Bluetooth: Controller: Fix missing invalid aux offset check

cvinayak · fabiobaltieri · commit 3590bd648f8f · 2024-08-16T16:29:28.000+01:00
Fix missing invalid aux offset check that was being caught
in a development assertion check. If aux offset where less
than the PDU time of the primary channel PDU, radio was
redundantly being setup delayed for reception that was
being caught in an assertion check.

Signed-off-by: Vinayak Kariappa Chettimada &lt;vich@nordicsemi.no&gt;
diff --git a/subsys/bluetooth/controller/ll_sw/nordic/lll/lll_scan_aux.c b/subsys/bluetooth/controller/ll_sw/nordic/lll/lll_scan_aux.c
@@ -129,6 +129,7 @@ uint8_t lll_scan_aux_setup(struct pdu_adv *pdu, uint8_t pdu_phy,
 	uint32_t aux_offset_us;
 	uint32_t overhead_us;
 	uint8_t *pri_dptr;
+	uint32_t pdu_us;
 	uint8_t phy;
 
 	LL_ASSERT(pdu->type == PDU_ADV_TYPE_EXT_IND);
@@ -183,6 +184,12 @@ uint8_t lll_scan_aux_setup(struct pdu_adv *pdu, uint8_t pdu_phy,
 	/* Calculate the aux offset from start of the scan window */
 	aux_offset_us = (uint32_t)PDU_ADV_AUX_PTR_OFFSET_GET(aux_ptr) * window_size_us;
 
+	/* Skip reception if invalid aux offset */
+	pdu_us = PDU_AC_US(pdu->len, pdu_phy, pdu_phy_flags_rx);
+	if (aux_offset_us < pdu_us) {
+		return 0U;
+	}
+
 	/* Calculate the window widening that needs to be deducted */
 	if (aux_ptr->ca) {
 		window_widening_us = SCA_DRIFT_50_PPM_US(aux_offset_us);
@@ -233,7 +240,7 @@ uint8_t lll_scan_aux_setup(struct pdu_adv *pdu, uint8_t pdu_phy,
 	ftr->radio_end_us = radio_tmr_end_get() -
 			    radio_rx_chain_delay_get(pdu_phy,
 						     pdu_phy_flags_rx) -
-			    PDU_AC_US(pdu->len, pdu_phy, pdu_phy_flags_rx);
+			    pdu_us;
 
 	radio_isr_set(setup_cb, node_rx);
 	radio_disable();
diff --git a/subsys/bluetooth/controller/ll_sw/ull_scan_aux.c b/subsys/bluetooth/controller/ll_sw/ull_scan_aux.c
@@ -126,6 +126,7 @@ void ull_scan_aux_setup(memq_link_t *link, struct node_rx_pdu *rx)
 	uint8_t acad_len;
 	uint8_t data_len;
 	uint8_t hdr_len;
+	uint32_t pdu_us;
 	uint8_t *ptr;
 	uint8_t phy;
 
@@ -705,6 +706,12 @@ void ull_scan_aux_setup(memq_link_t *link, struct node_rx_pdu *rx)
 
 	aux_offset_us = (uint32_t)PDU_ADV_AUX_PTR_OFFSET_GET(aux_ptr) * lll_aux->window_size_us;
 
+	/* Skip reception if invalid aux offset */
+	pdu_us = PDU_AC_US(pdu->len, phy, ftr->phy_flags);
+	if (aux_offset_us < pdu_us) {
+		goto ull_scan_aux_rx_flush;
+	}
+
 	/* CA field contains the clock accuracy of the advertiser;
 	 * 0 - 51 ppm to 500 ppm
 	 * 1 - 0 ppm to 50 ppm
@@ -723,7 +730,7 @@ void ull_scan_aux_setup(memq_link_t *link, struct node_rx_pdu *rx)
 
 	/* Calculate the aux offset from start of the scan window */
 	aux_offset_us += ftr->radio_end_us;
-	aux_offset_us -= PDU_AC_US(pdu->len, phy, ftr->phy_flags);
+	aux_offset_us -= pdu_us;
 	aux_offset_us -= EVENT_TICKER_RES_MARGIN_US;
 	aux_offset_us -= EVENT_JITTER_US;
 	aux_offset_us -= ready_delay_us;
