From ee318606ce42d11bd787a91fbccfc881a2b6ce0a Mon Sep 17 00:00:00 2001 From: Xin LI Date: Wed, 21 Aug 2019 07:45:39 +0000 Subject: [PATCH] Fix a panic in ubt_do_hci_request. The 'mtx' is on stack and can contain garbages that would cause mtx_init (and in turn lock_init) to think that the mutex was already initialized. --- sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c b/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c index 98f2e9cb33c..66965db8edb 100644 --- a/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c +++ b/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c @@ -554,6 +554,7 @@ ubt_do_hci_request(struct usb_device *udev, struct ubt_hci_cmd *cmd, return (USB_ERR_NORMAL_COMPLETION); /* Initialize INTR endpoint xfer and wait for response */ + bzero(&mtx, sizeof(mtx)); mtx_init(&mtx, "ubt pb", NULL, MTX_DEF); error = usbd_transfer_setup(udev, &iface_index, xfer,