From: Johan Hedberg <johan.hedberg@gmail.com>
To: s.syam@samsung.com
Cc: linux-bluetooth@vger.kernel.org,
"Anurag B" <biradar.a@samsung.com>,
"Sreeraj Mohan" <sreeraj.mk@samsung.com>,
"Nagaraj DR" <nagaraj.dr@samsung.com>,
'박찬열' <chanyeol.park@samsung.com>,
jy0214.kim@samsung.com, '서호철' <hocheol.seo@samsung.com>,
kubax.t.pawlak@intel.com
Subject: Re: Kernel panic observed during sco-connection-disconnection
Date: Fri, 23 Oct 2015 11:33:19 +0300 [thread overview]
Message-ID: <20151023083319.GA31574@t440s.lan> (raw)
In-Reply-To: <000d01d10d6c$cca43e40$65ecbac0$@samsung.com>
Hi Syam,
On Fri, Oct 23, 2015, s.syam@samsung.com wrote:
> We have observed one kernel panic during the sco close.
> The panic logs has been given below. Further analysis we could see that invalid memory access is happening at
> sco_pi(sk)->conn->hcon = NULL; in __sco_sock_close().
>
> It will be great if someone analyses and provide the fix/clue for this issue.
> Thanks for your time.
>
>
> Code:
> static void __sco_sock_close(struct sock *sk)
> {
> BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
>
> switch (sk->sk_state) {
> case BT_LISTEN:
> sco_sock_cleanup_listen(sk);
> break;
>
> case BT_CONNECTED:
> case BT_CONFIG:
> if (sco_pi(sk)->conn->hcon) {
> sk->sk_state = BT_DISCONN;
> sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
> hci_conn_drop(sco_pi(sk)->conn->hcon);
> sco_pi(sk)->conn->hcon = NULL; //Invalid memory access happen here.
> } else
> sco_chan_del(sk, ECONNRESET);
> break;
>
> case BT_CONNECT2:
> case BT_CONNECT:
> case BT_DISCONN:
> ...
> ...
> }
> }
>
> Logs:
> Oct 21 23:35:12 alert Kernel: [ 175.323507] Unable to handle kernel NULL pointer dereference at virtual address 00000000
> .....
> Oct 21 23:35:12 warn Kernel: [ 175.338344] [<c0866be4>] (__sco_sock_close+0x1ec/0x230) from [<c0866d20>] (sco_sock_close+0x20/0x34)
> Oct 21 23:35:12 warn Kernel: [ 175.338478] [<c0866d20>] (sco_sock_close+0x20/0x34) from [<c0866d78>] (sco_sock_release+0x44/0x100)
> Oct 21 23:35:12 warn Kernel: [ 175.338614] [<c0866d78>] (sco_sock_release+0x44/0x100) from [<c0721ad0>] (sock_release+0x20/0xc4)
> Oct 21 23:35:12 warn Kernel: [ 175.338745] [<c0721ad0>] (sock_release+0x20/0xc4) from [<c07221e4>] (sock_close+0x20/0x2c)
> Oct 21 23:35:12 warn Kernel: [ 175.338874] [<c07221e4>] (sock_close+0x20/0x2c) from [<c02741d0>] (fput+0x11c/0x230)
> Oct 21 23:35:12 warn Kernel: [ 175.338994] [<c02741d0>] (fput+0x11c/0x230) from [<c0270fa8>] (filp_close+0x70/0x7c)
> Oct 21 23:35:12 warn Kernel: [ 175.339110] [<c0270fa8>] (filp_close+0x70/0x7c) from [<c0271064>] (sys_close+0xb0/0xf0)
> Oct 21 23:35:12 warn Kernel: [ 175.339232] [<c0271064>] (sys_close+0xb0/0xf0) from [<c0105d9c>] (__sys_trace_return+0x0/0x24)
You'll probably want to take a look at the SCO socket patch set that
Kuba sent in the beginning of this month:
[PATCH 0/5] Few proposed fixes to stop crashes on fast SCO disconnec
Particularly his second patch looks like something that could be related
to this.
Johan
next prev parent reply other threads:[~2015-10-23 8:33 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-23 8:28 Kernel panic observed during sco-connection-disconnection s.syam
2015-10-23 8:33 ` Johan Hedberg [this message]
2015-10-26 0:54 ` Syam Sidhardhan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151023083319.GA31574@t440s.lan \
--to=johan.hedberg@gmail.com \
--cc=biradar.a@samsung.com \
--cc=chanyeol.park@samsung.com \
--cc=hocheol.seo@samsung.com \
--cc=jy0214.kim@samsung.com \
--cc=kubax.t.pawlak@intel.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=nagaraj.dr@samsung.com \
--cc=s.syam@samsung.com \
--cc=sreeraj.mk@samsung.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.