* [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
@ 2026-06-02 7:00 Jiajia Liu
2026-06-02 11:36 ` [v2] " bluez.test.bot
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Jiajia Liu @ 2026-06-02 7:00 UTC (permalink / raw)
To: Marcel Holtmann, Luiz Augusto von Dentz, Brian Gix
Cc: linux-bluetooth, linux-kernel, Jiajia Liu, Jiajia Liu
When hci_inquiry_complete_evt is called between le_scan_disable and
le_set_scan_enable_complete and no remote name needs to be resolved,
the interleaved discovery with SIMULTANEOUS quirk gets stuck in
DISCOVERY_FINDING. le_set_scan_enable_complete does not check inquiry
state. No one sets DISCOVERY_STOPPED in this process.
Add state check in le_set_scan_enable_complete and change state if
the state is DISCOVERY_FINDING. Tested with AX201 (8087:0026) in Dell
Vostro 13. Discovering disabled MGMT Event below is reported when
running into the above condition.
@ MGMT Command: Start Discovery (0x0023) {0x0001} [hci0] 10885.970873
Address type: 0x07
BR/EDR
LE Public
LE Random
...
< HCI Command: LE Set Extended Scan Enable #38205 [hci0] 10886.131438
Extended scan: Enabled (0x01)
Filter duplicates: Enabled (0x01)
Duration: 0 msec (0x0000)
Period: 0.00 sec (0x0000)
> HCI Event: Command Complete (0x0e) plen 4 #38206 [hci0] 10886.133295
LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
Status: Success (0x00)
@ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10886.133414
Address type: 0x07
BR/EDR
LE Public
LE Random
Discovery: Enabled (0x01)
< HCI Command: Inquiry (0x01|0x0001) plen 5 #38207 [hci0] 10886.133528
Access code: 0x9e8b33 (General Inquiry)
Length: 10.24s (0x08)
Num responses: 0
> HCI Event: Command Status (0x0f) plen 4 #38208 [hci0] 10886.141333
Inquiry (0x01|0x0001) ncmd 2
Status: Success (0x00)
...
< HCI Command: LE Set Extended Scan Enable #38242 [hci0] 10896.381802
Extended scan: Disabled (0x00)
Filter duplicates: Disabled (0x00)
Duration: 0 msec (0x0000)
Period: 0.00 sec (0x0000)
> HCI Event: Inquiry Complete (0x01) plen 1 #38243 [hci0] 10896.383419
Status: Success (0x00)
> HCI Event: Command Complete (0x0e) plen 4 #38244 [hci0] 10896.394378
LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
Status: Success (0x00)
@ MGMT Event: Device Found (0x0012) plen 22 {0x0001} [hci0] 10896.394497
LE Address: 88:12:AC:92:43:69
RSSI: -101 dBm (0x9b)
Flags: 0x00000004
Not Connectable
Data length: 8
Company: Xiaomi Inc. (911)
Data[0]:
16-bit Service UUIDs (complete): 1 entry
Xiaomi Inc. (0xfdaa)
@ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10896.394506
Address type: 0x07
BR/EDR
LE Public
LE Random
Discovery: Disabled (0x00)
Fixes: 8ffde2a73f2c ("Bluetooth: Convert le_scan_disable timeout to hci_sync")
Signed-off-by: Jiajia Liu <liujiajia@kylinos.cn>
---
Changes in v2:
- move the handler to hci_event.c
- remove unnecessary bt_dev_dbg
- update commit message
---
net/bluetooth/hci_event.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index eea2f810aafa..1cd5f97daafe 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -1769,6 +1769,13 @@ static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
hci_dev_clear_flag(hdev, HCI_LE_SCAN);
+ if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
+ hci_test_quirk(hdev, HCI_QUIRK_SIMULTANEOUS_DISCOVERY) &&
+ !test_bit(HCI_INQUIRY, &hdev->flags) &&
+ hdev->discovery.state == DISCOVERY_FINDING) {
+ hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
+ }
+
/* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
* interrupted scanning due to a connect request. Mark
* therefore discovery as stopped.
