Hi Yunhan, On Thu, Oct 25, 2018 at 4:47 AM Yunhan Wang <yunhanw@xxxxxxxxxx> wrote: > > Hi, Luiz > > I am observing the multiple crashes when doing BLE disconnection using > latest bluez master..It looks like the two att_disconnect are > triggered from your last gatt commit.. Please help take a look at this > workaround and comments.. the better solution might be to figure out > how to handle the disconnection along with random address and public > address together regarding the previous issue, Gatt: Subscriptions are > not cleared after disconnection from a temporary device Ive pushed a similar fix, it should remove the handler before calling att_disconnected. > Thanks > Best wishes > Yunhan > On Wed, Oct 24, 2018 at 5:42 PM yunhanw <yunhanw@xxxxxxxxxx> wrote: > > > > When BLE disconnection happens, att_disconnect is triggered from two locations, the new added location is gatt_server_cleanup, it would cause several blueetoothd crashes. This bus is introduced from commit 634f0a6e1125af8d5959bff119d9336a8d81c028, where gatt fix, gatt subscriptions are not cleared after disconnection from a temporary device with private/random address. In order to workaround this issue, btd_gatt_database_att_disconnected can only be triggered when address type is random, and for others, it can continue to use original disconnect code path. > > > > crash 1 > > Program received signal SIGSEGV, Segmentation fault. > > queue_remove (queue=0x30, data=data@entry=0x555555872a40) at /repo/src/shared/queue.c:256 > > 256 for (entry = queue->head, prev = NULL; entry; > > (gdb) backtrace > > at /bluez/repo/src/gatt-database.c:350 > > at bluez/repo/src/shared/queue.c:220 > > at bluez/repo/src/shared/att.c:592 > > at bluez/repo/src/shared/io-glib.c:170 > > > > crash 2 > > at bluez/repo/src/shared/queue.c:220 > > at bluez/repo/src/shared/att.c:592 > > at bluez/repo/src/shared/io-glib.c:170 > > > > (gdb) print state->db->adapter > > Cannot access memory at address 0x61672f6269727474 > > --- > > src/gatt-database.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/src/gatt-database.c b/src/gatt-database.c > > index 783b692d5..2f0eb83b5 100644 > > --- a/src/gatt-database.c > > +++ b/src/gatt-database.c > > @@ -3365,6 +3365,8 @@ void btd_gatt_database_att_disconnected(struct btd_gatt_database *database, > > > > addr = device_get_address(device); > > type = btd_device_get_bdaddr_type(device); > > + if (type != BDADDR_LE_RANDOM) > > + return; > > > > state = find_device_state(database, addr, type); > > if (!state) > > -- > > 2.19.1.568.g152ad8e336-goog > > -- Luiz Augusto von Dentz
