[v2,1/2] rt2x00usb: fix rx queue hang

Message ID	20190701105314.9707-1-smoch@web.de (mailing list archive)
State	Accepted
Commit	41a531ffa4c5aeb062f892227c00fabb3b4a9c91
Delegated to:	Kalle Valo
Headers	show Return-Path: <linux-wireless-owner@kernel.org> From: Soeren Moch <smoch@web.de> To: Stanislaw Gruszka <sgruszka@redhat.com> Cc: Soeren Moch <smoch@web.de>, stable@vger.kernel.org, Helmut Schaa <helmut.schaa@googlemail.com>, Kalle Valo <kvalo@codeaurora.org>, "David S. Miller" <davem@davemloft.net>, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 1/2] rt2x00usb: fix rx queue hang Date: Mon, 1 Jul 2019 12:53:13 +0200 Message-Id: <20190701105314.9707-1-smoch@web.de> Content-Transfer-Encoding: quoted-printable Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk
Series	[v2,1/2] rt2x00usb: fix rx queue hang \| expand [v2,1/2] rt2x00usb: fix rx queue hang [v2,2/2] rt2x00usb: remove unnecessary rx flag checks

Message ID

20190701105314.9707-1-smoch@web.de (mailing list archive)

State

Accepted

Commit

41a531ffa4c5aeb062f892227c00fabb3b4a9c91

Delegated to:

