From owner-freebsd-wireless@FreeBSD.ORG  Fri Oct 21 06:53:12 2011
Return-Path: <owner-freebsd-wireless@FreeBSD.ORG>
Delivered-To: freebsd-wireless@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7E0E3106566C;
	Fri, 21 Oct 2011 06:53:12 +0000 (UTC)
	(envelope-from adrian.chadd@gmail.com)
Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com
	[209.85.213.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 2B0158FC15;
	Fri, 21 Oct 2011 06:53:11 +0000 (UTC)
Received: by yxn16 with SMTP id 16so4574087yxn.13
	for <multiple recipients>; Thu, 20 Oct 2011 23:53:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:sender:in-reply-to:references:date
	:x-google-sender-auth:message-id:subject:from:to:cc:content-type;
	bh=Wq0kBisS4bgo30hgrXmSuTBVPiFpOFzkCUaWnqle0hY=;
	b=Q3zSJA1eADdmPdrjQbtMMhAwtptv6j+VhrBu4XwBIgEpZcC+jrrGC8tHSWKFMIdzIJ
	BMUgWx3SZ3FQroCXzEvBDr14bv3gnGXSnIPbn0Ud1sZ7j47Fwkqx7TKOPDr/odG74YKt
	nYtHYx350vKVuidxdsTDYeo0J2RHQ4IBH4Nw4=
MIME-Version: 1.0
Received: by 10.236.175.195 with SMTP id z43mr19624069yhl.66.1319179991440;
	Thu, 20 Oct 2011 23:53:11 -0700 (PDT)
Sender: adrian.chadd@gmail.com
Received: by 10.236.109.39 with HTTP; Thu, 20 Oct 2011 23:53:11 -0700 (PDT)
In-Reply-To: <CAJ-Vmo=UwuwE31ww5neWDK2GWfbRyX1E_LAbfjw_Rmb3g_VRhQ@mail.gmail.com>
References: <CAJ-Vmo=UwuwE31ww5neWDK2GWfbRyX1E_LAbfjw_Rmb3g_VRhQ@mail.gmail.com>
Date: Fri, 21 Oct 2011 14:53:11 +0800
X-Google-Sender-Auth: _--xIdyJT8vh5UKPQ2ngPd43bPk
Message-ID: <CAJ-Vmo=a0uBcxJ-Thk1A230ZFfohCyn7VuLHxPexcy-YwBCcAA@mail.gmail.com>
From: Adrian Chadd <adrian@freebsd.org>
To: Bernhard Schmidt <bschmidt@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-wireless@freebsd.org
Subject: Re: Another scan + comlock LOR
X-BeenThere: freebsd-wireless@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussions of 802.11 stack,
	tools device driver development." <freebsd-wireless.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-wireless>, 
	<mailto:freebsd-wireless-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-wireless>
List-Post: <mailto:freebsd-wireless@freebsd.org>
List-Help: <mailto:freebsd-wireless-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-wireless>, 
	<mailto:freebsd-wireless-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2011 06:53:12 -0000

Hm, replying to my own email: is this lock needed to be held across
the call to ieee80211_probe_curchan() ?

/*
 * Scan curchan.  If this is an active scan and the channel
 * is not marked passive then send probe request frame(s).
 * Arrange for the channel change after maxdwell ticks.
 */
static void
scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell)
{
        struct ieee80211vap *vap  = ss->ss_vap;

        IEEE80211_LOCK(vap->iv_ic);
        if (ss->ss_flags & IEEE80211_SCAN_ACTIVE)
                ieee80211_probe_curchan(vap, 0);
        callout_reset(&SCAN_PRIVATE(ss)->ss_scan_timer,
            maxdwell, scan_signal, ss);
        IEEE80211_UNLOCK(vap->iv_ic);
}

ieee80211_probe_curchan() is called from a few other contexts (when
rx'ing mgmt frames) which isn't locked.

I don't like how some of these flags are checked and modified without
the comlock being held, but I also can't help but think that any form
of packet TX from net80211 to the driver which holds the comlock is
going to result in a LOR.

Eg, is it valid to walk ss->ss_ssid[i] (the list of ssids in the
current scan state) without holding a lock?

How is consistency guaranteed there?

Thanks,


Adrian