[PATCH v2 01/12] Bluetooth: btqca: Fix qca_set_bdaddr() waiting for wrong HCI event

Next message: Zijun Hu: "[PATCH v2 04/12] Bluetooth: btusb: QCA: Fix populating devcoredump fields on unenabled devices"
Previous message: Zijun Hu: "[PATCH v2 00/12] Bluetooth: btusb/btqca/hci_sync: Clean up btusb and fix several bugs"
In reply to: Zijun Hu: "[PATCH v2 07/12] Bluetooth: btqca: Simplify qca_send_reset() by using __hci_reset_sync()"
Next in thread: Zijun Hu: "[PATCH v2 04/12] Bluetooth: btusb: QCA: Fix populating devcoredump fields on unenabled devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Zijun Hu

Date: Fri Jun 26 2026 - 01:22:51 EST

qca_set_bdaddr() waits for HCI_EV_VENDOR when sending
EDL_WRITE_BD_ADDR_OPCODE (0xFC14), but the controller responds with
Command Complete event as confirmed by btmon on WCN7850:

< HCI Command: Vendor (0x3f|0x0014) plen 6 #3 [hci0]
11 22 33 44 55 66
> HCI Event: Command Complete (0x0e) plen 4 #4 [hci0]
Vendor (0x3f|0x0014) ncmd 1
Status: Success (0x00)

Fix by passing 0 as the event parameter to __hci_cmd_sync_ev() to
wait for the command complete event instead.

Fixes: 5c0a1001c8be ("Bluetooth: hci_qca: Add helper to set device address")
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxxxxxxxx>
Signed-off-by: Zijun Hu <zijun.hu@xxxxxxxxxxxxxxxx>
---
drivers/bluetooth/btqca.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c
index 04ebe290bc78..27f03690af54 100644
--- a/drivers/bluetooth/btqca.c
+++ b/drivers/bluetooth/btqca.c
@@ -1029,8 +1029,7 @@ int qca_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr)
baswap(&bdaddr_swapped, bdaddr);

skb = __hci_cmd_sync_ev(hdev, EDL_WRITE_BD_ADDR_OPCODE, 6,
- &bdaddr_swapped, HCI_EV_VENDOR,
- HCI_INIT_TIMEOUT);
+ &bdaddr_swapped, 0, HCI_INIT_TIMEOUT);
if (IS_ERR(skb)) {
err = PTR_ERR(skb);
bt_dev_err(hdev, "QCA Change address cmd failed (%d)", err);

--
2.34.1