--
2.53.0
^ permalink raw reply related [flat|nested] 7+ messages in thread* RE: [v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
2026-06-02 7:00 [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING Jiajia Liu
@ 2026-06-02 11:36 ` bluez.test.bot
2026-06-02 14:40 ` [PATCH v2] " Paul Menzel
2026-06-03 17:50 ` patchwork-bot+bluetooth
2 siblings, 0 replies; 7+ messages in thread
From: bluez.test.bot @ 2026-06-02 11:36 UTC (permalink / raw)
To: linux-bluetooth, liujiajia
[-- Attachment #1: Type: text/plain, Size: 2204 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=1104423
---Test result---
Test Summary:
CheckPatch PASS 0.76 seconds
VerifyFixes PASS 0.14 seconds
VerifySignedoff PASS 0.14 seconds
GitLint PASS 0.37 seconds
SubjectPrefix PASS 0.13 seconds
BuildKernel PASS 26.13 seconds
CheckAllWarning PASS 27.92 seconds
CheckSparse PASS 27.22 seconds
BuildKernel32 PASS 25.43 seconds
TestRunnerSetup PASS 522.36 seconds
TestRunner_l2cap-tester PASS 57.70 seconds
TestRunner_iso-tester PASS 76.39 seconds
TestRunner_bnep-tester PASS 19.10 seconds
TestRunner_mgmt-tester FAIL 208.55 seconds
TestRunner_rfcomm-tester PASS 25.54 seconds
TestRunner_sco-tester PASS 32.18 seconds
TestRunner_ioctl-tester PASS 25.97 seconds
TestRunner_mesh-tester FAIL 26.03 seconds
TestRunner_smp-tester PASS 23.19 seconds
TestRunner_userchan-tester PASS 20.07 seconds
TestRunner_6lowpan-tester PASS 22.58 seconds
IncrementalBuild PASS 24.00 seconds
Details
##############################
Test: TestRunner_mgmt-tester - FAIL
Desc: Run mgmt-tester with test-runner
Output:
Total: 494, Passed: 489 (99.0%), Failed: 1, Not Run: 4
Failed Test Cases
Read Exp Feature - Success Failed 0.237 seconds
##############################
Test: TestRunner_mesh-tester - FAIL
Desc: Run mesh-tester with test-runner
Output:
Total: 10, Passed: 8 (80.0%), Failed: 2, Not Run: 0
Failed Test Cases
Mesh - Send cancel - 1 Timed out 2.593 seconds
Mesh - Send cancel - 2 Timed out 1.993 seconds
https://github.com/bluez/bluetooth-next/pull/272
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
2026-06-02 7:00 [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING Jiajia Liu
2026-06-02 11:36 ` [v2] " bluez.test.bot
@ 2026-06-02 14:40 ` Paul Menzel
2026-06-02 16:43 ` Luiz Augusto von Dentz
2026-06-03 17:50 ` patchwork-bot+bluetooth
2 siblings, 1 reply; 7+ messages in thread
From: Paul Menzel @ 2026-06-02 14:40 UTC (permalink / raw)
To: Jiajia Liu
Cc: Marcel Holtmann, Luiz Augusto von Dentz, Brian Gix,
linux-bluetooth, linux-kernel, Jiajia Liu
Dear Jiajia,
Thank you for your patch.
Am 02.06.26 um 09:00 schrieb Jiajia Liu:
> When hci_inquiry_complete_evt is called between le_scan_disable and
> le_set_scan_enable_complete and no remote name needs to be resolved,
> the interleaved discovery with SIMULTANEOUS quirk gets stuck in
> DISCOVERY_FINDING. le_set_scan_enable_complete does not check inquiry
> state. No one sets DISCOVERY_STOPPED in this process.
>
> Add state check in le_set_scan_enable_complete and change state if
> the state is DISCOVERY_FINDING. Tested with AX201 (8087:0026) in Dell
… change state to DISCOVERY_STOPPED …
I’d add a new paragraph for the Tested part.
> Vostro 13. Discovering disabled MGMT Event below is reported when
> running into the above condition.
Thank you for sharing the test device. Could you please document how to
get into this state exactly? Some Xiaomi device?
> @ MGMT Command: Start Discovery (0x0023) {0x0001} [hci0] 10885.970873
> Address type: 0x07
> BR/EDR
> LE Public
> LE Random
> ...
> < HCI Command: LE Set Extended Scan Enable #38205 [hci0] 10886.131438
> Extended scan: Enabled (0x01)
> Filter duplicates: Enabled (0x01)
> Duration: 0 msec (0x0000)
> Period: 0.00 sec (0x0000)
> > HCI Event: Command Complete (0x0e) plen 4 #38206 [hci0] 10886.133295
> LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
> Status: Success (0x00)
> @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10886.133414
> Address type: 0x07
> BR/EDR
> LE Public
> LE Random
> Discovery: Enabled (0x01)
> < HCI Command: Inquiry (0x01|0x0001) plen 5 #38207 [hci0] 10886.133528
> Access code: 0x9e8b33 (General Inquiry)
> Length: 10.24s (0x08)
> Num responses: 0
> > HCI Event: Command Status (0x0f) plen 4 #38208 [hci0] 10886.141333
> Inquiry (0x01|0x0001) ncmd 2
> Status: Success (0x00)
> ...
> < HCI Command: LE Set Extended Scan Enable #38242 [hci0] 10896.381802
> Extended scan: Disabled (0x00)
> Filter duplicates: Disabled (0x00)
> Duration: 0 msec (0x0000)
> Period: 0.00 sec (0x0000)
> > HCI Event: Inquiry Complete (0x01) plen 1 #38243 [hci0] 10896.383419
> Status: Success (0x00)
> > HCI Event: Command Complete (0x0e) plen 4 #38244 [hci0] 10896.394378
> LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
> Status: Success (0x00)
> @ MGMT Event: Device Found (0x0012) plen 22 {0x0001} [hci0] 10896.394497
> LE Address: 88:12:AC:92:43:69
> RSSI: -101 dBm (0x9b)
> Flags: 0x00000004
> Not Connectable
> Data length: 8
> Company: Xiaomi Inc. (911)
> Data[0]:
> 16-bit Service UUIDs (complete): 1 entry
> Xiaomi Inc. (0xfdaa)
> @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10896.394506
> Address type: 0x07
> BR/EDR
> LE Public
> LE Random
> Discovery: Disabled (0x00)
>
> Fixes: 8ffde2a73f2c ("Bluetooth: Convert le_scan_disable timeout to hci_sync")
> Signed-off-by: Jiajia Liu <liujiajia@kylinos.cn>
> ---
>
> Changes in v2:
> - move the handler to hci_event.c
> - remove unnecessary bt_dev_dbg
> - update commit message
>
> ---
> net/bluetooth/hci_event.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
> index eea2f810aafa..1cd5f97daafe 100644
> --- a/net/bluetooth/hci_event.c
> +++ b/net/bluetooth/hci_event.c
> @@ -1769,6 +1769,13 @@ static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
>
> hci_dev_clear_flag(hdev, HCI_LE_SCAN);
>
> + if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
> + hci_test_quirk(hdev, HCI_QUIRK_SIMULTANEOUS_DISCOVERY) &&
> + !test_bit(HCI_INQUIRY, &hdev->flags) &&
> + hdev->discovery.state == DISCOVERY_FINDING) {
> + hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
> + }
> +
> /* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
> * interrupted scanning due to a connect request. Mark
> * therefore discovery as stopped.
Kind regards,
Paul
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
2026-06-02 14:40 ` [PATCH v2] " Paul Menzel
@ 2026-06-02 16:43 ` Luiz Augusto von Dentz
2026-06-02 21:53 ` Paul Menzel
0 siblings, 1 reply; 7+ messages in thread
From: Luiz Augusto von Dentz @ 2026-06-02 16:43 UTC (permalink / raw)
To: Paul Menzel
Cc: Jiajia Liu, Marcel Holtmann, Brian Gix, linux-bluetooth,
linux-kernel, Jiajia Liu
Hi Paul,
On Tue, Jun 2, 2026 at 10:41 AM Paul Menzel <pmenzel@molgen.mpg.de> wrote:
>
> Dear Jiajia,
>
>
> Thank you for your patch.
