Date: Mon, 5 Jul 2010 02:05:39 -0700 (PDT) From: PseudoCylon <moonlightakkiy@yahoo.ca> To: freebsd-net@freebsd.org Subject: trouble sending BAR frame Message-ID: <338423.28480.qm@web51801.mail.re2.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hello, Hiccups sending BAR frame. 1) ieee80211_send_bar() in ieee80211_ht.c http://fxr.watson.org/fxr/source/net80211/ieee80211_ht.c?im=bigexcerpts#L2146 2146 ret = ic->ic_raw_xmit(ni, m, NULL); 2147 if (ret != 0) { 2148 /* xmit failed, clear state flag */ 2149 tap->txa_flags &= ~IEEE80211_AGGR_BARPEND; 2150 goto bad; 2151 } 2152 /* XXX hack against tx complete happening before timer is started */ 2153 if (tap->txa_flags & IEEE80211_AGGR_BARPEND) 2154 bar_start_timer(tap); 2155 return 0; 2156 bad: 2157 ieee80211_free_node(ni); 2158 return ret; It says when ic_raw_xmit() succeeds, dose not free node, but free node when ic_raw_xmit() fails. Drivers free node ether success or fail, so node will be freed twice when tx fails, and we will get ambushed by page fault later. 2) bar_tx_complete() http://fxr.watson.org/fxr/source/net80211/ieee80211_ht.c?im=bigexcerpts#L2044 2044 if (status) /* ACK'd */ 2045 bar_stop_timer(tap); 2046 ic->ic_bar_response(ni, tap, status); and ieee80211_bar_response() http://fxr.watson.org/fxr/source/net80211/ieee80211_ht.c?im=bigexcerpts#L2056 2056 if (status != 0) { /* got ACK */ 2057 IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_11N, 2058 ni, "BAR moves BA win <%u:%u> (%u frames) txseq %u tid %u", 2059 tap->txa_start, 2060 IEEE80211_SEQ_ADD(tap->txa_start, tap->txa_wnd-1), 2061 tap->txa_qframes, tap->txa_seqpending, 2062 WME_AC_TO_TID(tap->txa_ac)); 2063 2064 /* NB: timer already stopped in bar_tx_complete */ 2065 tap->txa_start = tap->txa_seqpending; 2066 tap->txa_flags &= ~IEEE80211_AGGR_BARPEND; 2067 } "status" the last argument of ieee80211_process_callback() is 0 on success according to IEEE80211_OUTPUT(9), so when tx succeeds, BAR frame is repeatedly sent max retry times and at the end DELBA will be sent. I commented out 2157 //ieee80211_free_node(ni); and negated "status" 2044 if (!status) 2056 if (status == 0) It's been working fine for a couple of days. AK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?338423.28480.qm>