From: Ming Lei Date: Mon, 12 Apr 2010 16:29:27 +0000 (+0800) Subject: ath9k-htc: fix lockdep warning and kernel warning after unplugging ar9271 usb device X-Git-Tag: firefly_0821_release~9833^2~2087^2~167^2~293 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=f8e1d0803d2db9ef0116941a4ce46069a2009ea6;p=firefly-linux-kernel-4.4.55.git ath9k-htc: fix lockdep warning and kernel warning after unplugging ar9271 usb device This patch fixes two warnings below after unplugging ar9271 usb device: -one is a kernel warning[1] -another is a lockdep warning[2] The root reason is that __skb_queue_purge can't be executed in hardirq context, so the patch forks ath9k_skb_queue_purge(ath9k version of _skb_queue_purge), which frees skb with dev_kfree_skb_any which can be run in hardirq context safely, then prevent the lockdep warning and kernel warning after unplugging ar9271 usb device. [1] kernel warning [ 602.894005] ------------[ cut here ]------------ [ 602.894005] WARNING: at net/core/skbuff.c:398 skb_release_head_state+0x71/0x87() [ 602.894005] Hardware name: 6475EK2 [ 602.894005] Modules linked in: ath9k_htc ath9k ath9k_common ath9k_hw ath bridge stp llc sunrpc ipv6 cpufreq_ondemand acpi_cpufreq freq_table kvm_intel kvm arc4 ecb mac80211 snd_hda_codec_conexant snd_hda_intel snd_hda_codec snd_hwdep thinkpad_acpi snd_pcm snd_timer hwmon iTCO_wdt snd e1000e pcspkr i2c_i801 usbhid iTCO_vendor_support wmi cfg80211 yenta_socket rsrc_nonstatic pata_acpi snd_page_alloc soundcore uhci_hcd ohci_hcd ehci_hcd usbcore i915 drm_kms_helper drm i2c_algo_bit i2c_core video output [last unloaded: ath] [ 602.894005] Pid: 2506, comm: ping Tainted: G W 2.6.34-rc3-wl #20 [ 602.894005] Call Trace: [ 602.894005] [] warn_slowpath_common+0x7c/0x94 [ 602.894005] [] ? __skb_queue_purge+0x43/0x4a [ath9k_htc] [ 602.894005] [] warn_slowpath_null+0x14/0x16 [ 602.894005] [] skb_release_head_state+0x71/0x87 [ 602.894005] [] __kfree_skb+0x16/0x81 [ 602.894005] [] kfree_skb+0x7e/0x86 [ 602.894005] [] __skb_queue_purge+0x43/0x4a [ath9k_htc] [ 602.894005] [] __hif_usb_tx+0x1c1/0x21b [ath9k_htc] [ 602.894005] [] hif_usb_tx_cb+0x12f/0x154 [ath9k_htc] [ 602.894005] [] usb_hcd_giveback_urb+0x91/0xc5 [usbcore] [ 602.894005] [] ehci_urb_done+0x7a/0x8b [ehci_hcd] [ 602.894005] [] qh_completions+0x2ee/0x376 [ehci_hcd] [ 602.894005] [] ehci_work+0x95/0x76e [ehci_hcd] [ 602.894005] [] ? ehci_irq+0x2f/0x1d4 [ehci_hcd] [ 602.894005] [] ehci_irq+0x1a6/0x1d4 [ehci_hcd] [ 602.894005] [] ? __rcu_process_callbacks+0x7a/0x2df [ 602.894005] [] ? handle_fasteoi_irq+0x22/0xd2 [ 602.894005] [] usb_hcd_irq+0x4a/0xa7 [usbcore] [ 602.894005] [] handle_IRQ_event+0x77/0x14f [ 602.894005] [] ? skb_release_data+0xc9/0xce [ 602.894005] [] handle_fasteoi_irq+0x92/0xd2 [ 602.894005] [] handle_irq+0x88/0x91 [ 602.894005] [] do_IRQ+0x63/0xc9 [ 602.894005] [] ? ip_flush_pending_frames+0x4d/0x5c [ 602.894005] [] ret_from_intr+0x0/0x16 [ 602.894005] [] ? __delete_object+0x5a/0xb1 [ 602.894005] [] ? _raw_write_unlock_irqrestore+0x47/0x7e [ 602.894005] [] ? _raw_write_unlock_irqrestore+0x4c/0x7e [ 602.894005] [] __delete_object+0x5a/0xb1 [ 602.894005] [] delete_object_full+0x25/0x31 [ 602.894005] [] kmemleak_free+0x26/0x45 [ 602.894005] [] kfree+0xaa/0x149 [ 602.894005] [] ? sock_def_write_space+0x84/0x89 [ 602.894005] [] ? ip_flush_pending_frames+0x4d/0x5c [ 602.894005] [] skb_release_data+0xc9/0xce [ 602.894005] [] __kfree_skb+0x1e/0x81 [ 602.894005] [] kfree_skb+0x7e/0x86 [ 602.894005] [] ip_flush_pending_frames+0x4d/0x5c [ 602.894005] [] raw_sendmsg+0x653/0x709 [ 602.894005] [] inet_sendmsg+0x54/0x5d [ 602.894005] [] ? sock_recvmsg+0xc6/0xdf [ 602.894005] [] sock_sendmsg+0xc0/0xd9 [ 602.894005] [] ? might_fault+0x68/0xb8 [ 602.894005] [] ? might_fault+0xb1/0xb8 [ 602.894005] [] ? copy_from_user+0x2f/0x31 [ 602.894005] [] ? verify_iovec+0x54/0x91 [ 602.894005] [] sys_sendmsg+0x1da/0x241 [ 602.894005] [] ? finish_task_switch+0x0/0xc9 [ 602.894005] [] ? finish_task_switch+0x0/0xc9 [ 602.894005] [] ? trace_hardirqs_on_caller+0x16/0x150 [ 602.894005] [] ? _raw_spin_unlock_irq+0x56/0x63 [ 602.894005] [] ? finish_task_switch+0xa4/0xc9 [ 602.894005] [] ? finish_task_switch+0x0/0xc9 [ 602.894005] [] ? need_resched+0x23/0x2d [ 602.894005] [] ? trace_hardirqs_on_caller+0x16/0x150 [ 602.894005] [] ? trace_hardirqs_on_thunk+0x3a/0x3f [ 602.894005] [] system_call_fastpath+0x16/0x1b [ 602.894005] ---[ end trace 91ba2d8dc7826839 ]--- [2] lockdep warning [ 169.363215] ====================================================== [ 169.365390] [ INFO: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected ] [ 169.366334] 2.6.34-rc3-wl #20 [ 169.366872] ------------------------------------------------------ [ 169.366872] khubd/78 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 169.366872] (clock-AF_INET){++.?..}, at: [] sock_def_write_space+0x1e/0x89 [ 169.366872] [ 169.366872] and this task is already holding: [ 169.366872] (&(&hif_dev->tx.tx_lock)->rlock){-.-...}, at: [] hif_usb_stop+0x24/0x53 [ath9k_htc] [ 169.366872] which would create a new lock dependency: [ 169.366872] (&(&hif_dev->tx.tx_lock)->rlock){-.-...} -> (clock-AF_INET){++.?..} [ 169.366872] [ 169.366872] but this new dependency connects a HARDIRQ-irq-safe lock: [ 169.366872] (&(&hif_dev->tx.tx_lock)->rlock){-.-...