[PATCH BlueZ bluez] bap: Add NULL check for stream in iso_bcast_confirm

public inbox for linux-bluetooth@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH BlueZ bluez] bap: Add NULL check for stream in iso_bcast_confirm_cb()
@ 2025-07-22  3:26 Yang Li via B4 Relay
  2025-07-22  5:08 ` [BlueZ,bluez] " bluez.test.bot
  2025-07-22 14:27 ` [PATCH BlueZ bluez] " Luiz Augusto von Dentz
  0 siblings, 2 replies; 3+ messages in thread
From: Yang Li via B4 Relay @ 2025-07-22  3:26 UTC (permalink / raw)
  To: Linux Bluetooth; +Cc: Yang Li

From: Yang Li <yang.li@amlogic.com>

When a BIG sync is established and then immediately terminated,
the associated stream may have already been released.

backtrace:
  (gdb) bt
  #0  0x006d16c0 in queue_find ()
  #1  0x006d16cc in queue_find ()
  #2  0x006edd14 in stream_get_io ()
  #3  0x006f0bdc in bt_bap_stream_get_io ()
  #4  0x0064a440 in iso_bcast_confirm_cb ()
  #5  0x0065c36c in server_cb ()
  #6  0xf7878c24 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
  #7  0xf7878fb0 in ?? () from /usr/lib/libglib-2.0.so.0
  #8  0xf78793ec in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
  #9  0x007055d0 in mainloop_run ()
  #10 0x00705a34 in mainloop_run_with_signal ()
  #11 0x0061484c in main ()

Signed-off-by: Yang Li <yang.li@amlogic.com>
---
 profiles/audio/bap.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/profiles/audio/bap.c b/profiles/audio/bap.c
index f39a40458..022b5ae28 100644
--- a/profiles/audio/bap.c
+++ b/profiles/audio/bap.c
@@ -1370,12 +1370,17 @@ static bool stream_io_unset(const void *data, const void *user_data)
 static void iso_bcast_confirm_cb(GIOChannel *io, GError *err, void *user_data)
 {
 	struct bap_setup *setup = user_data;
-	struct bt_bap_stream *stream = setup->stream;
+	struct bt_bap_stream *stream;
 	int fd;
 	struct bap_data *bap_data = setup->data;
 
+	if (!setup && !setup->stream)
+		return;
+
 	DBG("BIG Sync completed");
 
+	stream = setup->stream;
+
 	/* The order of the BIS fds notified from kernel corresponds
 	 * to the order of the BISes that were enqueued before
 	 * calling bt_io_bcast_accept.

---
base-commit: 52de8da1a99cd33b517284f87d231055a0dee6bb
change-id: 20250722-bap_crash-7ba065496958

Best regards,
-- 
Yang Li <yang.li@amlogic.com>



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* RE: [BlueZ,bluez] bap: Add NULL check for stream in iso_bcast_confirm_cb()
  2025-07-22  3:26 [PATCH BlueZ bluez] bap: Add NULL check for stream in iso_bcast_confirm_cb() Yang Li via B4 Relay
@ 2025-07-22  5:08 ` bluez.test.bot
  2025-07-22 14:27 ` [PATCH BlueZ bluez] " Luiz Augusto von Dentz
  1 sibling, 0 replies; 3+ messages in thread
From: bluez.test.bot @ 2025-07-22  5:08 UTC (permalink / raw)
  To: linux-bluetooth, yang.li

[-- Attachment #1: Type: text/plain, Size: 1261 bytes --]

This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=984529

---Test result---

Test Summary:
CheckPatch                    PENDING   0.27 seconds
GitLint                       PENDING   0.25 seconds
BuildEll                      PASS      20.32 seconds
BluezMake                     PASS      2678.12 seconds
MakeCheck                     PASS      21.95 seconds
MakeDistcheck                 PASS      185.84 seconds
CheckValgrind                 PASS      236.28 seconds
CheckSmatch                   PASS      311.08 seconds
bluezmakeextell               PASS      128.42 seconds
IncrementalBuild              PENDING   0.32 seconds
ScanBuild                     PASS      920.09 seconds

