nimble/store: `ble_gap_unpair_oldest_peer` in `ble_store_util_status_rr`(store callback) can cause infinite loop for CCCDs

apache / mynewt-nimble

Apache mynewt

https://mynewt.apache.org/

Apache License 2.0

701 stars 397 forks source link

nimble/store: `ble_gap_unpair_oldest_peer` in `ble_store_util_status_rr`(store callback) can cause infinite loop for CCCDs #788

Closed prasad-alatkar closed 4 years ago

prasad-alatkar commented 4 years ago

In cases where CCCDs are exceeding MYNEWT_VAL(BLE_STORE_MAX_CCCDS) (overflow event), we can end up in continuous while loop.

Whenever BLE_STORE_EVENT_OVERFLOW is called in store callback, if we do not have any previously bonded peer, ble_gap_unpair_oldest_peer will return 0 without deleting any CCCD. This in turn results in continuous while loop in ble_store_write as it will continuously end up calling BLE_HS_ESTORE_CAP evwnt.

h2zero commented 4 years ago

I found this as well, currently testing a fix in my own fork. works for my purposes. You can see it here

prasad-alatkar commented 4 years ago

@h2zero your proposed solution may avoid this issue when "Bonding" is not enabled, but the issue will eventually pop-up in case of bonding is enabled (i.e. ble_hs_cfg.sm_bonding = 1).

h2zero commented 4 years ago

@prasad-alatkar Yes, you are correct. It was just a quick patch to get by while developing the cpp library to avoid that error. Didn’t want to do any big changes to the NimBLE core code yet.

I do not think we should store cccd data if not bonding though, maybe a combination of my fix and a proper round robin cccd store patch?

rymanluk commented 4 years ago

This is fixed. Closing.