From ba24d63dd3748bae134365e3bcfd9c13b4e3c3e4 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ville=20Syrj=C3=A4l=C3=A4?= Date: Mon, 18 Sep 2017 22:59:19 +0300 Subject: [PATCH] ath9k: Avoid a potential deadlock MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Lockdep warns us that sc_pm_lock and cc_lock can cause a deadlock when cc_lock is acquired by itself with interrupts enabled. Disable irqs whenever taking cc_lock to avoid this. [ 19.094524] kworker/u2:0/5 just changed the state of lock: [ 19.094578] (&(&sc->sc_pm_lock)->rlock){-.-...}, at: [] ath_isr+0x15e/0x200 [ath9k] [ 19.094674] but this lock took another, HARDIRQ-unsafe lock in the past: [ 19.094731] (&(&common->cc_lock)->rlock){+.-...} [ 19.094741] and interrupts could create inverse lock ordering between them. [ 19.094866] other info that might help us debug this: [ 19.094926] Possible interrupt unsafe locking scenario: [ 19.094985] CPU0 CPU1 [ 19.095036] ---- ---- [ 19.095086] lock(&(&common->cc_lock)->rlock); [ 19.095197] local_irq_disable(); [ 19.095305] lock(&(&sc->sc_pm_lock)->rlock); [ 19.095423] lock(&(&common->cc_lock)->rlock); [ 19.095539] [ 19.095636] lock(&(&sc->sc_pm_lock)->rlock); [ 19.095745] *** DEADLOCK *** [ 19.095965] 3 locks held by kworker/u2:0/5: [ 19.096067] #0: ("%s"wiphy_name(local->hw.wiphy)){.+.+.+}, at: [] process_one_work+0x127/0x580 [ 19.096260] #1: ((&local->dynamic_ps_enable_work)){+.+...}, at: [] process_one_work+0x127/0x580 [ 19.096447] #2: (&sc->mutex){+.+...}, at: [] ath9k_config+0x30/0x1d0 [ath9k] [ 19.096639] the shortest dependencies between 2nd lock and 1st lock: [ 19.096813] -> (&(&common->cc_lock)->rlock){+.-...} ops: 38 { [ 19.096816] HARDIRQ-ON-W at: [ 19.096816] __lock_acquire+0x57e/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock_bh+0x3f/0x50 [ 19.096816] ath_chanctx_set_channel+0xb6/0x2c0 [ath9k] [ 19.096816] ath9k_config+0xa8/0x1d0 [ath9k] [ 19.096816] ieee80211_hw_config+0xa8/0x5f0 [mac80211] [ 19.096816] ieee80211_do_open+0x67a/0x920 [mac80211] [ 19.096816] ieee80211_open+0x41/0x50 [mac80211] [ 19.096816] __dev_open+0xab/0x140 [ 19.096816] __dev_change_flags+0x89/0x150 [ 19.096816] dev_change_flags+0x28/0x60 [ 19.096816] do_setlink+0x290/0x890 [ 19.096816] rtnl_newlink+0x7cf/0x8e0 [ 19.096816] rtnetlink_rcv_msg+0xbf/0x1f0 [ 19.096816] netlink_rcv_skb+0xb9/0xe0 [ 19.096816] rtnetlink_rcv+0x1e/0x30 [ 19.096816] netlink_unicast+0x13a/0x2c0 [ 19.096816] netlink_sendmsg+0x290/0x380 [ 19.096816] ___sys_sendmsg+0x1e2/0x280 [ 19.096816] __sys_sendmsg+0x3f/0x80 [ 19.096816] SyS_socketcall+0x58c/0x6b0 [ 19.096816] do_fast_syscall_32+0x96/0x1d0 [ 19.096816] entry_SYSENTER_32+0x4c/0x7b [ 19.096816] IN-SOFTIRQ-W at: [ 19.096816] __lock_acquire+0x55a/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock+0x3c/0x50 [ 19.096816] ath_ps_full_sleep+0x24/0x70 [ath9k] [ 19.096816] call_timer_fn+0xa4/0x300 [ 19.096816] run_timer_softirq+0x1b1/0x560 [ 19.096816] __do_softirq+0xb0/0x430 [ 19.096816] do_softirq_own_stack+0x33/0x40 [ 19.096816] irq_exit+0xad/0xc0 [ 19.096816] smp_apic_timer_interrupt+0x31/0x40 [ 19.096816] apic_timer_interrupt+0x37/0x3c [ 19.096816] wp_page_copy+0xb8/0x580 [ 19.096816] do_wp_page+0x64/0x420 [ 19.096816] handle_mm_fault+0x430/0x990 [ 19.096816] __do_page_fault+0x18b/0x430 [ 19.096816] do_page_fault+0xb/0x10 [ 19.096816] common_exception+0x62/0x6a [ 19.096816] INITIAL USE at: [ 19.096816] __lock_acquire+0x204/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock_bh+0x3f/0x50 [ 19.096816] ath_chanctx_set_channel+0xb6/0x2c0 [ath9k] [ 19.096816] ath9k_config+0xa8/0x1d0 [ath9k] [ 19.096816] ieee80211_hw_config+0xa8/0x5f0 [mac80211] [ 19.096816] ieee80211_do_open+0x67a/0x920 [mac80211] [ 19.096816] ieee80211_open+0x41/0x50 [mac80211] [ 19.096816] __dev_open+0xab/0x140 [ 19.096816] __dev_change_flags+0x89/0x150 [ 19.096816] dev_change_flags+0x28/0x60 [ 19.096816] do_setlink+0x290/0x890 [ 19.096816] rtnl_newlink+0x7cf/0x8e0 [ 19.096816] rtnetlink_rcv_msg+0xbf/0x1f0 [ 19.096816] netlink_rcv_skb+0xb9/0xe0 [ 19.096816] rtnetlink_rcv+0x1e/0x30 [ 19.096816] netlink_unicast+0x13a/0x2c0 [ 19.096816] netlink_sendmsg+0x290/0x380 [ 19.096816] ___sys_sendmsg+0x1e2/0x280 [ 19.096816] __sys_sendmsg+0x3f/0x80 [ 19.096816] SyS_socketcall+0x58c/0x6b0 [ 19.096816] do_fast_syscall_32+0x96/0x1d0 [ 19.096816] entry_SYSENTER_32+0x4c/0x7b [ 19.096816] } [ 19.096816] ... key at: [] __key.61991+0x0/0xffffc96c [ath9k] [ 19.096816] ... acquired at: [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock+0x3c/0x50 [ 19.096816] ath9k_ps_wakeup+0x85/0xe0 [ath9k] [ 19.096816] ath9k_bss_info_changed+0x2a/0x1b0 [ath9k] [ 19.096816] ieee80211_bss_info_change_notify+0xf3/0x360 [mac80211] [ 19.096816] ieee80211_recalc_txpower+0x33/0x40 [mac80211] [ 19.096816] ieee80211_set_tx_power+0x45/0x1d0 [mac80211] [ 19.096816] cfg80211_wext_siwtxpower+0xd3/0x350 [cfg80211] [ 19.096816] ioctl_standard_call+0x4e/0x400 [ 19.096816] wext_handle_ioctl+0xf4/0x190 [ 19.096816] dev_ioctl+0xb7/0x630 [ 19.096816] sock_ioctl+0x13e/0x2d0 [ 19.096816] do_vfs_ioctl+0x84/0x750 [ 19.096816] SyS_ioctl+0x34/0x60 [ 19.096816] do_fast_syscall_32+0x96/0x1d0 [ 19.096816] entry_SYSENTER_32+0x4c/0x7b [ 19.096816] -> (&(&sc->sc_pm_lock)->rlock){-.-...} ops: 597 { [ 19.096816] IN-HARDIRQ-W at: [ 19.096816] __lock_acquire+0x6ae/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock_irqsave+0x45/0x60 [ 19.096816] ath_isr+0x15e/0x200 [ath9k] [ 19.096816] __handle_irq_event_percpu+0x44/0x340 [ 19.096816] handle_irq_event_percpu+0x1d/0x50 [ 19.096816] handle_irq_event+0x32/0x60 [ 19.096816] handle_level_irq+0x81/0x100 [ 19.096816] handle_irq+0x9c/0xd0 [ 19.096816] do_IRQ+0x5c/0x120 [ 19.096816] common_interrupt+0x36/0x3c [ 19.096816] _raw_spin_unlock_irqrestore+0x57/0x70 [ 19.096816] ath9k_config+0x16a/0x1d0 [ath9k] [ 19.096816] ieee80211_hw_config+0xa8/0x5f0 [mac80211] [ 19.096816] ieee80211_dynamic_ps_enable_work+0x1c3/0x680 [mac80211] [ 19.096816] process_one_work+0x1d1/0x580 [ 19.096816] worker_thread+0x31/0x380 [ 19.096816] kthread+0xd9/0x110 [ 19.096816] ret_from_fork+0x19/0x24 [ 19.096816] IN-SOFTIRQ-W at: [ 19.096816] __lock_acquire+0x55a/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock_irqsave+0x45/0x60 [ 19.096816] ath9k_ps_wakeup+0x24/0xe0 [ath9k] [ 19.096816] ath9k_tasklet+0x42/0x260 [ath9k] [ 19.096816] tasklet_action+0x196/0x1e0 [ 19.096816] __do_softirq+0xb0/0x430 [ 19.096816] do_softirq_own_stack+0x33/0x40 [ 19.096816] irq_exit+0xad/0xc0 [ 19.096816] do_IRQ+0x65/0x120 [ 19.096816] common_interrupt+0x36/0x3c [ 19.096816] get_page_from_freelist+0x20a/0x970 [ 19.096816] __alloc_pages_nodemask+0xca/0xed0 [ 19.096816] __get_free_pages+0x14/0x30 [ 19.096816] pgd_alloc+0x1d/0x160 [ 19.096816] mm_init.isra.47+0x13a/0x1b0 [ 19.096816] copy_process.part.54+0xb55/0x1700 [ 19.096816] _do_fork+0xd4/0x6a0 [ 19.096816] SyS_clone+0x27/0x30 [ 19.096816] do_fast_syscall_32+0x96/0x1d0 [ 19.096816] entry_SYSENTER_32+0x4c/0x7b [ 19.096816] INITIAL USE at: [ 19.096816] __lock_acquire+0x204/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock_irqsave+0x45/0x60 [ 19.096816] ath9k_ps_wakeup+0x24/0xe0 [ath9k] [ 19.096816] ath9k_start+0x29/0x1f0 [ath9k] [ 19.096816] drv_start+0x71/0x270 [mac80211] [ 19.096816] ieee80211_do_open+0x31f/0x920 [mac80211] [ 19.096816] ieee80211_open+0x41/0x50 [mac80211] [ 19.096816] __dev_open+0xab/0x140 [ 19.096816] __dev_change_flags+0x89/0x150 [ 19.096816] dev_change_flags+0x28/0x60 [ 19.096816] do_setlink+0x290/0x890 [ 19.096816] rtnl_newlink+0x7cf/0x8e0 [ 19.096816] rtnetlink_rcv_msg+0xbf/0x1f0 [ 19.096816] netlink_rcv_skb+0xb9/0xe0 [ 19.096816] rtnetlink_rcv+0x1e/0x30 [ 19.096816] netlink_unicast+0x13a/0x2c0 [ 19.096816] netlink_sendmsg+0x290/0x380 [ 19.096816] ___sys_sendmsg+0x1e2/0x280 [ 19.096816] __sys_sendmsg+0x3f/0x80 [ 19.096816] SyS_socketcall+0x58c/0x6b0 [ 19.096816] do_fast_syscall_32+0x96/0x1d0 [ 19.096816] entry_SYSENTER_32+0x4c/0x7b [ 19.096816] } [ 19.096816] ... key at: [] __key.61994+0x0/0xffffc984 [ath9k] [ 19.096816] ... acquired at: [ 19.096816] check_usage_forwards+0x118/0x120 [ 19.096816] mark_lock+0x2e4/0x590 [ 19.096816] __lock_acquire+0x6ae/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] _raw_spin_lock_irqsave+0x45/0x60 [ 19.096816] ath_isr+0x15e/0x200 [ath9k] [ 19.096816] __handle_irq_event_percpu+0x44/0x340 [ 19.096816] handle_irq_event_percpu+0x1d/0x50 [ 19.096816] handle_irq_event+0x32/0x60 [ 19.096816] handle_level_irq+0x81/0x100 [ 19.096816] handle_irq+0x9c/0xd0 [ 19.096816] do_IRQ+0x5c/0x120 [ 19.096816] common_interrupt+0x36/0x3c [ 19.096816] _raw_spin_unlock_irqrestore+0x57/0x70 [ 19.096816] ath9k_config+0x16a/0x1d0 [ath9k] [ 19.096816] ieee80211_hw_config+0xa8/0x5f0 [mac80211] [ 19.096816] ieee80211_dynamic_ps_enable_work+0x1c3/0x680 [mac80211] [ 19.096816] process_one_work+0x1d1/0x580 [ 19.096816] worker_thread+0x31/0x380 [ 19.096816] kthread+0xd9/0x110 [ 19.096816] ret_from_fork+0x19/0x24 [ 19.096816] stack backtrace: [ 19.096816] CPU: 0 PID: 5 Comm: kworker/u2:0 Not tainted 4.13.0-mgm-ovl+ #51 [ 19.096816] Hardware name: FUJITSU SIEMENS LIFEBOOK S6120/FJNB16C, BIOS Version 1.26 05/10/2004 [ 19.096816] Workqueue: phy0 ieee80211_dynamic_ps_enable_work [mac80211] [ 19.096816] Call Trace: [ 19.096816] [ 19.096816] dump_stack+0x16/0x19 [ 19.096816] print_irq_inversion_bug.part.37+0x16c/0x179 [ 19.096816] check_usage_forwards+0x118/0x120 [ 19.096816] ? ret_from_fork+0x19/0x24 [ 19.096816] ? print_shortest_lock_dependencies+0x1a0/0x1a0 [ 19.096816] mark_lock+0x2e4/0x590 [ 19.096816] ? print_shortest_lock_dependencies+0x1a0/0x1a0 [ 19.096816] __lock_acquire+0x6ae/0x1260 [ 19.096816] lock_acquire+0xb1/0x1c0 [ 19.096816] ? ath_isr+0x15e/0x200 [ath9k] [ 19.096816] _raw_spin_lock_irqsave+0x45/0x60 [ 19.096816] ? ath_isr+0x15e/0x200 [ath9k] [ 19.096816] ath_isr+0x15e/0x200 [ath9k] [ 19.096816] __handle_irq_event_percpu+0x44/0x340 [ 19.096816] handle_irq_event_percpu+0x1d/0x50 [ 19.096816] handle_irq_event+0x32/0x60 [ 19.096816] ? handle_nested_irq+0x100/0x100 [ 19.096816] handle_level_irq+0x81/0x100 [ 19.096816] handle_irq+0x9c/0xd0 [ 19.096816] [ 19.096816] do_IRQ+0x5c/0x120 [ 19.096816] common_interrupt+0x36/0x3c [ 19.096816] EIP: _raw_spin_unlock_irqrestore+0x57/0x70 [ 19.096816] EFLAGS: 00000286 CPU: 0 [ 19.096816] EAX: f60a3600 EBX: 00000286 ECX: 00000006 EDX: 00000001 [ 19.096816] ESI: f46c9e68 EDI: f46c8620 EBP: f60b5e8c ESP: f60b5e84 [ 19.096816] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 [ 19.096816] ath9k_config+0x16a/0x1d0 [ath9k] [ 19.096816] ieee80211_hw_config+0xa8/0x5f0 [mac80211] [ 19.096816] ? ieee80211_hw_config+0x1db/0x5f0 [mac80211] [ 19.096816] ieee80211_dynamic_ps_enable_work+0x1c3/0x680 [mac80211] [ 19.096816] ? process_one_work+0x127/0x580 [ 19.096816] ? process_one_work+0x127/0x580 [ 19.096816] process_one_work+0x1d1/0x580 [ 19.096816] ? process_one_work+0x127/0x580 [ 19.096816] worker_thread+0x31/0x380 [ 19.096816] kthread+0xd9/0x110 [ 19.096816] ? process_one_work+0x580/0x580 [ 19.096816] ? kthread_create_on_node+0x30/0x30 [ 19.096816] ret_from_fork+0x19/0x24 Cc: QCA ath9k Development Cc: Kalle Valo Cc: netdev@vger.kernel.org Signed-off-by: Ville Syrjälä Signed-off-by: Kalle Valo --- drivers/net/wireless/ath/ath9k/channel.c | 5 +++-- drivers/net/wireless/ath/ath9k/link.c | 4 ++-- drivers/net/wireless/ath/ath9k/main.c | 16 +++++++++------- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/drivers/net/wireless/ath/ath9k/channel.c b/drivers/net/wireless/ath/ath9k/channel.c index f0439f2d566b..fad020aa222e 100644 --- a/drivers/net/wireless/ath/ath9k/channel.c +++ b/drivers/net/wireless/ath/ath9k/channel.c @@ -29,6 +29,7 @@ static int ath_set_channel(struct ath_softc *sc) struct cfg80211_chan_def *chandef = &sc->cur_chan->chandef; struct ieee80211_channel *chan = chandef->chan; int pos = chan->hw_value; + unsigned long flags; int old_pos = -1; int r; @@ -42,9 +43,9 @@ static int ath_set_channel(struct ath_softc *sc) chan->center_freq, chandef->width); /* update survey stats