Kalle Valo

Headers

show

Return-Path: <linux-wireless-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E5DC6112C
	for <patchwork-linux-wireless@patchwork.kernel.org>;
 Mon,  1 Jul 2019 10:54:18 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D8FAA285EC
	for <patchwork-linux-wireless@patchwork.kernel.org>;
 Mon,  1 Jul 2019 10:54:18 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id C9D6A2864F; Mon,  1 Jul 2019 10:54:18 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 58469285EC
	for <patchwork-linux-wireless@patchwork.kernel.org>;
 Mon,  1 Jul 2019 10:54:18 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728032AbfGAKyN (ORCPT
        <rfc822;patchwork-linux-wireless@patchwork.kernel.org>);
        Mon, 1 Jul 2019 06:54:13 -0400
Received: from mout.web.de ([212.227.17.12]:54309 "EHLO mout.web.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727748AbfGAKyM (ORCPT <rfc822;linux-wireless@vger.kernel.org>);
        Mon, 1 Jul 2019 06:54:12 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de;
        s=dbaedf251592; t=1561978413;
        bh=9QwErlRZh+JV5gna2Uztd7nQg7/e3OjouvCwXsnc3aA=;
        h=X-UI-Sender-Class:From:To:Cc:Subject:Date;
        b=UxO7E9rgJEdJxnEEoMyOc9JjomVwWoHDlFFYA9TW6ARbg/23fD7PNnD02/FCqswJc
         ++k+H/R7ChBMrI7+MbXsUUMOpDSam0oaZQ8hy4OIeycujlDrYSaJNKIaw12tDFWgv1
         wrLvPJ9PkEpcae7P4BE2acJiwFMEZdCYNsQr+mMQ=
X-UI-Sender-Class: c548c8c5-30a9-4db5-a2e7-cb6cb037b8f9
Received: from platinum.localdomain ([77.13.129.177]) by smtp.web.de (mrweb102
 [213.165.67.124]) with ESMTPSA (Nemesis) id 0MhUbO-1hvb4g3iBG-00MdMP; Mon, 01
 Jul 2019 12:53:33 +0200
From: Soeren Moch <smoch@web.de>
To: Stanislaw Gruszka <sgruszka@redhat.com>
Cc: Soeren Moch <smoch@web.de>, stable@vger.kernel.org,
        Helmut Schaa <helmut.schaa@googlemail.com>,
        Kalle Valo <kvalo@codeaurora.org>,
        "David S. Miller" <davem@davemloft.net>,
        linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH v2 1/2] rt2x00usb: fix rx queue hang
Date: Mon,  1 Jul 2019 12:53:13 +0200
Message-Id: <20190701105314.9707-1-smoch@web.de>
X-Mailer: git-send-email 2.17.1
X-Provags-ID: V03:K1:viXei3FjGw3mDh1/8pWh2EeoS3tIgkTWKIkpwYPI9ffckp7S9gA
 qf72dLxuNvDkJIRmNRO2VZi6NgCAa/ZZcKQgBahvRdJJgrDVcHUo1y30He9O2bwLMbSToev
 YJ3Qs1pMjE3BbyCu6S+knwGwb5q2BP+rs6WBdmfStHZ/5guSCrkUOKtqnSHiYnDQuncAwFX
 kZ4zq4ch7nObcxAfaqrFg==
X-UI-Out-Filterresults: notjunk:1;V03:K0:yn3Fskms/pk=:K+xu3zWN3SlAshSCo3qqJx
 M2iTczv+w8lZxC0iziu2Kmyt+SMIvHLLLedRm9M4ikRv3xuGT7vdj5ZBzORow6KZXTAsZirl6
 Fo3asvNvJxT7dvD15qM8XqYisvu/P1ezCEpWd+7cXVneduawxrzP8Dgwm4CZFKIxjsmjdpk2r
 aO/3W/f0qZPa6C5HgNilSWFvibLJmYIOf6KUSg0tl2udsaeIcEh2Zk8rEgknKq2FF2JUGbmMG
 yQgMGiSQ1IAI0TUPXEd885H91SWHdIkmpPXFxeyKW/1IpEfdQi5FC54UNA0+QvrhA4kcbFXN6
 NB1tqGCXm1sqv+mlkM3U8ixG7raQKiWdFGhQlToqlFxae6qa8b0XfWVU9QpxNxBJOWcBbWbRf
 RHw0s4UZzGl1Pnl5OiwOQdXMRj2vAv1EOCW3/BAnWoN41HmSPVh/Y7R7GeyqE5max7Dmulu86
 X22feKNnOMXDiIl41om/OhKxxl1YYzAkgeUTALF7oD6dNdSFGKQs7Hyfum2Mtu0R3Km96vSkv
 7bZRQUyj/7AQY4UCmHsbRoBVz3DuLqmPhXbJSzzW598RaMwpE9BrJjKC0RZ7OY4mKGkMfGycj
 xGY7RX20puu19mem60gb6zFD1bmOelrdIApA6IzEwE0nCOwzSd/m+ap9p5lEPv26UymIctpup
 EHlrYPF3kXmG719jG4tKrpsloLmIHuKuYHsJ21bOz/w16je/xxQSUphhYZzyiZVFnZZOpRfwr
 xDr1o/iW5qmpXS+YVPJ7BdVNOVKdEmd5FN5pnPnIDesMa5lzXbyTM7pt26xa0gAAM0E6U9JPi
 hrrl9hInSnetourhPW6jlpF1vEI0eRFEAfV2uARARH4f7hSAUxwFdnY1zhQ00gXDnRK/9C04i
 zajxlrm8aEpKvNStZTvhWA+PJHqgWgNXppQPuvoywM3yDey2QJJlB5K8quOKL/59w+aBnINHN
 W0lMbTtcnXotD5STkqYq899ZnlbfQHyrVzLt6PD/AByktOe2uKebFKW6dlZWkvSxzybGU6Ww/
 gxlcJkED6OviZCHN3O+pu9my8TGRC2AtlPyaOWTywhR1skckcL4ScpiEHSws530fJg==
Content-Transfer-Encoding: quoted-printable
Sender: linux-wireless-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Series

[v2,1/2] rt2x00usb: fix rx queue hang | expand

Commit Message

Soeren Moch July 1, 2019, 10:53 a.m. UTC

Since commit ed194d136769 ("usb: core: remove local_irq_save() around
 ->complete() handler") the handler rt2x00usb_interrupt_rxdone() is
not running with interrupts disabled anymore. So this completion handler
is not guaranteed to run completely before workqueue processing starts
for the same queue entry.
Be sure to set all other flags in the entry correctly before marking
this entry ready for workqueue processing. This way we cannot miss error
conditions that need to be signalled from the completion handler to the
worker thread.
Note that rt2x00usb_work_rxdone() processes all available entries, not
only such for which queue_work() was called.

This patch is similar to what commit df71c9cfceea ("rt2x00: fix order
of entry flags modification") did for TX processing.

