FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-22 17:33:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4b1bfb7d2d
linux/drivers/net/wireless
History
Stanislaw Gruszka 4b1bfb7d2d rt2x00: fix crash in rt2800usb_write_tx_desc 
Patch should fix this oops:

BUG: unable to handle kernel NULL pointer dereference at 000000a0
IP: [<f8e06078>] rt2800usb_write_tx_desc+0x18/0xc0 [rt2800usb]
*pdpt = 000000002408c001 *pde = 0000000024079067 *pte = 0000000000000000
Oops: 0000 [#1] SMP
EIP: 0060:[<f8e06078>] EFLAGS: 00010282 CPU: 0
EIP is at rt2800usb_write_tx_desc+0x18/0xc0 [rt2800usb]
EAX: 00000035 EBX: ef2bef10 ECX: 00000000 EDX: d40958a0
ESI: ef1865f8 EDI: ef1865f8 EBP: d4095878 ESP: d409585c
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Call Trace:
 [<f8da5e85>] rt2x00queue_write_tx_frame+0x155/0x300 [rt2x00lib]
 [<f8da424c>] rt2x00mac_tx+0x7c/0x370 [rt2x00lib]
 [<c04882b2>] ? mark_held_locks+0x62/0x90
 [<c081f645>] ? _raw_spin_unlock_irqrestore+0x35/0x60
 [<c04884ba>] ? trace_hardirqs_on_caller+0x5a/0x170
 [<c04885db>] ? trace_hardirqs_on+0xb/0x10
 [<f8d618ac>] __ieee80211_tx+0x5c/0x1e0 [mac80211]
 [<f8d631fc>] ieee80211_tx+0xbc/0xe0 [mac80211]
 [<f8d63163>] ? ieee80211_tx+0x23/0xe0 [mac80211]
 [<f8d632e1>] ieee80211_xmit+0xc1/0x200 [mac80211]
 [<f8d63220>] ? ieee80211_tx+0xe0/0xe0 [mac80211]
 [<c0487d45>] ? lock_release_holdtime+0x35/0x1b0
 [<f8d63986>] ? ieee80211_subif_start_xmit+0x446/0x5f0 [mac80211]
 [<f8d637dd>] ieee80211_subif_start_xmit+0x29d/0x5f0 [mac80211]
 [<f8d63924>] ? ieee80211_subif_start_xmit+0x3e4/0x5f0 [mac80211]
 [<c0760188>] ? sock_setsockopt+0x6a8/0x6f0
 [<c0760000>] ? sock_setsockopt+0x520/0x6f0
 [<c076daef>] dev_hard_start_xmit+0x2ef/0x650

Oops might happen because we perform parallel putting new entries in a
queue (rt2x00queue_write_tx_frame()) and removing entries after
finishing transmitting (rt2800usb_work_txdone()). There are cases when
_txdone may process an entry that was not fully send and nullify
entry->skb .

To fix check in _txdone if entry has flags that indicate pending
transmission and wait until flags get cleared.

Reported-by: Justin Piszcz <jpiszcz@lucidpixels.com>
Cc: stable@kernel.org
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-08-11 14:34:36 -04:00
..
ath ath5k: fix error handling in ath5k_beacon_send 2011-08-09 16:11:33 -04:00
b43 b43: read correct register on bcma bus. 2011-08-09 16:11:31 -04:00
b43legacy atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
hostap net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared 2011-07-27 22:39:30 -07:00
ipw2x00 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-08 11:03:36 -04:00
iwlegacy Merge git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2011-08-03 09:18:21 -04:00
iwlwifi Merge git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2011-08-03 09:18:21 -04:00
iwmc3200wifi drivers/net: Remove unnecessary semicolons 2011-06-05 14:33:40 -07:00
libertas Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-22 17:51:16 -04:00
libertas_tf Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-06-30 13:34:06 -04:00
mwifiex mwifiex: disable auto deep sleep before unloading the driver 2011-07-21 14:52:04 -04:00
orinoco Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-22 17:51:16 -04:00
p54 net: remove interrupt.h inclusion from netdevice.h 2011-06-06 22:55:11 -07:00
prism54 net: remove interrupt.h inclusion from netdevice.h 2011-06-06 22:55:11 -07:00
rt2x00 rt2x00: fix crash in rt2800usb_write_tx_desc 2011-08-11 14:34:36 -04:00
rtl818x net: remove interrupt.h inclusion from netdevice.h 2011-06-06 22:55:11 -07:00
rtlwifi rtlwifi: rtl892cu: New USB IDs 2011-08-09 16:11:32 -04:00
wl12xx Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-15 10:05:24 -04:00
wl1251 drivers/net/wireless/wl1251: add missing kfree 2011-08-10 14:07:10 -04:00
zd1211rw zd1211rw: detect stalled beacon interrupt faster 2011-06-22 16:09:47 -04:00
adm8211.c net: remove interrupt.h inclusion from netdevice.h 2011-06-06 22:55:11 -07:00
adm8211.h
airo_cs.c
airo.c net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared 2011-07-27 22:39:30 -07:00
airo.h
at76c50x-usb.c
at76c50x-usb.h
atmel_cs.c
atmel_pci.c
atmel.c net: remove interrupt.h inclusion from netdevice.h 2011-06-06 22:55:11 -07:00
atmel.h
Kconfig
mac80211_hwsim.c mac80211: restrict advertised HW scan rates 2011-06-27 15:09:39 -04:00
mac80211_hwsim.h
Makefile
mwl8k.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-22 17:51:16 -04:00
ray_cs.c
ray_cs.h
rayctl.h
rndis_wlan.c
wl3501_cs.c
wl3501.h
zd1201.c
zd1201.h