Crashes in BleScanner and BleAdvertiser |
|||||
Issue descriptionI just reproduced a crash in BleScanner and BleAdvertiser during shutdown. The crash occurs because after these classes notify TetherComponentImpl that they are finished shutting down asynchronously, they may be deleted. However, after they notify observers, they continue operating on instance fields, which can be deleted by this point. Example here: Thread 1 "chrome" received signal SIGSEGV, Segmentation fault. warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) 0x0000569f5b90cf43 in chromeos::tether::BleScannerImpl::OnDiscoverySessionStopped() () at ../../chromeos/components/tether/ble_scanner_impl.cc:203 203 ../../chromeos/components/tether/ble_scanner_impl.cc: No such file or directory. warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) (gdb) bt warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) #0 0x0000569f5b90cf43 in chromeos::tether::BleScannerImpl::OnDiscoverySessionStopped() () at ../../chromeos/components/tether/ble_scanner_impl.cc:203 warning: (Internal error: pc 0x569f5b90cf43 in read in CU, but not in symtab.) warning: Could not find DWO CU obj/device/bluetooth/bluetooth/bluetooth_adapter_bluez.dwo(0xa30ac13a0ad77adb) referenced by CU at offset 0x8318f [in module /opt/google/chrome/chrome] warning: (Internal error: pc 0x569f5a49559d in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5a495520 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5a49559d in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5a49559d in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f5a49559d in read in CU, but not in symtab.) #1 0x0000569f5a49559e in bluez::BluetoothAdapterBlueZ::OnStopDiscovery(base::RepeatingCallback<void ()> const&) () at ../../base/callback.h:92 warning: (Internal error: pc 0x569f5a49559d in read in CU, but not in symtab.) warning: Could not find DWO CU obj/dbus/dbus/object_proxy.dwo(0x995bf590bab46c88) referenced by CU at offset 0x773af [in module /opt/google/chrome/chrome] warning: (Internal error: pc 0x569f59f89504 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f89490 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f89504 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f89504 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f89504 in read in CU, but not in symtab.) #2 0x0000569f59f89505 in base::internal::Invoker<base::internal::BindState<dbus::ObjectProxy::CallMethodWithErrorCallback(dbus::MethodCall*, int, base::OnceCallback<void (dbus::Response*)>, base::OnceCallback<void (dbus::ErrorResponse*)>)::$_0, base::OnceCallback<void (dbus::Response*)>, base::OnceCallback<void (dbus::ErrorResponse*)> >, void (dbus::Response*, dbus::ErrorResponse*)>::RunOnce(base::internal::BindStateBase*, dbus::Response*&&, dbus::ErrorResponse*&&) () at ../../base/callback.h:64 warning: (Internal error: pc 0x569f59f89504 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f86caa in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f86caa in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f86c50 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f86caa in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f86caa in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f86caa in read in CU, but not in symtab.) #3 0x0000569f59f86cab in dbus::ObjectProxy::RunCallMethodInternalCallback(base::OnceCallback<void (dbus::Response*, dbus::ErrorResponse*)>, base::TimeTicks, dbus::Response*, dbus::ErrorResponse*) () at ../../base/callback.h:64 warning: (Internal error: pc 0x569f59f86caa in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f8989e in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f8989e in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f89840 in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f8989e in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f8989e in read in CU, but not in symtab.) warning: (Internal error: pc 0x569f59f8989e in read in CU, but not in symtab.) #4 0x0000569f59f8989f in base::internal::Invoker<base::internal::BindState<void (dbus::ObjectProxy::*)(base::OnceCallback<void (dbus::Response*, dbus::ErrorResponse*)>, base::TimeTicks, dbus::Response*, dbus::ErrorResponse*), scoped_refptr<dbus::ObjectProxy>, base::OnceCallback<void (dbus::Response*, dbus::ErrorResponse*)>, base::TimeTicks, dbus::Response*, dbus::ErrorResponse*>, void ()>::RunOnce(base::internal::BindStateBase*) () at ../../base/bind_internal.h:194 warning: (Internal error: pc 0x569f59f8989e in read in CU, but not in symtab.) warning: Could not find DWO CU obj/base/base/post_task_and_reply_impl.dwo(0xf26d03e8a60fbdeb) referenced by CU at offset 0x58c33 [in module /opt/google/chrome/chrome] #5 0x0000569f594f5576 in base::(anonymous namespace)::PostTaskAndReplyRelay::RunTaskAndPostReply() () at ../../base/callback.h:64 warning: Could not find DWO CU obj/base/base/task_annotator.dwo(0x426930b7f09bfdf2) referenced by CU at offset 0x56ec3 [in module /opt/google/chrome/chrome] #6 0x0000569f59497649 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) () at ../../base/callback.h:64 warning: Could not find DWO CU obj/base/base/message_loop.dwo(0x798cc402e3a849b0) referenced by CU at offset 0x5789b [in module /opt/google/chrome/chrome] #7 0x0000569f594b15b7 in base::MessageLoop::RunTask(base::PendingTask*) () at ../../base/message_loop/message_loop.cc:392 #8 0x0000569f594b1b48 in base::MessageLoop::DoWork() () at ../../base/message_loop/message_loop.cc:404 warning: Could not find DWO CU obj/base/base/message_pump_libevent.dwo(0xde0c78221b88972c) referenced by CU at offset 0x57933 [in module /opt/google/chrome/chrome] #9 0x0000569f594b2e39 in base::MessagePumpLibevent::Run(base::MessagePump::Delegate*) () at ../../base/message_loop/message_pump_libevent.cc:220 warning: Could not find DWO CU obj/base/base/run_loop.dwo(0x4d3f8c001ba658ba) referenced by CU at offset 0x58287 [in module /opt/google/chrome/chrome] #10 0x0000569f594d242a in base::RunLoop::Run() () at ../../base/run_loop.cc:118 warning: Could not find DWO CU obj/chrome/browser/browser/chrome_browser_main.dwo(0x1e8c2024fc9d53c3) referenced by CU at offset 0x4c26b [in module /opt/google/chrome/chrome] #11 0x0000569f591a8658 in ChromeBrowserMainParts::MainMessageLoopRun(int*) () at ../../chrome/browser/chrome_browser_main.cc:1919 warning: Could not find DWO CU obj/content/browser/browser/browser_main_loop.dwo(0xc3ee4fe745c96cee) referenced by CU at offset 0x1c2da [in module /opt/google/chrome/chrome] #12 0x0000569f57d95034 in content::BrowserMainLoop::RunMainMessageLoopParts() () at ../../content/browser/browser_main_loop.cc:1205 warning: Could not find DWO CU obj/content/browser/browser/browser_main_runner.dwo(0x62cc167353473e9e) referenced by CU at offset 0x1c30e [in module /opt/google/chrome/chrome] #13 0x0000569f57d97cf2 in content::BrowserMainRunnerImpl::Run() () at ../../content/browser/browser_main_runner.cc:140 warning: Could not find DWO CU obj/content/browser/browser/browser_main.dwo(0xb9bd5a4a6b75e30b) referenced by CU at offset 0x1c2a6 [in module /opt/google/chrome/chrome] #14 0x0000569f57d90f0c in content::BrowserMain(content::MainFunctionParams const&) () at ../../content/browser/browser_main.cc:46 warning: Could not find DWO CU obj/content/app/content_main_runner_both/content_main_runner.dwo(0x51a9a9b21c10273d) referenced by CU at offset 0x4be13 [in module /opt/google/chrome/chrome] #15 0x0000569f591954cf in content::ContentMainRunnerImpl::Run() () at ../../content/app/content_main_runner.cc:707 warning: Could not find DWO CU obj/services/service_manager/embedder/embedder/main.dwo(0x9dcf3b0681caa007) referenced by CU at offset 0x4c03b [in module /opt/google/chrome/chrome] #16 0x0000569f5919e71d in service_manager::Main(service_manager::MainParams const&) () at ../../services/service_manager/embedder/main.cc:453 warning: Could not find DWO CU obj/content/app/both/content_main.dwo(0xffaf470623bdef88) referenced by CU at offset 0x4bde3 [in module /opt/google/chrome/chrome] #17 0x0000569f591944b1 in content::ContentMain(content::ContentMainParams const&) () at ../../content/app/content_main.cc:19 warning: Could not find DWO CU obj/chrome/chrome_initial/chrome_main.dwo(0x90eba4dd314197d7) referenced by CU at offset 0x30 [in module /opt/google/chrome/chrome] #18 0x0000569f576fd848 in ChromeMain () at ../../chrome/app/chrome_main.cc:123 #19 0x00007fd181430736 in __libc_start_main (main=0x569f576fd760 <main>, argc=37, argv=0x7fffceb787a8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffceb78798) at ../csu/libc-start.c:289 #20 0x0000569f576fd629 in _start ()
