CONFIG_CFG80211=y
CONFIG_NL80211=y
CONFIG_MAC80211=y
CONFIG_MAC80211_LEDS=y
# CONFIG_MAC80211_DEBUG is not set
# CONFIG_IEEE80211 is not set
# CONFIG_WLAN_PRE80211 is not set
CONFIG_WLAN_80211=y
# CONFIG_BCM43XX_MAC80211 is not set
CONFIG_RT2X00=m
CONFIG_RT2X00_LIB=m
CONFIG_RT2X00_LIB_PCI=m
# CONFIG_RT2400PCI is not set
CONFIG_RT2500PCI=m
# CONFIG_RT2500USB is not set
# CONFIG_RT2X00_DEBUG is not set
# CONFIG_ZD1211RW_MAC80211 is not set
On Tuesday 15 May 2007 13:12, John W. Linville wrote:\
> Patch below...does this work better? Looks like upstream needs
> it too...
>
ACK. Looks like I forgot to set sdata after removing the code that set it.
Thanks,
-Michael Wu
On Tue, May 15, 2007 at 05:28:42PM +0200, David LAMPARTER wrote:
> BUG: unable to handle kernel NULL pointer derference at virtual address 00000218
> [...]
> EIP is at ieee80211_ibss_add_sta+0xae/0x130
> [...]
> EIP: [<c05773fe>] ieee_80211_ibss_add_sta+0xae/0x130 SS:ESP 0068:f641dc38
> Kernel panic - not syncing: Fatal exception in interrupt
>
> The bug seems to be triggered as soon as the stack tries to
> join my router's ad-hoc; it happen either directly when
> doing "ip l s wlan0 up" as well as when doing
> "iwconfig wlan0 essid equinox" (when it did not immediately
> find the network).
Probably because of this:
struct ieee80211_sub_if_data *sdata = NULL;
...
sta->supp_rates = sdata->u.sta.supp_rates_bits;
Patch below...does this work better? Looks like upstream needs
it too...
John
---
Avoid sdata null pointer dereference in ieee80211_ibss_add_sta.
Signed-off-by: John W. Linville <[email protected]>
---
net/mac80211/ieee80211_sta.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
index a36c6f3..dd36cc6 100644
--- a/net/mac80211/ieee80211_sta.c
+++ b/net/mac80211/ieee80211_sta.c
@@ -3154,7 +3154,7 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
{
struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
struct sta_info *sta;
- struct ieee80211_sub_if_data *sdata = NULL;
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
/* TODO: Could consider removing the least recently used entry and
* allow new one to be added. */
--
John W. Linville
[email protected]
On Tue, May 15, 2007 at 01:12:02PM -0400, John W. Linville wrote:
> Patch below...does this work better? Looks like upstream needs
> it too...
Yup, this fixes it. Thanks for the quick fix.
However, ad-hoc still does not work, since the network device's
carrier status does not seem to be properly set. (It remains
in NO-CARRIER even after "wlan0: Selected IBSS BSSID
92:68:a2:db:de:45 based on configured SSID". I dirtily hacked
around that with the following two-liner:
--- wireless-dev/net/mac80211/ieee80211_sta.c.orig 2007-05-15 20:19:55.000000000 +0200
+++ wireless-dev/net/mac80211/ieee80211_sta.c 2007-05-15 21:19:38.362587215 +0200
@@ -2448,6 +2448,7 @@
mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
ieee80211_rx_bss_put(dev, bss);
+ netif_carrier_on(dev);
return res;
}
@@ -2648,6 +2649,7 @@
ifsta->ssid_set = len ? 1 : 0;
if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) {
+ netif_carrier_off(dev);
ifsta->ibss_join_req = jiffies;
ifsta->state = IEEE80211_IBSS_SEARCH;
return ieee80211_sta_find_ibss(dev, ifsta);
However, I have NO CLUE WHAT I'M DOING THERE! Make a proper fix!
(Especially, I think it needs more netif_carrier_off calls in
different places.)
Anyway, thanks for my now-working wireless,
David Lamparter
Hi,
> However, ad-hoc still does not work, since the network device's
> carrier status does not seem to be properly set. (It remains
> in NO-CARRIER even after "wlan0: Selected IBSS BSSID
> 92:68:a2:db:de:45 based on configured SSID". I dirtily hacked
> around that with the following two-liner:
I was aware of the recent rt2x00 adhoc breakage but hadn't looked into it yet,
the below suggestion about the netif_carrier does make sense though,
since the last report it was working was before rt2x00 removed the ieee80211_netif
calls, and the first report of its breakage was some time after the removal.
(Since a lot of code has been moved around in between the ieee80211_netif wasn't
the first thing that I would have thought of as a probable cause. ;) )
> --- wireless-dev/net/mac80211/ieee80211_sta.c.orig 2007-05-15 20:19:55.000000000 +0200
> +++ wireless-dev/net/mac80211/ieee80211_sta.c 2007-05-15 21:19:38.362587215 +0200
> @@ -2448,6 +2448,7 @@
> mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
>
> ieee80211_rx_bss_put(dev, bss);
> + netif_carrier_on(dev);
>
> return res;
> }
> @@ -2648,6 +2649,7 @@
>
> ifsta->ssid_set = len ? 1 : 0;
> if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) {
> + netif_carrier_off(dev);
> ifsta->ibss_join_req = jiffies;
> ifsta->state = IEEE80211_IBSS_SEARCH;
> return ieee80211_sta_find_ibss(dev, ifsta);
>
>
> However, I have NO CLUE WHAT I'M DOING THERE! Make a proper fix!
> (Especially, I think it needs more netif_carrier_off calls in
> different places.)
>
>
> Anyway, thanks for my now-working wireless,
Ivo