michaelh/zephyr
1
0
Fork 0
Code Releases Activity

Bluetooth: controller: split: Fix Tx FIFO, queue, and pool corruption

Browse source 
Fix the Tx FIFO, queue and pool corruption due to missing
release of link object to Tx link pool and hence missing
reset of the per connection initially allocated Tx link
free pointer.

The bug caused Tx PDUs and associated memory to be lost
leading to missing L2CAP segment transmissions. With lost
control PDU buffers, ULL would stall processing Done events
also leading to controller asserts.

Fixes #18546.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This commit is contained in:
Vinayak Kariappa Chettimada 2019-08-22 09:44:53 +05:30 committed by Carles Cufí
commit bdcec8418f
1 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

11
subsys/bluetooth/controller/ll_sw/ull_adv.c
View file

@ -1155,8 +1155,17 @@ static void disabled_cb(void *param)
static inline void conn_release(struct ll_adv_set *adv)
{
ll_conn_release(adv->lll.conn->hdr.parent);
struct lll_conn *lll = adv->lll.conn;
memq_link_t *link;
LL_ASSERT(!lll->link_tx_free);
link = memq_deinit(&lll->memq_tx.head, &lll->memq_tx.tail);
LL_ASSERT(link);
lll->link_tx_free = link;
ll_conn_release(lll->hdr.parent);
adv->lll.conn = NULL;
ll_rx_release(adv->node_rx_cc_free);
adv->node_rx_cc_free = NULL;
ll_rx_link_release(adv->link_cc_free);