Bug 82881

Summary: Possible dangling mutex_lock in function (rfcomm_tty_open) in file(linux3.3/net/bluetooth/rfcomm/tty.c)
Product: Networking Reporter: Ahmed Tamrawi (atamrawi)
Component: OtherAssignee: Stephen Hemminger (stephen)
Status: RESOLVED OBSOLETE    
Severity: normal CC: alan
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 3.3 Subsystem:
Regression: No Bisected commit-id:

Description Ahmed Tamrawi 2014-08-20 16:35:30 UTC 
Function Source: http://lxr.free-electrons.com/source/net/bluetooth/rfcomm/tty.c?v=3.3#L669

In function (rfcomm_tty_open) in file(linux3.3/net/bluetooth/rfcomm/tty.c):

The mutex object locked by (tty_lock) at line 728 can possibly kept locked after exiting the function when one of the breaks at lines (715, 719, or 723) is executed. Causing race conditions if multiple calls to the same functions occurs with the same errors. Or causing dangling lock to the mutex object held by (tty_lock).

A possible solution is to call (tty_unlock) upon exiting the function. Possibly before the break points at lines (715, 719, or 723).