system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-10-25 04:37:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/drivers/net/wireless
History
Mohammed Shafi Shajakhan 61e1b0b00c ath9k: Fix kernel panic in AR2427 
Kernel panic occurs just after AR2427 establishes connection with AP.
Unless aggregation is enabled we don't initialize the TID structure.
Thus accesing the elements of the TID structure when aggregation is
disabled, leads to NULL pointer dereferencing.

[  191.320358] Call Trace:
[  191.320364]  [<fd250ea7>] ? ath9k_tx+0xa7/0x200 [ath9k]
[  191.320376]  [<fd1ec7fc>] ? __ieee80211_tx+0x5c/0x1e0 [mac80211]
[  191.320386]  [<fd1edd2b>] ? ieee80211_tx+0x7b/0x90 [mac80211]
[  191.320395]  [<fd1edddd>] ? ieee80211_xmit+0x9d/0x1d0 [mac80211]
[  191.320401]  [<c014218f>] ? wake_up_state+0xf/0x20
[  191.320405]  [<c015dbc8>] ? signal_wake_up+0x28/0x40
[  191.320410]  [<c012a578>] ? default_spin_lock_flags+0x8/0x10
[  191.320420]  [<fd1ee308>] ? ieee80211_subif_start_xmit+0x2e8/0x7c0
[mac80211]
[  191.320425]  [<c058f905>] ? do_page_fault+0x295/0x3a0
[  191.320431]  [<c04c4a3d>] ? dev_hard_start_xmit+0x1ad/0x210
[  191.320436]  [<c04d96b5>] ? sch_direct_xmit+0x105/0x170
[  191.320445]  [<fd1f161a>] ? get_sta_flags+0x2a/0x40 [mac80211]
[  191.320449]  [<c04c780f>] ? dev_queue_xmit+0x37f/0x4b0
[  191.320452]  [<c04d75b0>] ? eth_header+0x0/0xb0
[  191.320456]  [<c04cc479>] ? neigh_resolve_output+0xe9/0x310
[  191.320461]  [<c053d295>] ? ip6_output_finish+0xa5/0x110
[  191.320464]  [<c053e354>] ? ip6_output2+0x134/0x250
[  191.320468]  [<c053f7dd>] ? ip6_output+0x6d/0x100
[  191.320471]  [<c0559665>] ? mld_sendpack+0x395/0x3e0
[  191.320475]  [<c0557f81>] ? add_grhead+0x31/0xa0
[  191.320478]  [<c055a83c>] ? mld_send_cr+0x1bc/0x2b0
[  191.320482]  [<c01535d9>] ? irq_exit+0x39/0x70
[  191.320485]  [<c055a940>] ? mld_ifc_timer_expire+0x10/0x40
[  191.320489]  [<c015b92e>] ? run_timer_softirq+0x13e/0x2c0
[  191.320493]  [<c0103a30>] ? common_interrupt+0x30/0x40
[  191.320498]  [<c055a930>] ? mld_ifc_timer_expire+0x0/0x40
[  191.320502]  [<c0153358>] ? __do_softirq+0x98/0x1b0
[  191.320506]  [<c01534b5>] ? do_softirq+0x45/0x50
[  191.320509]  [<c0153605>] ? irq_exit+0x65/0x70
[  191.320513]  [<c05917dc>] ? smp_apic_timer_interrupt+0x5c/0x8b
[  191.320516]  [<c0103df1>] ? apic_timer_interrupt+0x31/0x40
[  191.320521]  [<c016007b>] ? k_getrusage+0x12b/0x2f0
[  191.320525]  [<c039e384>] ? acpi_idle_enter_simple+0x117/0x148
[  191.320529]  [<c04a20da>] ? cpuidle_idle_call+0x7a/0x100
[  191.320532]  [<c01021d4>] ? cpu_idle+0x94/0xd0
[  191.320536]  [<c057ab88>] ? rest_init+0x58/0x60
[  191.320541]  [<c07a58ec>] ? start_kernel+0x351/0x357
[  191.320544]  [<c07a53c7>] ? unknown_bootoption+0x0/0x19e
[  191.320548]  [<c07a50aa>] ? i386_start_kernel+0xaa/0xb1
[  191.320550] Code: 03 66 3d 00 03 0f 84 7c 02 00 00 83 c3 18 0f b6 03
8b 4d e0 89 c3 83 e3 0f 6b c3 48 89 5d d8 8d 04 06 8d 50 0c 89 55 d0 8b
40 20 <8b> 00 3b 01 0f 85 8e 02 00 00 f6 47 20 40 0f 84 29 ff ff ff 8b
[  191.320634] EIP: [<fd2586d4>] ath_tx_start+0x474/0x770 [ath9k] SS:ESP
0068:c0761a90
[  191.320642] CR2: 0000000000000000
[  191.320647] ---[ end trace 9296ef23b9076ece ]---
[  191.320650] Kernel panic - not syncing: Fatal exception in interrupt

Cc: stable@kernel.org
Signed-off-by: Mohammed Shafi Shajakhan <mshajakhan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-03-21 15:19:49 -04:00
..
ath ath9k: Fix kernel panic in AR2427 2011-03-21 15:19:49 -04:00
b43 b43: trivial: update B43_PHY_N description (PHY support) 2011-03-07 13:51:04 -05:00
b43legacy mac80211: make tx() operation return void 2011-02-25 15:32:34 -05:00
hostap
ipw2x00 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2011-03-16 16:29:25 -07:00
iwlegacy Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-03-04 14:10:40 -05:00
iwlwifi iwlwifi: missing unlock on error path 2011-03-21 15:17:14 -04:00
iwmc3200wifi
libertas libertas: fix write past end of array in mesh_id_get() 2011-03-11 14:15:36 -05:00
libertas_tf mac80211: make tx() operation return void 2011-02-25 15:32:34 -05:00
orinoco orinoco: Maintain lock until entry removed from list 2011-03-21 15:18:34 -04:00
p54 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-03-11 14:11:11 -05:00
prism54
rt2x00 rt2x00: Add unknown Toshiba device 2011-03-21 15:19:24 -04:00
rtl818x rtl8187: Change rate-control feedback 2011-03-04 14:05:17 -05:00
rtlwifi rtlwifi: Fix memset argument order 2011-03-21 15:19:48 -04:00
wl12xx ieee80211: add IEEE80211_COUNTRY_STRING_LEN definition 2011-03-09 16:10:56 -05:00
wl1251 wl1251: fix elp_work race condition 2011-03-11 14:15:35 -05:00
zd1211rw zd1211rw: TrendNet TEW-509UB id added 2011-03-21 15:17:13 -04:00
adm8211.c mac80211: make tx() operation return void 2011-02-25 15:32:34 -05:00
adm8211.h
airo.c
airo.h
airo_cs.c
at76c50x-usb.c at76c50x-usb: fix warning caused by at76_mac80211_tx now returning void 2011-02-28 13:57:30 -05:00
at76c50x-usb.h ieee80211: add IEEE80211_COUNTRY_STRING_LEN definition 2011-03-09 16:10:56 -05:00
atmel.c
atmel.h
atmel_cs.c
atmel_pci.c
Kconfig iwlwifi: split the drivers for agn and legacy devices 3945/4965 2011-02-21 11:27:26 -08:00
mac80211_hwsim.c mac80211: make tx() operation return void 2011-02-25 15:32:34 -05:00
Makefile rtlwifi: Fix build when RTL8192CU is selected, but RTL8192CE is not 2011-02-23 16:25:30 -05:00
mwl8k.c mwl8k: use kcalloc instead of kmalloc & memset 2011-03-09 16:10:45 -05:00
ray_cs.c
ray_cs.h
rayctl.h
rndis_wlan.c rndis_wlan: use power save only for BCM4320b 2011-02-25 15:21:51 -05:00
wl3501.h
wl3501_cs.c
zd1201.c
zd1201.h