From: Tom Hughes <tom@compton.nu>
To: Johannes Berg <johannes@sipsolutions.net>,
linux-wireless@vger.kernel.org
Cc: stable@vger.kernel.org
Subject: Re: Null pointer dereference when station associates [introduced by 4.0.5?]
Date: Mon, 29 Jun 2015 10:20:08 +0100 [thread overview]
Message-ID: <55910DC8.9040700@compton.nu> (raw)
In-Reply-To: <55910222.8020906@compton.nu>
On 29/06/15 09:30, Tom Hughes wrote:
> On 29/06/15 09:14, Johannes Berg wrote:
>> On Sat, 2015-06-27 at 16:34 +0100, Tom Hughes wrote:
>>>
>>> Interestingly from what I can see this is trying to create a file
>>> for the station at a path something like:
>>>
>>> ieee80211/phy0/netdev:XXXX/stations/XXXXXX
>>
>> indeed.
>>
>>> but in my (currently working) boot under 4.0.4 there is no netdev
>>> directory under phy0 in debugfs... but then maybe that is the problem
>>> as well if the inode pointer was null?
>>>
>>
>> This is pretty strange - if the dentry pointer (sdata
>> ->debugfs.subdir_stations) was NULL or an ERR_PTR(), the code would
>> return pretty much immediately.
>>
>> So it looks like that pointer is valid, but it's ->d_inode was NULL?
>>
>> I'm not really sure how that could happen.
>
> Indeed I'm a bit puzzled...
It looks like hostapd has something to do with it... If I stop hostapd and
remove ath9k and then reprobe it then the netdev dir appears:
gosford [~] % sudo modprobe ath9k
gosford [~] % sudo ls /sys/kernel/debug/ieee80211/phy1
ath9k long_retry_limit reset user_power
fragmentation_threshold netdev:wlp2s0 rts_threshold wep_iv
ht40allow_map power short_retry_limit
hwflags queues statistics
keys rc total_ps_buffered
Then I start hostapd and it vanishes:
gosford [~] % sudo systemctl start hostapd
gosford [~] % sudo ls /sys/kernel/debug/ieee80211/phy1
ath9k keys rc statistics
fragmentation_threshold long_retry_limit reset total_ps_buffered
ht40allow_map power rts_threshold user_power
hwflags queues short_retry_limit wep_iv
Tom
--
Tom Hughes (tom@compton.nu)
http://compton.nu/
next prev parent reply other threads:[~2015-06-29 9:20 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-27 15:34 Null pointer dereference when station associates Tom Hughes
2015-06-29 8:14 ` Null pointer dereference when station associates [introduced by 4.0.5?] Johannes Berg
2015-06-29 8:30 ` Tom Hughes
2015-06-29 9:20 ` Tom Hughes [this message]
2015-06-29 9:44 ` Tom Hughes
2015-06-29 10:24 ` Tom Hughes
2015-06-29 10:28 ` Tom Hughes
2015-06-29 18:41 ` [PATCH] Clear subdir_stations when stations directory is removed (was Re: Null pointer dereference when station associates [introduced by 4.0.5?]) Tom Hughes
2015-07-17 8:53 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55910DC8.9040700@compton.nu \
--to=tom@compton.nu \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.