Hello:
This patch was applied to bluetooth/bluetooth-next.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>:
On Sun, 4 Sep 2022 00:32:56 +0900 you wrote:
> syzbot is reporting cancel_delayed_work() without INIT_DELAYED_WORK() at
> l2cap_chan_del() [1], for CONF_NOT_COMPLETE flag (which meant to prevent
> l2cap_chan_del() from calling cancel_delayed_work()) is cleared by timer
> which fires before l2cap_chan_del() is called by closing file descriptor
> created by socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_L2CAP).
>
> l2cap_bredr_sig_cmd(L2CAP_CONF_REQ) and l2cap_bredr_sig_cmd(L2CAP_CONF_RSP)
> are calling l2cap_ertm_init(chan), and they call l2cap_chan_ready() (which
> clears CONF_NOT_COMPLETE flag) only when l2cap_ertm_init(chan) succeeded.
>
> [...]
Here is the summary with links:
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
https://git.kernel.org/bluetooth/bluetooth-next/c/2d2cb3066f2c
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
