Loading system/btif/include/btif_common.h +17 −1 Original line number Diff line number Diff line Loading @@ -43,6 +43,22 @@ #define BTIF_SIG_CB_BIT (0x8000) #define BTIF_SIG_CB_START(id) (((id) << 8) | BTIF_SIG_CB_BIT) /* * A memcpy(3) wrapper when copying memory that might not be aligned. * * On certain architectures, if the memcpy(3) arguments appear to be * pointing to aligned memory (e.g., struct pointers), the compiler might * generate optimized memcpy(3) code. However, if the original memory was not * aligned (e.g., because of incorrect "char *" to struct pointer casting), * the result code might trigger SIGBUS crash. * * As a short-term solution, we use the help of the maybe_non_aligned_memcpy() * macro to identify and fix such cases. In the future, we should fix the * problematic "char *" to struct pointer casting, and this macro itself should * be removed. */ #define maybe_non_aligned_memcpy(_a, _b, _c) memcpy((void *)(_a), (_b), (_c)) /* BTIF sub-systems */ #define BTIF_CORE 0 #define BTIF_DM 1 Loading Loading @@ -174,7 +190,7 @@ typedef struct /* parameters passed to callback */ UINT16 event; /* message event id */ char p_param[0]; /* parameter area needs to be last */ char __attribute__ ((aligned)) p_param[]; /* parameter area needs to be last */ } tBTIF_CONTEXT_SWITCH_CBACK; Loading system/btif/src/btif_av.c +1 −1 Original line number Diff line number Diff line Loading @@ -892,7 +892,7 @@ void btif_av_event_deep_copy(UINT16 event, char *p_dest, char *p_src) tBTA_AV *av_dest = (tBTA_AV *)p_dest; // First copy the structure memcpy(p_dest, p_src, sizeof(tBTA_AV)); maybe_non_aligned_memcpy(av_dest, av_src, sizeof(*av_src)); switch (event) { Loading system/btif/src/btif_dm.c +3 −3 Original line number Diff line number Diff line Loading @@ -241,7 +241,7 @@ static void btif_dm_data_copy(uint16_t event, char *dst, char *src) return; assert(dst_dm_sec); memcpy(dst_dm_sec, src_dm_sec, sizeof(tBTA_DM_SEC)); maybe_non_aligned_memcpy(dst_dm_sec, src_dm_sec, sizeof(*src_dm_sec)); if (event == BTA_DM_BLE_KEY_EVT) { Loading Loading @@ -777,7 +777,7 @@ static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src) return; BTIF_TRACE_DEBUG("%s: event=%s", __FUNCTION__, dump_dm_search_event(event)); memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); switch (event) { case BTA_DM_INQ_RES_EVT: Loading Loading @@ -810,7 +810,7 @@ static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src) if (!p_src) return; memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); switch (event) { case BTA_DM_DISC_RES_EVT: Loading system/btif/src/btif_gatt_client.c +2 −2 Original line number Diff line number Diff line Loading @@ -313,7 +313,7 @@ static void btapp_gattc_req_data(UINT16 event, char *p_dest, char *p_src) return; // Copy basic structure first memcpy(p_dest_data, p_src_data, sizeof(tBTA_GATTC)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); // Allocate buffer for request data if necessary switch (event) Loading Loading @@ -1831,7 +1831,7 @@ static void btif_gattc_deep_copy(UINT16 event, char *p_dest, char *p_src) { const btif_adv_data_t *src = (btif_adv_data_t*) p_src; btif_adv_data_t *dst = (btif_adv_data_t*) p_dest; memcpy(dst, src, sizeof(*src)); maybe_non_aligned_memcpy(dst, src, sizeof(*src)); if (src->p_manufacturer_data) { Loading system/btif/src/btif_gatt_server.c +1 −1 Original line number Diff line number Diff line Loading @@ -124,7 +124,7 @@ static void btapp_gatts_copy_req_data(UINT16 event, char *p_dest, char *p_src) return; // Copy basic structure first memcpy(p_dest_data, p_src_data, sizeof(tBTA_GATTS)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); // Allocate buffer for request data if necessary switch (event) Loading Loading
