From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-iw0-f178.google.com ([209.85.223.178]:64723 "EHLO mail-iw0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753607AbZI2TZP (ORCPT ); Tue, 29 Sep 2009 15:25:15 -0400 Received: by iwn8 with SMTP id 8so3277285iwn.33 for ; Tue, 29 Sep 2009 12:25:19 -0700 (PDT) MIME-Version: 1.0 From: "Luis R. Rodriguez" Date: Tue, 29 Sep 2009 12:24:59 -0700 Message-ID: <43e72e890909291224t26b7e6cbmc78976165bd1bb88@mail.gmail.com> Subject: SME warning on 2.6.32-rc To: linux-wireless Content-Type: text/plain; charset=UTF-8 Sender: linux-wireless-owner@vger.kernel.org List-ID: I believe the problem comes from the assumption from cfg80211 that previous deauthentications would have gone through before we run __cfg80211_disconnected() and are using wext or nl80211 connec/disconnectt. Under certain conditions (clearly not known yet) this is not true and we'll end up asking mac80211 to deauthenticate us from a BSS we already deauthenticated to end end up with an -ENOLINK on our mac80211 cfg80211 deauth ops. It seems this race was expected all along on mac80211 ieee80211_mgd_deauth(): /* * cfg80211 should catch this ... but it's racy since * we can receive a deauth frame, process it, hand it * to cfg80211 while that's in a locked section already * trying to tell us that the user wants to disconnect. */ if (!bssid) { mutex_unlock(&ifmgd->mtx); return -ENOLINK; } So it seems we do need to address that race but I'm not yet sure how. Here is a warning from the latest wireless-testing. Unfortunately I cannot reproduce in a systematic way, I've tried even different boot configuration (mem=300M) and CPU pegged at 800 MHz thinking the race occurs when mac80211 takes its sweet time deathenticating but that wasn't the case. phy0: device now idle phy0: Removed STA phy0: Destroyed STA wlan0: deauthenticating from by local choice (reason=3) ------------[ cut here ]------------ WARNING: at net/wireless/sme.c:620 __cfg80211_disconnected+0x209/0x260 [cfg80211]() Hardware name: 7660A14 deauth failed: -67 (editorial note: -ENOLINK) Modules linked in: Pid: 1829, comm: wpa_supplicant Not tainted 2.6.32-rc2-wl #45 Call Trace: [] warn_slowpath_common+0x78/0xb0 [] warn_slowpath_fmt+0x3c/0x40 [] __cfg80211_disconnected+0x209/0x260 [cfg80211] [] __cfg80211_send_deauth+0x228/0x2a0 [cfg80211] [] cfg80211_send_deauth+0x41/0x80 [cfg80211] [] ieee80211_send_deauth_disassoc+0x14f/0x170 [mac80211] [] ieee80211_mgd_deauth+0xf5/0x120 [mac80211] [] ieee80211_deauth+0x19/0x20 [mac80211] [] __cfg80211_mlme_deauth+0xee/0x130 [cfg80211] [] __cfg80211_disconnect+0x159/0x1d0 [cfg80211] [] cfg80211_mgd_wext_siwfreq+0xd5/0x1b8 [cfg80211] [] ? ioctl_standard_call+0x0/0xd0 [] cfg80211_wext_siwfreq+0x4d/0xd0 [cfg80211] [] ioctl_standard_call+0x5b/0xd0 [] ? __dev_get_by_name+0xa0/0xc0 [] wext_ioctl_dispatch+0x165/0x1d0 [] ? ioctl_private_call+0x0/0xa0 [] wext_handle_ioctl+0x41/0x90 [] dev_ioctl+0x676/0x820 [] ? autoremove_wake_function+0x0/0x40 [] sock_ioctl+0x95/0x280 [] vfs_ioctl+0x1d/0xa0 [] do_vfs_ioctl+0x8a/0x5a0 [] ? thread_return+0x4e/0x733 [] sys_ioctl+0x81/0xa0 [] system_call_fastpath+0x16/0x1b ---[ end trace 7d678c5342bdca98 ]---