As queue_work() does not guarantee ordered execution of sm_work it can happen in crossover RSET usecase that connect timer will constantly change the shdlc state from NEGOTIATING to CONNECTING before shdlc have chance to handle incoming frame. As a result the incoming RSET frame will remain not handled before putting shdlc into DISCONNECTED state which is too late. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@xxxxxxxxx> --- net/nfc/hci/shdlc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/nfc/hci/shdlc.c b/net/nfc/hci/shdlc.c index fd75cec..fe66cbc 100644 --- a/net/nfc/hci/shdlc.c +++ b/net/nfc/hci/shdlc.c @@ -365,7 +365,8 @@ static void nfc_shdlc_rcv_u_frame(struct nfc_shdlc *shdlc, switch (u_frame_modifier) { case U_FRAME_RSET: - if (shdlc->state == SHDLC_NEGOCIATING) { + if ( (shdlc->state == SHDLC_NEGOCIATING) || + (shdlc->state == SHDLC_CONNECTING) ) { /* we sent RSET, but chip wants to negociate */ if (skb->len > 0) w = skb->data[0]; -- 1.7.10 -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html