[ath9k-devel] [PATCH v2 0/5] ath10k pending patches
From: Sujith Manoharan c_man...@qca.qualcomm.com Hi, Pending patches, rebased over HEAD. I've dropped the txrx.c merge and mac.h removal patches, rebasing them was messy. Sujith Sujith Manoharan (5): ath10k: Remove unneeded locks during HTT RX attach ath10k: Fix mpdu spacing to 8us ath10k: Fix TXOP handling ath10k: Move debug structures to debug.h ath10k: Add host statistics drivers/net/wireless/ath/ath10k/core.h | 76 + drivers/net/wireless/ath/ath10k/debug.c | 55 ++- drivers/net/wireless/ath/ath10k/debug.h | 97 ++ drivers/net/wireless/ath/ath10k/htt_rx.c | 114 ++- drivers/net/wireless/ath/ath10k/mac.c| 20 +++--- 5 files changed, 242 insertions(+), 120 deletions(-) -- 1.8.2.2 ___ ath9k-devel mailing list ath9k-devel@lists.ath9k.org https://lists.ath9k.org/mailman/listinfo/ath9k-devel
[ath9k-devel] [PATCH v2 2/5] ath10k: Fix mpdu spacing to 8us
From: Sujith Manoharan c_man...@qca.qualcomm.com
The FW doesn't fill the mpdu density field in the HT
capabilities received in the service_ready event and
the host driver ends up advertising 0 in its capabilities.
Fix this by hard-coding the spacing time to 8us.
Signed-off-by: Sujith Manoharan c_man...@qca.qualcomm.com
---
drivers/net/wireless/ath/ath10k/mac.c | 11 +--
1 file changed, 1 insertion(+), 10 deletions(-)
diff --git a/drivers/net/wireless/ath/ath10k/mac.c
b/drivers/net/wireless/ath/ath10k/mac.c
index e654804..93fe03f 100644
--- a/drivers/net/wireless/ath/ath10k/mac.c
+++ b/drivers/net/wireless/ath/ath10k/mac.c
@@ -2571,6 +2571,7 @@ static struct ieee80211_sta_ht_cap
ath10k_get_ht_cap(struct ath10k *ar)
ht_cap.ht_supported = 1;
ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
+ ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
ht_cap.cap |= WLAN_HT_CAP_SM_PS_STATIC IEEE80211_HT_CAP_SM_PS_SHIFT;
@@ -2611,16 +2612,6 @@ static struct ieee80211_sta_ht_cap
ath10k_get_ht_cap(struct ath10k *ar)
if (ar-ht_cap_info WMI_HT_CAP_L_SIG_TXOP_PROT)
ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
- if (ar-ht_cap_info WMI_HT_CAP_MPDU_DENSITY) {
- u32 density;
-
- density = ar-ht_cap_info;
- density = WMI_HT_CAP_MPDU_DENSITY;
- density = WMI_HT_CAP_MPDU_DENSITY_MASK_SHIFT;
-
- ht_cap.ampdu_density = density;
- }
-
/* max AMSDU is implicitly taken from vht_cap_info */
if (ar-vht_cap_info WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
--
1.8.2.2
___
ath9k-devel mailing list
ath9k-devel@lists.ath9k.org
https://lists.ath9k.org/mailman/listinfo/ath9k-devel
[ath9k-devel] [PATCH v2 1/5] ath10k: Remove unneeded locks during HTT RX attach
From: Sujith Manoharan c_man...@qca.qualcomm.com
Fix two issues:
* Bail out properly when RX buffer allocation fails at init time.
* Do not acquire the rx ring lock during attach() since we
don't rearm the replenish timer.
