sco-tester: test local and remote disconnecting simultaneously
Demonstrate a kernel race condition when remote side disconnects at the
same time as local side tries to cancel the connection. I.e.
[controller] > HCI Synchronous Connect Complete
[controller] > HCI Disconnection Complete (from remote)
[user] shutdown(sco_socket)
[kernel] hci_conn_abort(SCO handle)
[kernel] > HCI Create Connection Cancel
[kernel] < HCI Synchronous Connect Complete
[kernel] < HCI Disconnect Complete
[controller] < HCI Create Connection Cancel
[controller] > HCI Command Status (Create Connection Cancel)
[kernel] < HCI Command Status (Create Connection Cancel)
and then we get BUG: KASAN: slab-use-after-free in hci_conn_failed when
hci_conn_abort tries to delete the same connection a second time.
This type of crash is probably not limited to the sequence here, but for
this one it was possible to get the timing right in the emulator.
Add a test that hits this in the emulator environment (pretty narrow
window to hit on real hardware):
eSCO Simultaneous Disconnect - Failure
projects / platform / upstream / bluez.git / commit