_release_host+0x2a/0x50 [mmc_core]
> [<ffffffffa04865c0>] ? ath6kl_alloc_amsdu_rxbuf+0x140/0x140 [ath6kl_core]
> [<ffffffffa0477772>] ath6kl_hif_intr_bh_handler+0x362/0x510 [ath6kl_core]
> [<ffffffffa01f1000>] ath6kl_sdio_irq_handler+0x60/0xb0 [ath6kl_sdio]
> [<ffffffffa00d30bc>] sdio_irq_thread+0xec/0x320 [mmc_core]
> [<ffffffffa00d2fd0>] ? sdio_claim_irq+0x220/0x220 [mmc_core]
> [<ffffffffa00d2fd0>] ? sdio_claim_irq+0x220/0x220 [mmc_core]
> [<ffffffff8105b21e>] kthread+0xbe/0xd0
> [<ffffffff815ab574>] kernel_thread_helper+0x4/0x10
> [<ffffffff815a2174>] ? retint_restore_args+0x13/0x13
> [<ffffffff8105b160>] ? __init_kthread_worker+0x70/0x70
> [<ffffffff815ab570>] ? gs_change+0x13/0x13
> 
> Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@xxxxxxxxxxxxxxxx>

Thanks, applied.

Kalle
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux