From: Chris Wright <chrisw@sous-sol.org>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, Dave Young <hidave.darkstar@gmail.com>
Subject: bluetooth: hci_core: defer hci_unregister_sysfs()
Date: Wed, 16 Apr 2008 18:02:10 -0700 [thread overview]
Message-ID: <20080417010352.933653510@sous-sol.org> (raw)
In-Reply-To: 20080417010122.148289106@sous-sol.org
[-- Attachment #1: bluetooth-hci_core-defer-hci_unregister_sysfs.patch --]
[-- Type: text/plain, Size: 4923 bytes --]
-stable review patch. If anyone has any objections, please let us know.
---------------------
From: Dave Young <hidave.darkstar@gmail.com>
upstream commit: 147e2d59833e994cc99341806a88b9e59be41391
Alon Bar-Lev reports:
Feb 16 23:41:33 alon1 usb 3-1: configuration #1 chosen from 1 choice
Feb 16 23:41:33 alon1 BUG: unable to handle kernel NULL pointer
dereference at virtual address 00000008
Feb 16 23:41:33 alon1 printing eip: c01b2db6 *pde = 00000000
Feb 16 23:41:33 alon1 Oops: 0000 [#1] PREEMPT
Feb 16 23:41:33 alon1 Modules linked in: ppp_deflate zlib_deflate
zlib_inflate bsd_comp ppp_async rfcomm l2cap hci_usb vmnet(P)
vmmon(P) tun radeon drm autofs4 ipv6 aes_generic crypto_algapi
ieee80211_crypt_ccmp nf_nat_irc nf_nat_ftp nf_conntrack_irc
nf_conntrack_ftp ipt_MASQUERADE iptable_nat nf_nat ipt_REJECT
xt_tcpudp ipt_LOG xt_limit xt_state nf_conntrack_ipv4 nf_conntrack
iptable_filter ip_tables x_tables snd_pcm_oss snd_mixer_oss
snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device
bluetooth ppp_generic slhc ioatdma dca cfq_iosched cpufreq_powersave
cpufreq_ondemand cpufreq_conservative acpi_cpufreq freq_table uinput
fan af_packet nls_cp1255 nls_iso8859_1 nls_utf8 nls_base pcmcia
snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm nsc_ircc snd_timer
ipw2200 thinkpad_acpi irda snd ehci_hcd yenta_socket uhci_hcd
psmouse ieee80211 soundcore intel_agp hwmon rsrc_nonstatic pcspkr
e1000 crc_ccitt snd_page_alloc i2c_i801 ieee80211_crypt pcmcia_core
agpgart thermal bat!
tery nvram rtc sr_mod ac sg firmware_class button processor cdrom
unix usbcore evdev ext3 jbd ext2 mbcache loop ata_piix libata sd_mod
scsi_mod
Feb 16 23:41:33 alon1
Feb 16 23:41:33 alon1 Pid: 4, comm: events/0 Tainted: P
(2.6.24-gentoo-r2 #1)
Feb 16 23:41:33 alon1 EIP: 0060:[<c01b2db6>] EFLAGS: 00010282 CPU: 0
Feb 16 23:41:33 alon1 EIP is at sysfs_get_dentry+0x26/0x80
Feb 16 23:41:33 alon1 EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX:
f48a2210
Feb 16 23:41:33 alon1 ESI: f72eb900 EDI: f4803ae0 EBP: f4803ae0 ESP:
f7c49efc
Feb 16 23:41:33 alon1 hcid[7004]: HCI dev 0 registered
Feb 16 23:41:33 alon1 DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
Feb 16 23:41:33 alon1 Process events/0 (pid: 4, ti=f7c48000
task=f7c3efc0 task.ti=f7c48000)
Feb 16 23:41:33 alon1 Stack: f7cb6140 f4822668 f7e71e10 c01b304d
ffffffff ffffffff fffffffe c030ba9c
Feb 16 23:41:33 alon1 f7cb6140 f4822668 f6da6720 f7cb6140 f4822668
f6da6720 c030ba8e c01ce20b
Feb 16 23:41:33 alon1 f6e9dd00 c030ba8e f6da6720 f6e9dd00 f6e9dd00
