linux

History

Ulisses Furquim 371fd83563 Bluetooth: Fix deadlocks with sock lock and L2CAP timers locks When cancelling a delayed work (timer) in L2CAP we can not sleep holding the sock mutex otherwise we might deadlock with an L2CAP timer handler. This is possible because RX/TX and L2CAP timers run in different workqueues. The scenario below illustrates the problem. Thus we are now avoiding to sleep on the timers locks. ====================================================== [ INFO: possible circular locking dependency detected ] 3.1.0-05270-ga978dc7-dirty #239 ------------------------------------------------------- kworker/1:1/873 is trying to acquire lock: (sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP){+.+...}, at: [<ffffffffa002ceac>] l2cap_chan_timeout+0x3c/0xe0 [bluetooth] but task is already holding lock: ((&(&chan->chan_timer)->work)){+.+...}, at: [<ffffffff81051a86>] process_one_work+0x126/0x450 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 ((&(&chan->chan_timer)->work)){+.+...}: [<ffffffff8106b276>] check_prevs_add+0xf6/0x170 [<ffffffff8106b903>] validate_chain+0x613/0x790 [<ffffffff8106dfee>] __lock_acquire+0x4be/0xac0 [<ffffffff8106ec2d>] lock_acquire+0x8d/0xb0 [<ffffffff81052a6f>] wait_on_work+0x4f/0x160 [<ffffffff81052ca3>] __cancel_work_timer+0x73/0x80 [<ffffffff81052cbd>] cancel_delayed_work_sync+0xd/0x10 [<ffffffffa002f2ed>] l2cap_chan_connect+0x22d/0x470 [bluetooth] [<ffffffffa002fb51>] l2cap_sock_connect+0xb1/0x140 [bluetooth] [<ffffffff8130811b>] kernel_connect+0xb/0x10 [<ffffffffa00cf98a>] rfcomm_session_create+0x12a/0x1c0 [rfcomm] [<ffffffffa00cfbe7>] __rfcomm_dlc_open+0x1c7/0x240 [rfcomm] [<ffffffffa00d07c2>] rfcomm_dlc_open+0x42/0x70 [rfcomm] [<ffffffffa00d3b03>] rfcomm_sock_connect+0x103/0x150 [rfcomm] [<ffffffff8130bd7e>] sys_connect+0xae/0xc0 [<ffffffff813368d2>] compat_sys_socketcall+0xb2/0x220 [<ffffffff813b2089>] sysenter_dispatch+0x7/0x30 -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP){+.+...}: [<ffffffff8106b16d>] check_prev_add+0x6cd/0x6e0 [<ffffffff8106b276>] check_prevs_add+0xf6/0x170 [<ffffffff8106b903>] validate_chain+0x613/0x790 [<ffffffff8106dfee>] __lock_acquire+0x4be/0xac0 [<ffffffff8106ec2d>] lock_acquire+0x8d/0xb0 [<ffffffff8130d91a>] lock_sock_nested+0x8a/0xa0 [<ffffffffa002ceac>] l2cap_chan_timeout+0x3c/0xe0 [bluetooth] [<ffffffff81051ae4>] process_one_work+0x184/0x450 [<ffffffff8105276e>] worker_thread+0x15e/0x340 [<ffffffff81057bb6>] kthread+0x96/0xa0 [<ffffffff813b1ef4>] kernel_thread_helper+0x4/0x10 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock((&(&chan->chan_timer)->work)); lock(sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP); lock((&(&chan->chan_timer)->work)); lock(sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP); * DEADLOCK * 2 locks held by kworker/1:1/873: #0: (events){.+.+.+}, at: [<ffffffff81051a86>] process_one_work+0x126/0x450 #1: ((&(&chan->chan_timer)->work)){+.+...