kern/177451: [ieee80211] page fault in ieee80211_tx_mgt_timeout
PseudoCylon
moonlightakkiy at yahoo.ca
Fri Mar 29 22:50:01 UTC 2013
The following reply was made to PR kern/177451; it has been noted by GNATS.
From: PseudoCylon <moonlightakkiy at yahoo.ca>
To: bug-followup at freebsd.org, davide at freebsd.org
Cc:
Subject: Re: kern/177451: [ieee80211] page fault in ieee80211_tx_mgt_timeout
Date: Fri, 29 Mar 2013 16:37:20 -0600
Oops. The code casts the enum to the pointer to begin, so it works.
Sorry, for the noise.
On Fri, Mar 29, 2013 at 3:21 PM, PseudoCylon <moonlightakkiy at yahoo.ca> wrote:
> http://fxr.watson.org/fxr/source/net80211/ieee80211_output.c?v=FREEBSD91#L2506
> enum ieee80211_state ostate = (enum ieee80211_state) arg;
> casting a pointer to an enum
>
> http://fxr.watson.org/fxr/source/net80211/ieee80211_output.c?v=FREEBSD91#L2519
> if (vap->iv_state == ostate)
> So that, this test is always false -> callout_reset() will never be
> called -> by the time the callout timer runs out, ni could be freed.
More information about the freebsd-wireless
mailing list