> Actually, ieee80211_agg_splice_packets is a short function. Perhaps you
> could add debug print statements to find possible errors. For instance,
> local->hw is used. It would crash if local is NULL. So you add before
> that place:
>
> printk("local = %p\n", local);
>
> Likewise, check sta, sta->ampdu_mlme.tid_tx[tid] and local->pending. Or
> just print the line numbers. You will see which printk is run last
> before the crash.

I have now also added the following just under the ieee80211_agg_splice_packets:

 printk("local %p\n", local);
 printk("sta %p\n", sta);
 printk("sta->ampdu_mlme.tid_tx %p\n", sta->ampdu_mlme.tid_tx);
 printk("local->pending %p\n", local->pending);

And also:
 
 printk("ieee80211_agg_splice_packets(%p, %p, %d) from ieee80211_agg_tx_operational\n", local, sta, tid);
 
just before the function is called under ieee80211_agg_tx_operational
 
and
 
 printk("ieee80211_agg_splice_packets(%p, %p, %d) from ieee80211_stop_tx_ba_session\n", local, sta, tid);
 
just before the function is called under ieee80211_stop_tx_ba_session
 
I now enclose two new logs, the 3rd one where it crashes when I load hostapd during startup and the 4th one where I killall on hostapd and then restart it.
 
> It would crash if local is NULL.
 
I have not seen a NULL value on local.
 
Please correct me on anything if I am wrong.
_________________________________________________________________
Windows Live Messenger: Thanks for 10 great years—enjoy free winks and emoticons.
http://clk.atdmt.com/UKM/go/157562755/direct/01/