Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bluetoothd crashes when discover_devices is terminated #9

Closed
AndreRH opened this issue Aug 11, 2021 · 2 comments
Closed

bluetoothd crashes when discover_devices is terminated #9

AndreRH opened this issue Aug 11, 2021 · 2 comments
Assignees
Labels
external caused by bluetoothd or kernel

Comments

@AndreRH
Copy link

AndreRH commented Aug 11, 2021

Which leads to a crash of bluetoothd at least on ARMv7 with versions 5.55 and 5.60:
free(): invalid next size (fast)

Limited testing on x86_64 shows no crash with 5.48, though the stop_fn never get's called as well.

Reason:
discover_devices() holds a SingleSessionToken while single_session() spawns a task waiting to receive something on the other end of the channel. AFAICT it won't ever receive something, so the stop_fn is never called which would stop the discovery and clean up.

How to reproduce:
run RUST_LOG=trace ./discover_devices and hit CTRL+C, notice a log missing "StopDiscovery" like:

'''
[2021-08-11T12:47:23Z TRACE bluer::session] Connected to D-Bus with unique name :1.4321
[2021-08-11T12:47:23Z TRACE mio::poll] registering event source with poller: token=Token(0), interests=READABLE
[2021-08-11T12:47:23Z TRACE bluer::session] Starting event loop for :1.4321
Discovering devices using Bluetooth adapater hci0

[2021-08-11T12:47:23Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.Adapter1.Powered := true
[2021-08-11T12:47:23Z TRACE bluer::session] Starting new single session for /org/bluez/hci0
[2021-08-11T12:47:23Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.Adapter1.SetDiscoveryFilter ({"UUIDs": Variant([]), "Transport": Variant("auto"), "DuplicateData": Variant(false), "Discoverable": Variant(false)},)
[2021-08-11T12:47:23Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.Adapter1.SetDiscoveryFilter (...) -> Ok(())
[2021-08-11T12:47:23Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.Adapter1.StartDiscovery ()
[2021-08-11T12:47:23Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.Adapter1.StartDiscovery (...) -> Ok(())
[2021-08-11T12:47:23Z TRACE bluer::session] Adding event subscription for /org/bluez/hci0 with child_objects=true
[2021-08-11T12:47:23Z TRACE bluer::session] Event: PropertiesChanged { object: Path("/org/bluez/hci0\u{0}"), interface: "org.bluez.Adapter1", changed: {"Discovering": Variant(true)} }
...
^C
'''

If you modify the discover_devices example to drop the adapter earlier, then there's still no "StopDiscovery" in the log as expected

@surban surban self-assigned this Aug 12, 2021
@surban surban added the bug Something isn't working label Aug 12, 2021
@surban
Copy link
Collaborator

surban commented Aug 26, 2021

Hi,

the discover_devices example registers no SIGINT handler, so when you press CTRL+C the process is terminated immediately without cleanup. This should not matter as bluetoothd as an operating system service must handle the case of sudden process termination gracefully.

If you change discover_devices like this https://gist.github.com/surban/788203c5d7211a5b2e3d92f68382ef3e it will indeed stop the discovery session:

Terminating...
[2021-08-26T09:55:37Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.StopDiscovery ()
[2021-08-26T09:55:37Z TRACE bluer::adapter] /org/bluez/hci0: org.bluez.StopDiscovery () -> Ok(())
[2021-08-26T09:55:37Z TRACE bluer::session] Terminated single session for /org/bluez/hci0
[2021-08-26T09:55:37Z TRACE bluer::session] Event: ObjectRemoved { object: Path("/org/bluez/hci0/dev_7D_DD_0D_40_60_B9\u{0}"), interfaces: {"org.bluez.Device1", "org.freedesktop.DBus.Properties", "org.freedesktop.DBus.Introspectable"} }
[2021-08-26T09:55:40Z TRACE mio::poll] deregistering event source from poller

Could you report this bug again against bluetoothd?

Sebastian

@surban surban added external caused by bluetoothd or kernel and removed bug Something isn't working labels Aug 26, 2021
@surban surban changed the title stop_fn never get's called bluetoothd crashes when discover_devices is terminated Aug 26, 2021
@AndreRH
Copy link
Author

AndreRH commented Aug 27, 2021

thanks for investigation
see bluez/bluez#196

@AndreRH AndreRH closed this as completed Aug 27, 2021
otaviojr added a commit to otaviojr/bluer that referenced this issue May 10, 2023
# This is the 1st commit message:

BLE Passive Scanning

# This is the commit message #2:

monitor

# This is the commit message bluez#3:

monitor

# This is the commit message bluez#4:

monitor

# This is the commit message bluez#5:

monitor

# This is the commit message bluez#6:

monitor

# This is the commit message bluez#7:

monitor

# This is the commit message bluez#8:

monitor

# This is the commit message bluez#9:

monitor

# This is the commit message bluez#10:

monitor

# This is the commit message bluez#11:

monitor

# This is the commit message bluez#12:

monitor

# This is the commit message bluez#13:

monitor

# This is the commit message bluez#14:

monitor

# This is the commit message bluez#15:

monitor

# This is the commit message bluez#16:

monitor

# This is the commit message bluez#17:

monitor

# This is the commit message bluez#18:

monitor

# This is the commit message bluez#19:

monitor

# This is the commit message bluez#20:

monitor

# This is the commit message bluez#21:

monitor

# This is the commit message bluez#22:

monitor

# This is the commit message bluez#23:

monitor

# This is the commit message bluez#24:

monitor

# This is the commit message bluez#25:

monitor

# This is the commit message bluez#26:

monitor

# This is the commit message bluez#27:

monitor

# This is the commit message bluez#28:

monitor

# This is the commit message bluez#29:

monitor

# This is the commit message bluez#30:

monitor

# This is the commit message bluez#31:

monitor

# This is the commit message bluez#32:

monitor

# This is the commit message bluez#33:

monitor

# This is the commit message bluez#34:

monitor

# This is the commit message bluez#35:

monitor

# This is the commit message bluez#36:

monitor

# This is the commit message bluez#37:

monitor

# This is the commit message bluez#38:

monitor

# This is the commit message bluez#39:

monitor

# This is the commit message bluez#40:

monitor

# This is the commit message bluez#41:

monitor

# This is the commit message bluez#42:

monitor

# This is the commit message bluez#43:

monitor

# This is the commit message bluez#44:

monitor

# This is the commit message bluez#45:

monitor

# This is the commit message bluez#46:

monitor

# This is the commit message bluez#47:

monitor

# This is the commit message bluez#48:

monitor

# This is the commit message bluez#49:

monitor

# This is the commit message bluez#50:

monitor

# This is the commit message bluez#51:

monitor

# This is the commit message bluez#52:

monitor

# This is the commit message bluez#53:

monitor

# This is the commit message bluez#54:

monitor

# This is the commit message bluez#55:

monitor

# This is the commit message bluez#56:

monitor

# This is the commit message bluez#57:

monitor

# This is the commit message bluez#58:

monitor

# This is the commit message bluez#59:

monitor

# This is the commit message bluez#60:

monitor

# This is the commit message bluez#61:

monitor

# This is the commit message bluez#62:

monitor
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
external caused by bluetoothd or kernel
Projects
None yet
Development

No branches or pull requests

2 participants