CHROMIUM: bluetooth: fix use-after-free error
This patch fixed a use-after-free error. The statement
to print the opcode of current command should be executed
before the skb is freed.
BUG=chromium:782910
TEST=Verify with the following steps.
Step 1: Build a KASAN kernel for a chromebook, say eve,
without this patch.
(cr) $ USE="kasan" FEATURES="noclean" cros_workon_make --board=eve
--install chromeos-kernel-4_4
Use bluetoothctl to start discovery with "scan on" and then "scan off"
after a few seconds.
We would see the following use-after-free error.
ERR kernel: [ 524.812008] BUG: KASAN: use-after-free in hci_reset_dev
Step 2: Build a KASAN kernel for a chromebook, say eve,
with this patch.
(cr) $ USE="kasan" FEATURES="noclean" cros_workon_make --board=eve
--install chromeos-kernel-4_4
Use bluetoothctl to start discovery with "scan on" and then "scan off"
after a few seconds.
Verify that there is no more use-after-free error in dmesg.
Change-Id: I37c06f00cf31375bac0e3176c31ad131fa53667b
Signed-off-by: Joseph Hwang <josephsih@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/827042
Commit-Ready: Shyh-In Hwang <josephsih@chromium.org>
Tested-by: Shyh-In Hwang <josephsih@chromium.org>
Reviewed-by: Miao-chen Chou <mcchou@chromium.org>
(cherry picked from commit efecc2e9c0dd197948cb9714a2beb3312fe783e0)
(cherry picked from commit 759ad18fe788b842e19637a1b53b88999ec07210)
Reviewed-on: https://chromium-review.googlesource.com/841503
Commit-Queue: Miao-chen Chou <mcchou@chromium.org>
Tested-by: Miao-chen Chou <mcchou@chromium.org>
1 file changed