Signed-off-by: Sujith Manoharan c_man...@qca.qualcomm.com
---
drivers/net/wireless/ath/ath10k/htt_rx.c | 84 ++--
1 file changed, 57 insertions(+), 27 deletions(-)
diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c
b/drivers/net/wireless/ath/ath10k/htt_rx.c
index 1bd1589..cdedc5f 100644
--- a/drivers/net/wireless/ath/ath10k/htt_rx.c
+++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
@@ -101,30 +101,36 @@ static int ath10k_htt_rx_ring_fill_level(struct
ath10k_htt *htt)
return size;
}
-static void ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
+static void ath10k_htt_rx_ring_free(struct ath10k_htt *htt)
+{
+ struct sk_buff *skb;
+ struct ath10k_skb_cb *cb;
+ int i;
+
+ for (i = 0; i htt-rx_ring.fill_cnt; i++) {
+ skb = htt-rx_ring.netbufs_ring[i];
+ cb = ATH10K_SKB_CB(skb);
+ dma_unmap_single(htt-ar-dev, cb-paddr,
+skb-len + skb_tailroom(skb),
+DMA_FROM_DEVICE);
+ dev_kfree_skb_any(skb);
+ }
+
+ htt-rx_ring.fill_cnt = 0;
+}
+
+static int __ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
{
struct htt_rx_desc *rx_desc;
- unsigned long timeout;
struct sk_buff *skb;
dma_addr_t paddr;
- int idx;
-
- lockdep_assert_held(htt-rx_ring.lock);
+ int ret = 0, idx;
idx = __le32_to_cpu(*(htt-rx_ring.alloc_idx.vaddr));
while (num 0) {
skb = dev_alloc_skb(HTT_RX_BUF_SIZE + HTT_RX_DESC_ALIGN);
if (!skb) {
- /*
-* Failed to fill it to the desired level -
-* we'll start a timer and try again next time.
-* As long as enough buffers are left in the ring for
-* another A-MPDU rx, no special recovery is needed.
-*/
- timeout = jiffies +
- msecs_to_jiffies(HTT_RX_RING_REFILL_RETRY_MS);
- mod_timer(htt-rx_ring.refill_retry_timer,
- timeout);
+ ret = -ENOMEM;
goto fail;
}
@@ -143,6 +149,7 @@ static void ath10k_htt_rx_ring_fill_n(struct ath10k_htt
*htt, int num)
if (unlikely(dma_mapping_error(htt-ar-dev, paddr))) {
dev_kfree_skb_any(skb);
+ ret = -ENOMEM;
goto fail;
}
@@ -158,16 +165,32 @@ static void ath10k_htt_rx_ring_fill_n(struct ath10k_htt
*htt, int num)
fail:
*(htt-rx_ring.alloc_idx.vaddr) = __cpu_to_le32(idx);
- return;
+ return ret;
+}
+
+static int ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
+{
+ lockdep_assert_held(htt-rx_ring.lock);
+ return __ath10k_htt_rx_ring_fill_n(htt, num);
}
static void ath10k_htt_rx_msdu_buff_replenish(struct ath10k_htt *htt)
{
- int num_to_fill;
+ int ret, num_to_fill;
spin_lock_bh(htt-rx_ring.lock);
num_to_fill = htt-rx_ring.fill_level - htt-rx_ring.fill_cnt;
- ath10k_htt_rx_ring_fill_n(htt, num_to_fill);
+ ret = ath10k_htt_rx_ring_fill_n(htt, num_to_fill);
+ if (ret == -ENOMEM) {
+ /*
+* Failed to fill it to the desired level -
+* we'll start a timer and try again next time.
+* As long as enough buffers are left in the ring for
+* another A-MPDU rx, no special recovery is needed.