for the old channel before switching */ - spin_lock_bh(&common->cc_lock); + spin_lock_irqsave(&common->cc_lock, flags); ath_update_survey_stats(sc); - spin_unlock_bh(&common->cc_lock); + spin_unlock_irqrestore(&common->cc_lock, flags); ath9k_cmn_get_channel(hw, ah, chandef); diff --git a/drivers/net/wireless/ath/ath9k/link.c b/drivers/net/wireless/ath/ath9k/link.c index 27c50562dc47..3f4f01c829f0 100644 --- a/drivers/net/wireless/ath/ath9k/link.c +++ b/drivers/net/wireless/ath/ath9k/link.c @@ -367,10 +367,10 @@ void ath_ani_calibrate(unsigned long data) /* Call ANI routine if necessary */ if (aniflag) { - spin_lock(&common->cc_lock); + spin_lock_irqsave(&common->cc_lock, flags); ath9k_hw_ani_monitor(ah, ah->curchan); ath_update_survey_stats(sc); - spin_unlock(&common->cc_lock); + spin_unlock_irqrestore(&common->cc_lock, flags); } /* Perform calibration if necessary */ diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c index 9c24bc077e6b..918773a9231b 100644 --- a/drivers/net/wireless/ath/ath9k/main.c +++ b/drivers/net/wireless/ath/ath9k/main.c @@ -97,11 +97,12 @@ void ath_ps_full_sleep(unsigned long data) { struct ath_softc *sc = (struct ath_softc *) data; struct ath_common *common = ath9k_hw_common(sc->sc_ah); + unsigned long flags; bool reset; - spin_lock(&common->cc_lock); + spin_lock_irqsave(&common->cc_lock, flags); ath_hw_cycle_counters_update(common); - spin_unlock(&common->cc_lock); + spin_unlock_irqrestore(&common->cc_lock, flags); ath9k_hw_setrxabort(sc->sc_ah, 1); ath9k_hw_stopdmarecv(sc->sc_ah, &reset); @@ -394,10 +395,10 @@ void ath9k_tasklet(unsigned long data) if ((ah->config.hw_hang_checks & HW_BB_WATCHDOG) && (status & ATH9K_INT_BB_WATCHDOG)) { - spin_lock(&common->cc_lock); + spin_lock_irqsave(&common->cc_lock, flags); ath_hw_cycle_counters_update(common); ar9003_hw_bb_watchdog_dbg_info(ah); - spin_unlock(&common->cc_lock); + spin_unlock_irqrestore(&common->cc_lock, flags); if (ar9003_hw_bb_watchdog_check(ah)) { type = RESET_TYPE_BB_WATCHDOG; @@ -1955,12 +1956,13 @@ static int ath9k_get_survey(struct ieee80211_hw *hw, int idx, struct ath_common *common = ath9k_hw_common(sc->sc_ah); struct ieee80211_supported_band *sband; struct ieee80211_channel *chan; + unsigned long flags; int pos; if (IS_ENABLED(CONFIG_ATH9K_TX99)) return -EOPNOTSUPP; - spin_lock_bh(&common->cc_lock); + spin_lock_irqsave(&common->cc_lock, flags); if (idx == 0) ath_update_survey_stats(sc); @@ -1974,7 +1976,7 @@ static int ath9k_get_survey(struct ieee80211_hw *hw, int idx, sband = hw->wiphy->bands[NL80211_BAND_5GHZ]; if (!sband || idx >= sband->n_channels) { - spin_unlock_bh(&common->cc_lock); + spin_unlock_irqrestore(&common->cc_lock, flags); return -ENOENT; } @@ -1982,7 +1984,7 @@ static int ath9k_get_survey(struct ieee80211_hw *hw, int idx, pos = chan->hw_value; memcpy(survey, &sc->survey[pos], sizeof(*survey)); survey->channel = chan; - spin_unlock_bh(&common->cc_lock); + spin_unlock_irqrestore(&common->cc_lock, flags); return 0; } -- 2.30.2