Avoid use of stale scan results after RUN->SCAN transitions in qwx.

The usual case where the interface comes up with INIT->SCAN has no problem
because the nodes tree will always be empty in this case.

However, when we enter SCAN from RUN state because of a beacon miss event,
the driver might attempt to connect to the previous (now dead) AP again
because this AP's node still appears in the nodes tree after scanning.
To fix this, ensure that we get a fresh view of the world by removing
all previously seen APs before scanning again.

Also, ues a better condition check for aborting a currently running scan
when switching states, which should be done in all cases.

ok?


diff /usr/src
path + /usr/src
commit - 4995bfa49b0aa3de3992e0d9a7faf4efb0942e4b
blob - cf5a90c95a4be03f57030a23d6b9d3ef0e804a2c
file + sys/dev/ic/qwx.c
--- sys/dev/ic/qwx.c
+++ sys/dev/ic/qwx.c
@@ -923,8 +923,10 @@ qwx_newstate_task(void *arg)
 			}
 			/* FALLTHROUGH */
 		case IEEE80211_S_SCAN:
-			if (nstate < IEEE80211_S_SCAN)
+			if (sc->scan.state == ATH11K_SCAN_RUNNING)
 				qwx_scan_abort(sc);
+			if (nstate == IEEE80211_S_SCAN)
+				ieee80211_free_allnodes(ic, 0);
 			break;
 		case IEEE80211_S_INIT:
 			break;