Removing the beacon cache entry from a uwb_dev can cause an oops if the
bce is released before the call to uwb_notify().
Signed-off-by: Stefano Panella <stefano.panella@csr.com>
Signed-off-by: David Vrabel <david.vrabel@csr.com>
expires = bce->ts_jiffies + msecs_to_jiffies(beacon_timeout_ms);
if (time_after(jiffies, expires)) {
uwbd_dev_offair(bce);
- list_del(&bce->node);
- uwb_bce_put(bce);
}
}
mutex_unlock(&rc->uwb_beca.mutex);
rc ? rc->uwb_dev.dev.parent->bus->name : "n/a",
rc ? dev_name(rc->uwb_dev.dev.parent) : "");
uwb_dev_rm(uwb_dev);
+ list_del(&uwb_dev->bce->node);
+ uwb_bce_put(uwb_dev->bce);
uwb_dev_put(uwb_dev); /* for the creation in _onair() */
return 0;
projects / linux-2.6-omap-h63xx.git / commitdiff