lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a8e1da0712250207q2da4ce9bwc6ee70dfff240f9f@mail.gmail.com>
Date:	Tue, 25 Dec 2007 18:07:24 +0800
From:	"Dave Young" <hidave.darkstar@...il.com>
To:	akpm@...ux-foundation.org
Cc:	greg@...ah.com, marcel@...tmann.org, linux-kernel@...r.kernel.org,
	bluez-devel@...ts.sourceforge.net
Subject: Re: [BUG][PATCH -mm] bluetooth : rfcomm add get/put device in del_conn

On Dec 25, 2007 6:03 PM, Dave Young <hidave.darkstar@...il.com> wrote:
> Due to 2.6.24-rc6-mm1 kernel changes (maybe kobject or driver core), If I exec:
>
> rfcomm connect 0 1
>
> kernel will oops after connect timeout.
>
> hand copy some oops text:
>
> EIP is at driver_sysfs_remove+0x1a/0x40
> Call Trace:
>  show_trace_log_lvl+0x1a/0x30
>  show_stack_log_lvl+0x9a/0xc0
>  show_registers+0xc7/0x270
>  die+0x129/0x240
>  do_page_fault+0x3a1/0x670
>  error_code+0x72/0x78
>  __device_release_driver+0x1e/0xa0
>  device_release_driver+0x30/0x50
>  bus_remove_device+0x63/0x90
>  device_del+0x55/0x190
>  del_conn+0xb/0x10 [bluetooth]
>  run_workqueue+0xe1/0x210
>  worker_thread+0x99/0xf0
>  kthread+0x5c/0xa0
>  kernel_thread_helper+0x7/0x18
>
> (The remote bluetooth device is a mobile phone which is power off)
>
> The reason is that in bus_remobe_dev, the klist_del function will release the device, so just add a get/put pair around the device_del in del_conn.
>
> Signed-off-by: Dave Young <hidave.darkstar@...il.com>
>
> ---
> net/bluetooth/hci_sysfs.c |    2 ++
> 1 file changed, 2 insertions(+)
>
> diff -upr linux/net/bluetooth/hci_sysfs.c linux.new/net/bluetooth/hci_sysfs.c
> --- linux/net/bluetooth/hci_sysfs.c     2007-12-25 17:45:09.000000000 +0800
> +++ linux.new/net/bluetooth/hci_sysfs.c 2007-12-25 17:45:51.000000000 +0800
> @@ -319,7 +319,9 @@ void hci_conn_add_sysfs(struct hci_conn
>  static void del_conn(struct work_struct *work)
>  {
>         struct hci_conn *conn = container_of(work, struct hci_conn, work);
> +       get_device(&conn->dev);
>         device_del(&conn->dev);
> +       put_device(&conn->dev);
>  }
>
>  void hci_conn_del_sysfs(struct hci_conn *conn)
>

Hi greg,

BTW, Is it a possible bug of driver core or kobject ?

Regards
dave
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