BleConnectionDelegate on Darwin crashes while initiating a scan

[sagar-apple]

Problem

Looks like the member var _shortServiceUUID inside BleConnectionDelegateImpl is getting corrupt.
The variable is init along with the delegate, but for some reason when it's accessed via a CBManager Callback (centralManagerDidUpdateState with CBManagerStatePoweredOn) it causes the Darwin layer to crash.

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000e4ea34340
VM Region Info: 0xe4ea34340 is not in any region.  Bytes after previous region: 50174575425  Bytes before following region: 6196870336
      REGION TYPE                      START - END             [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      MALLOC_NANO                   280000000-2a0000000        [512.0M] rw-/rwx SM=PRV
--->  GAP OF 0xd20000000 BYTES
      commpage (reserved)           fc0000000-1000000000       [  1.0G] ---/--- SM=NUL  ...(unallocated)
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [3616]
Triggered by Thread:  3

Thread 3 name:  Dispatch queue: com.chip.ble.work_queue
Thread 3 Crashed:
0   libobjc.A.dylib               	0x00000001a3a4cd60 objc_retain + 16
1   CoreFoundation                	0x00000001a3d480f8 __NSSingleObjectArrayI_new + 84
2   CoreFoundation                	0x00000001a3bf8f2c +[NSArray arrayWithObjects:count:] + 44
3   CHIP                          	0x0000000100a2eafc 0x100a14000 + 109308
4   CHIP                          	0x0000000100a2ea04 0x100a14000 + 109060
5   CHIP                          	0x0000000100a2dcf0 0x100a14000 + 105712
6   CoreBluetooth                 	0x00000001b9b00cbc -[CBCentralManager observeValueForKeyPath:ofObject:change:context:] + 412
7   Foundation                    	0x00000001a410efd4 NSKeyValueNotifyObserver + 288
...
11  Foundation                    	0x00000001a410c358 _NSSetLongLongValueAndNotify + 284
...
13  CoreBluetooth                 	0x00000001b9b4ab58 -[CBManager handleStateUpdatedMsg:] + 76

Proposed Solution

Temporarily: Replaces all usages of the member variable _shortServiceUUID with the following, fixes the crash

    __auto_type shortUUID = [BleConnection getShortestServiceUUID:&chip::Ble::CHIP_BLE_SVC_ID];

Need to figure out why this var is unusable via the CBManager callback.

[issue-label-bot]

Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.99. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.