syzbot


possible deadlock in __flush_workqueue

Status: upstream: reported on 2024/01/17 10:03
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+da0a9c9721e36db712e8@syzkaller.appspotmail.com
Fix commit: 0d151a103775 Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-net-next-test-gce ci2-upstream-usb], missing on: [ci-qemu-native-arm64-kvm ci-qemu2-riscv64]
First crash: 188d, last: 3d19h
Discussions (11)
Title Replies (including bot) Last reply
[PATCH AUTOSEL 4.19 2/3] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:30
[PATCH AUTOSEL 5.4 5/7] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:30
[PATCH AUTOSEL 5.10 5/7] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:29
[PATCH AUTOSEL 5.15 5/9] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:29
[PATCH AUTOSEL 6.1 06/15] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:28
[PATCH AUTOSEL 6.6 06/18] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:26
[PATCH AUTOSEL 6.9 07/22] Bluetooth: hci_core: cancel all works upon hci_unregister_dev() 1 (1) 2024/07/16 14:24
[syzbot] Monthly bluetooth report (Jun 2024) 0 (1) 2024/06/10 11:56
[syzbot] Monthly bluetooth report (May 2024) 0 (1) 2024/05/10 08:47
[syzbot] Monthly bluetooth report (Mar 2024) 0 (1) 2024/03/06 22:08
[syzbot] [bluetooth?] possible deadlock in __flush_workqueue 0 (1) 2024/01/17 10:03
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in __flush_workqueue 134 6h25m 130d 0/3 upstream: reported on 2024/03/14 23:14

Sample crash report:
Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
Bluetooth: hci3: Injecting HCI hardware error event
Bluetooth: hci3: command 0x2016 tx timeout
Bluetooth: hci3: hardware error 0x00
============================================
WARNING: possible recursive locking detected
6.10.0-syzkaller-08676-g720261cfc732 #0 Not tainted
--------------------------------------------
kworker/u9:2/5098 is trying to acquire lock:
ffff88802d2a7948 ((wq_completion)hci3){+.+.}-{0:0}, at: touch_wq_lockdep_map kernel/workqueue.c:3876 [inline]
ffff88802d2a7948 ((wq_completion)hci3){+.+.}-{0:0}, at: __flush_workqueue+0x1b0/0x1710 kernel/workqueue.c:3918

but task is already holding lock:
ffff88802d2a7948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3206 [inline]
ffff88802d2a7948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3312

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock((wq_completion)hci3);
  lock((wq_completion)hci3);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

2 locks held by kworker/u9:2/5098:
 #0: ffff88802d2a7948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3206 [inline]
 #0: ffff88802d2a7948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3312
 #1: ffffc90008c87d00 ((work_completion)(&hdev->error_reset)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3207 [inline]
 #1: ffffc90008c87d00 ((work_completion)(&hdev->error_reset)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3312

stack backtrace:
CPU: 0 PID: 5098 Comm: kworker/u9:2 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Workqueue: hci3 hci_error_reset
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
 check_deadlock kernel/locking/lockdep.c:3061 [inline]
 validate_chain+0x15d3/0x5900 kernel/locking/lockdep.c:3855
 __lock_acquire+0x137a/0x2040 kernel/locking/lockdep.c:5142
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5759
 touch_wq_lockdep_map kernel/workqueue.c:3876 [inline]
 __flush_workqueue+0x1c9/0x1710 kernel/workqueue.c:3918
 drain_workqueue+0xc9/0x3a0 kernel/workqueue.c:4082
 destroy_workqueue+0xba/0xc40 kernel/workqueue.c:5781
 hci_release_dev+0x169/0x16b0 net/bluetooth/hci_core.c:2734
 bt_host_release+0x83/0x90 net/bluetooth/hci_sysfs.c:94
 device_release+0x9b/0x1c0
 kobject_cleanup lib/kobject.c:689 [inline]
 kobject_release lib/kobject.c:720 [inline]
 kref_put include/linux/kref.h:65 [inline]
 kobject_put+0x231/0x480 lib/kobject.c:737
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0xa2e/0x1830 kernel/workqueue.c:3312
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3390
 kthread+0x2f2/0x390 kernel/kthread.c:389
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Crashes (1445):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/19 15:23 upstream 720261cfc732 ee4e11c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/19 04:51 upstream 68b59730459e ee4e11c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/13 14:37 upstream 528dd46d0fc3 eaeb5c15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/11 22:19 upstream 9d9a2f29aefd c699c2eb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/10 18:17 upstream 34afb82a3c67 e7213be3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/10 18:05 upstream 34afb82a3c67 e7213be3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/09 02:26 upstream 4376e966ecb7 bc23a442 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/06 22:11 upstream 1dd28064d416 bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/05 04:06 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/05 03:01 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/05 00:40 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/04 23:28 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 21:04 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 20:45 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 17:48 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 16:06 upstream 795c58e4c7fc dc6bbff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 10:27 upstream 795c58e4c7fc 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/04 07:44 upstream 8a9c6c40432e 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 06:14 upstream 8a9c6c40432e 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/04 05:09 upstream 8a9c6c40432e 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/03 20:17 upstream e9d22f7a6655 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/03 15:11 upstream e9d22f7a6655 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/03 13:34 upstream e9d22f7a6655 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/03 12:30 upstream e9d22f7a6655 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/03 10:43 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/03 07:56 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/03 04:39 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/03 02:42 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/02 21:53 upstream 1dfe225e9af5 8373af66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/02 14:36 upstream 1dfe225e9af5 8373af66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __flush_workqueue
2024/07/02 12:31 upstream 1dfe225e9af5 8373af66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/02 08:21 upstream 73e931504f8e b294e901 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/02 07:07 upstream 73e931504f8e b294e901 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/02 05:23 upstream 73e931504f8e b294e901 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/07/02 04:13 upstream 73e931504f8e b294e901 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in __flush_workqueue
2024/06/30 08:22 upstream 8282d5af7be8 757f06b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in __flush_workqueue
2024/07/08 04:03 upstream 256abd8e550c bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/08 01:42 upstream c6653f49e4fd bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/04 03:31 upstream 8a9c6c40432e 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/04 00:03 upstream 8a9c6c40432e 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/03 22:33 upstream 8a9c6c40432e 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/03 17:31 upstream e9d22f7a6655 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/03 16:18 upstream e9d22f7a6655 409d975c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/03 09:08 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/03 09:02 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/03 05:52 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/02 19:53 upstream 1dfe225e9af5 8373af66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/02 17:57 upstream 1dfe225e9af5 8373af66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/07/02 15:53 upstream 1dfe225e9af5 8373af66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 possible deadlock in __flush_workqueue
2024/03/05 11:02 upstream 90d35da658da 9ed46f64 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in __flush_workqueue
2024/06/18 13:30 bpf 36534d3c5453 639d6cdf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __flush_workqueue
2024/07/01 15:22 bpf-next a12978712d90 b294e901 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __flush_workqueue
2024/07/09 06:50 linux-next 0b58e108042b bc23a442 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in __flush_workqueue
2024/01/17 06:05 linux-next 943b9f0ab2cf 2a7bcc7f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in __flush_workqueue
2024/04/08 21:38 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in __flush_workqueue
* Struck through repros no longer work on HEAD.