From: Vasanthakumar Thiagarajan Date: Thu, 26 Jan 2012 07:47:18 +0000 (+0530) Subject: ath6kl: Fix kernel panic during rx aggregation X-Git-Tag: v3.4-rc1~177^2~112^2~357^2~8 X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c86515412f0c364f2d45029b45d5909614087af3;p=pandora-kernel.git ath6kl: Fix kernel panic during rx aggregation "ath6kl: Define a structure for connection specific aggregation information" introduces this. In aggr_conn_init(), vif->aggr_cntxt is assigned to aggr_conn->aggr_info, but vif->aggr_cntxt is not initialized at this point, this would end up accessing an invalid pointer in aggregation receive path. Fix this by passing the correct aggr_info to aggr_conn_init(). The panic trace would look like. [] panic+0xa1/0x1c6 [] ? kmsg_dump+0xfd/0x160 [] oops_end+0xea/0xf0 [] no_context+0x11d/0x2d0 [] __bad_area_nosemaphore+0x14d/0x230 [] ? do_page_fault+0x30d/0x520 [] bad_area_nosemaphore+0x13/0x20 [] do_page_fault+0x3bd/0x520 [] ? __lock_acquire+0x320/0x1680 [] ? trace_hardirqs_off_thunk+0x3a/0x3c [] page_fault+0x25/0x30 [] ? aggr_slice_amsdu+0xdf/0x170 [ath6kl_core] [] aggr_deque_frms+0xbc/0x190 [ath6kl_core] [] ath6kl_rx+0x3e4/0xae0 [ath6kl_core] [] ath6kl_htc_rxmsg_pending_handler+0x8b7/0xf10 [ath6kl_core] [] ? mmc_do_release_host+0x70/0x90 [mmc_core] [] ? mmc_release_host+0x2a/0x50 [mmc_core] [] ? ath6kl_alloc_amsdu_rxbuf+0x140/0x140 [ath6kl_core] [] ath6kl_hif_intr_bh_handler+0x362/0x510 [ath6kl_core] [] ath6kl_sdio_irq_handler+0x60/0xb0 [ath6kl_sdio] [] sdio_irq_thread+0xec/0x320 [mmc_core] [] ? sdio_claim_irq+0x220/0x220 [mmc_core] [] ? sdio_claim_irq+0x220/0x220 [mmc_core] [] kthread+0xbe/0xd0 [] kernel_thread_helper+0x4/0x10 [] ? retint_restore_args+0x13/0x13 [] ? __init_kthread_worker+0x70/0x70 [] ? gs_change+0x13/0x13 Signed-off-by: Vasanthakumar Thiagarajan Signed-off-by: Kalle Valo --- Reading git-diff-tree failed