FS#48644 - [bluez] bluez 5.38 segfaults when connecting a2dp device
Attached to Project:
Arch Linux
Opened by Thomas Bächler (brain0) - Sunday, 20 March 2016, 14:30 GMT
Last edited by Andreas Radke (AndyRTR) - Friday, 01 April 2016, 15:53 GMT
Opened by Thomas Bächler (brain0) - Sunday, 20 March 2016, 14:30 GMT
Last edited by Andreas Radke (AndyRTR) - Friday, 01 April 2016, 15:53 GMT
|
Details
With bluez 5.38-1, bluetoothd segfaults when connecting a
bluetooth audio device.
[ 8340.896223] lije pulseaudio[912]: W: [pulseaudio] module-bluez5-device.c: Profile has no transport [ 8341.301294] lije bluetoothd[10811]: a2dp-source profile connect failed for 00:22:37:3F:8A:F3: Device or resource busy [ 8341.345157] lije bluetoothd[10811]: /org/bluez/hci0/dev_00_22_37_3F_8A_F3/fd0: fd(35) ready [ 8341.346278] lije rtkit-daemon[913]: Supervising 4 threads of 1 processes of 1 users. [ 8341.347599] lije rtkit-daemon[913]: Successfully made thread 10921 of process 912 (/usr/bin/pulseaudio) owned by '1000' RT at priority 5. [ 8341.347662] lije rtkit-daemon[913]: Supervising 5 threads of 1 processes of 1 users. [ 8342.292960] lije kernel: input: 00:22:37:3F:8A:F3 as /devices/virtual/input/input20 [ 8341.500569] lije systemd-networkd[517]: br0: Starting DHCPv6 client on NDisc request failed: Invalid argument [ 8346.483405] lije kernel: bluetoothd[10811]: segfault at 58 ip 000000000042467e sp 00007fff71471cb0 error 4 in bluetoothd[400000+fc000] [ 8345.689383] lije systemd[1]: Started Process Core Dump (PID 10930/UID 0). [ 8345.719863] lije systemd[1]: bluetooth.service: Main process exited, code=dumped, status=11/SEGV [ 8345.719950] lije systemd[1]: bluetooth.service: Unit entered failed state. [ 8345.720000] lije systemd[1]: bluetooth.service: Failed with result 'core-dump'. [ 8345.721095] lije kdeinit5[841]: bluedevil: Bluetooth operational changed false [ 8345.723589] lije dbus[511]: [system] Activating via systemd: service name='org.bluez' unit='dbus-org.bluez.service' [ 8345.739425] lije systemd-coredump[10931]: Process 10811 (bluetoothd) of user 0 dumped core. Stack trace of thread 10811: #0 0x000000000042467e n/a (bluetoothd) #1 0x0000000000420fb9 n/a (bluetoothd) #2 0x00007f46fbbb7c3a g_main_context_dispatch (libglib-2.0.so.0) #3 0x00007f46fbbb7fe0 n/a (libglib-2.0.so.0) #4 0x00007f46fbbb8302 g_main_loop_run (libglib-2.0.so.0) #5 0x000000000040ba48 n/a (bluetoothd) #6 0x00007f46fb190710 __libc_start_main (libc.so.6) #7 0x000000000040c1c9 n/a (bluetoothd) Downgrade to bluez 5.37-2 fixes the problem. |
This task depends upon
Downgrading did fix the problem
Please consider cherry-picking this patch: http://git.kernel.org/cgit/bluetooth/bluez.git/commit/?id=177d27c8c3db4588ec13dae0368f240902c42825
Name : bluez
Version : 5.38-2
Description : Daemons for the bluetooth protocol stack
Architecture : x86_64
URL : http://www.bluez.org/
Licenses : GPL2
Groups : None
Provides : None
Depends On : libical dbus glib2
Optional Deps : None
Required By : gnome-bluetooth pulseaudio-bluetooth
Optional For : networkmanager
Conflicts With : obexd-client obexd-server
Replaces : None
Installed Size : 1793.00 KiB
Packager : Andreas Radke <andyrtr@archlinux.org>
Build Date : Fri 25 Mar 2016 10:13:21 GMT
Install Date : Mon 28 Mar 2016 20:21:51 BST
Install Reason : Installed as a dependency for another package
Install Script : No
Validated By : Signature
Mar 29 08:03:01 archi-x13 bluetoothd[562]: /org/bluez/hci0/dev_08_EF_3B_C9_03_49/fd0: fd(34) ready
Mar 29 08:03:01 archi-x13 rtkit-daemon[3589]: Supervising 3 threads of 1 processes of 1 users.
