From: Mohammed Shafi Shajakhan Date: Mon, 21 Mar 2011 12:57:21 +0000 (+0530) Subject: ath9k: Fix kernel panic in AR2427 X-Git-Tag: v2.6.39-rc1~54^2~36^2~1 X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=61e1b0b00c793ad5a32fe2181c9f77115fed5dc4;p=pandora-kernel.git ath9k: Fix kernel panic in AR2427 Kernel panic occurs just after AR2427 establishes connection with AP. Unless aggregation is enabled we don't initialize the TID structure. Thus accesing the elements of the TID structure when aggregation is disabled, leads to NULL pointer dereferencing. [ 191.320358] Call Trace: [ 191.320364] [] ? ath9k_tx+0xa7/0x200 [ath9k] [ 191.320376] [] ? __ieee80211_tx+0x5c/0x1e0 [mac80211] [ 191.320386] [] ? ieee80211_tx+0x7b/0x90 [mac80211] [ 191.320395] [] ? ieee80211_xmit+0x9d/0x1d0 [mac80211] [ 191.320401] [] ? wake_up_state+0xf/0x20 [ 191.320405] [] ? signal_wake_up+0x28/0x40 [ 191.320410] [] ? default_spin_lock_flags+0x8/0x10 [ 191.320420] [] ? ieee80211_subif_start_xmit+0x2e8/0x7c0 [mac80211] [ 191.320425] [] ? do_page_fault+0x295/0x3a0 [ 191.320431] [] ? dev_hard_start_xmit+0x1ad/0x210 [ 191.320436] [] ? sch_direct_xmit+0x105/0x170 [ 191.320445] [] ? get_sta_flags+0x2a/0x40 [mac80211] [ 191.320449] [] ? dev_queue_xmit+0x37f/0x4b0 [ 191.320452] [] ? eth_header+0x0/0xb0 [ 191.320456] [] ? neigh_resolve_output+0xe9/0x310 [ 191.320461] [] ? ip6_output_finish+0xa5/0x110 [ 191.320464] [] ? ip6_output2+0x134/0x250 [ 191.320468] [] ? ip6_output+0x6d/0x100 [ 191.320471] [] ? mld_sendpack+0x395/0x3e0 [ 191.320475] [] ? add_grhead+0x31/0xa0 [ 191.320478] [] ? mld_send_cr+0x1bc/0x2b0 [ 191.320482] [] ? irq_exit+0x39/0x70 [ 191.320485] [] ? mld_ifc_timer_expire+0x10/0x40 [ 191.320489] [] ? run_timer_softirq+0x13e/0x2c0 [ 191.320493] [] ? common_interrupt+0x30/0x40 [ 191.320498] [] ? mld_ifc_timer_expire+0x0/0x40 [ 191.320502] [] ? __do_softirq+0x98/0x1b0 [ 191.320506] [] ? do_softirq+0x45/0x50 [ 191.320509] [] ? irq_exit+0x65/0x70 [ 191.320513] [] ? smp_apic_timer_interrupt+0x5c/0x8b [ 191.320516] [] ? apic_timer_interrupt+0x31/0x40 [ 191.320521] [] ? k_getrusage+0x12b/0x2f0 [ 191.320525] [] ? acpi_idle_enter_simple+0x117/0x148 [ 191.320529] [] ? cpuidle_idle_call+0x7a/0x100 [ 191.320532] [] ? cpu_idle+0x94/0xd0 [ 191.320536] [] ? rest_init+0x58/0x60 [ 191.320541] [] ? start_kernel+0x351/0x357 [ 191.320544] [] ? unknown_bootoption+0x0/0x19e [ 191.320548] [] ? i386_start_kernel+0xaa/0xb1 [ 191.320550] Code: 03 66 3d 00 03 0f 84 7c 02 00 00 83 c3 18 0f b6 03 8b 4d e0 89 c3 83 e3 0f 6b c3 48 89 5d d8 8d 04 06 8d 50 0c 89 55 d0 8b 40 20 <8b> 00 3b 01 0f 85 8e 02 00 00 f6 47 20 40 0f 84 29 ff ff ff 8b [ 191.320634] EIP: [] ath_tx_start+0x474/0x770 [ath9k] SS:ESP 0068:c0761a90 [ 191.320642] CR2: 0000000000000000 [ 191.320647] ---[ end trace 9296ef23b9076ece ]--- [ 191.320650] Kernel panic - not syncing: Fatal exception in interrupt Cc: stable@kernel.org Signed-off-by: Mohammed Shafi Shajakhan Signed-off-by: John W. Linville --- Reading git-diff-tree failed