+*/
+ mod_timer(htt-rx_ring.refill_retry_timer, jiffies +
+ msecs_to_jiffies(HTT_RX_RING_REFILL_RETRY_MS));
+ }
spin_unlock_bh(htt-rx_ring.lock);
}
@@ -446,13 +469,13 @@ int ath10k_htt_rx_attach(struct ath10k_htt *htt)
kmalloc(htt-rx_ring.size * sizeof(struct sk_buff *),
GFP_KERNEL);
if (!htt-rx_ring.netbufs_ring)
- goto fail1;
+ goto err_netbuf;
vaddr = dma_alloc_coherent(htt-ar-dev,
(htt-rx_ring.size * sizeof(htt-rx_ring.paddrs_ring)),
paddr, GFP_DMA);
if (!vaddr)
- goto fail2;
+ goto err_dma_ring;
htt-rx_ring.paddrs_ring = vaddr;
htt-rx_ring.base_paddr = paddr;
@@ -461,7 +484,7 @@ int ath10k_htt_rx_attach(struct ath10k_htt *htt)
sizeof(*htt-rx_ring.alloc_idx.vaddr),
paddr, GFP_DMA);
if (!vaddr)
- goto fail3;
+ goto err_dma_idx;
[ath9k-devel] [PATCH v2 3/5] ath10k: Fix TXOP handling
From: Sujith Manoharan c_man...@qca.qualcomm.com The channel time duration programmed in the HW is in absolute microseconds, while mac80211 gives the txop in units of 32 microseconds. Handle this properly. Signed-off-by: Sujith Manoharan c_man...@qca.qualcomm.com --- drivers/net/wireless/ath/ath10k/mac.c | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c index 93fe03f..d280463 100644 --- a/drivers/net/wireless/ath/ath10k/mac.c +++ b/drivers/net/wireless/ath/ath10k/mac.c @@ -2221,7 +2221,14 @@ static int ath10k_conf_tx(struct ieee80211_hw *hw, p-cwmin = params-cw_min; p-cwmax = params-cw_max; p-aifs = params-aifs; - p-txop = params-txop; + + /* +* The channel time duration programmed in the HW is in absolute +* microseconds, while mac80211 gives the txop in units of +* 32 microseconds. +*/ + p-txop = params-txop * 32; + /* FIXME: can we pass the params-uapsd to the FW? */ /* FIXME: FW accepts wmm params per hw, not per vif */ -- 1.8.2.2 ___ ath9k-devel mailing list ath9k-devel@lists.ath9k.org https://lists.ath9k.org/mailman/listinfo/ath9k-devel
[ath9k-devel] [PATCH v2 4/5] ath10k: Move debug structures to debug.h
From: Sujith Manoharan c_man...@qca.qualcomm.com
Signed-off-by: Sujith Manoharan c_man...@qca.qualcomm.com
---
drivers/net/wireless/ath/ath10k/core.h | 76 +
drivers/net/wireless/ath/ath10k/debug.h | 75
2 files changed, 76 insertions(+), 75 deletions(-)
diff --git a/drivers/net/wireless/ath/ath10k/core.h
b/drivers/net/wireless/ath/ath10k/core.h
index fbf4d11..25ebe3d 100644
--- a/drivers/net/wireless/ath/ath10k/core.h
+++ b/drivers/net/wireless/ath/ath10k/core.h
@@ -27,6 +27,7 @@
#include hw.h
#include targaddrs.h
#include wmi.h
+#include debug.h
#include ../ath.h
#include ../regd.h
@@ -121,72 +122,6 @@ struct ath10k_wmi {
struct work_struct wmi_event_work;
};
-struct ath10k_peer_stat {
- u8 peer_macaddr[ETH_ALEN];
- u32 peer_rssi;
- u32 peer_tx_rate;
-};
-
-struct ath10k_target_stats {
- /* PDEV stats */
- s32 ch_noise_floor;
- u32 tx_frame_count;
- u32 rx_frame_count;
- u32 rx_clear_count;
- u32 cycle_count;
- u32 phy_err_count;
- u32 chan_tx_power;
-
- /* PDEV TX stats */
- s32 comp_queued;
- s32 comp_delivered;
- s32 msdu_enqued;
- s32 mpdu_enqued;
- s32 wmm_drop;
- s32 local_enqued;
- s32 local_freed;
- s32 hw_queued;
- s32 hw_reaped;
- s32 underrun;
- s32 tx_abort;
- s32 mpdus_requed;
- u32 tx_ko;
- u32 data_rc;
- u32 self_triggers;
- u32 sw_retry_failure;
- u32 illgl_rate_phy_err;
- u32 pdev_cont_xretry;
- u32 pdev_tx_timeout;
- u32 pdev_resets;
- u32 phy_underrun;
- u32 txop_ovf;
-
- /* PDEV RX stats */
- s32 mid_ppdu_route_change;
- s32 status_rcvd;
- s32 r0_frags;
- s32 r1_frags;
- s32 r2_frags;
- s32 r3_frags;
- s32 htt_msdus;
- s32 htt_mpdus;
- s32 loc_msdus;
- s32 loc_mpdus;
- s32 oversize_amsdu;
