From f535fdff2d9d2322adf4c423e110a84b8fccb28b Mon Sep 17 00:00:00 2001 From: xiongweichao Date: Wed, 10 Apr 2024 19:29:42 +0800 Subject: [PATCH] fix(bt/bluedroid): Fixed crash after bluedroid deinit hci_host_env.downstream_data_ready is set to NULL during bluedroid deinit, causing the controller to use a null pointer when calling callback. --- components/bt/host/bluedroid/hci/hci_layer.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/components/bt/host/bluedroid/hci/hci_layer.c b/components/bt/host/bluedroid/hci/hci_layer.c index 56ab8877dc..c9f1f5e348 100644 --- a/components/bt/host/bluedroid/hci/hci_layer.c +++ b/components/bt/host/bluedroid/hci/hci_layer.c @@ -144,6 +144,10 @@ void hci_shut_down(void) bool hci_downstream_data_post(uint32_t timeout) { + if (hci_host_env.downstream_data_ready == NULL) { + HCI_TRACE_WARNING("%s downstream_data_ready event not created", __func__); + return false; + } return osi_thread_post_event(hci_host_env.downstream_data_ready, timeout); } @@ -263,7 +267,7 @@ static void transmit_command( // in case the upper layer didn't already command->event = MSG_STACK_TO_HC_HCI_CMD; - HCI_TRACE_DEBUG("HCI Enqueue Comamnd opcode=0x%x\n", metadata->opcode); + HCI_TRACE_DEBUG("HCI Enqueue Command opcode=0x%x\n", metadata->opcode); BTTRC_DUMP_BUFFER(NULL, command->data + command->offset, command->len); fixed_pkt_queue_enqueue(hci_host_env.command_queue, linked_pkt, FIXED_PKT_QUEUE_MAX_TIMEOUT);