Re: Kernel bug: bluetooth meets TTY layer

From: David Newall
Date: Thu Dec 20 2007 - 14:39:55 EST

Next message: Kok, Auke: "Re: [PATCH] sky2: Use deferrable timer for watchdog"
Previous message: Tony Camuso: "Re: [Fwd: Re: [PATCH 0/5]PCI: x86 MMCONFIG]"
In reply to: Arjan van de Ven: "Kernel bug: bluetooth meets TTY layer"
Next in thread: Arjan van de Ven: "Re: Kernel bug: bluetooth meets TTY layer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Arjan,

I've not been able to find this file, "drivers/bluetooth/hci_tty.c", but anyway, This seems to be what happens: Hci_uart_close() flushes using hci_uart_flush(). Subsequently, in hci_dev_do_close(), (one step in hci_unregister_dev()), hci_uart_flush() is called again. The comment in uart_flush_buffer(), relating to the WARN_ON(), indicates you can't flush after the port is closed; which sounds reasonable. I think hci_uart_close() should set hdev->flush to NULL before returning. Hci_dev_do_close() does check for this. The code path is rather involved and I'm not entirely clear of all steps, but I think that's what should be done.

Patch for stupidly obsolete kernel attached.

David --- hci_ldisc.c 2007-09-11 02:54:02.000000000 +0930
+++ hci_ldisc.c.new 2007-12-21 06:03:11.000000000 +1030
@@ -203,16 +203,17 @@
static int hci_uart_close(struct hci_dev *hdev)
{
BT_DBG("hdev %p", hdev);

if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
return 0;

hci_uart_flush(hdev);
+ hdev->flush = NULL;
return 0;
}

/* Send frames from HCI layer */
static int hci_uart_send_frame(struct sk_buff *skb)
{
struct hci_dev* hdev = (struct hci_dev *) skb->dev;
struct tty_struct *tty;

Next message: Kok, Auke: "Re: [PATCH] sky2: Use deferrable timer for watchdog"
Previous message: Tony Camuso: "Re: [Fwd: Re: [PATCH 0/5]PCI: x86 MMCONFIG]"
In reply to: Arjan van de Ven: "Kernel bug: bluetooth meets TTY layer"
Next in thread: Arjan van de Ven: "Re: Kernel bug: bluetooth meets TTY layer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]