One thing I noticed is racy behaviour of ath5k_txbuf_setup.
...
spin_lock_bh(&txq->lock);
list_add_tail(&bf->list, &txq->q);
if (txq->link == NULL) /* is this first packet? */
ath5k_hw_set_txdp(ah, txq->qnum, bf->daddr);
else /* no, so only link it */
*txq->link = bf->daddr;
...
As I see it, every new transmitted packet it
'appended' to end of the linked list of the descriptors, by replacing
NULL with physical address of it
But what happens if hardware reads this last descriptor at same time ?
Best regards,
Maxim Levitsky
_______________________________________________
ath5k-devel mailing list
ath5k-devel@lists.ath5k.org
https://lists.ath5k.org/mailman/listinfo/ath5k-devel
