[<prev] [next>] [day] [month] [year] [list]
Message-ID: <87fsehn6dn.ffs@tglx>
Date: Thu, 17 Nov 2022 12:54:28 +0100
From: Thomas Gleixner <tglx@...utronix.de>
To: Hillf Danton <hdanton@...a.com>
Cc: syzbot <syzbot+6fb78d577e89e69602f9@...kaller.appspotmail.com>,
linux-kernel@...r.kernel.org, pbonzini@...hat.com,
syzkaller-bugs@...glegroups.com,
Steven Rostedt <rosted@...dmis.org>,
Marcel Holtmann <marcel@...tmann.org>,
Luiz Augusto von Dentz <luiz.dentz@...il.com>
Subject: Re: [syzbot] WARNING in call_timer_fn
On Thu, Nov 17 2022 at 10:45, Hillf Danton wrote:
> On 16 Nov 2022 19:29:27 +0100 Thomas Gleixner <tglx@...utronix.de>
>>
>
> I doubt your fix helps in the domain of workqueue in general, and in this
> report if it is delayed work that triggered the warning.
Indeed. I misread the backtrace and my brain connected the wrong dots
here. It's a different bluethooth hickup.
> --- x/net/bluetooth/hci_sync.c
> +++ y/net/bluetooth/hci_sync.c
> @@ -4806,6 +4806,7 @@ int hci_dev_close_sync(struct hci_dev *h
> /* Avoid potential lockdep warnings from the *_flush() calls by
> * ensuring the workqueue is empty up front.
> */
> + cancel_delayed_work_sync(&hdev->cmd_timer);
> drain_workqueue(hdev->workqueue);
The work has been canceled already before in the same function and there
are some more delayed works which can trigger this.
So no, this whole close_sync() function is prone to teardown races and
just slapping a single cancel here without deeper analysis does not cut
it.
Thanks,
tglx
Powered by blists - more mailing lists