New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 909887 link

Starred by 1 user
Status: Fixed
Owner:
qiyuh@chromium.org
Closed: Jan 3
Cc:
mcchou@chromium.org
puthik@chromium.org
qiyuh@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug



Sign in to add a comment

DCHECK in arc::ArcBluetoothBridge::SetDiscoverable

Project Member Reported by steve...@chromium.org, Nov 28 
Chrome ToT @ #611774

Device: kevin (arm)

DCHECK:
https://cs.chromium.org/chromium/src/chrome/browser/chromeos/arc/bluetooth/arc_bluetooth_bridge.cc?type=cs&q=ArcBluetoothBridge::SetDiscoverable&sq=package:chromium&g=0&l=1012

(discoverable = true, timeout != 0)


#0  logging::LogMessage::~LogMessage() () at ../../base/logging.cc:874
#1  0x032da786 in arc::ArcBluetoothBridge::SetDiscoverable(bool, unsigned int) ()
#2  0x032dab02 in arc::ArcBluetoothBridge::SetAdapterProperty(mojo::StructPtr<arc::mojom::BluetoothProperty>) ()
#3  0x031c0764 in arc::mojom::BluetoothHostStubDispatch::Accept(arc::mojom::BluetoothHost*, mojo::Message*) ()
#4  0x04b6a4fe in mojo::InterfaceEndpointClient::HandleValidatedMessage(mojo::Message*) ()
#5  0x04b76994 in mojo::FilterChain::Accept(mojo::Message*) () at ../../mojo/public/cpp/bindings/lib/filter_chain.cc:40
#6  0x04b6b372 in mojo::InterfaceEndpointClient::HandleIncomingMessage(mojo::Message*) ()
#7  0x04b6f58a in mojo::internal::MultiplexRouter::ProcessIncomingMessage(mojo::internal::MultiplexRouter::MessageWrapper*, mojo::internal::MultiplexRouter::ClientCallBehavior, base::SequencedTaskRunner*) ()
#8  0x04b6ee2c in mojo::internal::MultiplexRouter::Accept(mojo::Message*) ()
#9  0x04b76994 in mojo::FilterChain::Accept(mojo::Message*) () at ../../mojo/public/cpp/bindings/lib/filter_chain.cc:40
#10 0x04b68756 in mojo::Connector::ReadSingleMessage(unsigned int*) () at ../../mojo/public/cpp/bindings/lib/connector.cc:476
#11 0x04b68e70 in mojo::Connector::ReadAllAvailableMessages() () at ../../mojo/public/cpp/bindings/lib/connector.cc:505
#12 0x04b68d2e in mojo::Connector::OnHandleReadyInternal(unsigned int) () at ../../mojo/public/cpp/bindings/lib/connector.cc:387
#13 0x025145b4 in mojo::SimpleWatcher::DiscardReadyState(base::RepeatingCallback<void (unsigned int)> const&, unsigned int, mojo::HandleSignalsState const&) () at ../../base/callback.h:129
#14 0x04b7f49c in mojo::SimpleWatcher::OnHandleReady(int, unsigned int, mojo::HandleSignalsState const&) ()
#15 0x04b7f824 in void base::internal::Invoker<base::internal::BindState<void (mojo::SimpleWatcher::*)(int, unsigned int, mojo::HandleSignalsState const&), base::WeakPtr<mojo::SimpleWatcher>, int, unsigned int, mojo::HandleSignalsState>, void ()>::RunImpl<void (mojo::SimpleWatcher::* const&)(int, unsigned int, mojo::HandleSignalsState const&), std::__1::tuple<base::WeakPtr<mojo::SimpleWatcher>, int, unsigned int, mojo::HandleSignalsState> const&, 0u, 1u, 2u, 3u>(void (mojo::SimpleWatcher::* const&)(int, unsigned int, mojo::HandleSignalsState const&), std::__1::tuple<base::WeakPtr<mojo::SimpleWatcher>, int, unsigned int, mojo::HandleSignalsState> const&, std::__1::integer_sequence<unsigned int, 0u, 1u, 2u, 3u>) () at ../../base/bind_internal.h:516
#16 0x04b28f08 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) () at ../../base/callback.h:99
#17 0x04aa1e3e in base::MessageLoopImpl::RunTask(base::PendingTask*) () at ../../base/message_loop/message_loop_impl.cc:350
#18 0x04aa2282 in base::MessageLoopImpl::DoWork() () at ../../base/message_loop/message_loop_impl.cc:361
#19 0x04b2655c in base::MessagePumpLibevent::Run(base::MessagePump::Delegate*) ()
#20 0x04aa1abc in base::MessageLoopImpl::Run(bool) () at ../../base/message_loop/message_loop_impl.cc:302
#21 0x04abe970 in base::RunLoop::Run() () at ../../base/run_loop.cc:102
#22 0x0470dca0 in ChromeBrowserMainParts::MainMessageLoopRun(int*) () at ../../chrome/browser/chrome_browser_main.cc:1886
#23 0x028da9b2 in content::BrowserMainLoop::RunMainMessageLoopParts() () at ../../content/browser/browser_main_loop.cc:994
#24 0x028ee200 in content::BrowserMainRunnerImpl::Run() () at ../../content/browser/browser_main_runner_impl.cc:165
#25 0x028d82ec in content::BrowserMain(content::MainFunctionParams const&) () at ../../content/browser/browser_main.cc:47
#26 0x04703786 in content::ContentMainRunnerImpl::RunServiceManager(content::MainFunctionParams&, bool) ()
#27 0x04703674 in content::ContentMainRunnerImpl::Run(bool) () at ../../content/app/content_main_runner_impl.cc:871
#28 0x0470872c in service_manager::Main(service_manager::MainParams const&) ()
#29 0x04702432 in content::ContentMain(content::ContentMainParams const&) () at ../../content/app/content_main.cc:19
#30 0x01cf5f04 in ChromeMain () at ../../chrome/app/chrome_main.cc:102
#31 0xec7110a2 in __libc_start_main (main=0x1cf5ea1 <main>, argc=36, argv=0xffd8ecb4, init=<optimized out>, 
    fini=0x8e7b2f9 <__libc_csu_fini>, rtld_fini=0xed4b7b2d <_dl_fini>, stack_end=0xffd8ecb4) at libc-start.c:308
#32 0x01cf5db0 in _start ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)

Comment 1 by steve...@chromium.org, Nov 28 

I'm a bit mystified how we haven't seen this before, the code dates back to 2016!

At arc_bluetooth_bridge.cc:1061 we call:

   if (discovery_timeout > 0) {
      SetDiscoverable(true, discovery_timeout);

And in SetDiscoverable:

DCHECK(!discoverable || timeout == 0);

which will always fail since timeout > 0.

Comment 2 by steve...@chromium.org, Nov 28

Cc: qiyuh@google.com

Comment 3 by osh...@chromium.org, Nov 30

Components: Platform>Apps>ARC

Comment 4 by puthik@chromium.org, Nov 30

Cc: puthik@chromium.org mcchou@chromium.org
Owner: qiyuh@chromium.org
Qiyu, can you take this?

I didn't touch BT code for a long time now.

Comment 6 by qiyuh@chromium.org, Jan 3

Status: Fixed (was: Assigned)

Sign in to add a comment