Hi Venkata,
> Due to race conditions between qca_hw_error and qca_controller_memdump
> during SSR timeout,the same pointer is freed twice. This results in a
> double free. Now a lock is acquired before checking the stauts of SSR
> state.
>
> Fixes: d841502c79e3 ("Bluetooth: hci_qca: Collect controller memory dump
> during SSR")
> Signed-off-by: Venkata Lakshmi Narayana Gubba <[email protected]>
> ---
> drivers/bluetooth/hci_qca.c | 29 +++++++++++++++++------------
> 1 file changed, 17 insertions(+), 12 deletions(-)
patch has been applied to bluetooth-next tree.
Regards
Marcel
