original_kernel/net/bluetooth
Jiri Slaby bf389cabb3 Bluetooth: fix power_on vs close race
With all the latest fixes applied, I am still able to reproduce this
(and other) warning(s):
WARNING: CPU: 1 PID: 19684 at ../kernel/workqueue.c:4092 destroy_workqueue+0x70a/0x770()
...
Call Trace:
 [<ffffffff819fee81>] ? dump_stack+0xb3/0x112
 [<ffffffff8117377e>] ? warn_slowpath_common+0xde/0x140
 [<ffffffff811ce68a>] ? destroy_workqueue+0x70a/0x770
 [<ffffffff811739ae>] ? warn_slowpath_null+0x2e/0x40
 [<ffffffff811ce68a>] ? destroy_workqueue+0x70a/0x770
 [<ffffffffa0c944c9>] ? hci_unregister_dev+0x2a9/0x720 [bluetooth]
 [<ffffffffa0b301db>] ? vhci_release+0x7b/0xf0 [hci_vhci]
 [<ffffffffa0b30160>] ? vhci_flush+0x50/0x50 [hci_vhci]
 [<ffffffff8117cd73>] ? do_exit+0x863/0x2b90

This is due to race present in the hci_unregister_dev path.
hdev->power_on work races with hci_dev_do_close. One tries to open,
the other tries to close, leading to warning like the above. (Another
example is a warning in kobject_get or kobject_put depending on who
wins the race.)

Fix this by switching those two racers to ensure hdev->power_on never
triggers while hci_dev_do_close is in progress.

Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2016-05-13 16:50:23 +02:00
..
bnep treewide: replace dev->trans_start update with helper 2016-05-04 14:16:49 -04:00
cmtp
hidp
rfcomm
6lowpan.c
Kconfig
Makefile
a2mp.c
a2mp.h
af_bluetooth.c
amp.c
amp.h
ecc.c
ecc.h
hci_conn.c
hci_core.c Bluetooth: fix power_on vs close race 2016-05-13 16:50:23 +02:00
hci_debugfs.c
hci_debugfs.h
hci_event.c
hci_request.c
hci_request.h
hci_sock.c
hci_sysfs.c
l2cap_core.c
l2cap_sock.c
leds.c
leds.h
lib.c
mgmt.c
mgmt_util.c
mgmt_util.h
sco.c
selftest.c
selftest.h
smp.c
smp.h