>
> Am 02.06.26 um 09:00 schrieb Jiajia Liu:
> > When hci_inquiry_complete_evt is called between le_scan_disable and
> > le_set_scan_enable_complete and no remote name needs to be resolved,
> > the interleaved discovery with SIMULTANEOUS quirk gets stuck in
> > DISCOVERY_FINDING. le_set_scan_enable_complete does not check inquiry
> > state. No one sets DISCOVERY_STOPPED in this process.
> >
> > Add state check in le_set_scan_enable_complete and change state if
> > the state is DISCOVERY_FINDING. Tested with AX201 (8087:0026) in Dell
>
> … change state to DISCOVERY_STOPPED …
>
> I’d add a new paragraph for the Tested part.
>
> > Vostro 13. Discovering disabled MGMT Event below is reported when
> > running into the above condition.
>
> Thank you for sharing the test device. Could you please document how to
> get into this state exactly? Some Xiaomi device?
What are you talking about here by saying Xiaom devicei? He literally
said Dell Vostro 13, a laptop, and this is a local only procedure,
there is no remote device involved here.
> > @ MGMT Command: Start Discovery (0x0023) {0x0001} [hci0] 10885.970873
> > Address type: 0x07
> > BR/EDR
> > LE Public
> > LE Random
> > ...
> > < HCI Command: LE Set Extended Scan Enable #38205 [hci0] 10886.131438
> > Extended scan: Enabled (0x01)
> > Filter duplicates: Enabled (0x01)
> > Duration: 0 msec (0x0000)
> > Period: 0.00 sec (0x0000)
> > > HCI Event: Command Complete (0x0e) plen 4 #38206 [hci0] 10886.133295
> > LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
> > Status: Success (0x00)
> > @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10886.133414
> > Address type: 0x07
> > BR/EDR
> > LE Public
> > LE Random
> > Discovery: Enabled (0x01)
> > < HCI Command: Inquiry (0x01|0x0001) plen 5 #38207 [hci0] 10886.133528
> > Access code: 0x9e8b33 (General Inquiry)
> > Length: 10.24s (0x08)
> > Num responses: 0
> > > HCI Event: Command Status (0x0f) plen 4 #38208 [hci0] 10886.141333
> > Inquiry (0x01|0x0001) ncmd 2
> > Status: Success (0x00)
> > ...
> > < HCI Command: LE Set Extended Scan Enable #38242 [hci0] 10896.381802
> > Extended scan: Disabled (0x00)
> > Filter duplicates: Disabled (0x00)
> > Duration: 0 msec (0x0000)
> > Period: 0.00 sec (0x0000)
> > > HCI Event: Inquiry Complete (0x01) plen 1 #38243 [hci0] 10896.383419
> > Status: Success (0x00)
> > > HCI Event: Command Complete (0x0e) plen 4 #38244 [hci0] 10896.394378
> > LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
> > Status: Success (0x00)
> > @ MGMT Event: Device Found (0x0012) plen 22 {0x0001} [hci0] 10896.394497
> > LE Address: 88:12:AC:92:43:69
> > RSSI: -101 dBm (0x9b)
> > Flags: 0x00000004
> > Not Connectable
> > Data length: 8
> > Company: Xiaomi Inc. (911)
> > Data[0]:
> > 16-bit Service UUIDs (complete): 1 entry
> > Xiaomi Inc. (0xfdaa)
> > @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10896.394506
> > Address type: 0x07
> > BR/EDR
> > LE Public
> > LE Random
> > Discovery: Disabled (0x00)
> >
> > Fixes: 8ffde2a73f2c ("Bluetooth: Convert le_scan_disable timeout to hci_sync")
> > Signed-off-by: Jiajia Liu <liujiajia@kylinos.cn>
> > ---
> >
> > Changes in v2:
> > - move the handler to hci_event.c
> > - remove unnecessary bt_dev_dbg
> > - update commit message
> >
> > ---
> > net/bluetooth/hci_event.c | 7 +++++++
> > 1 file changed, 7 insertions(+)
> >
> > diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
> > index eea2f810aafa..1cd5f97daafe 100644
> > --- a/net/bluetooth/hci_event.c
> > +++ b/net/bluetooth/hci_event.c
> > @@ -1769,6 +1769,13 @@ static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
> >
> > hci_dev_clear_flag(hdev, HCI_LE_SCAN);
> >
> > + if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
> > + hci_test_quirk(hdev, HCI_QUIRK_SIMULTANEOUS_DISCOVERY) &&
> > + !test_bit(HCI_INQUIRY, &hdev->flags) &&
> > + hdev->discovery.state == DISCOVERY_FINDING) {
> > + hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
> > + }
> > +
> > /* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
> > * interrupted scanning due to a connect request. Mark
> > * therefore discovery as stopped.
