On 20 May 2015 at 19:39, Larry Finger <Larry.Finger@xxxxxxxxxxxx> wrote: > On 05/20/2015 01:17 AM, Haggai Eran wrote: >> >> On May 19, 2015 08:47, "Haggai Eran" <haggai.eran@xxxxxxxxx >> <mailto:haggai.eran@xxxxxxxxx>> wrote: >> > >> > With an RTL8191SU USB adaptor, sometimes the hints for a fragmented >> > packet are set, but the packet length is too large. Truncate the packet >> > to prevent memory corruption. >> > >> > Signed-off-by: Haggai Eran <haggai.eran@xxxxxxxxx >> <mailto:haggai.eran@xxxxxxxxx>> >> > --- >> > >> > Hi, >> > >> > I think this solves the issue for me. I'll test it more thoroughly >> later. I >> > still don't know why a fragmented packet has such a large pkt_len value >> though. >> > >> > Thanks, >> > Haggai >> > >> >> I guess I was too quick with this patch. It prevents the kernel page >> faults, but >> with it I still see sometimes the connectivity disappear for a minute or >> two. > > > Is anything logged when that happens? No. I get once in a while the other corrupted entries I told you about, but nothing special to these freezes > I'm still trying to see where that magic number of 1658 comes from, and how > that affects the RX buffer size. I tried to look at the new driver (rtl8192su), but it doesn't seem to handle this more-fragment bit at all. > When I unconditionally set alloc_sz to tmp_len as in the attached patch (I > remembered to refresh it this time), nothing bad has happened here yet. What > happens on your box? The same freezes still occur. Thanks, Haggai -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
