On 9/16/2015 10:58 AM, Adrian Chadd wrote:
I think the net80211 beacon create routine doesn't allocate a node
ref. Yeah, it doesn't. You have to do ieee80211_ref_node() after
calling becaon_create(), and deref it if the tx fails. The TX success
will free the node ref for you.


Got it. I'll take another look at one of the drivers that support hostap to make sure I'm following the same pattern. Thanks again for the feedback!

-Matthew


-adrian


On 16 September 2015 at 04:27, Idwer Vollering <vid...@gmail.com> wrote:
2015-09-16 8:06 GMT+02:00 Matthew Grooms <mgro...@shrew.net>:

It looks like my screenshot got scrubbed. Here is my hopefully faithful
transcription ...

Fatal trap 9: general protection fault while in kernel mode
cpuid = 3; apic id = 03
instruction pointer = 0x20:0xffffffff80a01105
stack pointer           = 0x28:0xfffffe0092fe86f0
frame pointer         = 0x28:0xfffffe0092fe8740
code segment         = base 0x0, limit 0xfffff, type 0x1b
                                  = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags     = interrupt enabled, resume, IOPL = 0
current process      = 716 (ifconfig)
[thread pid 716 tid 100082 ]
Stopped at      __mtx_lock_flags+0x55:  movq    (%r13),%rax
db> bt
Tracing pid 716 tid 100082 td 0xffffff800512814d0
__mtx_lock_flags() at __mtx_lock_flags+0x55/frame 0xfffffe0092fe8740
ieee80211_free_node() at ieee80211_free_node()_0x38/frame 0xfffffe0092fe8780
ieee80211_node_vdetach() at ieee80211_node_vdetach()+0x2d/frame
0xfffffe0092fe87a0
ieee80211_vap_detach() at ieee80211_vap_detach()+0x35e/frame
0xfffffe0092fe87d0
urtwn_vap_delete() at urtwn_vap_delete()+0xe/frame 0xfffffe0092fe87f0
if_clone_destroyif() at if_clone_destroyif()+0x1aa/frame 0xfffffe0092fe8840
if_clone_destroy() at if_clone_destroy()0x8e/frame 0xfffffe0092fe8860
kern_ioctl() at kern_ioctl()+0x230/frame 0xfffffe0092fe88c0
sys_ioctl() at sys_ioctl()+0x153/frame 0xfffffe0092fe89a0
amd64_syscall() at amd64_syscall()+0x282/frame 0xfffffe0092fe8ab0
Xfast_syscall() at Xfast_syscall()+0xfb/frame 0xfffffe0092fe8ab0
-- syscall (54, FreeBSD ELF64, sys_ioctl), rip = 0x8011e8c8a, rsp =
0x7fffffffe2f8, rbp = 0x7fffffffe310 --
db>
Assuming dumpdev="AUTO" is set in /etc/rc.conf, you should have
entered 'dump' at the db> blinker :)

The trap details are found in /var/crash/, run kgdb: "kgdb
/boot/kernel/kernel /var/crash/vmcore.last", then run 'bt' and 'up' at
its prompt.

-Matthew
_______________________________________________
freebsd-wireless@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-wireless
To unsubscribe, send any mail to "freebsd-wireless-unsubscr...@freebsd.org"
_______________________________________________
freebsd-wireless@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-wireless
To unsubscribe, send any mail to "freebsd-wireless-unsubscr...@freebsd.org"
_______________________________________________
freebsd-wireless@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-wireless
To unsubscribe, send any mail to "freebsd-wireless-unsubscr...@freebsd.org"

_______________________________________________
freebsd-wireless@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-wireless
To unsubscribe, send any mail to "freebsd-wireless-unsubscr...@freebsd.org"

Reply via email to