system/btif/include/btif_common.h +17 −1 Original line number Diff line number Diff line Loading @@ -43,6 +43,22 @@ #define BTIF_SIG_CB_BIT (0x8000) #define BTIF_SIG_CB_START(id) (((id) << 8) | BTIF_SIG_CB_BIT) /* * A memcpy(3) wrapper when copying memory that might not be aligned. * * On certain architectures, if the memcpy(3) arguments appear to be * pointing to aligned memory (e.g., struct pointers), the compiler might * generate optimized memcpy(3) code. However, if the original memory was not * aligned (e.g., because of incorrect "char *" to struct pointer casting), * the result code might trigger SIGBUS crash. * * As a short-term solution, we use the help of the maybe_non_aligned_memcpy() * macro to identify and fix such cases. In the future, we should fix the * problematic "char *" to struct pointer casting, and this macro itself should * be removed. */ #define maybe_non_aligned_memcpy(_a, _b, _c) memcpy((void *)(_a), (_b), (_c)) /* BTIF sub-systems */ #define BTIF_CORE 0 #define BTIF_DM 1 Loading Loading @@ -174,7 +190,7 @@ typedef struct /* parameters passed to callback */ UINT16 event; /* message event id */ char p_param[0]; /* parameter area needs to be last */ char __attribute__ ((aligned)) p_param[]; /* parameter area needs to be last */ } tBTIF_CONTEXT_SWITCH_CBACK; Loading
system/btif/src/btif_av.c +1 −1 Original line number Diff line number Diff line Loading @@ -892,7 +892,7 @@ void btif_av_event_deep_copy(UINT16 event, char *p_dest, char *p_src) tBTA_AV *av_dest = (tBTA_AV *)p_dest; // First copy the structure memcpy(p_dest, p_src, sizeof(tBTA_AV)); maybe_non_aligned_memcpy(av_dest, av_src, sizeof(*av_src)); switch (event) { Loading
system/btif/src/btif_dm.c +3 −3 Original line number Diff line number Diff line Loading @@ -241,7 +241,7 @@ static void btif_dm_data_copy(uint16_t event, char *dst, char *src) return; assert(dst_dm_sec); memcpy(dst_dm_sec, src_dm_sec, sizeof(tBTA_DM_SEC)); maybe_non_aligned_memcpy(dst_dm_sec, src_dm_sec, sizeof(*src_dm_sec)); if (event == BTA_DM_BLE_KEY_EVT) { Loading Loading @@ -777,7 +777,7 @@ static void search_devices_copy_cb(UINT16 event, char *p_dest, char *p_src) return; BTIF_TRACE_DEBUG("%s: event=%s", __FUNCTION__, dump_dm_search_event(event)); memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); switch (event) { case BTA_DM_INQ_RES_EVT: Loading Loading @@ -810,7 +810,7 @@ static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src) if (!p_src) return; memcpy(p_dest_data, p_src_data, sizeof(tBTA_DM_SEARCH)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); switch (event) { case BTA_DM_DISC_RES_EVT: Loading
system/btif/src/btif_gatt_client.c +2 −2 Original line number Diff line number Diff line Loading @@ -313,7 +313,7 @@ static void btapp_gattc_req_data(UINT16 event, char *p_dest, char *p_src) return; // Copy basic structure first memcpy(p_dest_data, p_src_data, sizeof(tBTA_GATTC)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); // Allocate buffer for request data if necessary switch (event) Loading Loading @@ -1831,7 +1831,7 @@ static void btif_gattc_deep_copy(UINT16 event, char *p_dest, char *p_src) { const btif_adv_data_t *src = (btif_adv_data_t*) p_src; btif_adv_data_t *dst = (btif_adv_data_t*) p_dest; memcpy(dst, src, sizeof(*src)); maybe_non_aligned_memcpy(dst, src, sizeof(*src)); if (src->p_manufacturer_data) { Loading
system/btif/src/btif_gatt_server.c +1 −1 Original line number Diff line number Diff line Loading @@ -124,7 +124,7 @@ static void btapp_gatts_copy_req_data(UINT16 event, char *p_dest, char *p_src) return; // Copy basic structure first memcpy(p_dest_data, p_src_data, sizeof(tBTA_GATTS)); maybe_non_aligned_memcpy(p_dest_data, p_src_data, sizeof(*p_src_data)); // Allocate buffer for request data if necessary switch (event) Loading