}, at: [<ffffffff81051a86>] process_one_work+0x126/0x450 stack backtrace: Pid: 873, comm: kworker/1:1 Not tainted 3.1.0-05270-ga978dc7-dirty #239 Call Trace: [<ffffffff813a0f6e>] print_circular_bug+0xd2/0xe3 [<ffffffff8106b16d>] check_prev_add+0x6cd/0x6e0 [<ffffffff8106b276>] check_prevs_add+0xf6/0x170 [<ffffffff8106b903>] validate_chain+0x613/0x790 [<ffffffff8106dfee>] __lock_acquire+0x4be/0xac0 [<ffffffff8130d8f6>] ? lock_sock_nested+0x66/0xa0 [<ffffffff8106ea30>] ? lock_release_nested+0x100/0x110 [<ffffffff8130d8f6>] ? lock_sock_nested+0x66/0xa0 [<ffffffff8106ec2d>] lock_acquire+0x8d/0xb0 [<ffffffffa002ceac>] ? l2cap_chan_timeout+0x3c/0xe0 [bluetooth] [<ffffffff8130d91a>] lock_sock_nested+0x8a/0xa0 [<ffffffffa002ceac>] ? l2cap_chan_timeout+0x3c/0xe0 [bluetooth] [<ffffffff81051a86>] ? process_one_work+0x126/0x450 [<ffffffffa002ceac>] l2cap_chan_timeout+0x3c/0xe0 [bluetooth] [<ffffffff81051ae4>] process_one_work+0x184/0x450 [<ffffffff81051a86>] ? process_one_work+0x126/0x450 [<ffffffffa002ce70>] ? l2cap_security_cfm+0x4e0/0x4e0 [bluetooth] [<ffffffff8105276e>] worker_thread+0x15e/0x340 [<ffffffff81052610>] ? manage_workers+0x110/0x110 [<ffffffff81057bb6>] kthread+0x96/0xa0 [<ffffffff813b1ef4>] kernel_thread_helper+0x4/0x10 [<ffffffff813af69d>] ? retint_restore_args+0xe/0xe [<ffffffff81057b20>] ? __init_kthread_worker+0x70/0x70 [<ffffffff813b1ef0>] ? gs_change+0xb/0xb Signed-off-by: Ulisses Furquim <ulisses@profusion.mobi> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>		2011-12-22 14:15:09 -02:00
..
9p	net/9p: Convert net/9p protocol dumps to tracepoints	2011-10-24 11:13:12 -05:00
bluetooth	Bluetooth: Fix deadlocks with sock lock and L2CAP timers locks	2011-12-22 14:15:09 -02:00
caif	caif-hsi: Added recovery check of CA wake status.	2011-10-19 03:25:43 -04:00
irda	Fix common misspellings	2011-03-31 11:26:23 -03:00
iucv	af_iucv: add HiperSockets transport	2011-08-13 01:10:16 -07:00
netfilter	Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux	2011-11-06 19:44:47 -08:00
netns	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
nfc	NFC: Set and get DEP general bytes	2011-12-14 14:50:13 -05:00
phonet	net: dont hold rtnl mutex during netlink dump callbacks	2011-05-02 15:26:28 -07:00
sctp	Merge branch 'master' of github.com:davem330/net	2011-09-22 03:23:13 -04:00
tc_act	net/sched: add ACT_CSUM action to update packets checksums	2010-08-20 01:42:59 -07:00
act_api.h	net: sched: constify tcf_proto and tc_action	2011-07-06 02:52:16 -07:00
addrconf.h	ipv6: updates to privacy addresses per RFC 4941.	2011-08-01 18:05:00 -07:00
af_ieee802154.h
af_rxrpc.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
af_unix.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
ah.h	ipsec: update MAX_AH_AUTH_LEN to support sha512	2011-01-13 21:48:25 -08:00
arp.h	net: Add ->neigh_lookup() operation to dst_ops	2011-07-18 00:40:17 -07:00
atmclip.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
ax25.h	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
ax88796.h
cfg80211-wext.h	cfg80211: remove unused wext handler exports	2011-08-08 14:26:29 -04:00
cfg80211.h	cfg80211: Return beacon loss count in station	2011-12-19 14:34:13 -05:00
checksum.h
cipso_ipv4.h	doc: Update the email address for Paul Moore in various source files	2011-08-01 17:58:33 -07:00
cls_cgroup.h	Merge commit 'v2.6.36-rc7' into core/rcu	2010-10-07 09:43:45 +02:00
compat.h	net: Add sendmmsg socket system call	2011-05-05 11:10:14 -07:00
datalink.h
dcbevent.h	dcb: Add stub routines for !CONFIG_DCB	2011-10-06 15:49:51 -04:00
dcbnl.h	dcb: add DCBX mode to event notifier attributes	2011-10-06 15:49:51 -04:00
dn_dev.h	decnet: RCU conversion and get rid of dev_base_lock	2010-11-08 13:50:08 -08:00