- s32 phy_errs;
- s32 phy_err_drop;
- s32 mpdu_errs;
-
- /* VDEV STATS */
-
- /* PEER STATS */
- u8 peers;
- struct ath10k_peer_stat peer_stat[TARGET_NUM_PEERS];
-
- /* TODO: Beacon filter stats */
-
-};
-
#define ATH10K_MAX_NUM_PEER_IDS (1 11) /* htt rx_desc limit */
struct ath10k_peer {
@@ -240,15 +175,6 @@ struct ath10k_vif_iter {
struct ath10k_vif *arvif;
};
-struct ath10k_debug {
- struct dentry *debugfs_phy;
-
- struct ath10k_target_stats target_stats;
- u32 wmi_service_bitmap[WMI_SERVICE_BM_SIZE];
-
- struct completion event_stats_compl;
-};
-
struct ath10k {
struct ath_common common;
struct ieee80211_hw *hw;
diff --git a/drivers/net/wireless/ath/ath10k/debug.h
b/drivers/net/wireless/ath/ath10k/debug.h
index bbaaa37..b0549cd 100644
--- a/drivers/net/wireless/ath/ath10k/debug.h
+++ b/drivers/net/wireless/ath/ath10k/debug.h
@@ -40,6 +40,81 @@ extern __printf(1, 2) int ath10k_info(const char *fmt, ...);
extern __printf(1, 2) int ath10k_err(const char *fmt, ...);
extern __printf(1, 2) int ath10k_warn(const char *fmt, ...);
+struct ath10k_peer_stat {
+ u8 peer_macaddr[ETH_ALEN];
+ u32 peer_rssi;
+ u32 peer_tx_rate;
+};
+
+struct ath10k_target_stats {
+ /* PDEV stats */
+ s32 ch_noise_floor;
+ u32 tx_frame_count;
+ u32 rx_frame_count;
+ u32 rx_clear_count;
+ u32 cycle_count;
+ u32 phy_err_count;
+ u32 chan_tx_power;
+
+ /* PDEV TX stats */
+ s32 comp_queued;
+ s32 comp_delivered;
+ s32 msdu_enqued;
+ s32 mpdu_enqued;
+ s32 wmm_drop;
+ s32 local_enqued;
+ s32 local_freed;
+ s32 hw_queued;
+ s32 hw_reaped;
+ s32 underrun;
+ s32 tx_abort;
+ s32 mpdus_requed;
+ u32 tx_ko;
+ u32 data_rc;
+ u32 self_triggers;
+ u32 sw_retry_failure;
+ u32 illgl_rate_phy_err;
+ u32 pdev_cont_xretry;
+ u32 pdev_tx_timeout;
+ u32 pdev_resets;
+ u32 phy_underrun;
+ u32 txop_ovf;
+
+ /* PDEV RX stats */
+ s32 mid_ppdu_route_change;
+ s32 status_rcvd;
+ s32 r0_frags;
+ s32 r1_frags;
+ s32 r2_frags;
+ s32 r3_frags;
+ s32 htt_msdus;
+ s32 htt_mpdus;
+ s32 loc_msdus;
+ s32 loc_mpdus;
+ s32 oversize_amsdu;
+ s32 phy_errs;
+ s32 phy_err_drop;
+ s32 mpdu_errs;
+
+ /* VDEV STATS */
+
+ /* PEER STATS */
+ u8 peers;
+ struct ath10k_peer_stat peer_stat[TARGET_NUM_PEERS];
+
+ /* TODO: Beacon filter stats */
+
+};
+
+struct ath10k_debug {
+ struct dentry *debugfs_phy;
+
+ struct ath10k_target_stats target_stats;
+ u32 wmi_service_bitmap[WMI_SERVICE_BM_SIZE];
+
+ struct completion event_stats_compl;
+};
+
#ifdef CONFIG_ATH10K_DEBUGFS
int ath10k_debug_create(struct ath10k *ar);
void ath10k_debug_read_service_map(struct ath10k *ar,
Re: [ath9k-devel] Standardisation - adding 2 bit STBC and Ness to MCS
Hallo all, http://www.radiotap.org/suggested-fields/MCS%20extension%20for%20STBC%20and%20Ness I have posted 3 patches on the proposal page (see Attachments): 1. A patch that applies to the Linux kernel v3.7-rc1 to collect the new STBC and Ness parameters from a wireless driver, and add them into the MCS radiotap field. 2. A patch to the Intel wireless driver in the kernel to collect STBC and Ness information. 3. A patch to wireshark to display STBC and Ness information. With this I believe we have everything needed to start the 3 week comment period. There is a bit more then 3 week now. I would like to have this approved :) Are there any thing needed to finish this? Beside, i have one question about how STBC work. According to differnet docs, i assume that: - STBC is done by sending, at least, two stream with same data in different order. - It means for me, that real use of STBC can be made only on MIMO hardware. - If 1x1 receiver indicates