Add a log message to capture NULL pointer in l2c_link_hci_disc_comp()
Added a log message inside l2c_link_hci_disc_comp() to help capture
a NULL pointer p_lcb->p_fixed_ccbs[xx] that triggers SIGSEGV crash.
Also, updated the typedef of bdstr_t and moved it to
file "btcore/include/bdaddr.h"
Bug: 28765514
Change-Id: Iacd9376cfb9e18b58e18865581da8edad9f68821
diff --git a/bta/gatt/bta_gattc_utils.c b/bta/gatt/bta_gattc_utils.c
index 3aa55f8..bd0d466 100644
--- a/bta/gatt/bta_gattc_utils.c
+++ b/bta/gatt/bta_gattc_utils.c
@@ -33,7 +33,6 @@
#include "bta_gattc_int.h"
#include "bta_sys.h"
#include "btcore/include/bdaddr.h"
-#include "btif/include/btif_util.h"
#include "bt_common.h"
#include "l2c_api.h"
#include "utl.h"
diff --git a/btcore/include/bdaddr.h b/btcore/include/bdaddr.h
index a1c282d..ec8a1ee 100644
--- a/btcore/include/bdaddr.h
+++ b/btcore/include/bdaddr.h
@@ -34,6 +34,8 @@
// both uppercase and lowercase digits but will only ever produce lowercase
// digits.
+typedef char bdstr_t[sizeof("xx:xx:xx:xx:xx:xx")];
+
// Returns true if |addr| is the empty address (00:00:00:00:00:00).
// |addr| may not be NULL.
bool bdaddr_is_empty(const bt_bdaddr_t *addr);
@@ -65,4 +67,4 @@
#ifdef __cplusplus
}
-#endif
\ No newline at end of file
+#endif
diff --git a/btif/co/bta_hh_co.cc b/btif/co/bta_hh_co.cc
index be5d5d8..6aa3a17 100644
--- a/btif/co/bta_hh_co.cc
+++ b/btif/co/bta_hh_co.cc
@@ -35,6 +35,7 @@
#include "bta_hh_api.h"
#include "btif_util.h"
#include "bta_hh_co.h"
+#include "btcore/include/bdaddr.h"
const char *dev_path = "/dev/uhid";
diff --git a/btif/include/btif_util.h b/btif/include/btif_util.h
index c17a156..06cf383 100644
--- a/btif/include/btif_util.h
+++ b/btif/include/btif_util.h
@@ -43,9 +43,6 @@
** Type definitions for callback functions
********************************************************************************/
-typedef char bdstr_t[18];
-
-
/*******************************************************************************
** Functions
********************************************************************************/
diff --git a/stack/l2cap/l2c_link.c b/stack/l2cap/l2c_link.c
index aea2f73..2fefd13 100644
--- a/stack/l2cap/l2c_link.c
+++ b/stack/l2cap/l2c_link.c
@@ -24,6 +24,7 @@
*
******************************************************************************/
+#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
@@ -39,6 +40,7 @@
#include "btu.h"
#include "btm_api.h"
#include "btm_int.h"
+#include "btcore/include/bdaddr.h"
extern fixed_queue_t *btu_general_alarm_queue;
@@ -450,7 +452,7 @@
else
#endif
{
- #if (L2CAP_NUM_FIXED_CHNLS > 0)
+#if (L2CAP_NUM_FIXED_CHNLS > 0)
/* If we are going to re-use the LCB without dropping it, release all fixed channels
here */
int xx;
@@ -465,6 +467,19 @@
(*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL,
p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, BT_TRANSPORT_BR_EDR);
#endif
+ if (p_lcb->p_fixed_ccbs[xx] == NULL) {
+ bdstr_t bd_addr_str = {0};
+ L2CAP_TRACE_ERROR("%s: unexpected p_fixed_ccbs[%d] is NULL remote_bd_addr = %s p_lcb = %p in_use = %d link_state = %d handle = %d link_role = %d is_bonding = %d disc_reason = %d transport = %d",
+ __func__, xx,
+ bdaddr_to_string((bt_bdaddr_t *)&p_lcb->remote_bd_addr,
+ bd_addr_str,
+ sizeof(bd_addr_str)),
+ p_lcb, p_lcb->in_use,
+ p_lcb->link_state, p_lcb->handle,
+ p_lcb->link_role, p_lcb->is_bonding,
+ p_lcb->disc_reason, p_lcb->transport);
+ }
+ assert(p_lcb->p_fixed_ccbs[xx] != NULL);
l2cu_release_ccb (p_lcb->p_fixed_ccbs[xx]);
p_lcb->p_fixed_ccbs[xx] = NULL;
