Return-Path: Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: [PATCH] bluetooth: 6lowpan: fix delay work init in add_peer_chan() From: Marcel Holtmann In-Reply-To: <20170329061054.4300-1-michael.scott@linaro.org> Date: Fri, 31 Mar 2017 12:10:44 +0200 Cc: "Gustavo F. Padovan" , Johan Hedberg , "David S. Miller" , Jukka Rissanen , linux-bluetooth@vger.kernel.org, linux-wpan@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Message-Id: <6B40174C-6834-4C3D-BF41-92119E78E353@holtmann.org> References: <20170329061054.4300-1-michael.scott@linaro.org> To: Michael Scott Sender: linux-kernel-owner@vger.kernel.org List-ID: Hi Michael, > When adding 6lowpan devices very rapidly we sometimes see a crash: > [23122.306615] CPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.9.0-43-arm64 #1 Debian 4.9.9.linaro.43-1 > [23122.315400] Hardware name: HiKey Development Board (DT) > [23122.320623] task: ffff800075443080 task.stack: ffff800075484000 > [23122.326551] PC is at expire_timers+0x70/0x150 > [23122.330907] LR is at run_timer_softirq+0xa0/0x1a0 > [23122.335616] pc : [] lr : [] pstate: 600001c5 > > This was due to add_peer_chan() unconditionally initializing the > lowpan_btle_dev->notify_peers delayed work structure, even if the > lowpan_btle_dev passed into add_peer_chan() had previously been > initialized. > > Normally, this would go unnoticed as the delayed work timer is set for > 100 msec, however when calling add_peer_chan() faster than 100 msec it > clears out a previously queued delay work causing the crash above. > > To fix this, let add_peer_chan() know when a new lowpan_btle_dev is passed > in so that it only performs the delay work initialization when needed. > > Signed-off-by: Michael Scott > --- > net/bluetooth/6lowpan.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) patch has been applied to bluetooth-next tree. Regards Marcel