The length field of wext data (iw_point.data) is 16 bits. The largest value is thus 65535. During the attempts to increase buffer size the buffer starts at 4096 and is doubled after each failure to fill. From the time this length reaches 65536 it is effectively zero. We thus loose all potential space from 32768 to 65535. This problem is clear when scanning in a RF dense environment. Reproducible: Always Steps to Reproduce: 1. Go to an environment with many (~>50) AP's (Uni libraries are a good start) 2. Try and scan 3. See scanning failure, usually with print_scanning_info: Allocation failed Actual Results: print_scanning_info: Allocation failed Expected Results: A list of the AP's This is mostly copied/pasted from the ILW site. Patch is here: http://www.intellinuxwireless.org/bugzilla/attachment.cgi?id=1825
Thanks for the head up ; this patch is in upstream's 30_pre8 release : from iwlist.c (line 803) : >/* Check if buffer was too small (WE-17 only) */ > if((errno == E2BIG) && (range.we_version_compiled > 16) > && (buflen < 0xFFFF)) (and line 825) : > /* wrq.u.data.length is 16 bits so max size is 65535 */ > if(buflen > 65535) > buflen = 65535; wireless-tools-30_pre8 version bump is being discussed in bug #264446. What about closing this one ?
wireless-tools-30_pre8 is now in the tree. thanks for the report.
