Active RDL52832 beacon crashes app when searching/scanning for new sensors

[DigiH]

Verified with version 1.2 on iOS and macOS

Having an active RDL52832 beacon around crashes the app when doing a search/scan for new sensors on iOS and macOS, making it impossible to use this functionality until the RDL52832 beacon is being turned off.

I suspect some relationship with the RDL52832 using the iBeacon protocol, but not falling under the iBeacond decoder, which AFAIK has been disabled for the app.

Similarly this might also be affecting other iBeacon protocol sensors like BM2 and ABTemp, and would need to be verified with these and also on Android and Windows, as having such sensors in the vicinity could compromise a vital functionality of the app.

Excerpt from the macOS crash log:

Crashed Thread:        0  Dispatch queue: com.apple.main-thread

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Segmentation fault: 11
Termination Reason:    Namespace SIGNAL, Code 0xb
Terminating Process:   exc handler [2308]

VM Regions Near 0:
--> 
    __TEXT                 0000000103a9e000-0000000103bda000 [ 1264K] r-x/r-x SM=COW  /Applications/Theengs.app/Contents/MacOS/Theengs

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   libsystem_platform.dylib        0x00007fff6c1559c2 _platform_memmove$VARIANT$Haswell + 194
1   com.theengs.app                 0x0000000103ab5565 TheengsDecoder::decodeBLEJson(ArduinoJson6183_71::ObjectRef&) + 6293
2   com.theengs.app                 0x0000000103ada84a DeviceManager::createTheengsDevice_fromAdv(QBluetoothDeviceInfo const&) + 5402
3   com.theengs.app                 0x0000000103acd1c2 DeviceManager::addBleDevice(QBluetoothDeviceInfo const&) + 5634
4   com.theengs.app                 0x0000000103ad678d DeviceManager::updateBleDevice(QBluetoothDeviceInfo const&, QFlags<QBluetoothDeviceInfo::Field>) + 10189
5   org.qt-project.QtCore           0x0000000105b279d4 0x105a68000 + 784852
6   org.qt-project.QtBluetooth      0x000000010526a244 QBluetoothDeviceDiscoveryAgent::deviceDiscovered(QBluetoothDeviceInfo const&) + 52
7   org.qt-project.QtBluetooth      0x00000001052ba2ca 0x105262000 + 361162
8   org.qt-project.QtCore           0x0000000105b200e9 QObject::event(QEvent*) + 729
9   org.qt-project.QtWidgets        0x0000000104477da7 QApplicationPrivate::notify_helper(QObject*, QEvent*) + 247
10  org.qt-project.QtWidgets        0x0000000104478d63 QApplication::notify(QObject*, QEvent*) + 499
11  org.qt-project.QtCore           0x0000000105ad73ba QCoreApplication::notifyInternal2(QObject*, QEvent*) + 170
12  org.qt-project.QtCore           0x0000000105ad8373 QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) + 803
13  libqcocoa.dylib                 0x00000001080e8bdb 0x1080cf000 + 105435
14  libqcocoa.dylib                 0x00000001080e92eb 0x1080cf000 + 107243
15  com.apple.CoreFoundation        0x00007fff32ee0f92 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
16  com.apple.CoreFoundation        0x00007fff32ee0f31 __CFRunLoopDoSource0 + 103
17  com.apple.CoreFoundation        0x00007fff32ee0d4b __CFRunLoopDoSources0 + 209
18  com.apple.CoreFoundation        0x00007fff32edfa7a __CFRunLoopRun + 927
19  com.apple.CoreFoundation        0x00007fff32edf07e CFRunLoopRunSpecific + 462
20  com.apple.HIToolbox             0x00007fff31b5daad RunCurrentEventLoopInMode + 292
21  com.apple.HIToolbox             0x00007fff31b5d7c5 ReceiveNextEventCommon + 584
22  com.apple.HIToolbox             0x00007fff31b5d569 _BlockUntilNextEventMatchingListInModeWithFilter + 64
23  com.apple.AppKit                0x00007fff301a63c9 _DPSNextEvent + 883
24  com.apple.AppKit                0x00007fff301a4c10 -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1352
25  com.apple.AppKit                0x00007fff3019691e -[NSApplication run] + 658
26  libqcocoa.dylib                 0x00000001080e80fc 0x1080cf000 + 102652
27  org.qt-project.QtCore           0x0000000105ae0446 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 486
28  org.qt-project.QtCore           0x0000000105ad79b5 QCoreApplication::exec() + 133
29  com.theengs.app                 0x0000000103abae04 main + 3828
30  libdyld.dylib                   0x00007fff6bf5fcc9 start + 1