>
>
> Kind regards,
>
> Paul
--
Luiz Augusto von Dentz
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
2026-06-02 16:43 ` Luiz Augusto von Dentz
@ 2026-06-02 21:53 ` Paul Menzel
2026-06-03 2:45 ` Jiajia Liu
0 siblings, 1 reply; 7+ messages in thread
From: Paul Menzel @ 2026-06-02 21:53 UTC (permalink / raw)
To: Luiz Augusto von Dentz
Cc: Jiajia Liu, Marcel Holtmann, linux-bluetooth, linux-kernel,
Jiajia Liu
[Cc: -brian.gix@intel.com (bouncing)]
Dear Luiz,
Am 02.06.26 um 18:43 schrieb Luiz Augusto von Dentz:
> On Tue, Jun 2, 2026 at 10:41 AM Paul Menzel <pmenzel@molgen.mpg.de> wrote:
>> Am 02.06.26 um 09:00 schrieb Jiajia Liu:
>>> When hci_inquiry_complete_evt is called between le_scan_disable and
>>> le_set_scan_enable_complete and no remote name needs to be resolved,
>>> the interleaved discovery with SIMULTANEOUS quirk gets stuck in
>>> DISCOVERY_FINDING. le_set_scan_enable_complete does not check inquiry
>>> state. No one sets DISCOVERY_STOPPED in this process.
>>>
>>> Add state check in le_set_scan_enable_complete and change state if
>>> the state is DISCOVERY_FINDING. Tested with AX201 (8087:0026) in Dell
>>
>> … change state to DISCOVERY_STOPPED …
>>
>> I’d add a new paragraph for the Tested part.
>>
>>> Vostro 13. Discovering disabled MGMT Event below is reported when
>>> running into the above condition.
>>
>> Thank you for sharing the test device. Could you please document how to
>> get into this state exactly? Some Xiaomi device?
>
> What are you talking about here by saying Xiaomi device? He literally
> said Dell Vostro 13, a laptop, and this is a local only procedure,
> there is no remote device involved here.
In the trace below a Xiaomi device shows up, if I am not mistaken.
>>> @ MGMT Command: Start Discovery (0x0023) {0x0001} [hci0] 10885.970873
>>> Address type: 0x07
>>> BR/EDR
>>> LE Public
>>> LE Random
>>> ...
>>> < HCI Command: LE Set Extended Scan Enable #38205 [hci0] 10886.131438
>>> Extended scan: Enabled (0x01)
>>> Filter duplicates: Enabled (0x01)
>>> Duration: 0 msec (0x0000)
>>> Period: 0.00 sec (0x0000)
>>> > HCI Event: Command Complete (0x0e) plen 4 #38206 [hci0] 10886.133295
>>> LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
>>> Status: Success (0x00)
>>> @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10886.133414
>>> Address type: 0x07
>>> BR/EDR
>>> LE Public
>>> LE Random
>>> Discovery: Enabled (0x01)
>>> < HCI Command: Inquiry (0x01|0x0001) plen 5 #38207 [hci0] 10886.133528
>>> Access code: 0x9e8b33 (General Inquiry)
>>> Length: 10.24s (0x08)
>>> Num responses: 0
>>> > HCI Event: Command Status (0x0f) plen 4 #38208 [hci0] 10886.141333
>>> Inquiry (0x01|0x0001) ncmd 2
>>> Status: Success (0x00)
>>> ...
