On Wednesday, June 29, 2011 10:03:02 Adrian Chadd wrote: > On 29 June 2011 14:03, Bernhard Schmidt <bschmidt_at_freebsd.org> wrote: > > > It's name is ieee80211_tx_mgt_timeout used to track AUTH/ASSOC > > requests. Afaik there is even a similar PR about that. > > > > Adrian, you've got a AP set up to drop either a AUTH or ASSOC > > response frame? > > Tell me how and I'll set it up. > > A panic at that point in the function indicates maybe ni is NULL? > or ni->vap is now NULL, maybe? vap should never be NULL, so, I'd guess it's ni. Hmm.. I'd guess there is some kind of racy behavior, if the driver is telling us that it was able to send the AUTH req frame, net80211 sets up the timeout callback. What happens if the AUTH resp as well as the callback hit at the same time? It should be locked appropriately, but is it? This will drop the AUTH response: Index: sys/net80211/ieee80211_hostap.c =================================================================== --- sys/net80211/ieee80211_hostap.c (revision 223661) +++ sys/net80211/ieee80211_hostap.c (working copy) _at__at_ -978,7 +978,7 _at__at_ hostap_auth_open(struct ieee80211_node *ni, struct "%s", "station authentication defered (radius acl)"); ieee80211_notify_node_auth(ni); } else { - IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH, seq + 1); + //IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH, seq + 1); IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_DEBUG | IEEE80211_MSG_AUTH, ni->ni_macaddr, "%s", "station authenticated (open)"); _at__at_ -1158,7 +1158,7 _at__at_ hostap_auth_shared(struct ieee80211_node *ni, stru estatus = IEEE80211_STATUS_SEQUENCE; goto bad; } - IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH, seq + 1); + //IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH, seq + 1); return; bad: /* -- BernhardReceived on Wed Jun 29 2011 - 06:29:40 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:15 UTC