* [bug report] Bluetooth: L2CAP: Add initial code for Enhanced Credit Based Mode
[not found] <20210518082855.GB32682@kadam>
@ 2021-05-19 14:19 ` Dan Carpenter
0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2021-05-19 14:19 UTC (permalink / raw)
To: luiz.von.dentz; +Cc: linux-bluetooth, netdev
Hello Luiz Augusto von Dentz,
The patch 15f02b910562: "Bluetooth: L2CAP: Add initial code for
Enhanced Credit Based Mode" from Mar 2, 2020, leads to the following
static checker warning:
net/bluetooth/l2cap_core.c:6265 l2cap_ecred_reconf_rsp()
warn: iterator 'chan->list.next' changed during iteration
net/bluetooth/l2cap_core.c
6247 static inline int l2cap_ecred_reconf_rsp(struct l2cap_conn *conn,
6248 struct l2cap_cmd_hdr *cmd, u16 cmd_len,
6249 u8 *data)
6250 {
6251 struct l2cap_chan *chan;
6252 struct l2cap_ecred_conn_rsp *rsp = (void *) data;
6253 u16 result;
6254
6255 if (cmd_len < sizeof(*rsp))
6256 return -EPROTO;
6257
6258 result = __le16_to_cpu(rsp->result);
6259
6260 BT_DBG("result 0x%4.4x", rsp->result);
6261
6262 if (!result)
6263 return 0;
6264
6265 list_for_each_entry(chan, &conn->chan_l, list) {
6266 if (chan->ident != cmd->ident)
6267 continue;
6268
6269 l2cap_chan_del(chan, ECONNRESET);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This can call:
list_del(&chan->list);
which will lead to an oops in the next iteration.
6270 }
6271
6272 return 0;
6273 }
regards,
dan carpenter
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-05-19 14:20 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20210518082855.GB32682@kadam>
2021-05-19 14:19 ` [bug report] Bluetooth: L2CAP: Add initial code for Enhanced Credit Based Mode Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).