FYI: msdu-desc must be multiple of 8.

Ben Greear greearb at candelatech.com
Tue May 13 15:50:15 PDT 2014


On 05/13/2014 03:42 PM, Avery Pennarun wrote:
> On Tue, May 13, 2014 at 6:34 PM, Ben Greear <greearb at candelatech.com> wrote:
>> I just hit strange and wonderful crashes because I managed to use
>> an msdu-desc length that was not an even multiple of 8.  Firmware
>> has assumption (bug, really) about this.
>>
>> Bug is only triggerable if you fill up tx-descs, so have to flood UDP
>> to hit easily.  I was trying 812 buffers, but 808 works just fine.
>> (non CT firmware will not let you do less that 1024, no matter what you
>> request, btw).
> 
> What chooses the msdu-desc length?  Is there a chance that this would
> happen on an unmodified driver?

It would take someone mucking around in the driver like I was.

Mucking with the vow_config would likely have similar constraints,
but nothing is using that, and I'm not sure firmware even supports it.

See TARGET_10X_NUM_MSDU_DESC

As an aside, if you do manage to crash firmware in this manner, it also
takes down the host when it tries to clean up the stale tx buffers.  Possibly
that bug is just due to some of my own patches, but might be worth investigating
some day when I have more time and a cleaner tree...

Thanks,
Ben

-- 
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc  http://www.candelatech.com




More information about the ath10k mailing list