82881 – Possible dangling mutex_lock in function (rfcomm_tty_open) in file(linux3.3/net/bluetooth/rfcomm/tty.c)

Bug 82881 - Possible dangling mutex_lock in function (rfcomm_tty_open) in file(linux3.3/net/bluetooth/rfcomm/tty.c)

Summary: Possible dangling mutex_lock in function (rfcomm_tty_open) in file(linux3.3/n...

Status:	RESOLVED OBSOLETE

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	All Linux

Importance:	P1 normal
Assignee:	Stephen Hemminger

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-08-20 16:35 UTC by Ahmed Tamrawi
Modified:	2014-08-21 15:14 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:	3.3
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ahmed Tamrawi 2014-08-20 16:35:30 UTC

Function Source: http://lxr.free-electrons.com/source/net/bluetooth/rfcomm/tty.c?v=3.3#L669

In function (rfcomm_tty_open) in file(linux3.3/net/bluetooth/rfcomm/tty.c):

The mutex object locked by (tty_lock) at line 728 can possibly kept locked after exiting the function when one of the breaks at lines (715, 719, or 723) is executed. Causing race conditions if multiple calls to the same functions occurs with the same errors. Or causing dangling lock to the mutex object held by (tty_lock).

A possible solution is to call (tty_unlock) upon exiting the function. Possibly before the break points at lines (715, 719, or 723).

Note You need to log in before you can comment on or make changes to this bug.