Details
##############################
Test: CheckPatch - PENDING
Desc: Run checkpatch.pl script
Output:

##############################
Test: GitLint - PENDING
Desc: Run gitlint
Output:

##############################
Test: IncrementalBuild - PENDING
Desc: Incremental build with the patches in the series
Output:



---
Regards,
Linux Bluetooth


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH BlueZ bluez] bap: Add NULL check for stream in iso_bcast_confirm_cb()
  2025-07-22  3:26 [PATCH BlueZ bluez] bap: Add NULL check for stream in iso_bcast_confirm_cb() Yang Li via B4 Relay
  2025-07-22  5:08 ` [BlueZ,bluez] " bluez.test.bot
@ 2025-07-22 14:27 ` Luiz Augusto von Dentz
  1 sibling, 0 replies; 3+ messages in thread
From: Luiz Augusto von Dentz @ 2025-07-22 14:27 UTC (permalink / raw)
  To: yang.li; +Cc: Linux Bluetooth

Hi,

On Mon, Jul 21, 2025 at 11:29 PM Yang Li via B4 Relay
<devnull+yang.li.amlogic.com@kernel.org> wrote:
>
> From: Yang Li <yang.li@amlogic.com>
>
> When a BIG sync is established and then immediately terminated,
> the associated stream may have already been released.
>
> backtrace:
>   (gdb) bt
>   #0  0x006d16c0 in queue_find ()
>   #1  0x006d16cc in queue_find ()
>   #2  0x006edd14 in stream_get_io ()
>   #3  0x006f0bdc in bt_bap_stream_get_io ()
>   #4  0x0064a440 in iso_bcast_confirm_cb ()
>   #5  0x0065c36c in server_cb ()
>   #6  0xf7878c24 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
>   #7  0xf7878fb0 in ?? () from /usr/lib/libglib-2.0.so.0
>   #8  0xf78793ec in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
>   #9  0x007055d0 in mainloop_run ()
>   #10 0x00705a34 in mainloop_run_with_signal ()
>   #11 0x0061484c in main ()
>
> Signed-off-by: Yang Li <yang.li@amlogic.com>
> ---
>  profiles/audio/bap.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/profiles/audio/bap.c b/profiles/audio/bap.c
> index f39a40458..022b5ae28 100644
> --- a/profiles/audio/bap.c
> +++ b/profiles/audio/bap.c
> @@ -1370,12 +1370,17 @@ static bool stream_io_unset(const void *data, const void *user_data)
>  static void iso_bcast_confirm_cb(GIOChannel *io, GError *err, void *user_data)
>  {
>         struct bap_setup *setup = user_data;
> -       struct bt_bap_stream *stream = setup->stream;
> +       struct bt_bap_stream *stream;
>         int fd;
>         struct bap_data *bap_data = setup->data;
>
> +       if (!setup && !setup->stream)
> +               return;

This is indicative that io channel is not being canceled/shutdown
properly, if it was then the confirm callback shall not be called, so
this is more of a workaround so we need to figure out why that
callback is still being called if the stream is destroyed.

>         DBG("BIG Sync completed");
>
> +       stream = setup->stream;
> +
>         /* The order of the BIS fds notified from kernel corresponds
>          * to the order of the BISes that were enqueued before
>          * calling bt_io_bcast_accept.
>
> ---
> base-commit: 52de8da1a99cd33b517284f87d231055a0dee6bb
> change-id: 20250722-bap_crash-7ba065496958
>
> Best regards,
> --
> Yang Li <yang.li@amlogic.com>
>
>
>


-- 
Luiz Augusto von Dentz

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-07-22 14:27 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-22  3:26 [PATCH BlueZ bluez] bap: Add NULL check for stream in iso_bcast_confirm_cb() Yang Li via B4 Relay
2025-07-22  5:08 ` [BlueZ,bluez] " bluez.test.bot
2025-07-22 14:27 ` [PATCH BlueZ bluez] " Luiz Augusto von Dentz

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox