Cross Reference: /system/bt/bta/gatt/bta_gattc

History log of /system/bt/bta/gatt/bta_gattc_utils.c
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
fce80bb003601cf576c62d3cb9a5499790841545	17-May-2016	Pavlin Radoslavov <pavlin@google.com>	Add a log message to capture NULL pointer in l2c_link_hci_disc_comp() Added a log message inside l2c_link_hci_disc_comp() to help capture a NULL pointer p_lcb->p_fixed_ccbs[xx] that triggers SIGSEGV crash. Also, updated the typedef of bdstr_t and moved it to file "btcore/include/bdaddr.h" Bug: 28765514 Change-Id: Iacd9376cfb9e18b58e18865581da8edad9f68821 /system/bt/bta/gatt/bta_gattc_utils.c
26f8828cdb5f02b0b01bafaccd4ad0b0ba9d57ab	17-Mar-2016	Jakub Pawlowski <jpawlowski@google.com>	Use handles to identify GATT attributes (1/4) Bug: 27778668 Change-Id: Id7454450c1ce2164001a1f9ca0b91f18d84e3fd6 /system/bt/bta/gatt/bta_gattc_utils.c
ac4ee3a4ecae72fbc992c17efd733e373ad56daf	04-Mar-2016	Jakub Pawlowski <jpawlowski@google.com>	Remove bta_gattc_id2handle Now that the instance id is equal to handle, we no longer need this mapping function. Bug: 27455533 Change-Id: I6760f8fc81460df8520d4ebf1899ed256ce5ad1e /system/bt/bta/gatt/bta_gattc_utils.c
390749a4346248314b6b4d20aaea355c78e444ef	03-Mar-2016	Jakub Pawlowski <jpawlowski@google.com>	Simplify UUID handling in GATT cache Bug: 27455533 Change-Id: I653b563d3b3c233ffe31b0a35d396a66db363459 /system/bt/bta/gatt/bta_gattc_utils.c
4bdc3535a788dc708a1b6c364abf1ee594087494	10-Feb-2016	Jakub Pawlowski <jpawlowski@google.com>	Fix possible memory leak Fix possible memory leak when allocating reused server cache control block. Change-Id: I3aab727e4f60e55530f49b0b05ccf2c891c72760 /system/bt/bta/gatt/bta_gattc_utils.c
abd70abb5e42c9431df94fe9d2c4a78a0d8d9af9	05-Feb-2016	Pavlin Radoslavov <pavlin@google.com>	Replaced osi_getbuf()/osi_freebuf() with osi_malloc()/osi_free() Removed the alternative buffer allocation osi_getbuf() / osi_freebuf() and use instead osi_malloc() / osi_free(). Correspondingly, replaced usage of osi_freebuf_and_reset() with osi_free_and_reset(). Bug: 24914560 Change-Id: I7a9599ba7fa900321f087da684428133eb0ddd6b /system/bt/bta/gatt/bta_gattc_utils.c
9df3192b94a186207976ecc579d390f3cfd547c6	05-Feb-2016	Jakub Pawlowski <jpawlowski@google.com>	Use dynamic memory for keeping GATT cache Change-Id: I60674c47246d8fe2094fe78ce31b752fa2acb89e /system/bt/bta/gatt/bta_gattc_utils.c
20524d393e8b3bea4c573f7980cd843500b0e6a4	03-Feb-2016	Pavlin Radoslavov <pavlin@google.com>	Refactor usage of osi_free() and osi_freebuf() * Allow to call osi_freebuf(ptr) on NULL pointers. This simplifies the code: a notable number of "if (foo != NULL)" checks are removed. * Add new function osi_free_and_reset(p_ptr) that frees the buffer, and explicitly resets the pointer to NULL. This prevents unintended usage of free memory. * Add corresponding function osi_freebuf_and_reset(p_ptr) * Minor cleanup around usages of osi_free() and osi_freebuf() Also: * Removed unused function btif_gattc_cleanup() * Replaced usage of the following functions with osi_freebuf_and_reset() - mca_free_buf() - utl_freebuf() - btif_hl_free_buf() * Replaced usage of rc_supported_event_free() with osi_freebuf() * Replaced usage of btif_hl_get_buf() with osi_getbuf() * Eliminate some of the osi_get_buf_size() calls Bug: 22948224 Change-Id: Ife860658b26274da6f228d7353cb0f1531587337 /system/bt/bta/gatt/bta_gattc_utils.c
5919554fe8e03b87a7c7724238481b85e9cf6630	04-Feb-2016	Jakub Pawlowski <jpawlowski@google.com>	Don't unregister notifications for unmodified services Change-Id: Ie02dd72a2d4a423ab532ec84a4d588ab83f3e22b /system/bt/bta/gatt/bta_gattc_utils.c
20c68408686ba4fd4d17e21957616e1c60a913b3	29-Jan-2016	Pavlin Radoslavov <pavlin@google.com>	Revert "Revert "Avoid double memory free and crash during LE discovery or disconnect"" The revert includes a compilation fix as well (missing include of a header file). This reverts commit 3a4082d7af5c5941769c700d774022a9b982d45c. Change-Id: I5bb1f468d2c64839037afe5ed2d3ed5d1b21dca2 /system/bt/bta/gatt/bta_gattc_utils.c
3a4082d7af5c5941769c700d774022a9b982d45c	29-Jan-2016	Ian Pedowitz <ijpedowitz@google.com>	Revert "Avoid double memory free and crash during LE discovery or disconnect" This reverts commit 12091a323ef84cad10d91fcf6588a6657e591ee0. Change-Id: I01deaa5024bfef1782887fd8f8137f83916d8be0 /system/bt/bta/gatt/bta_gattc_utils.c
12091a323ef84cad10d91fcf6588a6657e591ee0	28-Jan-2016	Nitin Arora <niarora@codeaurora.org>	Avoid double memory free and crash during LE discovery or disconnect 1. Prevent GATT operations to proceed if queue is not empty This change returns a FALSE from GATT enqueue operation, in case there is already a GATT command enqueued. This simple change will a. Prevent incorrect memory freeing of the currently queued command. b. Prevent incorrect dequeing of the ongoing command and enqueing another command which will never be executed. c. Double free of memory causing segmentation fault 2. Prevent performing pending operations when link is down This change prevents performing the execution of pending operations when the link is disconnected. The pending operation in that case is bound to fail thus freeing the memory pointed to by the p_q_cmd which is cleaned up again by the discovery completion routine and thus causing double free. Bug:24178843 Change-Id: Ief2756f289a7db73d251ef7e247774dd3f7fc413 /system/bt/bta/gatt/bta_gattc_utils.c
258c2538e3b62a8cdb403f2730c45d721e5292b4	28-Sep-2015	Pavlin Radoslavov <pavlin@google.com>	GKI cleanup - moved GKI buffer allocation wrappers to OSI * Moved the following GKI buffer allocation functions to OSI: - GKI_getbuf() -> osi_getbuf() - GKI_freebuf() -> osi_freebuf() - GKI_get_buf_size() -> osi_get_buf_size() For now we need the osi_getbuf() / osi_freebuf() allocation wrapper, because we need to be able to call osi_get_buf_size() on the allocated buffer. In the future those should be replaced with osi_malloc() / osi_free(). Currently, the osi_malloc() buffer size internal allocation tracker does not always track the size, hence we need the osi_getbuf() wrapper. * Replaced GKI_MAX_BUF_SIZE with BT_DEFAULT_BUFFER_SIZE * Added new file include/bt_common.h that can be usee to include few files that should be included alost everywhere (e.g. bt_target.h" NOTE: This file might be removed in the future and we should include everywhere the right set of header files. * Removed some of the GKI-related references * Removed file include/gki_target.h Change-Id: Ie87830e73143de200746d54235aa99f228a95024 /system/bt/bta/gatt/bta_gattc_utils.c
