On Mon, Aug 30, 2010 at 11:59:01AM +0200, Johannes Berg wrote:

Ok I finally fully understood the issue.

This will fix the problem, but the comment is completely bogus, which I
guess means you didn't actually understand the problem.

	Correct, Kees pointed out that my comment was bogus and the
e-mail I sent after the patch corrected myself on that point :

------------------------------------

The comment should probably be clarified -- it's the caller's iwp->length
that may be causing problems

        Ha ! I see. It would be for regular iwpoint queries, not for
extended NOMAX queries (scan is a extended NOMAX query).
------------------------------------

My patch also didn't fix the problem, I didn't understand the problem
correctly and was continuously wondering how drivers would ever fill the
buffer with more than max_tokens (which would be a more serious bug,
since they'd overwrite a slab object after "extra").

	Yes, I had arrived at the same conclusion (not that my patch
did fix the issue).

What really fixes the problem is the patch below though. Had to realise
that the path where the driver didn't do ANYTHING AT ALL was the
problem....

	I actually like your patch better than mine, it's closer to
the original intent of the API. Go for it ;-)

johannes

	Thanks a lot for the second pair of eyes.

	Jean