This fixes a regression on a RT5370 based wifi stick in AP mode, which
suddenly stopped data transmission after some period of heavy load. Also
stopping the hanging hostapd resulted in the error message "ieee80211
phy0: rt2x00queue_flush_queue: Warning - Queue 14 failed to flush".
Other operation modes are probably affected as well, this just was
the used testcase.

Fixes: ed194d136769 ("usb: core: remove local_irq_save() around ->complete() handler")
Cc: stable@vger.kernel.org # 4.20+
Signed-off-by: Soeren Moch <smoch@web.de>
---
Changes in v2:
 complete rework

Cc: Stanislaw Gruszka <sgruszka@redhat.com>
Cc: Helmut Schaa <helmut.schaa@googlemail.com>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
---
 drivers/net/wireless/ralink/rt2x00/rt2x00usb.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

--
2.17.1

Comments

Stanislaw Gruszka July 1, 2019, 11:07 a.m. UTC | #1

On Mon, Jul 01, 2019 at 12:53:13PM +0200, Soeren Moch wrote:
> Since commit ed194d136769 ("usb: core: remove local_irq_save() around
>  ->complete() handler") the handler rt2x00usb_interrupt_rxdone() is
> not running with interrupts disabled anymore. So this completion handler
> is not guaranteed to run completely before workqueue processing starts
> for the same queue entry.
> Be sure to set all other flags in the entry correctly before marking
> this entry ready for workqueue processing. This way we cannot miss error
> conditions that need to be signalled from the completion handler to the
> worker thread.
> Note that rt2x00usb_work_rxdone() processes all available entries, not
> only such for which queue_work() was called.
> 
> This patch is similar to what commit df71c9cfceea ("rt2x00: fix order
> of entry flags modification") did for TX processing.
> 
> This fixes a regression on a RT5370 based wifi stick in AP mode, which
> suddenly stopped data transmission after some period of heavy load. Also
> stopping the hanging hostapd resulted in the error message "ieee80211
> phy0: rt2x00queue_flush_queue: Warning - Queue 14 failed to flush".
> Other operation modes are probably affected as well, this just was
> the used testcase.
> 
> Fixes: ed194d136769 ("usb: core: remove local_irq_save() around ->complete() handler")
> Cc: stable@vger.kernel.org # 4.20+
> Signed-off-by: Soeren Moch <smoch@web.de>

Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>

Kalle Valo July 15, 2019, 8:48 a.m. UTC | #2

Soeren Moch <smoch@web.de> writes:

> Since commit ed194d136769 ("usb: core: remove local_irq_save() around
>  ->complete() handler") the handler rt2x00usb_interrupt_rxdone() is
> not running with interrupts disabled anymore. So this completion handler
> is not guaranteed to run completely before workqueue processing starts
> for the same queue entry.
> Be sure to set all other flags in the entry correctly before marking
> this entry ready for workqueue processing. This way we cannot miss error
> conditions that need to be signalled from the completion handler to the
> worker thread.
> Note that rt2x00usb_work_rxdone() processes all available entries, not
> only such for which queue_work() was called.
>
> This patch is similar to what commit df71c9cfceea ("rt2x00: fix order
> of entry flags modification") did for TX processing.
>
> This fixes a regression on a RT5370 based wifi stick in AP mode, which
> suddenly stopped data transmission after some period of heavy load. Also
> stopping the hanging hostapd resulted in the error message "ieee80211
> phy0: rt2x00queue_flush_queue: Warning - Queue 14 failed to flush".
> Other operation modes are probably affected as well, this just was
> the used testcase.
>
> Fixes: ed194d136769 ("usb: core: remove local_irq_save() around ->complete() handler")
> Cc: stable@vger.kernel.org # 4.20+
> Signed-off-by: Soeren Moch <smoch@web.de>

I'll queue this for v5.3.

