Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ba156ce0 authored by Vitaly Wool's avatar Vitaly Wool Committed by Md Shahriar Hossain Sajib
Browse files

Deinitialize rfcomm in the right order 

btsock_rfc_cleanup() execution, namely cleanup_rfc_slot() may result
in remaining data being flushed when uid_set has already be set to
NULL, which will crash the bluetooth service. Move setting uid_set
to NULL to the very end of the btsock_rfc_cleanup() to avoid this.

Bug: 170775521
Bug: 199827901
Test: atest BluetoothInstrumentationTests
Test: IOP and BCST
Tag: #stability
Change-Id: Iaa9053ba179889b08375b904d14ff0421e84f93e
(cherry picked from commit 909e3813922055a90fdc6b32b7e5f5eb72691f2f)
parent 0f154591

system/btif/src/btif_sock_rfc.cc

+2 −1
Original line number Diff line number Diff line
@@ -129,7 +129,6 @@ bt_status_t btsock_rfc_init(int poll_thread_handle, uid_set_t* set) { 


void btsock_rfc_cleanup(void) {

  pth = -1;

  uid_set = NULL;



  BTA_JvDisable();
@@ -139,6 +138,8 @@ void btsock_rfc_cleanup(void) { 
    list_free(rfc_slots[i].incoming_queue);

    rfc_slots[i].incoming_queue = NULL;

  }



  uid_set = NULL;

}



static rfc_slot_t* find_free_slot(void) {