Rajkumar Manoharan <rmanohar@xxxxxxxxxxxxxx> writes:
> On 2018-10-02 01:22, Toke Høiland-Jørgensen wrote:
>> Rajkumar Manoharan <rmanohar@xxxxxxxxxxxxxx> writes:
>>
>>>> Great! I'll fold in the rest, test it with ath9k and submit as a
>>>> proper
>>>> patch :)
>>>>
>>> Toke,
>>>
>>> I noticed a race condition b/w sta cleanup and kick_airtime tasklet.
>>> How do you plan to exit kick_airtime gracefully during sta_cleanup?
>>
>> Ah, right, there's a lot of stuff going on before we get to purge_txq.
>> Hmm, I guess we should either make sure we remove the station from
>> active_txqs earlier in the sta cleanup process, or maybe it'd enough to
>> just check the removed flag in the tasklet?
>>
>> Does the below patch fix the issue?
>>
>
> No. Attaching backtrace. Any clue?
Ah, that's my bad. Just having a 'continue' there can make the function
loop forever. Oops. Try something like this instead?
-Toke
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index eb77cf588d69..b30a4fac1d60 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -258,6 +258,9 @@ static void __ieee80211_kick_airtime(struct ieee80211_local *local, int ac)
sta = container_of(txqi->txq.sta, struct sta_info, sta);
+ if (sta->removed)
+ goto out_reschedule;
+
if (sta->airtime[ac].deficit >= 0) {
seen_eligible = true;
@@ -288,7 +291,13 @@ static void __ieee80211_kick_airtime(struct ieee80211_local *local, int ac)
}
out:
rcu_read_unlock();
spin_unlock_bh(&local->active_txq_lock[ac]);
+ return;
+
+ out_reschedule:
+ rcu_read_unlock();
+ spin_unlock_bh(&local->active_txq_lock[ac]);
+ tasklet_schedule(&local->airtime_tasklet);
}
void ieee80211_kick_airtime(unsigned long data)
