* [PATCH bluez] bap: Fix setup double free with bis sink
@ 2025-08-19 8:03 Ye He via B4 Relay
2025-08-19 9:28 ` [bluez] " bluez.test.bot
0 siblings, 1 reply; 2+ messages in thread
From: Ye He via B4 Relay @ 2025-08-19 8:03 UTC (permalink / raw)
To: Linux Bluetooth; +Cc: Ye He
From: Ye He <ye.he@amlogic.com>
If try to remove the bis sink device that big sync lost with
remote bis source, the following crash is observed:
0x00000a78 in ?? ()
0x004c8970 in setup_free ()
0x00551a78 in queue_remove_all ()
0x00551abc in queue_destroy ()
0x004cb590 in bap_data_remove ()
0x004cb9f0 in bap_bcast_remove ()
0x0051457c in service_remove ()
0x005272e4 in device_remove ()
0x0050e134 in adapter_remove_connection ()
0x0050e24c in dev_disconnected ()
0x00553478 in request_complete ()
0x00554670 in can_read_data ()
0x005850c4 in watch_callback ()
0xf7d5ab9c in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
0xf7d5af28 in ?? () from /usr/lib/libglib-2.0.so.0
Signed-off-by: Ye He <ye.he@amlogic.com>
---
profiles/audio/bap.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/profiles/audio/bap.c b/profiles/audio/bap.c
index 2994881ccc1d7daa1d97210edc6ff67381e74cc1..c8c83cf94c57878f3bd8b805e926bd58ff648d9a 100644
--- a/profiles/audio/bap.c
+++ b/profiles/audio/bap.c
@@ -1010,6 +1010,8 @@ static void setup_free(void *data)
if (setup->ep)
queue_remove(setup->ep->setups, setup);
+ else if (setup->data->bcast_snks)
+ queue_remove(setup->data->bcast_snks, setup);
setup_io_close(setup, NULL);
---
base-commit: 0bb66d3d1abd7d25b840d535c03b1b9613727d5c
change-id: 20250819-bap-setup-double-free-38169b207db5
Best regards,
--
Ye He <ye.he@amlogic.com>
^ permalink raw reply related [flat|nested] 2+ messages in thread
* RE: [bluez] bap: Fix setup double free with bis sink
2025-08-19 8:03 [PATCH bluez] bap: Fix setup double free with bis sink Ye He via B4 Relay
@ 2025-08-19 9:28 ` bluez.test.bot
0 siblings, 0 replies; 2+ messages in thread
From: bluez.test.bot @ 2025-08-19 9:28 UTC (permalink / raw)
To: linux-bluetooth, ye.he
[-- Attachment #1: Type: text/plain, Size: 1261 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=992906
---Test result---
Test Summary:
CheckPatch PENDING 0.26 seconds
GitLint PENDING 0.27 seconds
BuildEll PASS 19.91 seconds
BluezMake PASS 2683.26 seconds
MakeCheck PASS 20.54 seconds
MakeDistcheck PASS 182.13 seconds
CheckValgrind PASS 233.10 seconds
CheckSmatch PASS 304.97 seconds
bluezmakeextell PASS 127.21 seconds
IncrementalBuild PENDING 0.37 seconds
ScanBuild PASS 904.12 seconds
Details
##############################
Test: CheckPatch - PENDING
Desc: Run checkpatch.pl script
Output:
##############################
Test: GitLint - PENDING
Desc: Run gitlint
Output:
##############################
Test: IncrementalBuild - PENDING
Desc: Incremental build with the patches in the series
Output:
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-08-19 9:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-19 8:03 [PATCH bluez] bap: Fix setup double free with bis sink Ye He via B4 Relay
2025-08-19 9:28 ` [bluez] " bluez.test.bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox