New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 708291 link

Starred by 5 users

Issue metadata

Status: Untriaged
Owner: ----
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug-Regression

Blocked on:
issue 704196
issue 708257



Sign in to add a comment

Bluetooth Low Energy Buffer Overflow Causing Service Query Failure

Reported by m...@fingerfoodstudios.com, Apr 4 2017

Issue description

UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Platform: 9202.56.1 (Official Build) stable-channel gandof

Steps to reproduce the problem:
1. Open crosh -> shell -> sudo btmon
2. Open chrome://bluetooth-internals
3.Attempt to connect to a BTLE device
4. Disconnect or attempt to connect to a different BTLE device
5. Observe that the .getServices() method is returning nothing, or failing
6. Observe in the btmon that there has been a buffer overflow
7. Attempt to connect to various other BTLE devices in the chrome://bluetooth-internals and observe various failure states, no services being returned, and rarely get the appropriate service list

What is the expected behavior?
The .getServices() method returns a list of available services for the BTLE Device regularly without failing.

What went wrong?
The BT stack experiences a buffer overflow on connection and then fails to connect _after_ the original connection. Usually the first connection does not fail. The only solution is to restart the device. Turning the adapter on and off does not solve.

Did this work before? Yes Chrome 56.*

Does this work in other browsers? Yes

Chrome version: 57.0.2987.128  Channel: stable
OS Version: 57.0.2987.128
Flash Version: 25.0.0.127
 
Screenshot 2017-04-04 at 12.14.26 PM.png
316 KB View Download
Screenshot 2017-04-04 at 12.21.29 PM.png
433 KB View Download
Cc: r...@chromium.org mcchou@chromium.org
Components: -Blink>Bluetooth OS>Systems>Bluetooth
Status: Untriaged (was: Unconfirmed)
Blockedon: 708257
Labels: -Hotlist-Interop
btmon crash is probably related to 128bit UUID, fixed in 5.42
See https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=c318b332b8144c0fcb39b0af672eeb737b64bc24

Hopefully with BlueZ 5.44 branch coming soon, this will be solved: https://bugs.chromium.org/p/chromium/issues/detail?id=708257
Blockedon: 704196
Error still occurring as of 05/30/2017. Resulted in hard lock of device that needed reset.
Labels: Needs-Feedback
Hi Matt, is this still happening?

Sign in to add a comment