00000000 f4822600 00000000
Feb 16 23:41:33 alon1 Call Trace:
Feb 16 23:41:33 alon1 [<c01b304d>] sysfs_move_dir+0x3d/0x1f0
Feb 16 23:41:33 alon1 [<c01ce20b>] kobject_move+0x9b/0x120
Feb 16 23:41:33 alon1 [<c0241711>] device_move+0x51/0x110
Feb 16 23:41:33 alon1 [<f9aaed80>] del_conn+0x0/0x70 [bluetooth]
Feb 16 23:41:33 alon1 [<f9aaed99>] del_conn+0x19/0x70 [bluetooth]
Feb 16 23:41:33 alon1 [<c012c1a1>] run_workqueue+0x81/0x140
Feb 16 23:41:33 alon1 [<c02c0c88>] schedule+0x168/0x2e0
Feb 16 23:41:33 alon1 [<c012fc70>] autoremove_wake_function+0x0/0x50
Feb 16 23:41:33 alon1 [<c012c9cb>] worker_thread+0x9b/0xf0
Feb 16 23:41:33 alon1 [<c012fc70>] autoremove_wake_function+0x0/0x50
Feb 16 23:41:33 alon1 [<c012c930>] worker_thread+0x0/0xf0
Feb 16 23:41:33 alon1 [<c012f962>] kthread+0x42/0x70
Feb 16 23:41:33 alon1 [<c012f920>] kthread+0x0/0x70
Feb 16 23:41:33 alon1 [<c0104c2f>] kernel_thread_helper+0x7/0x18
Feb 16 23:41:33 alon1 =======================
Feb 16 23:41:33 alon1 Code: 26 00 00 00 00 57 89 c7 a1 50 1b 3a c0
56 53 8b 70 38 85 f6 74 08 8b 0e 85 c9 74 58 ff 06 8b 56 50 39 fa 74
47 89 fb eb 02 89 c3 <8b> 43 08 39 c2 75 f7 8b 46 08 83 c0 68 e8 98
e7 10 00 8b 43 10
Feb 16 23:41:33 alon1 EIP: [<c01b2db6>] sysfs_get_dentry+0x26/0x80
SS:ESP 0068:f7c49efc
Feb 16 23:41:33 alon1 ---[ end trace aae864e9592acc1d ]---
Defer hci_unregister_sysfs because hci device could be destructed
while hci conn devices still there.
Signed-off-by: Dave Young <hidave.darkstar@gmail.com>
Tested-by: Stefan Seyfried <seife@suse.de>
Acked-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
dsd@gentoo.org notes:
This patch fixes http://bugs.gentoo.org/211179
Cc: Daniel Drake <dsd@gentoo.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
---
net/bluetooth/hci_core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -901,8 +901,6 @@ int hci_unregister_dev(struct hci_dev *h
BT_DBG("%p name %s type %d", hdev, hdev->name, hdev->type);
- hci_unregister_sysfs(hdev);
-
write_lock_bh(&hci_dev_list_lock);
list_del(&hdev->list);
write_unlock_bh(&hci_dev_list_lock);
@@ -914,6 +912,8 @@ int hci_unregister_dev(struct hci_dev *h
hci_notify(hdev, HCI_DEV_UNREG);
+ hci_unregister_sysfs(hdev);
+
__hci_dev_put(hdev);
return 0;
--
next prev parent reply other threads:[~2008-04-17 1:23 UTC|newest]
Thread overview: 88+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-17 1:01 [patch 00/66] 2.6.24-stable review Chris Wright
2008-04-17 1:01 ` time: prevent the loop in timespec_add_ns() from being optimised away Chris Wright
2008-04-17 1:01 ` kbuild: soften modpost checks when doing cross builds Chris Wright
2008-04-17 1:01 ` mtd: memory corruption in block2mtd.c Chris Wright
2008-04-17 1:01 ` md: remove the super sysfs attribute from devices in an md array Chris Wright
2008-04-17 1:01 ` V4L: ivtv: Add missing sg_init_table() Chris Wright
2008-04-17 1:01 ` UIO: add pgprot_noncached() to UIO mmap code Chris Wright
