Hello.
Commit 87579e9b7d8dc36e ("loop: use worker per cgroup instead of kworker")
is calling destroy_workqueue() with lo->lo_mutex held, and syzbot is
reporting circular locking dependency
&disk->open_mutex => &lo->lo_mutex => (wq_completion)loop$M =>
(work_completion)(&lo->rootcg_work) => sb_writers#$N => &p->lock =>
&of->mutex => system_transition_mutex/1 => &disk->open_mutex
. Can you somehow call destroy_workqueue() without holding a lock (e.g.
breaking &lo->lo_mutex => (wq_completion)loop$M dependency chain by
making sure that below change is safe) ?
@@ -1365,7 +1365,9 @@ static int __loop_clr_fd(struct loop_device *lo, bool release)
/* freeze request queue during the transition */
blk_mq_freeze_queue(lo->lo_queue);
+ mutex_unlock(&lo->lo_mutex);
destroy_workqueue(lo->workqueue);
+ mutex_lock(&lo->lo_mutex);
spin_lock_irq(&lo->lo_work_lock);
list_for_each_entry_safe(worker, pos, &lo->idle_worker_list,
idle_list) {
On 2021/11/11 2:00, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: cb690f5238d7 Merge tag 'for-5.16/drivers-2021-11-09' of gi..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1611368ab00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=9d7259f0deb293aa
> dashboard link: https://syzkaller.appspot.com/bug?extid=63614029dfb79abd4383
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
