Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 8 Dec 2012 01:53:42 -0800
From:      Adrian Chadd <adrian@freebsd.org>
To:        freebsd-wireless@freebsd.org
Subject:   Re: Hm, somehow the fast frames code is broken (surprise)
Message-ID:  <CAJ-Vmomskf=3gCVKRrrB%2BdHuJRDGtPvePvdTVXt-_mF9zOjfaQ@mail.gmail.com>
In-Reply-To: <CAJ-Vmok2TNPvg0Ogtz0LfWLTXkVw_GE%2B7TPn51gKLvGiUZgGPQ@mail.gmail.com>
References:  <CAJ-Vmok2TNPvg0Ogtz0LfWLTXkVw_GE%2B7TPn51gKLvGiUZgGPQ@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
...

On 8 December 2012 01:24, Adrian Chadd <adrian@freebsd.org> wrote:

> * upon a node purge, there's a panic inside m_free() from
> ieee80211_ff_node_cleanup(), where it dereferences a pointer
> 0xdeadc0de. So there's some use-after-free nonsense going

... aaand look at that, I've just fixed it in -HEAD. The second panic
hasn't shown up yet but I don't believe that fixing the first panic
magically made the second panic go away.
In any case I'll just plod along with some further testing and see how
things go.

Thanks,


Adrian



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmomskf=3gCVKRrrB%2BdHuJRDGtPvePvdTVXt-_mF9zOjfaQ>