[PW_SID:1098993] [v3] Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp by BluezTestBot · Pull Request #232 · bluez/bluetooth-next

BluezTestBot · 2026-05-21T20:22:32Z

From: Luiz Augusto von Dentz luiz.von.dentz@intel.com

If dcid is received for an already-assigned destination CID the spec
requires that both channels to be discarded, but calling l2cap_chan_del
may invalidate the tmp cursor created by list_for_each_entry_safe and
in fact it is the wrong procedure as the chan->dcid may be assigned
previously it really needs to be disconnected.

Calling l2cap_chan_clone directly may still lead to l2cap_chan_del so
instead schedule l2cap_chan_timeout with delay 0 to close the channel
asynchronously.

Fixes: `15f02b9` ("Bluetooth: L2CAP: Add initial code for Enhanced Credit Based Mode")
Signed-off-by: Luiz Augusto von Dentz luiz.von.dentz@intel.com

net/bluetooth/l2cap_core.c | 22 +++++++++++++++-------
1 file changed, 15 insertions(+), 7 deletions(-)

If dcid is received for an already-assigned destination CID the spec requires that both channels to be discarded, but calling l2cap_chan_del may invalidate the tmp cursor created by list_for_each_entry_safe and in fact it is the wrong procedure as the chan->dcid may be assigned previously it really needs to be disconnected. Calling l2cap_chan_clone directly may still lead to l2cap_chan_del so instead schedule l2cap_chan_timeout with delay 0 to close the channel asynchronously. Fixes: 15f02b9 ("Bluetooth: L2CAP: Add initial code for Enhanced Credit Based Mode") Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

github-actions · 2026-05-21T20:35:29Z

CheckPatch
Desc: Run checkpatch.pl script
Duration: 0.76 seconds
Result: PASS

github-actions · 2026-05-21T20:35:31Z

VerifyFixes
Desc: Verify Fixes tag format and validity
Duration: 0.14 seconds
Result: PASS

github-actions · 2026-05-21T20:35:33Z

VerifySignedoff
Desc: Verify Signed-off-by chain
Duration: 0.14 seconds
Result: PASS

github-actions · 2026-05-21T20:35:35Z

GitLint
Desc: Run gitlint
Duration: 0.34 seconds
Result: PASS

github-actions · 2026-05-21T20:35:37Z

SubjectPrefix
Desc: Check subject contains "Bluetooth" prefix
Duration: 0.13 seconds
Result: PASS

github-actions · 2026-05-21T20:36:08Z

BuildKernel
Desc: Build Kernel for Bluetooth
Duration: 24.91 seconds
Result: PASS

github-actions · 2026-05-21T20:36:42Z

CheckAllWarning
Desc: Run linux kernel with all warning enabled
Duration: 27.98 seconds
Result: PASS

github-actions · 2026-05-21T20:37:14Z

CheckSparse
Desc: Run sparse tool with linux kernel
Duration: 26.40 seconds
Result: PASS

github-actions · 2026-05-21T20:37:44Z

BuildKernel32
Desc: Build 32bit Kernel for Bluetooth
Duration: 24.55 seconds
Result: PASS

github-actions · 2026-05-21T20:46:35Z

TestRunnerSetup
Desc: Setup kernel and bluez for test-runner
Duration: 529.10 seconds
Result: PASS

github-actions · 2026-05-21T20:47:38Z

TestRunner_l2cap-tester
Desc: Run l2cap-tester with test-runner
Duration: 59.90 seconds
Result: PASS

github-actions · 2026-05-21T20:48:08Z

IncrementalBuild
Desc: Incremental build with the patches in the series
Duration: 23.97 seconds
Result: PASS

github-actions Bot added the area:l2cap label May 21, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[PW_SID:1098993] [v3] Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp#232

[PW_SID:1098993] [v3] Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp#232
BluezTestBot wants to merge 1 commit into
workflowfrom
1098993

BluezTestBot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

BluezTestBot commented May 21, 2026

Fixes: 15f02b9 ("Bluetooth: L2CAP: Add initial code for Enhanced Credit Based Mode") Signed-off-by: Luiz Augusto von Dentz luiz.von.dentz@intel.com

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

github-actions Bot commented May 21, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Fixes: `15f02b9` ("Bluetooth: L2CAP: Add initial code for Enhanced Credit Based Mode")
Signed-off-by: Luiz Augusto von Dentz luiz.von.dentz@intel.com