>>> < HCI Command: LE Set Extended Scan Enable #38242 [hci0] 10896.381802
>>> Extended scan: Disabled (0x00)
>>> Filter duplicates: Disabled (0x00)
>>> Duration: 0 msec (0x0000)
>>> Period: 0.00 sec (0x0000)
>>> > HCI Event: Inquiry Complete (0x01) plen 1 #38243 [hci0] 10896.383419
>>> Status: Success (0x00)
>>> > HCI Event: Command Complete (0x0e) plen 4 #38244 [hci0] 10896.394378
>>> LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
>>> Status: Success (0x00)
>>> @ MGMT Event: Device Found (0x0012) plen 22 {0x0001} [hci0] 10896.394497
>>> LE Address: 88:12:AC:92:43:69
>>> RSSI: -101 dBm (0x9b)
>>> Flags: 0x00000004
>>> Not Connectable
>>> Data length: 8
>>> Company: Xiaomi Inc. (911)
>>> Data[0]:
>>> 16-bit Service UUIDs (complete): 1 entry
>>> Xiaomi Inc. (0xfdaa)
>>> @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10896.394506
>>> Address type: 0x07
>>> BR/EDR
>>> LE Public
>>> LE Random
>>> Discovery: Disabled (0x00)
>>>
>>> Fixes: 8ffde2a73f2c ("Bluetooth: Convert le_scan_disable timeout to hci_sync")
>>> Signed-off-by: Jiajia Liu <liujiajia@kylinos.cn>
>>> ---
>>>
>>> Changes in v2:
>>> - move the handler to hci_event.c
>>> - remove unnecessary bt_dev_dbg
>>> - update commit message
>>>
>>> ---
>>> net/bluetooth/hci_event.c | 7 +++++++
>>> 1 file changed, 7 insertions(+)
>>>
>>> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
>>> index eea2f810aafa..1cd5f97daafe 100644
>>> --- a/net/bluetooth/hci_event.c
>>> +++ b/net/bluetooth/hci_event.c
>>> @@ -1769,6 +1769,13 @@ static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
>>>
>>> hci_dev_clear_flag(hdev, HCI_LE_SCAN);
>>>
>>> + if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
>>> + hci_test_quirk(hdev, HCI_QUIRK_SIMULTANEOUS_DISCOVERY) &&
>>> + !test_bit(HCI_INQUIRY, &hdev->flags) &&
>>> + hdev->discovery.state == DISCOVERY_FINDING) {
>>> + hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
>>> + }
>>> +
>>> /* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
>>> * interrupted scanning due to a connect request. Mark
>>> * therefore discovery as stopped.
Kind regards,
Paul
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
2026-06-02 21:53 ` Paul Menzel
@ 2026-06-03 2:45 ` Jiajia Liu
0 siblings, 0 replies; 7+ messages in thread
From: Jiajia Liu @ 2026-06-03 2:45 UTC (permalink / raw)
To: Paul Menzel
Cc: Luiz Augusto von Dentz, Marcel Holtmann, linux-bluetooth,
linux-kernel, Jiajia Liu
On Tue, Jun 02, 2026 at 11:53:29PM +0200, Paul Menzel wrote:
> [Cc: -brian.gix@intel.com (bouncing)]
>
> Dear Luiz,
>
>
> Am 02.06.26 um 18:43 schrieb Luiz Augusto von Dentz:
>
> > On Tue, Jun 2, 2026 at 10:41 AM Paul Menzel <pmenzel@molgen.mpg.de> wrote:
>
> > > Am 02.06.26 um 09:00 schrieb Jiajia Liu:
> > > > When hci_inquiry_complete_evt is called between le_scan_disable and
> > > > le_set_scan_enable_complete and no remote name needs to be resolved,
> > > > the interleaved discovery with SIMULTANEOUS quirk gets stuck in
> > > > DISCOVERY_FINDING. le_set_scan_enable_complete does not check inquiry
> > > > state. No one sets DISCOVERY_STOPPED in this process.
