If authentication has already been performed when the WLAN interface is
stopped, (sometimes) the ieee80211_work_purge would corrupt some
ieee80211_work-structures. The outcome is this (cleaned up):
[ 2252.398681] WARNING: at net/mac80211/work.c:995 ieee80211_work_purge
[ 2252.466430] Backtrace:
[ 2252.529266] (ieee80211_work_purge+0x0/0xcc [mac80211])
[ 2252.546875] (ieee80211_stop+0x0/0x4c0 [mac80211])
Additionally, one would get this, going on regarless of the WLAN interface
state, going on forever:
[ 2252.859985] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717525)
[ 2253.055419] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717524)
[ 2253.250610] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717523)
[ 2253.446014] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717522)
[ 2253.641357] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717521)
Signed-off-by: Juuso Oikarinen <[email protected]>
---
net/mac80211/work.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/mac80211/work.c b/net/mac80211/work.c
index 7e708d5..1e1ea30 100644
--- a/net/mac80211/work.c
+++ b/net/mac80211/work.c
@@ -869,6 +869,7 @@ static void ieee80211_work_work(struct work_struct *work)
break;
case IEEE80211_WORK_ABORT:
rma = WORK_ACT_TIMEOUT;
+ break;
case IEEE80211_WORK_DIRECT_PROBE:
rma = ieee80211_direct_probe(wk);
break;
--
1.6.3.3
On Thu, 2010-02-25 at 15:05 +0200, Juuso Oikarinen wrote:
> If authentication has already been performed when the WLAN interface is
> stopped, (sometimes) the ieee80211_work_purge would corrupt some
> ieee80211_work-structures. The outcome is this (cleaned up):
>
> [ 2252.398681] WARNING: at net/mac80211/work.c:995 ieee80211_work_purge
> [ 2252.466430] Backtrace:
> [ 2252.529266] (ieee80211_work_purge+0x0/0xcc [mac80211])
> [ 2252.546875] (ieee80211_stop+0x0/0x4c0 [mac80211])
>
> Additionally, one would get this, going on regarless of the WLAN interface
> state, going on forever:
>
> [ 2252.859985] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717525)
> [ 2253.055419] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717524)
> [ 2253.250610] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717523)
> [ 2253.446014] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717522)
> [ 2253.641357] wlan0: direct probe to 00:90:4c:60:04:00 (try -996717521)
>
> Signed-off-by: Juuso Oikarinen <[email protected]>
> ---
> net/mac80211/work.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/net/mac80211/work.c b/net/mac80211/work.c
> index 7e708d5..1e1ea30 100644
> --- a/net/mac80211/work.c
> +++ b/net/mac80211/work.c
> @@ -869,6 +869,7 @@ static void ieee80211_work_work(struct work_struct *work)
> break;
> case IEEE80211_WORK_ABORT:
> rma = WORK_ACT_TIMEOUT;
> + break;
> case IEEE80211_WORK_DIRECT_PROBE:
> rma = ieee80211_direct_probe(wk);
> break;
Wow, thanks. I had been looking for this bug but never found it and then
it stopped happening for me ...
Reviewed-by: Johannes Berg <[email protected]>
johannes