Mar 29 08:03:01 archi-x13 rtkit-daemon[3589]: Successfully made thread 6256 of process 3588 (/usr/bin/pulseaudio) owned by '1000' RT at priority 5.
Mar 29 08:03:01 archi-x13 rtkit-daemon[3589]: Supervising 4 threads of 1 processes of 1 users.
Mar 29 08:03:01 archi-x13 kernel: input: 08:EF:3B:C9:03:49 as /devices/virtual/input/input20
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) config/udev: Adding input device 08:EF:3B:C9:03:49 (/dev/input/event17)
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) 08:EF:3B:C9:03:49: Applying InputClass "libinput keyboard catchall"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) 08:EF:3B:C9:03:49: Applying InputClass "system-keyboard"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) systemd-logind: got fd for /dev/input/event17 13:81 fd 38 paused 0
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) Using input driver 'libinput' for '08:EF:3B:C9:03:49'
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) 08:EF:3B:C9:03:49: always reports core events
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) Option "Device" "/dev/input/event17"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) Option "_source" "server/udev"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) input device '08:EF:3B:C9:03:49', /dev/input/event17 is tagged by udev as: Keyboard
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) input device '08:EF:3B:C9:03:49', /dev/input/event17 is a keyboard
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) Option "config_info" "udev:/sys/devices/virtual/input/input20/event17"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) XINPUT: Adding extended input device "08:EF:3B:C9:03:49" (type: KEYBOARD, id 16)
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) Option "xkb_layout" "gb,ru"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) Option "xkb_variant" ","
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) input device '08:EF:3B:C9:03:49', /dev/input/event17 is tagged by udev as: Keyboard
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) input device '08:EF:3B:C9:03:49', /dev/input/event17 is a keyboard
Mar 29 08:03:02 archi-x13 kernel: bluetoothd[562]: segfault at 20 ip 00000000004275ef sp 00007ffd6e5765c0 error 6 in bluetoothd[400000+fc000]
Mar 29 08:03:02 archi-x13 systemd[1]: Created slice system-systemd\x2dcoredump.slice.
Mar 29 08:03:02 archi-x13 systemd[1]: Started Process Core Dump (PID 6261/UID 0).
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) config/udev: removing device 08:EF:3B:C9:03:49
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (**) Option "fd" "38"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) UnloadModule: "libinput"
Mar 29 08:03:02 archi-x13 /usr/lib/gdm/gdm-x-session[3488]: (II) systemd-logind: releasing fd for 13:81
Mar 29 08:03:02 archi-x13 NetworkManager[569]: <info> (64:BC:0C:F5:BD:E5): device state change: disconnected -> unmanaged (reason 'removed') [30 10 36]
Mar 29 08:03:02 archi-x13 systemd[1]: bluetooth.service: Main process exited, code=dumped, status=11/SEGV
Mar 29 08:03:02 archi-x13 systemd[1]: bluetooth.service: Unit entered failed state.
Mar 29 08:03:02 archi-x13 systemd[1]: bluetooth.service: Failed with result 'core-dump'.
Mar 29 08:03:02 archi-x13 dbus-daemon[864]: Activating service name='ca.desrt.dconf'
Mar 29 08:03:02 archi-x13 dbus-daemon[864]: Successfully activated service 'ca.desrt.dconf'
Mar 29 08:03:02 archi-x13 systemd-coredump[6263]: Process 562 (bluetoothd) of user 0 dumped core.
Stack trace of thread 562:
#0 0x00000000004275ef n/a (bluetoothd)
#1 0x0000000000420fb9 n/a (bluetoothd)
#2 0x00007f95a1996c3a g_main_context_dispatch (libglib-2.0.so.0)
#3 0x00007f95a1996fe0 n/a (libglib-2.0.so.0)
#4 0x00007f95a1997302 g_main_loop_run (libglib-2.0.so.0)
#5 0x000000000040ba48 n/a (bluetoothd)
#6 0x00007f95a0f6f710 __libc_start_main (libc.so.6)
#7 0x000000000040c1c9 n/a (bluetoothd)
I guess it only looks similar but is a different bug.
To whoever caught this again, try reverting 70fdb77. I'll send a patch once I get to the PC...
Tried 5.38-1 without 70fdb77, still crashes
@crocket
I grabbed the PKGBUILD for bluez 5.38-2; built it using makepkg with strip disabled and debug enabled; and then ran it under gdb.
@maximka
Then it looks like a different bug. Try to rebuild bluez with options=(!strip debug) and get a backtrace.
This is not a backtrace. Issue "bt" command inside gdb and paste its output.