} [ 169.366872] ... which became HARDIRQ-irq-safe at: [ 169.366872] [] __lock_acquire+0x2c6/0xd2b [ 169.366872] [] lock_acquire+0xec/0x119 [ 169.366872] [] _raw_spin_lock+0x40/0x73 [ 169.366872] [] hif_usb_tx_cb+0x5e/0x154 [ath9k_htc] [ 169.366872] [] usb_hcd_giveback_urb+0x91/0xc5 [usbcore] [ 169.366872] [] ehci_urb_done+0x7a/0x8b [ehci_hcd] [ 169.366872] [] qh_completions+0x2ee/0x376 [ehci_hcd] [ 169.366872] [] ehci_work+0x95/0x76e [ehci_hcd] [ 169.366872] [] ehci_irq+0x1a6/0x1d4 [ehci_hcd] [ 169.366872] [] usb_hcd_irq+0x4a/0xa7 [usbcore] [ 169.366872] [] handle_IRQ_event+0x77/0x14f [ 169.366872] [] handle_fasteoi_irq+0x92/0xd2 [ 169.366872] [] handle_irq+0x88/0x91 [ 169.366872] [] do_IRQ+0x63/0xc9 [ 169.366872] [] ret_from_intr+0x0/0x16 [ 169.366872] [] cpuidle_idle_call+0xa7/0x115 [ 169.366872] [] cpu_idle+0x68/0xc4 [ 169.366872] [] rest_init+0x104/0x10b [ 169.366872] [] start_kernel+0x3f1/0x3fc [ 169.366872] [] x86_64_start_reservations+0xb3/0xb7 [ 169.366872] [] x86_64_start_kernel+0xf8/0x107 [ 169.366872] [ 169.366872] to a HARDIRQ-irq-unsafe lock: [ 169.366872] (clock-AF_INET){++.?..} [ 169.366872] ... which became HARDIRQ-irq-unsafe at: [ 169.366872] ... [] __lock_acquire+0x33a/0xd2b [ 169.366872] [] lock_acquire+0xec/0x119 [ 169.366872] [] _raw_write_lock_bh+0x45/0x7a [ 169.366872] [] tcp_close+0x165/0x34d [ 169.366872] [] inet_release+0x55/0x5c [ 169.366872] [] sock_release+0x1f/0x6e [ 169.366872] [] sock_close+0x27/0x2b [ 169.366872] [] __fput+0x125/0x1ca [ 169.366872] [] fput+0x1a/0x1c [ 169.366872] [] filp_close+0x68/0x72 [ 169.366872] [] sys_close+0xad/0xe7 [ 169.366872] [] system_call_fastpath+0x16/0x1b (Trimmed at the "other info that might help us debug this" line in the interest of brevity... -- JWL) Signed-off-by: Ming Lei Acked-by: Sujith Signed-off-by: John W. Linville --- diff --git a/drivers/net/wireless/ath/ath9k/hif_usb.c b/drivers/net/wireless/ath/ath9k/hif_usb.c index 3d8f0f468f8d..fe994e229898 100644 --- a/drivers/net/wireless/ath/ath9k/hif_usb.c +++ b/drivers/net/wireless/ath/ath9k/hif_usb.c @@ -149,6 +149,13 @@ static void hif_usb_tx_cb(struct urb *urb) } } +static inline void ath9k_skb_queue_purge(struct sk_buff_head *list) +{ + struct sk_buff *skb; + while ((skb = __skb_dequeue(list)) != NULL) + dev_kfree_skb_any(skb); +} + /* TX lock has to be taken */ static int __hif_usb_tx(struct hif_device_usb *hif_dev) { @@ -207,7 +214,7 @@ static int __hif_usb_tx(struct hif_device_usb *hif_dev) ret = usb_submit_urb(tx_buf->urb, GFP_ATOMIC); if (ret) { tx_buf->len = tx_buf->offset = 0; - __skb_queue_purge(&tx_buf->skb_queue); + ath9k_skb_queue_purge(&tx_buf->skb_queue); __skb_queue_head_init(&tx_buf->skb_queue); list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf); hif_dev->tx.tx_buf_cnt++; @@ -274,7 +281,7 @@ static void hif_usb_stop(void *hif_handle, u8 pipe_id) unsigned long flags; spin_lock_irqsave(&hif_dev->tx.tx_lock, flags); - __skb_queue_purge(&hif_dev->tx.tx_skb_queue); + ath9k_skb_queue_purge(&hif_dev->tx.tx_skb_queue); hif_dev->tx.tx_skb_cnt = 0; hif_dev->tx.flags |= HIF_USB_TX_STOP; spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);