From fb2105f3488e48f2d908b13a33f47e34f6e3f78d Mon Sep 17 00:00:00 2001 From: Pavlin Radoslavov Date: Tue, 1 Mar 2016 13:32:41 -0800 Subject: [PATCH] Ignore LCB entries that migth have been released while queued Function btm_send_pending_direct_conn() dequeues tL2C_LCB entries from the conn_pending_q queue and calls the processing function. However, there is the possilility of a race condition and releasing the entry by l2cu_release_lcb() before it is processed. Now tL2C_LCB that are not in_use are ignored. Bug: 27418154 Change-Id: I4b5fda605a60c8aebbf5587bb12dd74ac5d28f68 --- stack/btm/btm_ble_bgconn.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/stack/btm/btm_ble_bgconn.c b/stack/btm/btm_ble_bgconn.c index 23450af50..4d2e38ad5 100644 --- a/stack/btm/btm_ble_bgconn.c +++ b/stack/btm/btm_ble_bgconn.c @@ -714,9 +714,11 @@ BOOLEAN btm_send_pending_direct_conn(void) BOOLEAN rt = FALSE; p_req = (tBTM_BLE_CONN_REQ*)fixed_queue_try_dequeue(btm_cb.ble_ctr_cb.conn_pending_q); - if (p_req != NULL) - { - rt = l2cble_init_direct_conn((tL2C_LCB *)(p_req->p_param)); + if (p_req != NULL) { + tL2C_LCB *p_lcb = (tL2C_LCB *)(p_req->p_param); + /* Ignore entries that might have been released while queued. */ + if (p_lcb->in_use) + rt = l2cble_init_direct_conn(p_lcb); osi_free(p_req); } -- 2.11.0