2008-04-17 1:01 ` USB: add support for Motorola ROKR Z6 cellphone in mass storage mode Chris Wright
2008-04-17 1:01 ` USB: new quirk flag to avoid Set-Interface Chris Wright
2008-04-17 1:01 ` inotify: fix race Chris Wright
2008-04-17 1:01 ` inotify: remove debug code Chris Wright
2008-04-17 1:01 ` NOHZ: reevaluate idle sleep length after add_timer_on() Chris Wright
2008-04-17 1:01 ` slab: fix cache_cache bootstrap in kmem_cache_init() Chris Wright
2008-04-17 1:01 ` xen: fix RMW when unmasking events Chris Wright
2008-04-17 1:01 ` xen: mask out SEP from CPUID Chris Wright
2008-04-17 1:01 ` xen: fix UP setup of shared_info Chris Wright
2008-04-17 1:01 ` PERCPU : __percpu_alloc_mask() can dynamically size percpu_data storage Chris Wright
2008-04-17 1:01 ` alloc_percpu() fails to allocate percpu data Chris Wright
2008-04-17 1:01 ` vfs: fix data leak in nobh_write_end() Chris Wright
2008-04-17 1:01 ` pci: revert SMBus unhide on HP Compaq nx6110 Chris Wright
2008-04-17 1:01 ` hwmon: (w83781d) Fix I/O resource conflict with PNP Chris Wright
2008-04-17 1:01 ` vmcoreinfo: add the symbol "phys_base" Chris Wright
2008-04-17 9:24 ` Eric W. Biederman
2008-04-17 17:16 ` Chris Wright
2008-04-17 17:29 ` Vivek Goyal
2008-04-18 10:17 ` Ken'ichi Ohmichi
2008-04-17 23:31 ` Eric W. Biederman
2008-04-17 1:01 ` USB: Allow initialization of broken keyspan serial adapters Chris Wright
2008-04-17 1:01 ` USB: serial: fix regression in Visor/Palm OS module for kernels >= 2.6.24 Chris Wright
2008-04-17 1:01 ` USB: serial: ti_usb_3410_5052: Correct TUSB3410 endpoint requirements Chris Wright
2008-04-17 8:01 ` Oliver Neukum
2008-04-17 17:02 ` Greg KH
2008-04-17 1:01 ` CRYPTO xcbc: Fix crash when ipsec uses xcbc-mac with big data chunk Chris Wright
2008-04-17 11:26 ` S.Çağlar Onur
2008-04-17 14:22 ` Herbert Xu
2008-04-17 23:33 ` Chris Wright
2008-04-17 1:01 ` mtd: fix broken state in CFI driver caused by FL_SHUTDOWN Chris Wright
2008-04-17 1:01 ` ipmi: change device node ordering to reflect probe order Chris Wright
2008-04-17 1:01 ` AX25 ax25_out: check skb for NULL in ax25_kick() Chris Wright
2008-04-17 1:01 ` NET: include <linux/types.h> into linux/ethtool.h for __u* typedef Chris Wright
2008-04-17 1:01 ` SUNGEM: Fix NAPI assertion failure Chris Wright
2008-04-17 1:01 ` INET: inet_frag_evictor() must run with BH disabled Chris Wright
2008-04-17 1:01 ` LLC: Restrict LLC sockets to root Chris Wright
2008-04-17 1:01 ` netpoll: zap_completion_queue: adjust skb->users counter Chris Wright
2008-04-17 1:01 ` PPPOL2TP: Make locking calls softirq-safe Chris Wright
2008-04-17 1:01 ` PPPOL2TP: Fix SMP issues in skb reorder queue handling Chris Wright
2008-04-17 1:01 ` NET: Add preemption point in qdisc_run Chris Wright
2008-04-17 1:01 ` sch_htb: fix "too many events" situation Chris Wright
2008-04-17 1:02 ` SCTP: Fix local_addr deletions during list traversals Chris Wright
2008-04-17 1:02 ` NET: Fix multicast device ioctl checks Chris Wright
