On 10/12/2024 7:13 AM, Remi Pommarel wrote: > The ieee80211 flush callback can be called to flush only part of all hw > queues. The ath10k's flush callback implementation (i.e. ath10k_flush()) > was waiting for all pending frames of all queues to be flushed ignoring > the queue parameter. Because only the queues to be flushed are stopped > by mac80211, skb can still be queued to other queues meanwhile. Thus > ath10k_flush() could fail (and wait 5sec holding ar->conf lock) even if > the requested queues are flushed correctly. > > A way to reproduce the issue is to use two different APs because > each vdev has its own hw queue in ath10k. Connect STA0 to AP0 and STA1 > to AP1. Then generate traffic from AP0 to STA0 and kill STA0 without > clean disassociation frame (e.g. unplug power cable, reboot -f, ...). > Now if we were to flush AP1's queue, ath10k_flush() would fail (and > effectively block 5 seconds with ar->conf or even wiphy's lock held) > with the following warning: > > ath10k_pci 0000:01:00.0: failed to flush transmit queue (skip 0 ar-state 2): 0 > > Wait only for pending frames of the requested queues to be flushed in > ath10k_flush() to avoid that long blocking. > > Reported-by: Cedric Veilleux <veilleux.cedric@xxxxxxxxx> WARNING:BAD_REPORTED_BY_LINK: Reported-by: should be immediately followed by Closes: with a URL to the report > Signed-off-by: Remi Pommarel <repk@xxxxxxxxxxxx> > --- > drivers/net/wireless/ath/ath10k/htt.h | 7 +++-- > drivers/net/wireless/ath/ath10k/htt_tx.c | 18 ++++++++++--- > drivers/net/wireless/ath/ath10k/mac.c | 33 +++++++++++++++++------- > drivers/net/wireless/ath/ath10k/txrx.c | 2 +- > 4 files changed, 44 insertions(+), 16 deletions(-)