1a3844f933bd63c8a381371dabfb35c6a0249e3e	25-Sep-2015	Pavlin Radoslavov <pavlin@google.com>	GKI cleanup - Replaced usage of GKI queue with OSI fixed_queue * Added new functions to OSI: - fixed_queue_init() - fixed_queue_length() - fixed_queue_try_remove_from_queue() - fixed_queue_try_peek_last() * Renamed fixed_queue_try_peek() to fixed_queue_try_peek_first() * Replaced usage of GKI queue functions with OSI fixed_queue functions: - GKI_init_q() -> fixed_queue_new(SIZE_MAX) NOTE: unlike GKI_init_q(), fixed_queue_new() allocates memory / state that needs to be released by calling fixed_queue_free() - GKI_enqueue() -> fixed_queue_enqueue() - GKI_dequeue() -> fixed_queue_try_dequeue() NOTE: fixed_queue_try_dequeue() is non-blocking - GKI_queue_length() -> fixed_queue_length() - GKI_queue_is_empty() -> fixed_queue_is_empty() - GKI_getfirst() -> fixed_queue_try_peek_first() - GKI_getlast() -> fixed_queue_try_peek_last() - GKI_remove_from_queue() -> fixed_queue_try_remove_from_queue() - Queue elements iteration. In the fixed_queue implementation we have to use the underlying list_t mechanism to iterate over the elements. OLD: p = GKI_getfirst(queue); ... while ((p = GKI_getnext(p) != NULL) { ... } NEW: list_t list = fixed_queue_get_list(queue); for (const list_node_t node = list_begin(list); node != list_end(list); node = list_next(node)) { p = list_node(node); } * Remove initialization of the GKI module, because it is not needed anymore * Removed unused files in GKI: gki/common/gki_common.h gki/ulinux/gki_int.h gki/ulinux/gki_ulinux.c Change-Id: I3ff9464db75252d6faf7476a9ca67c88e535c51c /system/bt/bta/gatt/bta_gattc_utils.c
08393054f0867d0f86a7f9c2eb156e67a86382c7	07-Aug-2015	Marie Janssen <jamuraa@google.com>	resolved conflicts for merge of 49a86709 to mnc-dev-plus-aosp Change-Id: Icd7ec2fd78ac4383da430708a88abaeba9009437
49a86709488e5cfd5e23759da18bf9613e15b04d	08-Jul-2015	Marie Janssen <jamuraa@google.com>	build: LOG_TAG consistency, include order, build fixes Fix the order of includes across a bunch of files, and declare LOG_TAG at the top of every file in which it is used. Consistently use bt_ as a LOG_TAG prefix. Fix issues with LOG macro usage. Remove unused includes and double-includes (when in related .h) Add includes as necessary to compile cleanly (problems surfaced by reordering includes) Change-Id: Ic55520c8302b06bbc1942c10c448b20844669da6 /system/bt/bta/gatt/bta_gattc_utils.c
9a78e8d25416325308fa700bb38459817eeb5c7a	08-Jul-2015	Marie Janssen <jamuraa@google.com>	am 49120dc8: build: Fix LOG_TAG define breakage, macro usage * commit '49120dc867c7818511b5afec461dfc97d17eef58': build: Fix LOG_TAG define breakage, macro usage
49120dc867c7818511b5afec461dfc97d17eef58	08-Jul-2015	Marie Janssen <jamuraa@google.com>	build: Fix LOG_TAG define breakage, macro usage Fixes build breakages related to r.android.com/156982 Change-Id: Ib1143c41fe05a17c296226998afdb41a8cb6294a /system/bt/bta/gatt/bta_gattc_utils.c
fa3c1214f5b006edced961a66c758b8b47b0f482	27-Jun-2015	Andre Eisenbach <eisenbach@google.com>	Fix possible null-pointer de-reference in bta_gattc_util Bug: 21756298 Change-Id: I4bd38f6fa594ccb4dd9f23f3887484743a3bc451 /system/bt/bta/gatt/bta_gattc_utils.c
e1a9e52ff59d36bd1bb5b7b3a02fafba6394edfe	31-Mar-2015	Etan Cohen <etancohen@google.com>	Merge commit 'f7f839985b3931682363d2ef3b7c5cae55a842ee' into merge Change-Id: Iaaec1ea0bf3009b7e32a9a60f697631a3f56e889
f8027005333c88a2f097cfd70d15c3d54c7764ae	12-Mar-2015	Chris Manton <cmanton@google.com>	Demote, cleanup and extend observed logging /system/bt/bta/gatt/bta_gattc_utils.c
794f3b5f126fffc3dd1129a710187591348bbf23	01-Oct-2014	Chris Manton <cmanton@google.com>	Removal of bd.[c\|h] Consolidate legacy types into bt_types.h /system/bt/bta/gatt/bta_gattc_utils.c
