1. Patchew
  2. linux
  3. [PATCH net 0/3] Fixes for tc-taprio software mode
  4. View patch

[PATCH net 3/3] net/sched: taprio: dereference oper and admin sched under RCU in taprio_destroy

Vladimir Oltean posted 3 patches 3 years, 6 months ago
There is a newer version of this series
[PATCH net 3/3] net/sched: taprio: dereference oper and admin sched under RCU in taprio_destroy
Posted by Vladimir Oltean 3 years, 6 months ago 
Sparse complains that taprio_destroy() dereferences q->oper_sched and
q->admin_sched without rcu_dereference(), since they are marked as __rcu
in the taprio private structure.

1671:28: warning: incorrect type in argument 1 (different address spaces)
1671:28:    expected struct callback_head *head
1671:28:    got struct callback_head [noderef] __rcu *
1674:28: warning: incorrect type in argument 1 (different address spaces)
1674:28:    expected struct callback_head *head
1674:28:    got struct callback_head [noderef] __rcu *

To silence that build warning, do actually use rcu_dereference().
It would have been good if we had a writer-side lock to be able to use
rcu_dereference_protected(), but even the writer side taprio_change()
uses rcu_dereference() on these, only to close the critical section
immediately afterwards (and still keep using the variables).

Fixes: a3d43c0d56f1 ("taprio: Add support adding an admin schedule")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
---
 net/sched/sch_taprio.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/net/sched/sch_taprio.c b/net/sched/sch_taprio.c
index 5bffc37022e0..fbf84404408f 100644
--- a/net/sched/sch_taprio.c
+++ b/net/sched/sch_taprio.c
@@ -1644,6 +1644,7 @@ static void taprio_destroy(struct Qdisc *sch)
 {
 	struct taprio_sched *q = qdisc_priv(sch);
 	struct net_device *dev = qdisc_dev(sch);
+	struct sched_gate_list *oper, *admin;
 	unsigned int i;
 
 	spin_lock(&taprio_list_lock);
@@ -1667,11 +1668,18 @@ static void taprio_destroy(struct Qdisc *sch)
 
 	netdev_reset_tc(dev);
 
-	if (q->oper_sched)
-		call_rcu(&q->oper_sched->rcu, taprio_free_sched_cb);
+	rcu_read_lock();
+
+	oper = rcu_dereference(q->oper_sched);
+	admin = rcu_dereference(q->admin_sched);
+
+	if (oper)
+		call_rcu(&oper->rcu, taprio_free_sched_cb);
 
-	if (q->admin_sched)
-		call_rcu(&q->admin_sched->rcu, taprio_free_sched_cb);
+	if (admin)
+		call_rcu(&admin->rcu, taprio_free_sched_cb);
+
+	rcu_read_unlock();
 }
 
 static int taprio_init(struct Qdisc *sch, struct nlattr *opt,
-- 
2.34.1
Re: [PATCH net 3/3] net/sched: taprio: dereference oper and admin sched under RCU in taprio_destroy
Posted by Vladimir Oltean 3 years, 6 months ago 
On Wed, Sep 14, 2022 at 05:34:39PM +0300, Vladimir Oltean wrote:
> -	if (q->oper_sched)
> -		call_rcu(&q->oper_sched->rcu, taprio_free_sched_cb);
> +	rcu_read_lock();
> +
> +	oper = rcu_dereference(q->oper_sched);
> +	admin = rcu_dereference(q->admin_sched);
> +
> +	if (oper)
> +		call_rcu(&oper->rcu, taprio_free_sched_cb);
>  
> -	if (q->admin_sched)
> -		call_rcu(&q->admin_sched->rcu, taprio_free_sched_cb);
> +	if (admin)
> +		call_rcu(&admin->rcu, taprio_free_sched_cb);
> +
> +	rcu_read_unlock();
>  }

I decided to code up this patch at the last minute, since the sparse
warning was bugging me. But after more testing (including with lockdep,
which says absolutely nothing), I notice some RCU stalls after this
patch. It looks like call_rcu() really doesn't like to be called under
rcu_read_lock(). Please discard this patch set from patchwork, I'll
resend when things will work properly.

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.