Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 5 Aug 2010 09:52:16 +0300
From:      Alex Kozlov <spam@rm-rf.kiev.ua>
To:        nox@freebsd.org, rpaulo@freebsd.org, freebsd-net@FreeBSD.org, bug-followup@FreeBSD.org, spam@rm-rf.kiev.ua
Subject:   Re: kern/149185: [rum] [panic] panic in rum(4) driver on 8.1-R
Message-ID:  <20100805065216.GA53036@ravenloft.kiev.ua>
index | next in thread | raw e-mail 

[-- Attachment #1 --]
On Wed, Aug 04, 2010 at 10:02:35PM +0200, Juergen Lock wrote:
>  Regarding the 8.1 if_rum(4) panics...  I got a similar one, extracted
> a dump and tried to gather some info for someone who knows the code:
> 
>  The zero divide fault was because (apparently) rate was unitialized,
> as is
> 
> 	((struct ieee80211_node *) m->M_dat.MH.MH_pkthdr.rcvif)->ni_vap->iv_txparms[0]
> 
> i.e. struct ieee80211_txparam &vap->iv_txparms[0] in case it matters.
Yes, its seems that ratectl framework sometimes set ni->ni_txrate to 0
This can be mitigated by patch [1] or by setting ucastrate option in
ifconfig. Still real issue need to be solved.


--
Adios

[-- Attachment #2 --]
Index: sys/dev/usb/wlan/if_rum.c
@@ -1153,9 +1153,11 @@
 
 	rate = params->ibp_rate0;
 	if (!ieee80211_isratevalid(ic->ic_rt, rate)) {
+		device_printf(sc->sc_dev, "invalid rate=%d\n", rate);
 		m_freem(m0);
 		return EINVAL;
 	}
+
 	flags = 0;
 	if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0)
 		flags |= RT2573_TX_NEED_ACK;
@@ -1217,6 +1219,13 @@
 	else
 		rate = ni->ni_txrate;
 
+	/* XXX ieee80211_ratectl sometimes set ni->ni_txrate to 0 */
+	if (!ieee80211_isratevalid(ic->ic_rt, rate)) {
+		device_printf(sc->sc_dev, "invalid rate=%d\n", rate);
+		m_freem(m0);
+		return EINVAL;
+	}
+
 	if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
 		k = ieee80211_crypto_encap(ni, m0);
 		if (k == NULL) {
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100805065216.GA53036>