2008-04-17 1:02 ` TCP: Fix shrinking windows with window scaling Chris Wright
2008-04-17 1:02 ` TCP: Let skbs grow over a page on fast peers Chris Wright
2008-04-17 1:02 ` VLAN: Dont copy ALLMULTI/PROMISC flags from underlying device Chris Wright
2008-04-17 1:02 ` SPARC64: Fix atomic backoff limit Chris Wright
2008-04-17 1:02 ` SPARC64: Fix __get_cpu_var in preemption-enabled area Chris Wright
2008-04-17 1:02 ` SPARC64: flush_ptrace_access() needs preemption disable Chris Wright
2008-04-17 1:02 ` libata: assume no device is attached if both IDENTIFYs are aborted Chris Wright
2008-04-17 1:02 ` sis190: read the mac address from the eeprom first Chris Wright
2008-04-17 1:02 ` Chris Wright [this message]
2008-04-17 1:02 ` SPARC64: Fix FPU saving in 64-bit signal handling Chris Wright
2008-04-17 1:02 ` DVB: tda10086: make the 22kHz tone for DISEQC a config option Chris Wright
2008-04-17 1:02 ` SUNRPC: Fix a memory leak in rpc_create() Chris Wright
2008-04-17 21:25 ` Stefan Lippers-Hollmann
2008-04-17 22:06 ` Trond Myklebust
2008-04-17 22:09 ` Chris Wright
2008-04-18 14:42 ` Chuck Lever
2008-04-17 1:02 ` HFS+: fix unlink of links Chris Wright
2008-04-17 1:02 ` acpi: fix "buggy BIOS check" when CPUs are hot removed Chris Wright
2008-04-17 1:02 ` plip: replace spin_lock_irq with spin_lock_irqsave in irq context Chris Wright
2008-04-17 1:02 ` signalfd: fix for incorrect SI_QUEUE user data reporting Chris Wright
2008-04-17 1:02 ` md: close a livelock window in handle_parity_checks5 Chris Wright
2008-04-17 1:02 ` POWERPC: Fix build of modular drivers/macintosh/apm_emu.c Chris Wright
2008-04-17 1:02 ` pnpacpi: reduce printk severity for "pnpacpi: exceeded the max number of ..." Chris Wright
2008-04-17 15:24 ` Nick Andrew
2008-04-17 17:09 ` Chris Wright
2008-04-18 21:48 ` Bjorn Helgaas
2008-04-23 4:09 ` [stable PATCH for 2.6.24.5 and 2.6.25] pnpacpi: fix potential corruption on "pnpacpi: exceeded the max number of IRQ resources 2" Len Brown
2008-04-17 1:02 ` PARISC futex: special case cmpxchg NULL in kernel space Chris Wright
2008-04-17 1:02 ` Chris Wright
2008-04-17 1:02 ` PARISC pdc_console: fix bizarre panic on boot Chris Wright
2008-04-17 1:02 ` Chris Wright
2008-04-17 1:02 ` PARISC fix signal trampoline cache flushing Chris Wright
2008-04-17 1:02 ` acpi: bus: check once more for an empty list after locking it Chris Wright
2008-04-17 1:02 ` fbdev: fix /proc/fb oops after module removal Chris Wright
2008-04-17 1:02 ` macb: Call phy_disconnect on removing Chris Wright
2008-04-17 1:02 ` file capabilities: remove cap_task_kill() Chris Wright
2008-04-17 1:02 ` locks: fix possible infinite loop in fcntl(F_SETLKW) over nfs Chris Wright
2008-04-18 7:50 ` [stable] [patch 00/66] 2.6.24-stable review Chris Wright
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080417010352.933653510@sous-sol.org \
--to=chrisw@sous-sol.org \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=hidave.darkstar@gmail.com \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.