that it got STBC encoded frame, it dos not meant, it would be able to use redundant data from second stream. - There are fallowing STBC schemes: Alamouti’s STBC for 2 transmit antennas and orthogonal STBC for 3 and 4 transmit antennas. According to this information, what do we call 1,2 or 3 stream STBC? Since STBC should have minimal 2 stream, but in same time we have 1x1 and 2x2 hardware which able to receive and decode STBC stream i assume: - RX-STBC1 is for compatibility only. No data redundancy. - RX-STBC12 - can be used Alamouti’s schema with 2 streams. Mostly used method. - RX-STBC123 - is orthogonal schema and not widely used method. Since last method use wide spectrum to transmit data comparable to SISO stream, it makes almost no sense. But 3-stream method get optimal error corect in compare with 2 and 4 strea schemas. Do this assumptions correct? PS: My assumptions based on MIMO Space-Time Block Coding (STBC): Simulations and Results -- Regards, Oleksij ___ ath9k-devel mailing list ath9k-devel@lists.ath9k.org https://lists.ath9k.org/mailman/listinfo/ath9k-devel
Re: [ath9k-devel] 3.9.0-rc8+ (hacked) splat.
On 04/30/2013 11:05 AM, Ben Greear wrote: On 04/28/2013 08:05 AM, Ben Greear wrote: On 04/27/2013 01:58 AM, Felix Fietkau wrote: On 2013-04-27 1:46 AM, Ben Greear wrote: Was running around 200 stations against a VAP on this system, and then changed the channel from 1 to 36 (by restarting hostapd with new config). Looks like null-pointer de-ref... Anyone seen anything similar? I've never seen this one. Please use gdb to figure out the source code line that the NULL pointer deref happens in. As for the 'keycache entry 228 out of range' stuff, I'm going to send a patch for that now. Thanks. I'm away from the office for a bit, but will build a debugging kernel and crank on this early next week. Ok, this is against a modified 3.9.0 tree. My patches are here: http://dmz2.candelatech.com/git/gitweb.cgi?p=linux-3.9.dev.y/.git;a=summary I'm going to try reproducing against upstream 3.9.0 (using a smaller number of stations since upstream doesn't have needed optimizations to make it work on my hardware...) With the wpa_supplicant optimizations I posted yesterday, I can reproduce the crash on a standard 3.9.0 kernel with the regdomain patch AND the mac80211: Add per-sdata station hash, and sdata hash. https://patchwork.kernel.org/patch/2482351/ I was not able to reproduce this without the hash optimization patch, so either it's buggy, or it just makes things a lot faster and that triggers bugs in ath9k more easily. Thanks, Ben -- Ben Greear gree...@candelatech.com Candela Technologies Inc http://www.candelatech.com ___ ath9k-devel mailing list ath9k-devel@lists.ath9k.org https://lists.ath9k.org/mailman/listinfo/ath9k-devel
Re: [ath9k-devel] 3.9.0-rc8+ (hacked) splat.
On 2013-05-01 6:01 PM, Ben Greear wrote:
On 04/30/2013 11:05 AM, Ben Greear wrote:
On 04/28/2013 08:05 AM, Ben Greear wrote:
On 04/27/2013 01:58 AM, Felix Fietkau wrote:
On 2013-04-27 1:46 AM, Ben Greear wrote:
Was running around 200 stations against a VAP on this system, and
then changed the channel from 1 to 36 (by restarting hostapd with new
config).
Looks like null-pointer de-ref... Anyone seen anything similar?
I've never seen this one. Please use gdb to figure out the source code
line that the NULL pointer deref happens in.
As for the 'keycache entry 228 out of range' stuff, I'm going to send a
patch for that now.
Thanks.
I'm away from the office for a bit, but will build a debugging kernel
and crank on this early next week.
