diff options
author | Andrei Emeltchenko <andrei.emeltchenko@intel.com> | 2012-09-06 08:05:42 -0400 |
---|---|---|
committer | Gustavo Padovan <gustavo.padovan@collabora.co.uk> | 2012-09-18 19:07:04 -0400 |
commit | aad3d0e343900a4c2c5dbc73f76550aa64a0ac1b (patch) | |
tree | f5cde6e3a1f20ef7af76abfcc7f63a45cd32c166 | |
parent | 562fcc246ebe31ade6e1be08585673b9b2785498 (diff) |
Bluetooth: Fix freeing uninitialized delayed works
When releasing L2CAP socket which is in BT_CONFIG state l2cap_chan_close
invokes l2cap_send_disconn_req which cancel delayed works which are only
set in BT_CONNECTED state with l2cap_ertm_init. Add state check before
cancelling those works.
...
[ 9668.574372] [21085] l2cap_sock_release: sock cd065200, sk f073e800
[ 9668.574399] [21085] l2cap_sock_shutdown: sock cd065200, sk f073e800
[ 9668.574411] [21085] l2cap_chan_close: chan f073ec00 state BT_CONFIG sk f073e800
[ 9668.574421] [21085] l2cap_send_disconn_req: chan f073ec00 conn ecc16600
[ 9668.574441] INFO: trying to register non-static key.
[ 9668.574443] the code is fine but needs lockdep annotation.
[ 9668.574446] turning off the locking correctness validator.
[ 9668.574450] Pid: 21085, comm: obex-client Tainted: G O 3.5.0+ #57
[ 9668.574452] Call Trace:
[ 9668.574463] [<c10a64b3>] __lock_acquire+0x12e3/0x1700
[ 9668.574468] [<c10a44fb>] ? trace_hardirqs_on+0xb/0x10
[ 9668.574476] [<c15e4f60>] ? printk+0x4d/0x4f
[ 9668.574479] [<c10a6e38>] lock_acquire+0x88/0x130
[ 9668.574487] [<c1059740>] ? try_to_del_timer_sync+0x60/0x60
[ 9668.574491] [<c1059790>] del_timer_sync+0x50/0xc0
[ 9668.574495] [<c1059740>] ? try_to_del_timer_sync+0x60/0x60
[ 9668.574515] [<f8aa1c23>] l2cap_send_disconn_req+0xe3/0x160 [bluetooth]
...
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
-rw-r--r-- | net/bluetooth/l2cap_core.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index 4ea1710a4783..38c00f142203 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c | |||
@@ -1008,7 +1008,7 @@ static void l2cap_send_disconn_req(struct l2cap_conn *conn, struct l2cap_chan *c | |||
1008 | if (!conn) | 1008 | if (!conn) |
1009 | return; | 1009 | return; |
1010 | 1010 | ||
1011 | if (chan->mode == L2CAP_MODE_ERTM) { | 1011 | if (chan->mode == L2CAP_MODE_ERTM && chan->state == BT_CONNECTED) { |
1012 | __clear_retrans_timer(chan); | 1012 | __clear_retrans_timer(chan); |
1013 | __clear_monitor_timer(chan); | 1013 | __clear_monitor_timer(chan); |
1014 | __clear_ack_timer(chan); | 1014 | __clear_ack_timer(chan); |