,
Oct 20 2017
,
Oct 20 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/cad2e240d654315854eb32b332704ed99199f7bf commit cad2e240d654315854eb32b332704ed99199f7bf Author: Kyle Horimoto <khorimoto@google.com> Date: Fri Oct 20 00:32:59 2017 [CrOS Tether] Fix crashes during shutdown. These crashes were caused by the following situation: (1) Asynchronous shutdown flow begins. (2) BleAdvertiser or BleScanner finish their operations and notify observers. (3) Observer shuts down the Tether component. (4) BleAdvertiser or BleScanner try to update their states, but they have already been deleted. A segfault occurs. Now, these classes execute this code in a new task which is destroyed if the Tether component is deleted. Bug: 776241 , 672263 Change-Id: I0eab11afc08853fc7e112ea57ff90e28534ab924 Reviewed-on: https://chromium-review.googlesource.com/729304 Commit-Queue: Kyle Horimoto <khorimoto@chromium.org> Commit-Queue: Ryan Hansberry <hansberry@chromium.org> Reviewed-by: Ryan Hansberry <hansberry@chromium.org> Cr-Commit-Position: refs/heads/master@{#510268} [modify] https://crrev.com/cad2e240d654315854eb32b332704ed99199f7bf/chromeos/components/tether/ble_advertiser_impl.cc [modify] https://crrev.com/cad2e240d654315854eb32b332704ed99199f7bf/chromeos/components/tether/ble_advertiser_impl.h [modify] https://crrev.com/cad2e240d654315854eb32b332704ed99199f7bf/chromeos/components/tether/ble_advertiser_impl_unittest.cc [modify] https://crrev.com/cad2e240d654315854eb32b332704ed99199f7bf/chromeos/components/tether/ble_scanner_impl.cc [modify] https://crrev.com/cad2e240d654315854eb32b332704ed99199f7bf/chromeos/components/tether/ble_scanner_impl.h [modify] https://crrev.com/cad2e240d654315854eb32b332704ed99199f7bf/chromeos/components/tether/ble_scanner_impl_unittest.cc
,
Oct 20 2017
,
Oct 20 2017
,
Oct 20 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c2b68188f37e92649d00e4f075a629c69e1c541e commit c2b68188f37e92649d00e4f075a629c69e1c541e Author: Kyle Horimoto <khorimoto@google.com> Date: Fri Oct 20 22:20:17 2017 [CrOS Tether] Fix crashes during shutdown. These crashes were caused by the following situation: (1) Asynchronous shutdown flow begins. (2) BleAdvertiser or BleScanner finish their operations and notify observers. (3) Observer shuts down the Tether component. (4) BleAdvertiser or BleScanner try to update their states, but they have already been deleted. A segfault occurs. Now, these classes execute this code in a new task which is destroyed if the Tether component is deleted. TBR=khorimoto@google.com (cherry picked from commit cad2e240d654315854eb32b332704ed99199f7bf) Bug: 776241 , 672263 Change-Id: I0eab11afc08853fc7e112ea57ff90e28534ab924 Reviewed-on: https://chromium-review.googlesource.com/729304 Commit-Queue: Kyle Horimoto <khorimoto@chromium.org> Commit-Queue: Ryan Hansberry <hansberry@chromium.org> Reviewed-by: Ryan Hansberry <hansberry@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#510268} Reviewed-on: https://chromium-review.googlesource.com/731649 Reviewed-by: Kyle Horimoto <khorimoto@chromium.org> Cr-Commit-Position: refs/branch-heads/3239@{#126} Cr-Branched-From: adb61db19020ed8ecee5e91b1a0ea4c924ae2988-refs/heads/master@{#508578} [modify] https://crrev.com/c2b68188f37e92649d00e4f075a629c69e1c541e/chromeos/components/tether/ble_advertiser_impl.cc [modify] https://crrev.com/c2b68188f37e92649d00e4f075a629c69e1c541e/chromeos/components/tether/ble_advertiser_impl.h [modify] https://crrev.com/c2b68188f37e92649d00e4f075a629c69e1c541e/chromeos/components/tether/ble_advertiser_impl_unittest.cc [modify] https://crrev.com/c2b68188f37e92649d00e4f075a629c69e1c541e/chromeos/components/tether/ble_scanner_impl.cc [modify] https://crrev.com/c2b68188f37e92649d00e4f075a629c69e1c541e/chromeos/components/tether/ble_scanner_impl.h [modify] https://crrev.com/c2b68188f37e92649d00e4f075a629c69e1c541e/chromeos/components/tether/ble_scanner_impl_unittest.cc
,
Oct 20 2017
,
Oct 27 2017
Issue 778762 has been merged into this issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by khorimoto@chromium.org
, Oct 19 2017