dn_fib.h	decnet: Convert to use flowidn where applicable.	2011-03-12 15:08:55 -08:00
dn_neigh.h
dn_nsp.h	net: use __packed annotation	2010-06-03 03:21:52 -07:00
dn_route.h	decnet: Convert to use flowidn where applicable.	2011-03-12 15:08:55 -08:00
dn.h	decnet: Convert to use flowidn where applicable.	2011-03-12 15:08:55 -08:00
dsa.h
dsfield.h
dst_ops.h	net: Add ->neigh_lookup() operation to dst_ops	2011-07-18 00:40:17 -07:00
dst.h	rps: Add flag to skb to indicate rxhash is based on L4 tuple	2011-08-17 20:06:03 -07:00
esp.h
ethoc.h
fib_rules.h	fib_rules: __rcu annotates ctarget	2010-10-27 11:37:32 -07:00
flow.h	net: Handle different key sizes between address families in flow cache	2011-09-16 17:47:28 -04:00
garp.h	garp: remove last synchronize_rcu() call	2011-05-12 17:46:56 -04:00
gen_stats.h	Fix common misspellings	2011-03-31 11:26:23 -03:00
genetlink.h	netlink: advertise incomplete dumps	2011-06-22 16:09:45 -04:00
gre.h	PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol)	2010-08-21 23:05:39 -07:00
icmp.h	inetpeer: Move ICMP rate limiting state into inet_peer entries.	2011-02-04 15:59:53 -08:00
ieee80211_radiotap.h	wireless: move ieee80211chan2mhz macro	2011-11-11 12:32:50 -05:00
ieee802154_netdev.h
ieee802154.h
if_inet6.h	ipv6: updates to privacy addresses per RFC 4941.	2011-08-01 18:05:00 -07:00
inet6_connection_sock.h	inet: Pass flowi to ->queue_xmit().	2011-05-08 15:28:28 -07:00
inet6_hashtables.h
inet_common.h	inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage()	2010-07-12 20:21:46 -07:00
inet_connection_sock.h	ipv4: Make caller provide flowi4 key to inet_csk_route_req().	2011-05-18 18:32:03 -04:00
inet_ecn.h	inet: add rfc 3168 extract in front of INET_ECN_encapsulate()	2011-10-22 01:25:23 -04:00
inet_frag.h	fragment: add fast path for in-order fragments	2010-06-30 13:44:29 -07:00
inet_hashtables.h	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
inet_sock.h	ipv4: route non-local sources for raw socket	2011-08-07 22:52:32 -07:00
inet_timewait_sock.h	Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux	2011-11-06 19:44:47 -08:00
inetpeer.h	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
ip6_checksum.h
ip6_fib.h	ipv6: Get rid of rt6i_nexthop macro.	2011-07-17 23:11:35 -07:00
ip6_route.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
ip6_tunnel.h	tunnels: add _rcu annotations	2010-10-25 13:09:45 -07:00
ip_fib.h	ipv4: Call fib_select_default() only when actually necessary.	2011-04-14 15:05:22 -07:00
ip_vs.h	Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux	2011-11-06 19:44:47 -08:00
ip.h	ipv4: tcp: fix TOS value in ACK messages sent from TIME_WAIT	2011-10-24 03:06:21 -04:00
ipcomp.h	percpu: add __percpu sparse annotations to net	2010-02-16 23:05:38 -08:00
ipconfig.h
ipip.h	tunnels: add __rcu annotations	2010-10-27 11:37:32 -07:00
ipv6.h	ipv6: tcp: fix TCLASS value in ACK messages sent from TIME_WAIT	2011-10-27 00:44:35 -04:00
ipx.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
iw_handler.h	Fix common misspellings	2011-03-31 11:26:23 -03:00
lapb.h	wan: make LAPB callbacks const	2011-09-16 19:20:20 -04:00
lib80211.h	include: replace linux/module.h with "struct module" wherever possible	2011-10-31 19:32:32 -04:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h	bonding,llc: Fix structure sizeof incompatibility for some PDUs	2011-05-13 15:13:24 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