Ok, this is against a modified 3.9.0 tree. My patches are here:
http://dmz2.candelatech.com/git/gitweb.cgi?p=linux-3.9.dev.y/.git;a=summary
I'm going to try reproducing against upstream 3.9.0 (using a smaller number
of
stations since upstream doesn't have needed optimizations to make it work on
my hardware...)
With the wpa_supplicant optimizations I posted yesterday, I can
reproduce the crash on a standard 3.9.0 kernel with the regdomain
patch AND the mac80211: Add per-sdata station hash, and sdata hash.
https://patchwork.kernel.org/patch/2482351/
I was not able to reproduce this without the hash optimization patch,
so either it's buggy, or it just makes things a lot faster and that
triggers bugs in ath9k more easily.
It's buggy. Take a look at this part:
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 238a0cc..6b0fe74 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -965,6 +1018,13 @@ struct ieee80211_sta
*ieee80211_find_sta_by_ifaddr(struct ieee80211_hw *hw,
{
struct sta_info *sta, *nxt;
+ if (localaddr) {
+ sta = sta_info_get_by_vif(hw_to_local(hw), localaddr, addr);
+ if (sta !sta-uploaded)
+ return NULL;
+ return sta-sta;
+ }
If sta is NULL, it'll return sta-sta, which is non-NULL. It matches
the null-pointer crash on dereferencing the driver's tid struct inside
sta-drv_priv.
- Felix
___
ath9k-devel mailing list
ath9k-devel@lists.ath9k.org
https://lists.ath9k.org/mailman/listinfo/ath9k-devel
Re: [ath9k-devel] 3.9.0-rc8+ (hacked) splat.
On 05/01/2013 09:08 AM, Felix Fietkau wrote:
On 2013-05-01 6:01 PM, Ben Greear wrote:
On 04/30/2013 11:05 AM, Ben Greear wrote:
On 04/28/2013 08:05 AM, Ben Greear wrote:
On 04/27/2013 01:58 AM, Felix Fietkau wrote:
On 2013-04-27 1:46 AM, Ben Greear wrote:
Was running around 200 stations against a VAP on this system, and
then changed the channel from 1 to 36 (by restarting hostapd with new
config).
Looks like null-pointer de-ref... Anyone seen anything similar?
I've never seen this one. Please use gdb to figure out the source code
line that the NULL pointer deref happens in.
As for the 'keycache entry 228 out of range' stuff, I'm going to send a
patch for that now.
Thanks.
I'm away from the office for a bit, but will build a debugging kernel
and crank on this early next week.
Ok, this is against a modified 3.9.0 tree. My patches are here:
http://dmz2.candelatech.com/git/gitweb.cgi?p=linux-3.9.dev.y/.git;a=summary
I'm going to try reproducing against upstream 3.9.0 (using a smaller number
of
stations since upstream doesn't have needed optimizations to make it work on
my hardware...)
With the wpa_supplicant optimizations I posted yesterday, I can
reproduce the crash on a standard 3.9.0 kernel with the regdomain
patch AND the mac80211: Add per-sdata station hash, and sdata hash.
https://patchwork.kernel.org/patch/2482351/
I was not able to reproduce this without the hash optimization patch,
so either it's buggy, or it just makes things a lot faster and that
triggers bugs in ath9k more easily.
It's buggy. Take a look at this part:
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 238a0cc..6b0fe74 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -965,6 +1018,13 @@ struct ieee80211_sta
*ieee80211_find_sta_by_ifaddr(struct ieee80211_hw *hw,
{
struct sta_info *sta, *nxt;
+if (localaddr) {
+sta = sta_info_get_by_vif(hw_to_local(hw), localaddr, addr);
+if (sta !sta-uploaded)
+return NULL;
+return sta-sta;
+}
If sta is NULL, it'll return sta-sta, which is non-NULL. It matches
the null-pointer crash on dereferencing the driver's tid struct inside
sta-drv_priv.
Ahh, thanks so much!
That does appear to be the cause...
Thanks,
Ben
- Felix
--
Ben Greear gree...@candelatech.com
Candela Technologies Inc http://www.candelatech.com
___
ath9k-devel mailing list
ath9k-devel@lists.ath9k.org
https://lists.ath9k.org/mailman/listinfo/ath9k-devel
[ath9k-devel] 3.9.0+crash on unloading ath9k_htc driver.