fe7216ca12f91baae733e7c93063db73121af308	06-May-2014	Chris Manton <cmanton@google.com>	Enforce GKI API buffer usage Also add another API GKI_queue_length(BUFFER_Q *) /system/bt/bta/gatt/bta_gattc_utils.c
104e3f238f500cacdb8afaccdc672dfc34eae7ee	12-Nov-2014	Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>	Cleanups needed to make clang happy This patch removes a slew of unused variables and some unused functions, fixes some incomplete initializations of structs and an sprintf parameter mismatching the format string. Change-Id: I35f22fdccc8350f885cd357d3685b869224fa433 Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org> /system/bt/bta/gatt/bta_gattc_utils.c
7ae25156f4250af9d0e8cd8d559d916cfb847feb	11-Sep-2014	Prerepa Viswanadham <dham@google.com>	Avoid premature LE connection notifaction to app To avoid premature connection notification to app, always wait for LE read remote feature complete with success before the connection event is sent to application. This patch also deprecates the BTA_SKIP_BLE_READ_REMOTE_FEAT flag. Since the remote feature request is now serialized and start encryption won't be called until the connection is up, this flag is no longer necessary and interferes with the new behaviour. This is an extension of previous CL Bug: 17326529 Change-Id: Icfd4c5dfdd9f89d1318ef429e132eb005abb1f64 /system/bt/bta/gatt/bta_gattc_utils.c
9c29d08bc7c6da33db5cfc777404354c6dca845c	03-Sep-2014	Priti Aghera <paghera@broadcom.com>	Avoid premature LE connection notifaction to app To avoid premature connection notification to app, always wait for LE read remote feature complete with success before the connection event is sent to application. bug 17326529 Change-Id: Id731bf02e8d5d5a68db12e0478b8eb74723eb95d /system/bt/bta/gatt/bta_gattc_utils.c
90715aad34cdead03fc22bc18891c04838e90e87	01-Jul-2014	Mike J. Chen <mjchen@google.com>	Fix GKI buffer leak in GATT event handling The GATT event handler was telling the BTA dispatcher that it would always free the GKI msg buffers itself, but in fact this wasn't true. There were some cases where the buffer is queued and freed later (queued in p_clcb->p_q_cmd for later access and freeing), but many times the event handlers (like bta_gattc_ci_save()) don't queue the buffer and don't free it, causing a GKI buffer leak. Also, prevent a double free case (not certain it happens, but in theory it could) if bta_gattc_sm_execute() queues a buffer in bta_gattc_disc_cmpl(). Lastly, remove held flag since it's redundant with whether p_q_cmd is null or not. Just go with one source of truth and not have one shadow the other. Change-Id: I1bd43919b8a2e125076e26cd6a3a08480b3e7e2d Signed-off-by: Mike J. Chen <mjchen@google.com> /system/bt/bta/gatt/bta_gattc_utils.c
e8c3d75b75493911ebf0f99c83676359657178f7	04-May-2014	Sharvil Nanavati <sharvil@google.com>	Logging cleanup: BTIF and APPL. Change-Id: I5b1214642bbb4b9aecc0fd2c899a6ec2c9793286 /system/bt/bta/gatt/bta_gattc_utils.c
8fe58875ce67c6e1099e7ba2339dcd2b979491b0	17-Apr-2014	Ganesh Ganapathi Batta <ganeshg@broadcom.com>	Merge BT 4.1 features The features include: - LE Peripheral Mode - Link Layer topology (LE Central & Peripheral Concurrency) - Dual Mode Topology (Ability to choose LE transport when connecting with other Dual Mode devices) - Fast advertising Interval - Limited Discovery Time Changes - GAP Authentication and Lost Bond - Dual Mode Addressing - Common Profile and Service Error Code - 32 bit UUIDs Change-Id: Ic6701da4cf6aaa390ff2c8816b43157f36b7fb42 /system/bt/bta/gatt/bta_gattc_utils.c