mac80211.h	mac80211: handle SMPS action frames	2011-12-19 14:40:22 -05:00
mip6.h	net: use __packed annotation	2010-06-03 03:21:52 -07:00
mld.h	ipv6 mcast: Introduce include/net/mld.h for MLD definitions.	2010-04-23 13:35:55 +09:00
ndisc.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
neighbour.h	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
net_namespace.h	atomic: use <linux/atomic.h>	2011-07-26 16:49:47 -07:00
net_ratelimit.h	net: Kill ratelimit.h dependency in linux/net.h	2011-05-27 13:41:33 -04:00
netdma.h
netevent.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
netlabel.h	doc: Update the email address for Paul Moore in various source files	2011-08-01 17:58:33 -07:00
netlink.h	netlink: clarify attribute length check documentation	2011-11-04 17:48:23 -04:00
netrom.h	include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h	2010-03-30 22:02:32 +09:00
nexthop.h
nl802154.h
p8022.h
ping.h	net: ping: fix build failure	2011-05-17 14:16:58 -04:00
pkt_cls.h	net: Fix range checks in tcf_valid_offset().	2010-12-21 12:43:16 -08:00
pkt_sched.h	net: sched: constify tcf_proto and tc_action	2011-07-06 02:52:16 -07:00
protocol.h	net: change netdev->features to u32	2011-01-24 15:32:47 -08:00
psnap.h
raw.h	include/net/raw.h: Convert raw_seq_private macro to inline	2010-09-08 13:42:22 -07:00
rawv6.h	net: Remove __KERNEL__ cpp checks from include/net	2011-04-24 10:54:56 -07:00
red.h	sched: remove unused backlog in RED stats	2011-01-12 19:00:39 -08:00
regulatory.h	cfg80211: pass DFS region to drivers through reg_notifier()	2011-11-21 16:20:41 -05:00
request_sock.h	tcp: Change possible SYN flooding messages	2011-09-15 14:49:43 -04:00
rose.h	rose: Add length checks to CALL_REQUEST parsing	2011-03-27 17:59:04 -07:00
route.h	ipv4: Pass explicit destination address to rt_bind_peer().	2011-05-18 18:42:43 -04:00
rtnetlink.h	rtnetlink: Compute and store minimum ifinfo dump size	2011-06-09 20:38:07 -07:00
sch_generic.h	net: sch_generic remove redundant use of <linux/module.h>	2011-10-31 19:32:25 -04:00
scm.h	af_unix: dont send SCM_CREDENTIALS by default	2011-09-28 13:29:50 -04:00
secure_seq.h	tcp: add const qualifiers where possible	2011-10-21 05:22:42 -04:00
slhc_vj.h
snmp.h	snmp: reduce percpu needs by 50%	2011-06-11 16:23:59 -07:00
sock.h	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux	2011-11-22 14:05:46 -05:00
stp.h
tcp_states.h
tcp.h	net: make the tcp and udp file_operations for the /proc stuff const	2011-11-01 17:56:14 -04:00
timewait_sock.h	timewait_sock: Create and use getpeer op.	2010-12-01 18:09:13 -08:00
transp_v6.h	net: relax PKTINFO non local ipv6 udp xmit check	2011-08-30 17:39:01 -04:00
udp.h	net: make the tcp and udp file_operations for the /proc stuff const	2011-11-01 17:56:14 -04:00
udplite.h	udplite: fast-path computation of checksum coverage	2011-10-17 19:07:30 -04:00
wext.h
wimax.h	net: wimax: Remove of unused 'rfkill_input' pointer	2011-06-24 17:50:44 -07:00
wpan-phy.h	Fix common misspellings	2011-03-31 11:26:23 -03:00
x25.h	X25 remove bkl in subscription ioctls	2010-11-28 11:12:20 -08:00
x25device.h	X25: Add if_x25.h and x25 to device identifiers	2010-04-22 16:12:36 -07:00
xfrm.h	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-3.6	2011-05-11 14:26:58 -04:00