Thread 1:
0   libsystem_pthread.dylib         0x00007fff6c15fb68 start_wqthread + 0

Thread 2:
0   libsystem_pthread.dylib         0x00007fff6c15fb68 start_wqthread + 0

Thread 3:
0   libsystem_pthread.dylib         0x00007fff6c15fb68 start_wqthread + 0

Thread 4:: com.apple.CFSocket.private
0   libsystem_kernel.dylib          0x00007fff6c0a90ee __select + 10
1   com.apple.CoreFoundation        0x00007fff32f09e93 __CFSocketManager + 641
2   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
3   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 5:: QQmlThread
0   libsystem_kernel.dylib          0x00007fff6c0a73c6 poll + 10
1   org.qt-project.QtCore           0x0000000105c5d98e qt_safe_poll(pollfd*, unsigned int, timespec const*) + 94
2   org.qt-project.QtCore           0x0000000105c5f258 QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 792
3   org.qt-project.QtCore           0x0000000105ae0446 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 486
4   org.qt-project.QtCore           0x0000000105bd9b1a QThread::exec() + 282
5   org.qt-project.QtQml            0x00000001055b11a7 0x1053bb000 + 2056615
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 6:: Thread (pooled)
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164425 _pthread_cond_wait + 698
2   org.qt-project.QtCore           0x0000000105c6dab6 0x105a68000 + 2120374
3   org.qt-project.QtCore           0x0000000105c6d7ce 0x105a68000 + 2119630
4   org.qt-project.QtCore           0x0000000105c6d71e QWaitCondition::wait(QMutex*, QDeadlineTimer) + 94
5   org.qt-project.QtCore           0x0000000105c67c6f 0x105a68000 + 2096239
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 7:: Thread (pooled)
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164425 _pthread_cond_wait + 698
2   org.qt-project.QtCore           0x0000000105c6dab6 0x105a68000 + 2120374
3   org.qt-project.QtCore           0x0000000105c6d7ce 0x105a68000 + 2119630
4   org.qt-project.QtCore           0x0000000105c6d71e QWaitCondition::wait(QMutex*, QDeadlineTimer) + 94
5   org.qt-project.QtCore           0x0000000105c67c6f 0x105a68000 + 2096239
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 8:: Thread (pooled)
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164425 _pthread_cond_wait + 698
2   org.qt-project.QtCore           0x0000000105c6dab6 0x105a68000 + 2120374
3   org.qt-project.QtCore           0x0000000105c6d7ce 0x105a68000 + 2119630
4   org.qt-project.QtCore           0x0000000105c6d71e QWaitCondition::wait(QMutex*, QDeadlineTimer) + 94
5   org.qt-project.QtCore           0x0000000105c67c6f 0x105a68000 + 2096239
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 9:: Thread (pooled)
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164425 _pthread_cond_wait + 698
2   org.qt-project.QtCore           0x0000000105c6dab6 0x105a68000 + 2120374
3   org.qt-project.QtCore           0x0000000105c6d7ce 0x105a68000 + 2119630
4   org.qt-project.QtCore           0x0000000105c6d71e QWaitCondition::wait(QMutex*, QDeadlineTimer) + 94
5   org.qt-project.QtCore           0x0000000105c67c6f 0x105a68000 + 2096239
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 10:: QQuickPixmapReader
0   libsystem_kernel.dylib          0x00007fff6c0a73c6 poll + 10
1   org.qt-project.QtCore           0x0000000105c5d98e qt_safe_poll(pollfd*, unsigned int, timespec const*) + 94
2   org.qt-project.QtCore           0x0000000105c5f258 QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 792
3   org.qt-project.QtCore           0x0000000105ae0446 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 486
4   org.qt-project.QtCore           0x0000000105bd9b1a QThread::exec() + 282
5   org.qt-project.QtQuick          0x0000000103e38d61 0x103c4c000 + 2018657
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 11:
0   libsystem_pthread.dylib         0x00007fff6c15fb68 start_wqthread + 0

Thread 12:: Dispatch queue: com.Metal.CommandQueueDispatch
0   libsystem_kernel.dylib          0x00007fff6c0a0e26 semaphore_wait_trap + 10
1   libdispatch.dylib               0x00007fff6bf06aed _dispatch_sema4_wait + 16
2   libdispatch.dylib               0x00007fff6bf06fbf _dispatch_semaphore_wait_slow + 98
3   com.apple.Metal                 0x00007fff383f4c08 -[_MTLCommandQueue _submitAvailableCommandBuffers] + 909
4   libdispatch.dylib               0x00007fff6bf06658 _dispatch_client_callout + 8
5   libdispatch.dylib               0x00007fff6bf08818 _dispatch_continuation_pop + 414
6   libdispatch.dylib               0x00007fff6bf184be _dispatch_source_invoke + 2084
7   libdispatch.dylib               0x00007fff6bf0baf6 _dispatch_lane_serial_drain + 263
8   libdispatch.dylib               0x00007fff6bf0c5d6 _dispatch_lane_invoke + 363
9   libdispatch.dylib               0x00007fff6bf15c09 _dispatch_workloop_worker_thread + 596
10  libsystem_pthread.dylib         0x00007fff6c160a3d _pthread_wqthread + 290
11  libsystem_pthread.dylib         0x00007fff6c15fb77 start_wqthread + 15

Thread 13:
0   libsystem_pthread.dylib         0x00007fff6c15fb68 start_wqthread + 0

Thread 14:: QSGRenderThread
0   libsystem_kernel.dylib          0x00007fff6c0a0e3e semaphore_timedwait_trap + 10
1   libdispatch.dylib               0x00007fff6bf06b6b _dispatch_sema4_timedwait + 76
2   libdispatch.dylib               0x00007fff6bf06f97 _dispatch_semaphore_wait_slow + 58
3   com.apple.QuartzCore            0x00007fff3e7f661f -[CAMetalLayer nextDrawable] + 837
4   org.qt-project.QtGui            0x0000000104f0a3f5 0x104a7d000 + 4772853
5   org.qt-project.QtGui            0x0000000104cc72ab QRhiCommandBuffer::beginPass(QRhiRenderTarget*, QColor const&, QRhiDepthStencilClearValue const&, QRhiResourceUpdateBatch*, QFlags<QRhiCommandBuffer::BeginPassFlag>) + 43
6   org.qt-project.QtQuick          0x0000000103d857c1 QSGBatchRenderer::Renderer::render() + 81
7   org.qt-project.QtQuick          0x0000000103da0b4e QSGRenderer::renderScene() + 302
8   org.qt-project.QtQuick          0x0000000103d47f19 QQuickWindowPrivate::renderSceneGraph(QSize const&, QSize const&) + 841
9   org.qt-project.QtQuick          0x0000000103f02b44 0x103c4c000 + 2845508
10  org.qt-project.QtQuick          0x0000000103f03a91 0x103c4c000 + 2849425
11  org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
12  libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
13  libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 15:: CVDisplayLink
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164457 _pthread_cond_wait + 748
2   com.apple.CoreVideo             0x00007fff34e76cdb CVDisplayLink::waitUntil(unsigned long long) + 229
3   com.apple.CoreVideo             0x00007fff34e761e8 CVDisplayLink::runIOThread() + 482
4   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
5   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 16:: com.apple.NSEventThread
0   libsystem_kernel.dylib          0x00007fff6c0a0dea mach_msg_trap + 10
1   libsystem_kernel.dylib          0x00007fff6c0a1160 mach_msg + 60
2   com.apple.CoreFoundation        0x00007fff32ee1135 __CFRunLoopServiceMachPort + 247
3   com.apple.CoreFoundation        0x00007fff32edfc02 __CFRunLoopRun + 1319
4   com.apple.CoreFoundation        0x00007fff32edf07e CFRunLoopRunSpecific + 462
5   com.apple.AppKit                0x00007fff30347bf4 _NSEventThread + 132
6   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
7   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 17:: Thread (pooled)
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164425 _pthread_cond_wait + 698
2   org.qt-project.QtCore           0x0000000105c6dab6 0x105a68000 + 2120374
3   org.qt-project.QtCore           0x0000000105c6d7ce 0x105a68000 + 2119630
4   org.qt-project.QtCore           0x0000000105c6d71e QWaitCondition::wait(QMutex*, QDeadlineTimer) + 94
5   org.qt-project.QtCore           0x0000000105c67c6f 0x105a68000 + 2096239
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 18:: Thread (pooled)
0   libsystem_kernel.dylib          0x00007fff6c0a3872 __psynch_cvwait + 10
1   libsystem_pthread.dylib         0x00007fff6c164425 _pthread_cond_wait + 698
2   org.qt-project.QtCore           0x0000000105c6dab6 0x105a68000 + 2120374
3   org.qt-project.QtCore           0x0000000105c6d7ce 0x105a68000 + 2119630
4   org.qt-project.QtCore           0x0000000105c6d71e QWaitCondition::wait(QMutex*, QDeadlineTimer) + 94
5   org.qt-project.QtCore           0x0000000105c67c6f 0x105a68000 + 2096239
6   org.qt-project.QtCore           0x0000000105c635f3 0x105a68000 + 2078195
7   libsystem_pthread.dylib         0x00007fff6c164109 _pthread_start + 148
8   libsystem_pthread.dylib         0x00007fff6c15fb8b thread_start + 15

Thread 0 crashed with X86 Thread State (64-bit):
  rax: 0x00007ffeec15f391  rbx: 0x00007ffeec15f391  rcx: 0x0000000000000008  rdx: 0x0000000000000004
  rdi: 0x00007ffeec15f391  rsi: 0x0000000000000000  rbp: 0x00007ffeec15f280  rsp: 0x00007ffeec15f280
   r8: 0x0000000000000000   r9: 0x0000000000000fa0  r10: 0x00007ff30f95ec70  r11: 0x00007ffeec15f391
  r12: 0x0000000000000000  r13: 0x0000000000000004  r14: 0x00007ff30f95c04d  r15: 0x0000000000000000
  rip: 0x00007fff6c1559c2  rfl: 0x0000000000010246  cr2: 0x0000000000000000

Logical CPU:     4
Error Code:      0x00000004 (no mapping for user data read)
Trap Number:     14

[DigiH]

@1technophil and I tested further with some RDL52832 decoder changes. With

https://github.com/theengs/app/actions/runs/3473682549

no crash so far on macOS. Will need to be verified with the same build run for iOS with a TestFlight version.

@koenvervloesem could you have a look at the RDL52832 model condition changes I made and let me know what you think?

https://github.com/DigiH/decoder/commit/2fc887fefc5a327c25e51997e744079e434712fa

RDL52832 is still sometimes recognised with manufacturerdata only, so no name, serviceuuid and servicedata, therefore still recognised and decoded as an iBeacon in those instances. Not sure if and how this could have cause the crash, but the current changes seem to have addressed it.

@emericg - with this build the macOS menu item is back unfortunately. I'm not exactly sure with which previous builds this was reintroduced, but you had removed it before, hadn't you?

[koenvervloesem]

This looks reasonable, although this way the device isn't detected anymore as an RDL52832 if the user has changed its name, right?

[DigiH]

although this way the device isn't detected anymore as an RDL52832 if the user has changed its name, right?

Correct, the name is now part of the model condition.

[DigiH]

Crash resolved and verified on macOS with

https://github.com/theengs/decoder/pull/232