Soeren Moch July 15, 2019, 1:33 p.m. UTC | #3

On 15.07.19 10:48, Kalle Valo wrote:
> Soeren Moch <smoch@web.de> writes:
>
>> Since commit ed194d136769 ("usb: core: remove local_irq_save() around
>>  ->complete() handler") the handler rt2x00usb_interrupt_rxdone() is
>> not running with interrupts disabled anymore. So this completion handler
>> is not guaranteed to run completely before workqueue processing starts
>> for the same queue entry.
>> Be sure to set all other flags in the entry correctly before marking
>> this entry ready for workqueue processing. This way we cannot miss error
>> conditions that need to be signalled from the completion handler to the
>> worker thread.
>> Note that rt2x00usb_work_rxdone() processes all available entries, not
>> only such for which queue_work() was called.
>>
>> This patch is similar to what commit df71c9cfceea ("rt2x00: fix order
>> of entry flags modification") did for TX processing.
>>
>> This fixes a regression on a RT5370 based wifi stick in AP mode, which
>> suddenly stopped data transmission after some period of heavy load. Also
>> stopping the hanging hostapd resulted in the error message "ieee80211
>> phy0: rt2x00queue_flush_queue: Warning - Queue 14 failed to flush".
>> Other operation modes are probably affected as well, this just was
>> the used testcase.
>>
>> Fixes: ed194d136769 ("usb: core: remove local_irq_save() around ->complete() handler")
>> Cc: stable@vger.kernel.org # 4.20+
>> Signed-off-by: Soeren Moch <smoch@web.de>
> I'll queue this for v5.3.
>
OK, thanks,
Soeren

Kalle Valo July 15, 2019, 5:53 p.m. UTC | #4

Soeren Moch <smoch@web.de> wrote:

> Since commit ed194d136769 ("usb: core: remove local_irq_save() around
>  ->complete() handler") the handler rt2x00usb_interrupt_rxdone() is
> not running with interrupts disabled anymore. So this completion handler
> is not guaranteed to run completely before workqueue processing starts
> for the same queue entry.
> Be sure to set all other flags in the entry correctly before marking
> this entry ready for workqueue processing. This way we cannot miss error
> conditions that need to be signalled from the completion handler to the
> worker thread.
> Note that rt2x00usb_work_rxdone() processes all available entries, not
> only such for which queue_work() was called.
> 
> This patch is similar to what commit df71c9cfceea ("rt2x00: fix order
> of entry flags modification") did for TX processing.
> 
> This fixes a regression on a RT5370 based wifi stick in AP mode, which
> suddenly stopped data transmission after some period of heavy load. Also
> stopping the hanging hostapd resulted in the error message "ieee80211
> phy0: rt2x00queue_flush_queue: Warning - Queue 14 failed to flush".
> Other operation modes are probably affected as well, this just was
> the used testcase.
> 
> Fixes: ed194d136769 ("usb: core: remove local_irq_save() around ->complete() handler")
> Cc: stable@vger.kernel.org # 4.20+
> Signed-off-by: Soeren Moch <smoch@web.de>
> Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>

Patch applied to wireless-drivers.git, thanks.

41a531ffa4c5 rt2x00usb: fix rx queue hang

diff --git a/drivers/net/wireless/ralink/rt2x00/rt2x00usb.c b/drivers/net/wireless/ralink/rt2x00/rt2x00usb.c
index 67b81c7221c4..7e3a621b9c0d 100644
--- a/drivers/net/wireless/ralink/rt2x00/rt2x00usb.c
+++ b/drivers/net/wireless/ralink/rt2x00/rt2x00usb.c
@@ -372,14 +372,9 @@  static void rt2x00usb_interrupt_rxdone(struct urb *urb)
 	struct queue_entry *entry = (struct queue_entry *)urb->context;
 	struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;

-	if (!test_and_clear_bit(ENTRY_OWNER_DEVICE_DATA, &entry->flags))
+	if (!test_bit(ENTRY_OWNER_DEVICE_DATA, &entry->flags))
 		return;

-	/*
-	 * Report the frame as DMA done
-	 */
-	rt2x00lib_dmadone(entry);
-
 	/*
 	 * Check if the received data is simply too small
 	 * to be actually valid, or if the urb is signaling
@@ -388,6 +383,11 @@  static void rt2x00usb_interrupt_rxdone(struct urb *urb)
 	if (urb->actual_length < entry->queue->desc_size || urb->status)
 		set_bit(ENTRY_DATA_IO_FAILED, &entry->flags);

+	/*
+	 * Report the frame as DMA done
+	 */
+	rt2x00lib_dmadone(entry);
+
 	/*
 	 * Schedule the delayed work for reading the RX status
 	 * from the device.