> > > >
> > > > Add state check in le_set_scan_enable_complete and change state if
> > > > the state is DISCOVERY_FINDING. Tested with AX201 (8087:0026) in Dell
> > >
> > > … change state to DISCOVERY_STOPPED …
> > >
> > > I’d add a new paragraph for the Tested part.
> > >
> > > > Vostro 13. Discovering disabled MGMT Event below is reported when
> > > > running into the above condition.
> > >
> > > Thank you for sharing the test device. Could you please document how to
> > > get into this state exactly? Some Xiaomi device?
> >
> > What are you talking about here by saying Xiaomi device? He literally
> > said Dell Vostro 13, a laptop, and this is a local only procedure,
> > there is no remote device involved here.
>
> In the trace below a Xiaomi device shows up, if I am not mistaken.
There should be no requirements for Bluetooth devices. To keep the serial
number of packet continuous, I didn't remove the Device Found MGMT Event.
It looks like someone's TV device.
The producer is Open the bluetooth panel of gnome-control-center and wait.
If the device list on the pannel is not flushed again and becomes empty,
it probably gets into this state. btmon or dynamic debug of
hci_discovery_set_state can confirm the state.
It think it depends on the timing of Inquiry Complete Event. There is a
very small time slot between disabling LE scan and disabling completion.
If Inquiry Complete Event arrives in the slot, there is a chance to hit
the state.
>
> > > > @ MGMT Command: Start Discovery (0x0023) {0x0001} [hci0] 10885.970873
> > > > Address type: 0x07
> > > > BR/EDR
> > > > LE Public
> > > > LE Random
> > > > ...
> > > > < HCI Command: LE Set Extended Scan Enable #38205 [hci0] 10886.131438
> > > > Extended scan: Enabled (0x01)
> > > > Filter duplicates: Enabled (0x01)
> > > > Duration: 0 msec (0x0000)
> > > > Period: 0.00 sec (0x0000)
> > > > > HCI Event: Command Complete (0x0e) plen 4 #38206 [hci0] 10886.133295
> > > > LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
> > > > Status: Success (0x00)
> > > > @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10886.133414
> > > > Address type: 0x07
> > > > BR/EDR
> > > > LE Public
> > > > LE Random
> > > > Discovery: Enabled (0x01)
> > > > < HCI Command: Inquiry (0x01|0x0001) plen 5 #38207 [hci0] 10886.133528
> > > > Access code: 0x9e8b33 (General Inquiry)
> > > > Length: 10.24s (0x08)
> > > > Num responses: 0
> > > > > HCI Event: Command Status (0x0f) plen 4 #38208 [hci0] 10886.141333
> > > > Inquiry (0x01|0x0001) ncmd 2
> > > > Status: Success (0x00)
> > > > ...
