d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Close longstanding race dropping inactive stations; grab a reference

Browse Source 
to the node before starting the work, otherwise the node may go
away before a reference is made in ieee80211_send_mgmt.

Approved by:	re (blanket wireless)
Obtained from:	Atheros
This commit is contained in:
Sam Leffler 2007-09-18 21:01:04 +00:00
parent e5ac9e91bd
commit 5698ab1ad3
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=172229
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/net80211/ieee80211_node.c
View File

@ -1549,6 +1549,7 @@ ieee80211_timeout_stations(struct ieee80211_node_table *nt)
* in case the driver takes a lock, as this can result
* in a LOR between the node lock and the driver lock.
*/
ieee80211_ref_node(ni);
IEEE80211_NODE_UNLOCK(nt);
if (ni->ni_associd != 0) {
IEEE80211_SEND_MGMT(ic, ni,
@ -1556,6 +1557,7 @@ ieee80211_timeout_stations(struct ieee80211_node_table *nt)
IEEE80211_REASON_AUTH_EXPIRE);
}
ieee80211_node_leave(ic, ni);
ieee80211_free_node(ni);
ic->ic_stats.is_node_timeout++;
goto restart;
}