BLE is disconnected due to BLE service record discovery failure.
the root cause of the problem is:
In BLE GATT client state machine, When It is in discovery state,
any command to access the service, characteristic and descriptor
will be queued, these commands will be executed after BLE service
discovery complete. When we queue the command, we will copy these
message. The problem is we didn't copy these message correctly.
We didn't deep copy these messages. There are pointers inside
these messages. These pointers are still point to the old message
which are already freed. When the messages are reused, the original
content will lost. The queued commands will be corrupted.
This is very serious issue, which can cause a lot of stability problem.
1 file changed