From owner-freebsd-mobile@FreeBSD.ORG  Mon Dec  7 17:04:44 2009
Return-Path: <owner-freebsd-mobile@FreeBSD.ORG>
Delivered-To: freebsd-mobile@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C9451106566C
	for <freebsd-mobile@freebsd.org>; Mon,  7 Dec 2009 17:04:44 +0000 (UTC)
	(envelope-from Andre.Albsmeier@siemens.com)
Received: from david.siemens.de (david.siemens.de [192.35.17.14])
	by mx1.freebsd.org (Postfix) with ESMTP id 4A72F8FC16
	for <freebsd-mobile@freebsd.org>; Mon,  7 Dec 2009 17:04:43 +0000 (UTC)
Received: from mail3.siemens.de (localhost [127.0.0.1])
	by david.siemens.de (8.12.11.20060308/8.12.11) with ESMTP id
	nB7Ga7v2010044
	for <freebsd-mobile@freebsd.org>; Mon, 7 Dec 2009 17:36:07 +0100
Received: from curry.mchp.siemens.de (curry.mchp.siemens.de [139.25.40.130])
	by mail3.siemens.de (8.12.11.20060308/8.12.11) with ESMTP id
	nB7Ga7xn026856
	for <freebsd-mobile@freebsd.org>; Mon, 7 Dec 2009 17:36:07 +0100
Received: (from localhost)
	by curry.mchp.siemens.de (8.14.3/8.14.3) id nB7Ga7lO073698
	for freebsd-mobile@freebsd.org; Mon, 7 Dec 2009 17:36:07 +0100 (CET)
Date: Mon, 7 Dec 2009 17:36:07 +0100
From: Andre Albsmeier <Andre.Albsmeier@siemens.com>
To: freebsd-mobile@freebsd.org
Message-ID: <20091207163607.GA15625@curry.mchp.siemens.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Echelon: <censored>
X-Advice: Drop that crappy M$-Outlook, I'm tired of your viruses!
User-Agent: Mutt/1.5.20 (2009-06-14)
Subject: iwi: Possibly wrong interpretation of beacon->number in if_iwi.c?
X-BeenThere: freebsd-mobile@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Mobile computing with FreeBSD <freebsd-mobile.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-mobile>, 
	<mailto:freebsd-mobile-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-mobile>
List-Post: <mailto:freebsd-mobile@freebsd.org>
List-Help: <mailto:freebsd-mobile-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-mobile>,
	<mailto:freebsd-mobile-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2009 17:04:45 -0000

I am currently using iwi in a rather difficult WLAN
environment (multiple APs on the same channel and weak
signals).

While trying to find out why iwi0 reassociates every 10 to
60 seconds I used sysctl debug.iwi=5 and logged (among
others) these messages:

...
Beacon state (1, 18941446)
Beacon miss: 18941446 >= 254
Beacon state (1, 18941703)
Beacon miss: 18941703 >= 254
Beacon state (1, 18941446)
...

Trying to understand what this means, I found the corresponding
code in /sys/dev/iwi/if_iwi.c:

  if (le32toh(beacon->number) >= ic->ic_bmissthreshold) {
          DPRINTF(("Beacon miss: %u >= %u\n",
              le32toh(beacon->number),
              ic->ic_bmissthreshold));
          ieee80211_beacon_miss(ic);
  }

le32toh(beacon->number) seems to be the number of missed
beacons. However, I have no idea how it can be that high
after an uptime of only a few minutes.

Could it be that only the LSB of this value is meaningful?

I added some debug code to if_iwi.c:

iwi0: Beacon miss: 19006982 1220606
iwi0: Beacon miss: 19006982 1220606
iwi0: Beacon miss: 19007239 1220707
iwi0: Beacon miss: 19007496 1220808
iwi0: Beacon miss: 19269126 1260606
iwi0: Beacon miss: 19269383 1260707
iwi0: Beacon miss: 19269640 1260808
iwi0: Beacon miss: 19269126 1260606
iwi0: Beacon miss: 19269383 1260707
iwi0: Beacon miss: 19269640 1260808
iwi0: Beacon miss: 19269897 1260909
iwi0: Beacon miss: 19270154 1260a0a
iwi0: Beacon miss: 19270411 1260b0b
iwi0: Beacon miss: 19269126 1260606
iwi0: Beacon miss: 19006982 1220606
iwi0: Beacon miss: 19006982 1220606
iwi0: Beacon miss: 19007239 1220707
iwi0: Beacon miss: 19006982 1220606
iwi0: Beacon miss: 19007239 1220707
iwi0: Beacon miss: 19007496 1220808
iwi0: Beacon miss: 19007753 1220909
iwi0: Beacon miss: 19008010 1220a0a
iwi0: Beacon miss: 19006982 1220606
iwi0: Beacon miss: 19007239 1220707
iwi0: Beacon miss: 19007496 1220808
iwi0: Beacon miss: 19007753 1220909

The second value is le32toh(beacon->number) converted to
hex and we see that the two least significant bytes are
always the same. This, and the fact that bmissthreshold
must be in the range 1 to 255, makes me assume that we
possibly should ignore the upper 24 bits.

I am now using this patch to if_iwi.c:

--- if_iwi.c.ORI	2009-12-07 16:17:46.000000000 +0100
+++ if_iwi.c	2009-12-07 16:20:10.000000000 +0100
@@ -1497,7 +1497,7 @@
 		/* XXX check struct length */
 		beacon = (struct iwi_notif_beacon_state *)(notif + 1);
 
-		DPRINTFN(5, ("Beacon state (%u, %u)\n",
+		DPRINTFN(5, ("Beacon state (%u, 0x%x)\n",
 		    beacon->state, le32toh(beacon->number)));
 
 		if (beacon->state == IWI_BEACON_MISS) {
@@ -1508,9 +1508,9 @@
 			 * 802.11 layer.
 			 * XXX try to roam, drop assoc only on much higher count
 			 */
-			if (le32toh(beacon->number) >= ic->ic_bmissthreshold) {
+			if ((le32toh(beacon->number) & 0xFF) >= ic->ic_bmissthreshold) {
 				DPRINTF(("Beacon miss: %u >= %u\n",
-				    le32toh(beacon->number),
+				    le32toh(beacon->number) & 0xFF,
 				    ic->ic_bmissthreshold));
 				ieee80211_beacon_miss(ic);
 			}

and things got a lot better. After rising bmissthreshold to
50, which would be perfectly acceptable here, I got no more
problems.

All this is on a fresh 7.2-STABLE, however, I have upgraded
the fw in /sys/contrib/dev/iwi from V3.0 to V3.1 manually
(this has no effect on the problem mentioned above).

What do people think?

Thanks,

	-Andre