From owner-svn-src-head@FreeBSD.ORG Wed Apr 28 13:25:54 2010 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B37C3106566C; Wed, 28 Apr 2010 13:25:54 +0000 (UTC) (envelope-from rpaulo@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 261A28FC1A; Wed, 28 Apr 2010 13:25:54 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o3SDPsRM042548; Wed, 28 Apr 2010 13:25:54 GMT (envelope-from rpaulo@svn.freebsd.org) Received: (from rpaulo@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o3SDPsKE042545; Wed, 28 Apr 2010 13:25:54 GMT (envelope-from rpaulo@svn.freebsd.org) Message-Id: <201004281325.o3SDPsKE042545@svn.freebsd.org> From: Rui Paulo Date: Wed, 28 Apr 2010 13:25:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207323 - head/sys/net80211 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 13:25:54 -0000 Author: rpaulo Date: Wed Apr 28 13:25:53 2010 New Revision: 207323 URL: http://svn.freebsd.org/changeset/base/207323 Log: When in the RUN -> AUTH -> RUN FSM transition happens, we'll call the ratectl_node_init() functions and since ni_rtctls was already malloc'ed() we will panic. Fix this by using the already malloc'ed pointer. Found by: bschmidt Reviewed by: bschmidt Modified: head/sys/net80211/ieee80211_amrr.c head/sys/net80211/ieee80211_rssadapt.c Modified: head/sys/net80211/ieee80211_amrr.c ============================================================================== --- head/sys/net80211/ieee80211_amrr.c Wed Apr 28 10:58:50 2010 (r207322) +++ head/sys/net80211/ieee80211_amrr.c Wed Apr 28 13:25:53 2010 (r207323) @@ -136,16 +136,16 @@ amrr_node_init(struct ieee80211_node *ni struct ieee80211_amrr *amrr = vap->iv_rs; struct ieee80211_amrr_node *amn; - KASSERT(ni->ni_rctls == NULL, ("%s: ni_rctls already initialized", - __func__)); - - ni->ni_rctls = amn = malloc(sizeof(struct ieee80211_amrr_node), - M_80211_RATECTL, M_NOWAIT|M_ZERO); - if (amn == NULL) { - if_printf(vap->iv_ifp, "couldn't alloc per-node ratectl " - "structure\n"); - return; - } + if (ni->ni_rctls == NULL) { + ni->ni_rctls = amn = malloc(sizeof(struct ieee80211_amrr_node), + M_80211_RATECTL, M_NOWAIT|M_ZERO); + if (amn == NULL) { + if_printf(vap->iv_ifp, "couldn't alloc per-node ratectl " + "structure\n"); + return; + } + } else + amn = ni->ni_rctls; amn->amn_amrr = amrr; amn->amn_success = 0; amn->amn_recovery = 0; Modified: head/sys/net80211/ieee80211_rssadapt.c ============================================================================== --- head/sys/net80211/ieee80211_rssadapt.c Wed Apr 28 10:58:50 2010 (r207322) +++ head/sys/net80211/ieee80211_rssadapt.c Wed Apr 28 13:25:53 2010 (r207323) @@ -169,13 +169,17 @@ rssadapt_node_init(struct ieee80211_node struct ieee80211_rssadapt *rsa = vap->iv_rs; const struct ieee80211_rateset *rs = &ni->ni_rates; - ni->ni_rctls = ra = malloc(sizeof(struct ieee80211_rssadapt_node), - M_80211_RATECTL, M_NOWAIT|M_ZERO); - if (ra == NULL) { - if_printf(vap->iv_ifp, "couldn't alloc per-node ratectl " - "structure\n"); - return; - } + if (ni->ni_rctls == NULL) { + ni->ni_rctls = ra = + malloc(sizeof(struct ieee80211_rssadapt_node), + M_80211_RATECTL, M_NOWAIT|M_ZERO); + if (ra == NULL) { + if_printf(vap->iv_ifp, "couldn't alloc per-node ratectl " + "structure\n"); + return; + } + } else + ra = ni->ni_rctls; ra->ra_rs = rsa; ra->ra_rates = *rs; rssadapt_updatestats(ra);