Bluetooth :Fix to avoid the access of JNI gloabal reference object

This is a conrner case where bindandfinish gets called anytime
where adapter state!= STOPPED and calls cleanupNative. Further
while cleanup at lower layer will try to access JNI reference
which is already deleted.

Change-Id: I579bc4015b61ad653f18a5f4a3d26a2508236ff5
CRs-Fixed: 642466

1 files changed, 7 insertions, 4 deletions

diff --git a/jni/com_android_bluetooth_btservice_AdapterService.cpp b/jni/com_android_bluetooth_btservice_AdapterService.cpp
index 65b15780c..6e5e1aa6f 100644
--- a/jni/com_android_bluetooth_btservice_AdapterService.cpp
+++ b/jni/com_android_bluetooth_btservice_AdapterService.cpp
@@ -53,7 +53,7 @@ static const btsock_interface_t *sBluetoothSocketInterface = NULL;
 static const btmce_interface_t *sBluetoothMceInterface = NULL;
 static JNIEnv *callbackEnv = NULL;
 
-static jobject sJniCallbacksObj;
+static jobject sJniCallbacksObj = NULL;
 static jfieldID sJniCallbacksField;
 
 
@@ -89,9 +89,11 @@ static void adapter_state_change_callback(bt_state_t status) {
        return;
     }
     ALOGV("%s: Status is: %d", __FUNCTION__, status);
-
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_stateChangeCallback, (jint)status);
-
+    if(sJniCallbacksObj) {
+       callbackEnv->CallVoidMethod(sJniCallbacksObj, method_stateChangeCallback, (jint)status);
+    } else {
+       ALOGE("JNI ERROR : JNI reference already cleaned : adapter_state_change_callback", __FUNCTION__);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
 }
 
@@ -656,6 +658,7 @@ static bool cleanupNative(JNIEnv *env, jobject obj) {
     ALOGI("%s: return from cleanup",__FUNCTION__);
 
     env->DeleteGlobalRef(sJniCallbacksObj);
+    sJniCallbacksObj = NULL;
     return JNI_TRUE;
 }