[qca-nss-ecm] Fixed ref count issue caused by database timer callback
ecm_db_connection_defunct_callback is called when a connection's
timer expires. The callback first defuncts the connection and
assumes that the defunct is success. But the defunct can fail
and ECM retries to defunct, which sets the state of the connection
to MODE_ACCEL, or this defunct can happen while waiting an
acceleration response from NSS in which the state is
MODE_ACCEL_PENDING. So, the defunct callback shouldn't release the
last connection instance in these states.
Change-Id: I7a41a2c5c01be47e8d31b95c61ddab31440726ff
Signed-off-by: Murat Sezgin <msezgin@codeaurora.org>
diff --git a/ecm_db/ecm_db_connection.c b/ecm_db/ecm_db_connection.c
index 697fb8f..b9b60a5 100644
--- a/ecm_db/ecm_db_connection.c
+++ b/ecm_db/ecm_db_connection.c
@@ -274,11 +274,15 @@
/*
* It is possible that the defunct process fails and re-try is in progress.
* In that case we set the accel mode of the connection to
- * ECM_FRONT_END_ACCELERATION_MODE_ACCEL so that in the next destroy try the connection
+ * ECM_FRONT_END_ACCELERATION_MODE_ACCEL, so that in the next destroy try, the connection
* status would be correct. So, if the accel_mode is ECM_FRONT_END_ACCELERATION_MODE_ACCEL,
* we shouldn't release the last reference count.
+ * Another case is that the defunct can happen while waiting an acceleration response
+ * from acceleration engine in which the state is set to ECM_FRONT_END_ACCELERATION_MODE_ACCEL_PENDING.
+ * So, the last reference of the connection shouldn't be released in this state as well.
*/
- if (accel_mode != ECM_FRONT_END_ACCELERATION_MODE_ACCEL) {
+ if ((accel_mode != ECM_FRONT_END_ACCELERATION_MODE_ACCEL) &&
+ (accel_mode != ECM_FRONT_END_ACCELERATION_MODE_ACCEL_PENDING)) {
ecm_db_connection_deref(ci);
}
}