From af63c93955276e85b928bdb16d4b4dda673d4b34 Mon Sep 17 00:00:00 2001 From: Damien Espitallier Date: Fri, 14 Mar 2025 06:44:04 +0100 Subject: [PATCH 1/2] host: prevent timing issue if indication ack is received before proc being inserted --- nimble/host/src/ble_gattc.c | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/nimble/host/src/ble_gattc.c b/nimble/host/src/ble_gattc.c index 0ff4ec28e6..b400babb4b 100644 --- a/nimble/host/src/ble_gattc.c +++ b/nimble/host/src/ble_gattc.c @@ -977,6 +977,16 @@ ble_gattc_proc_matches_conn_rx_entry(struct ble_gattc_proc *proc, void *arg) return (criteria->matching_rx_entry != NULL); } +static int +ble_gattc_proc_equals(struct ble_gattc_proc *proc, void *arg) +{ + struct ble_gattc_proc *criteria; + + criteria = arg; + + return proc == criteria; +} + static void ble_gattc_extract(ble_gattc_match_fn *cb, void *arg, int max_procs, struct ble_gattc_proc_list *dst_list) @@ -4687,12 +4697,6 @@ ble_gatts_indicate_custom(uint16_t conn_handle, uint16_t chr_val_handle, } } - rc = ble_att_clt_tx_indicate(conn_handle, proc->cid, chr_val_handle, txom); - txom = NULL; - if (rc != 0) { - goto done; - } - ble_hs_lock(); conn = ble_hs_conn_find(conn_handle); if (conn != NULL) { @@ -4701,6 +4705,14 @@ ble_gatts_indicate_custom(uint16_t conn_handle, uint16_t chr_val_handle, } ble_hs_unlock(); + ble_gattc_process_status(proc, 0); + + rc = ble_att_clt_tx_indicate(conn_handle, proc->cid, chr_val_handle, txom); + txom = NULL; + if (rc != 0) { + goto done; + } + done: if (rc != 0) { STATS_INC(ble_gattc_stats, indicate_fail); @@ -4709,7 +4721,13 @@ ble_gatts_indicate_custom(uint16_t conn_handle, uint16_t chr_val_handle, /* Tell the application that an indication transmission was attempted. */ ble_gap_notify_tx_event(rc, conn_handle, chr_val_handle, 1); - ble_gattc_process_status(proc, rc); + if(rc != 0) { + //remove the proc if tx failed + ble_gattc_extract_one(ble_gattc_proc_equals, proc); + if(proc != NULL) { + ble_gattc_process_status(proc, rc); + } + } os_mbuf_free_chain(txom); return rc; } From 907340b78f8fd07f0279c9c2b1ebfa00ddd2c871 Mon Sep 17 00:00:00 2001 From: Damien Espitallier Date: Thu, 20 Mar 2025 05:58:57 +0100 Subject: [PATCH 2/2] fix: coding style --- nimble/host/src/ble_gattc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nimble/host/src/ble_gattc.c b/nimble/host/src/ble_gattc.c index b400babb4b..3dc40c5ac9 100644 --- a/nimble/host/src/ble_gattc.c +++ b/nimble/host/src/ble_gattc.c @@ -4721,10 +4721,10 @@ ble_gatts_indicate_custom(uint16_t conn_handle, uint16_t chr_val_handle, /* Tell the application that an indication transmission was attempted. */ ble_gap_notify_tx_event(rc, conn_handle, chr_val_handle, 1); - if(rc != 0) { + if (rc != 0) { //remove the proc if tx failed ble_gattc_extract_one(ble_gattc_proc_equals, proc); - if(proc != NULL) { + if (proc != NULL) { ble_gattc_process_status(proc, rc); } }