9291a71c28b2eedff2c1ad760ebe3b3c1f5a6a29	25-Mar-2014	Zhihai Xu <zhihaixu@google.com>	LE: Add API to configure MTU for a given connection (2/4) This patch from broadcom(andre) bug:13571470 Change-Id: I932905590ee9c40cb67e7d09715c0f8e59d2f662 /system/bt/bta/gatt/bta_gattc_utils.c
72658f48d653be0786ef924bb3abbf7df1ec6592	11-Nov-2013	Zhihai Xu <zhihaixu@google.com>	BLE is disconnected due to BLE service record discovery failure. the root cause of the problem is: In BLE GATT client state machine, When It is in discovery state, any command to access the service, characteristic and descriptor will be queued, these commands will be executed after BLE service discovery complete. When we queue the command, we will copy these message. The problem is we didn't copy these message correctly. We didn't deep copy these messages. There are pointers inside these messages. These pointers are still point to the old message which are already freed. When the messages are reused, the original content will lost. The queued commands will be corrupted. This is very serious issue, which can cause a lot of stability problem. bug:11620252 Change-Id: I93082a9dbcc3a676f5f791c2b1ea98e49b165813 /system/bt/bta/gatt/bta_gattc_utils.c
ce7b04f96f5e2a083ae46b56f5c69be306b72fc1	24-Jul-2013	Andre Eisenbach <andre@broadcom.com>	LE: Fix for back-to-back GATT connection request issues When two GATT client connections were sent back to back, the first connection will not be processed due to an address comparison error. This patch corrects the error. Change-Id: I8eb97cd2a34a81da460f448dc71445b2898a5d32 /system/bt/bta/gatt/bta_gattc_utils.c
6975b4d711142b885af479721cada448952c6b41	06-Aug-2013	Andre Eisenbach <andre@broadcom.com>	LE: UPF 45 bug fixes This change fixes the following issues: - Second GATT-over-BR/EDR channel cannot be established when there already is an existing GATT-over-BR/EDR channel - If encryption fails for an LE connection due to a missing key, the security state is not being cleared and blocks all further security processing - When DM discovery of an LE Peripheral device fails with a connection timeout, no further discovery requests can be made - GATT service discovery can get into endless loop when duplicate descriptor definitions are found on the remote device - When GATT over BR/EDR fails, BTA does not give a connection callback to the application initiating the connection - BR/EDR connection to remote platform does not generate API callbacks - Stack crash discovered during UPF after remote disconnects - The host is sending HCI disconnect to invalid HCI handle when SMP fails because of a connection timeout - Possible race condition: If a disconnect is immediately followed by a connection complete, the connection complete cannot be processed in the BTA GATT state machine - Write Complete event is not triggered for Prepare Write requests Change-Id: I539cdedd68007818ff4f0d0213cee1c913f72d0f Conflicts: bta/gatt/bta_gatts_act.c /system/bt/bta/gatt/bta_gattc_utils.c
ead3cde4bac0c3e32cd31f149093f004eef8ceeb	06-Feb-2013	Ganesh Ganapathi Batta <ganeshg@broadcom.com>	Initial version of BLE support for Bluedroid Change-Id: I9825a5cef9be2559c34c2a529b211b7d471147cf /system/bt/bta/gatt/bta_gattc_utils.c
5738f83aeb59361a0a2eda2460113f6dc9194271	13-Dec-2012	The Android Open Source Project <initial-contribution@android.com>	Snapshot cdeccf6fdd8c2d494ea2867cb37a025bf8879baf Change-Id: Ia2de32ccb97a9641462c72363b0a8c4288f4f36d /system/bt/bta/gatt/bta_gattc_utils.c