Fix crash issue

0  0xaae6c8da in notify_io_destroy (data=0xac2cbcb0) at src/gatt-client.c:1698
1698            DBG("notify_io destroyed. length: %d", queue_length(client->chrc->notify_clients));
(gdb) info args
data = 0xac2cbcb0
(gdb) p client
$1 = (struct notify_client *) 0xac2cbcb0
(gdb) p *client
$2 = {chrc = 0x0, ref_count = 0, owner = 0x0, watch = 0, notify_id = 56}

$1 = (struct notify_client *) 0x55a1388d20
(gdb)
$2 = (struct notify_client *) 0x55a1388d20
(gdb) p *client
p *client
$3 = {chrc = 0x1, ref_count = 0, owner = 0x0, watch = 0, notify_id = 0}

Change-Id: Icb84e5995d7a2cd5ce1447d075a30ce1cc1a2f2f
Signed-off-by: Wootak Jung <wootak.jung@samsung.com>

diff --git a/src/gatt-client.c b/src/gatt-client.c
index 2eaf519..44dbbe3 100644 (file)
--- a/src/gatt-client.c
+++ b/src/gatt-client.c
@@ -1681,6 +1681,10 @@ static void register_notify_io_cb(uint16_t att_ecode, void *user_data)
 
        if (att_ecode) {
                queue_remove(chrc->notify_clients, client);
+#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
+               sock_io_destroy(chrc->notify_io);
+               chrc->notify_io = NULL;
+#endif
                notify_client_free(client);
                return;
        }
@@ -1700,6 +1704,11 @@ static void notify_io_destroy(void *data)
 {
        struct notify_client *client = data;
 
+#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
+       if (!client || !client->chrc)
+               return;
+#endif
+
        if (queue_remove(client->chrc->notify_clients, client))
                notify_client_unref(client);
 }
@@ -1772,6 +1781,13 @@ static DBusMessage *characteristic_start_notify(DBusConnection *conn,
        struct notify_client *client;
        struct btd_device *device = chrc->service->client->device;
 
+#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
+       if (device_get_gatt_connected(device) == FALSE) {
+               error("GATT not connected");
+               return btd_error_not_connected(msg);
+       }
+#endif
+
        if (device_is_disconnecting(device)) {
                error("Device is disconnecting. StartNotify is not allowed.");
                return btd_error_not_connected(msg);
@@ -2002,6 +2018,9 @@ static void characteristic_free(void *data)
 
        g_free(chrc->path);
        free(chrc);
+#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
+       chrc = NULL;
+#endif
 }
 
 static void att_exchange(uint16_t mtu, void *user_data)