I just added an ath9k_htc NIC to my system..and looks like removing the ath9k_htc driver crashed the system. Firmware is the open-firmware, pulled fresh today. This is on my hacked kernel again, but there are no changes to ath9k_htc. And, could be a coincidence...but if someone else sees something similar I'm interested to know... [ 2780.154335] usb 1-1: ath9k_htc: USB layer deinitialized [ 2780.165806] ath9k_htc: Driver unloaded [ 2783.008096] BUG: unable to handle kernel paging request at f8eba7c0 [ 2783.009041] IP: [f8eba7c0] 0xf8eba7bf [ 2783.009041] *pdpt = 00d46001 *pde = 3513b067 *pte = [ 2783.009041] Oops: 0010 [#1] PREEMPT SMP [ 2783.009041] Modules linked in: iptable_raw xt_CT bridge nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 ] [ 2783.009041] Pid: 0, comm: swapper/1 Tainted: GWC O 3.9.0+ #25 To Be Filled By O.E.M. To Be Fi. [ 2783.170772] EIP: 0060:[f8eba7c0] EFLAGS: 00210286 CPU: 1 [ 2783.170772] EIP is at 0xf8eba7c0 [ 2783.170772] EAX: f50124c0 EBX: f5cf8000 ECX: f50124c0 EDX: f8eba7c0 [ 2783.170772] ESI: f5012cb8 EDI: 0101 EBP: f5cdfe44 ESP: f5cdfe14 [ 2783.170772] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [ 2783.170772] CR0: 8005003b CR2: f8eba7c0 CR3: 00d49000 CR4: 07e0 [ 2783.170772] DR0: DR1: DR2: DR3: [ 2783.170772] DR6: 0ff0 DR7: 0400 [ 2783.170772] Process swapper/1 (pid: 0, ti=f5cde000 task=f5cb2670 task.ti=f5cde000) [ 2783.170772] Stack: [ 2783.170772] c0460b5b 2566 8bafa81c 00243ace f8434a40 f50124c0 [ 2783.170772] f8eba7c0 f5cf8000 f5012cb8 c0c10a04 f5cdfe80 c0460e54 f5cdfe6c f5cf8e14 [ 2783.170772] f5cf8c14 f5cf8a14 f50124c0 f8eba7c0 f5cf8000 f5cf8814 f5cdfe6c f5cdfe6c [ 2783.170772] Call Trace: [ 2783.170772] [c0460b5b] ? call_timer_fn+0x2b/0x130 [ 2783.170772] [c0460e54] run_timer_softirq+0x1f4/0x200 [ 2783.170772] [c045948a] __do_softirq+0xaa/0x230 [ 2783.170772] [c0459705] irq_exit+0xa5/0xb0 [ 2783.170772] [c09c0e89] smp_apic_timer_interrupt+0x59/0x88 [ 2783.170772] [c047773f] ? raw_notifier_call_chain+0x1f/0x30 [ 2783.170772] [c09ba704] apic_timer_interrupt+0x34/0x3c [ 2783.170772] [c0888f9e] ? cpuidle_wrap_enter+0x3e/0xb0 [ 2783.170772] [c0889022] cpuidle_enter_tk+0x12/0x20 [ 2783.170772] [c08889f0] ? disable_cpuidle+0x20/0x20 [ 2783.170772] [c0888a31] cpuidle_enter_state+0x11/0x50 [ 2783.170772] [c088925f] cpuidle_idle_call+0x8f/0xf0 [ 2783.170772] [c041afcc] cpu_idle+0xac/0xf0 [ 2783.170772] [c09b1477] start_secondary+0x270/0x276 [ 2783.170772] Code: Bad EIP value. [ 2783.170772] EIP: [f8eba7c0] 0xf8eba7c0 SS:ESP 0068:f5cdfe14 [ 2783.170772] CR2: f8eba7c0 [ 2783.170772] ---[ end trace 58c689e6047c0627 ]--- [ 2783.170772] Kernel panic - not syncing: Fatal exception in interrupt [ 2783.170772] drm_kms_helper: panic occurred, switching back to text console -- Ben Greear gree...@candelatech.com Candela Technologies Inc http://www.candelatech.com ___ ath9k-devel mailing list ath9k-devel@lists.ath9k.org https://lists.ath9k.org/mailman/listinfo/ath9k-devel