> > > > < HCI Command: LE Set Extended Scan Enable #38242 [hci0] 10896.381802
> > > > Extended scan: Disabled (0x00)
> > > > Filter duplicates: Disabled (0x00)
> > > > Duration: 0 msec (0x0000)
> > > > Period: 0.00 sec (0x0000)
> > > > > HCI Event: Inquiry Complete (0x01) plen 1 #38243 [hci0] 10896.383419
> > > > Status: Success (0x00)
> > > > > HCI Event: Command Complete (0x0e) plen 4 #38244 [hci0] 10896.394378
> > > > LE Set Extended Scan Enable (0x08|0x0042) ncmd 2
> > > > Status: Success (0x00)
> > > > @ MGMT Event: Device Found (0x0012) plen 22 {0x0001} [hci0] 10896.394497
> > > > LE Address: 88:12:AC:92:43:69
> > > > RSSI: -101 dBm (0x9b)
> > > > Flags: 0x00000004
> > > > Not Connectable
> > > > Data length: 8
> > > > Company: Xiaomi Inc. (911)
> > > > Data[0]:
> > > > 16-bit Service UUIDs (complete): 1 entry
> > > > Xiaomi Inc. (0xfdaa)
> > > > @ MGMT Event: Discovering (0x0013) plen 2 {0x0001} [hci0] 10896.394506
> > > > Address type: 0x07
> > > > BR/EDR
> > > > LE Public
> > > > LE Random
> > > > Discovery: Disabled (0x00)
> > > >
> > > > Fixes: 8ffde2a73f2c ("Bluetooth: Convert le_scan_disable timeout to hci_sync")
> > > > Signed-off-by: Jiajia Liu <liujiajia@kylinos.cn>
> > > > ---
> > > >
> > > > Changes in v2:
> > > > - move the handler to hci_event.c
> > > > - remove unnecessary bt_dev_dbg
> > > > - update commit message
> > > >
> > > > ---
> > > > net/bluetooth/hci_event.c | 7 +++++++
> > > > 1 file changed, 7 insertions(+)
> > > >
> > > > diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
> > > > index eea2f810aafa..1cd5f97daafe 100644
> > > > --- a/net/bluetooth/hci_event.c
> > > > +++ b/net/bluetooth/hci_event.c
> > > > @@ -1769,6 +1769,13 @@ static void le_set_scan_enable_complete(struct hci_dev *hdev, u8 enable)
> > > >
> > > > hci_dev_clear_flag(hdev, HCI_LE_SCAN);
> > > >
> > > > + if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
> > > > + hci_test_quirk(hdev, HCI_QUIRK_SIMULTANEOUS_DISCOVERY) &&
> > > > + !test_bit(HCI_INQUIRY, &hdev->flags) &&
> > > > + hdev->discovery.state == DISCOVERY_FINDING) {
> > > > + hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
> > > > + }
> > > > +
> > > > /* The HCI_LE_SCAN_INTERRUPTED flag indicates that we
> > > > * interrupted scanning due to a connect request. Mark
> > > > * therefore discovery as stopped.
>
>
> Kind regards,
>
> Paul
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
2026-06-02 7:00 [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING Jiajia Liu
2026-06-02 11:36 ` [v2] " bluez.test.bot
2026-06-02 14:40 ` [PATCH v2] " Paul Menzel
@ 2026-06-03 17:50 ` patchwork-bot+bluetooth
2 siblings, 0 replies; 7+ messages in thread
From: patchwork-bot+bluetooth @ 2026-06-03 17:50 UTC (permalink / raw)
To: Jiajia Liu
Cc: marcel, luiz.dentz, brian.gix, linux-bluetooth, linux-kernel,
liujia6264
Hello:
This patch was applied to bluetooth/bluetooth-next.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:
On Tue, 2 Jun 2026 15:00:32 +0800 you wrote:
> When hci_inquiry_complete_evt is called between le_scan_disable and
> le_set_scan_enable_complete and no remote name needs to be resolved,
> the interleaved discovery with SIMULTANEOUS quirk gets stuck in
> DISCOVERY_FINDING. le_set_scan_enable_complete does not check inquiry
> state. No one sets DISCOVERY_STOPPED in this process.
>
> Add state check in le_set_scan_enable_complete and change state if
> the state is DISCOVERY_FINDING. Tested with AX201 (8087:0026) in Dell
> Vostro 13. Discovering disabled MGMT Event below is reported when
> running into the above condition.
>
> [...]
Here is the summary with links:
- [v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING
https://git.kernel.org/bluetooth/bluetooth-next/c/ad85ec7a145b
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2026-06-03 17:50 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-02 7:00 [PATCH v2] Bluetooth: hci_event: fix simultaneous discovery stuck in FINDING Jiajia Liu
2026-06-02 11:36 ` [v2] " bluez.test.bot
2026-06-02 14:40 ` [PATCH v2] " Paul Menzel
2026-06-02 16:43 ` Luiz Augusto von Dentz
2026-06-02 21:53 ` Paul Menzel
2026-06-03 2:45 ` Jiajia Liu
2026-06-03 17:50 ` patchwork-bot+bluetooth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox