diff mbox series

[BlueZ,v2] device: Fix crash when removing device

Message ID 20220210225552.573320-1-luiz.dentz@gmail.com
State New
Headers show
Series [BlueZ,v2] device: Fix crash when removing device | expand

Commit Message

Luiz Augusto von Dentz Feb. 10, 2022, 10:55 p.m. UTC
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

Calling btd_adapter_remove_device from device_remove_connection can
cause a crash, so instead of removing it immediatelly this set a the
temporary timeout to 0.

Fixes: https://github.com/bluez/bluez/issues/290
---
v2: Fix compilation

 src/device.c | 46 +++++++++++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

Comments

Tedd Ho-Jeong An Feb. 10, 2022, 11:56 p.m. UTC | #1
On Thu, 2022-02-10 at 14:55 -0800, Luiz Augusto von Dentz wrote:
> From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
> 
> Calling btd_adapter_remove_device from device_remove_connection can
> cause a crash, so instead of removing it immediatelly this set a the
> temporary timeout to 0.
> 
> Fixes: https://github.com/bluez/bluez/issues/290

Tested-by: Tedd Ho-Jeong AN <tedd.an@intel.com>

> ---
> v2: Fix compilation
> 
>  src/device.c | 46 +++++++++++++++++++++++-----------------------
>  1 file changed, 23 insertions(+), 23 deletions(-)
> 
> diff --git a/src/device.c b/src/device.c
> index 6d29eb896..81b8ebd1e 100644
> --- a/src/device.c
> +++ b/src/device.c
> @@ -3200,6 +3200,28 @@ void device_add_connection(struct btd_device *dev, uint8_t bdaddr_type)
>                                                                 "Connected");
>  }
>  
> +static bool device_disappeared(gpointer user_data)
> +{
> +       struct btd_device *dev = user_data;
> +
> +       dev->temporary_timer = 0;
> +
> +       btd_adapter_remove_device(dev->adapter, dev);
> +
> +       return FALSE;
> +}
> +
> +static void set_temporary_timer(struct btd_device *dev, unsigned int timeout)
> +{
> +       clear_temporary_timer(dev);
> +
> +       if (!timeout)
> +               return;
> +
> +       dev->temporary_timer = timeout_add_seconds(timeout, device_disappeared,
> +                                                               dev, NULL);
> +}
> +
>  void device_remove_connection(struct btd_device *device, uint8_t bdaddr_type)
>  {
>         struct bearer_state *state = get_state(device, bdaddr_type);
> @@ -3285,7 +3307,7 @@ void device_remove_connection(struct btd_device *device, uint8_t bdaddr_type)
>                                                 DEVICE_INTERFACE, "Connected");
>  
>         if (remove_device)
> -               btd_adapter_remove_device(device->adapter, device);
> +               set_temporary_timer(device, 0);
>  }
>  
>  guint device_add_disconnect_watch(struct btd_device *device,
> @@ -4590,28 +4612,6 @@ void device_set_le_support(struct btd_device *device, uint8_t bdaddr_type)
>         store_device_info(device);
>  }
>  
> -static bool device_disappeared(gpointer user_data)
> -{
> -       struct btd_device *dev = user_data;
> -
> -       dev->temporary_timer = 0;
> -
> -       btd_adapter_remove_device(dev->adapter, dev);
> -
> -       return FALSE;
> -}
> -
> -static void set_temporary_timer(struct btd_device *dev, unsigned int timeout)
> -{
> -       clear_temporary_timer(dev);
> -
> -       if (!timeout)
> -               return;
> -
> -       dev->temporary_timer = timeout_add_seconds(timeout, device_disappeared,
> -                                                               dev, NULL);
> -}
> -
>  void device_update_last_seen(struct btd_device *device, uint8_t bdaddr_type)
>  {
>         if (bdaddr_type == BDADDR_BREDR)
bluez.test.bot@gmail.com Feb. 11, 2022, 12:23 a.m. UTC | #2
This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=613256

---Test result---

Test Summary:
CheckPatch                    FAIL      1.46 seconds
GitLint                       PASS      1.00 seconds
Prep - Setup ELL              PASS      41.27 seconds
Build - Prep                  PASS      0.75 seconds
Build - Configure             PASS      8.25 seconds
Build - Make                  PASS      1386.15 seconds
Make Check                    PASS      11.95 seconds
Make Check w/Valgrind         PASS      440.83 seconds
Make Distcheck                PASS      230.47 seconds
Build w/ext ELL - Configure   PASS      8.17 seconds
Build w/ext ELL - Make        PASS      1374.80 seconds
Incremental Build with patchesPASS      0.00 seconds

Details
##############################
Test: CheckPatch - FAIL
Desc: Run checkpatch.pl script with rule in .checkpatch.conf
Output:
[BlueZ,v2] device: Fix crash when removing device
WARNING:TYPO_SPELLING: 'immediatelly' may be misspelled - perhaps 'immediately'?
#81: 
cause a crash, so instead of removing it immediatelly this set a the
                                         ^^^^^^^^^^^^

/github/workspace/src/12742555.patch total: 0 errors, 1 warnings, 64 lines checked

NOTE: For some of the reported defects, checkpatch may be able to
      mechanically convert to the typical style using --fix or --fix-inplace.

/github/workspace/src/12742555.patch has style problems, please review.

NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO

NOTE: If any of the errors are false positives, please report
      them to the maintainer, see CHECKPATCH in MAINTAINERS.




---
Regards,
Linux Bluetooth
Luiz Augusto von Dentz Feb. 11, 2022, 10:20 p.m. UTC | #3
Hi,

On Thu, Feb 10, 2022 at 4:23 PM <bluez.test.bot@gmail.com> wrote:
>
> This is automated email and please do not reply to this email!
>
> Dear submitter,
>
> Thank you for submitting the patches to the linux bluetooth mailing list.
> This is a CI test results with your patch series:
> PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=613256
>
> ---Test result---
>
> Test Summary:
> CheckPatch                    FAIL      1.46 seconds
> GitLint                       PASS      1.00 seconds
> Prep - Setup ELL              PASS      41.27 seconds
> Build - Prep                  PASS      0.75 seconds
> Build - Configure             PASS      8.25 seconds
> Build - Make                  PASS      1386.15 seconds
> Make Check                    PASS      11.95 seconds
> Make Check w/Valgrind         PASS      440.83 seconds
> Make Distcheck                PASS      230.47 seconds
> Build w/ext ELL - Configure   PASS      8.17 seconds
> Build w/ext ELL - Make        PASS      1374.80 seconds
> Incremental Build with patchesPASS      0.00 seconds
>
> Details
> ##############################
> Test: CheckPatch - FAIL
> Desc: Run checkpatch.pl script with rule in .checkpatch.conf
> Output:
> [BlueZ,v2] device: Fix crash when removing device
> WARNING:TYPO_SPELLING: 'immediatelly' may be misspelled - perhaps 'immediately'?
> #81:
> cause a crash, so instead of removing it immediatelly this set a the
>                                          ^^^^^^^^^^^^
>
> /github/workspace/src/12742555.patch total: 0 errors, 1 warnings, 64 lines checked
>
> NOTE: For some of the reported defects, checkpatch may be able to
>       mechanically convert to the typical style using --fix or --fix-inplace.
>
> /github/workspace/src/12742555.patch has style problems, please review.
>
> NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO
>
> NOTE: If any of the errors are false positives, please report
>       them to the maintainer, see CHECKPATCH in MAINTAINERS.
>
>
>
>
> ---
> Regards,
> Linux Bluetooth

Pushed.
diff mbox series

Patch

diff --git a/src/device.c b/src/device.c
index 6d29eb896..81b8ebd1e 100644
--- a/src/device.c
+++ b/src/device.c
@@ -3200,6 +3200,28 @@  void device_add_connection(struct btd_device *dev, uint8_t bdaddr_type)
 								"Connected");
 }
 
+static bool device_disappeared(gpointer user_data)
+{
+	struct btd_device *dev = user_data;
+
+	dev->temporary_timer = 0;
+
+	btd_adapter_remove_device(dev->adapter, dev);
+
+	return FALSE;
+}
+
+static void set_temporary_timer(struct btd_device *dev, unsigned int timeout)
+{
+	clear_temporary_timer(dev);
+
+	if (!timeout)
+		return;
+
+	dev->temporary_timer = timeout_add_seconds(timeout, device_disappeared,
+								dev, NULL);
+}
+
 void device_remove_connection(struct btd_device *device, uint8_t bdaddr_type)
 {
 	struct bearer_state *state = get_state(device, bdaddr_type);
@@ -3285,7 +3307,7 @@  void device_remove_connection(struct btd_device *device, uint8_t bdaddr_type)
 						DEVICE_INTERFACE, "Connected");
 
 	if (remove_device)
-		btd_adapter_remove_device(device->adapter, device);
+		set_temporary_timer(device, 0);
 }
 
 guint device_add_disconnect_watch(struct btd_device *device,
@@ -4590,28 +4612,6 @@  void device_set_le_support(struct btd_device *device, uint8_t bdaddr_type)
 	store_device_info(device);
 }
 
-static bool device_disappeared(gpointer user_data)
-{
-	struct btd_device *dev = user_data;
-
-	dev->temporary_timer = 0;
-
-	btd_adapter_remove_device(dev->adapter, dev);
-
-	return FALSE;
-}
-
-static void set_temporary_timer(struct btd_device *dev, unsigned int timeout)
-{
-	clear_temporary_timer(dev);
-
-	if (!timeout)
-		return;
-
-	dev->temporary_timer = timeout_add_seconds(timeout, device_disappeared,
-								dev, NULL);
-}
-
 void device_update_last_seen(struct btd_device *device, uint8_t bdaddr_type)
 {
 	if (bdaddr_type == BDADDR_BREDR)