9a5df92374
It turns out that the following sequence of actions will reproduce the oops: 1. Create a new RFCOMM device (using RFCOMMCREATEDEV ioctl) 2. (Try to) open the device 3. Release the RFCOMM device (using RFCOMMRELEASEDEV ioctl) At this point, the "/dev/rfcomm*" device is still in use, but it is gone from the internal list, so the device id can be reused. 4. Create a new RFCOMM device with the same device id as before And now kobject will complain that the TTY already exists. (See http://lkml.org/lkml/2008/7/13/89 for a reproducible test-case.) This patch attempts to correct this by only removing the device from the internal list of devices at the final unregister stage, so that the id won't get reused until the device has been completely destructed. This should be safe as the RFCOMM_TTY_RELEASED bit will be set for the device and prevent the device from being reopened after it has been released. Based on a report from Vegard Nossum <vegard.nossum@gmail.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> |
||
---|---|---|
.. | ||
bnep | ||
cmtp | ||
hidp | ||
rfcomm | ||
af_bluetooth.c | ||
hci_conn.c | ||
hci_core.c | ||
hci_event.c | ||
hci_sock.c | ||
hci_sysfs.c | ||
Kconfig | ||
l2cap.c | ||
lib.c | ||
Makefile | ||
sco.c |