bluetooth: host: Fix premature semaphore giving
There was a semaphore in hci_core which was given to early when receiving the BT_HCI_EVT_NUM_COMPLETED_PACKETS message from the controller. This would sometimes cause an assert to happen in function hci_num_completed_packets, where there would arise a mismatch in the bookkept count, and actually stored nodes. More concretely, due to premature semaphore giveing, the tx_pending node would be have been removed in another context before it could be fetched and moved to complete list in this function. Signed-off-by: Fredrik Danebjer <frdn@demant.com>
This commit is contained in:
Fredrik Danebjer
Benjamin Cabé
parent
94a8c5241a
commit
379eb7a0ff
1 changed files with 2 additions and 2 deletions
|
|
@ -598,8 +598,6 @@ static void hci_num_completed_packets(struct net_buf *buf)
|
|||
while (count--) {
|
||||
sys_snode_t *node;
|
||||
|
||||
k_sem_give(bt_conn_get_pkts(conn));
|
||||
|
||||
/* move the next TX context from the `pending` list to
|
||||
* the `complete` list.
|
||||
*/
|
||||
|
|
@ -611,6 +609,8 @@ static void hci_num_completed_packets(struct net_buf *buf)
|
|||
break;
|
||||
}
|
||||
|
||||
k_sem_give(bt_conn_get_pkts(conn));
|
||||
|
||||
sys_slist_append(&conn->tx_complete, node);
|
||||
|
||||
/* align the `pending` value */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue