33623 2017-07-06 22:45:00 +0300 bluetoothd segfaults when connecting/pair to a2dp headset 2017-09-04 00:47:06 +0300 1 1 4 Development Sisyphus bluez unstable all Linux CLOSED FIXED https://bugzilla.kernel.org/show_bug.cgi?id=195221 relnote P3 major --- 1 lakostis shrek aris lakostis shrek zerg qa-sisyphus oldest_to_newest 164591 0 lakostis 2017-07-06 22:45:00 +0300 В общем одноглазое дитя bluez опять сломано в Сизифе - любая попытка соединить устройство приводит к segfault демона bluetoothd: [lakostis@lks ~]$ sudo gdb --args /usr/libexec/bluetooth/bluetoothd [sudo] password for lakostis: GNU gdb (GDB) 7.9-alt3 (ALT Linux) Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-alt-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/libexec/bluetooth/bluetoothd...Reading symbols from /usr/lib/debug/usr/libexec/bluetooth/bluetoothd.debug...done. done. (gdb) run Starting program: /usr/libexec/bluetooth/bluetoothd [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x00000000004929ff in ba2str () (gdb) where #0 0x00000000004929ff in ba2str () #1 0x000000000048ce62 in update_bredr_services () #2 0x000000000048d884 in browse_cb () #3 0x0000000000460f06 in search_completed_cb () #4 0x00000000004a5b4c in sdp_process () #5 0x0000000000460fba in search_process_cb () #6 0x00007f1f6a8257ea in g_main_dispatch (context=0x720810) at gmain.c:3234 #7 g_main_context_dispatch (context=context@entry=0x720810) at gmain.c:3899 #8 0x00007f1f6a825b68 in g_main_context_iterate (context=0x720810, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3972 #9 0x00007f1f6a825e82 in g_main_loop_run (loop=0x71bdf0) at gmain.c:4168 #10 0x000000000044efd5 in main () Иногда падает еще раньше, в районе browse_cb Откат до 5.41 ситуацию исправляет, больше ничего не падает. 164592 1 lakostis 2017-07-06 23:19:36 +0300 Проверил с 5.45-alt1.1 из репозитория aris, поведение аналогичное: ]$ sudo gdb --args /usr/libexec/bluetooth/bluetoothd GNU gdb (GDB) 7.9-alt3 (ALT Linux) Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-alt-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/libexec/bluetooth/bluetoothd...Reading symbols from /usr/lib/debug/usr/libexec/bluetooth/bluetoothd.debug...done. done. (gdb) run Starting program: /usr/libexec/bluetooth/bluetoothd [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x000000000048db15 in browse_cb () (gdb) bt #0 0x000000000048db15 in browse_cb () #1 0x0000000000460f18 in search_completed_cb () #2 0x00000000004a5e55 in sdp_process () #3 0x0000000000460fcc in search_process_cb () #4 0x00007fd2800b57ea in g_main_dispatch (context=0x721810) at gmain.c:3234 #5 g_main_context_dispatch (context=context@entry=0x721810) at gmain.c:3899 #6 0x00007fd2800b5b68 in g_main_context_iterate (context=0x721810, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3972 #7 0x00007fd2800b5e82 in g_main_loop_run (loop=0x71cdf0) at gmain.c:4168 #8 0x000000000044efe7 in main () $ rpm -qa|fgrep bluez bluez-5.45-alt1.1.x86_64 libbluez-debuginfo-5.45-alt1.1.x86_64 libbluez-5.45-alt1.1.x86_64 bluez-debuginfo-5.45-alt1.1.x86_64 164593 2 lakostis 2017-07-07 01:40:05 +0300 Аналогично воспроизводится и с последним GIT: [lakostis@lks ~]$ sudo gdb --args /usr/libexec/bluetooth/bluetoothd -n [sudo] password for lakostis: GNU gdb (GDB) 7.9-alt3 (ALT Linux) Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-alt-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/libexec/bluetooth/bluetoothd...Reading symbols from /usr/lib/debug/usr/libexec/bluetooth/bluetoothd.debug...done. done. (gdb) break browse_cb Breakpoint 1 at 0x48eb54 (gdb) run Starting program: /usr/libexec/bluetooth/bluetoothd -n [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". bluetoothd[19262]: Bluetooth daemon 5.45 bluetoothd[19262]: Starting SDP server bluetoothd[19262]: Bluetooth management interface 1.14 initialized bluetoothd[19262]: No cache for F4:5F:69:01:3D:69 Breakpoint 1, 0x000000000048eb54 in browse_cb () (gdb) info locals No symbol table info available. (gdb) info frame Stack level 0, frame at 0x7fffffffe840: rip = 0x48eb54 in browse_cb; saved rip = 0x461130 called by frame at 0x7fffffffe8a0 Arglist at 0x7fffffffe830, args: Locals at 0x7fffffffe830, Previous frame's sp is 0x7fffffffe840 Saved registers: rbp at 0x7fffffffe830, rip at 0x7fffffffe838 (gdb) x 0x48eb54 0x48eb54 <browse_cb+4>: 0x48535441 (gdb) x/c 0x48eb54 0x48eb54 <browse_cb+4>: 65 'A' (gdb) continue Continuing. Program received signal SIGSEGV, Segmentation fault. 0x000000000048eb8d in browse_cb () (gdb) x/c 0x48eb54 0x48eb54 <browse_cb+4>: 65 'A' (gdb) bt #0 0x000000000048eb8d in browse_cb () #1 0x0000000000461130 in search_completed_cb () #2 0x00000000004a6ee0 in sdp_process () #3 0x00000000004611e4 in search_process_cb () #4 0x00007f6875ce67ea in g_main_dispatch (context=0x71de80) at gmain.c:3234 #5 g_main_context_dispatch (context=context@entry=0x71de80) at gmain.c:3899 #6 0x00007f6875ce6b68 in g_main_context_iterate (context=0x71de80, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3972 #7 0x00007f6875ce6e82 in g_main_loop_run (loop=0x71ddf0) at gmain.c:4168 #8 0x000000000044f198 in main () (gdb) x/c 0x000000000048eb8d 0x48eb8d <browse_cb+61>: 72 'H' (gdb) quit A debugging session is active. $ rpm -qa|fgrep bluez bluez-debuginfo-5.46-alt0.c896183.x86_64 bluez-5.46-alt0.c896183.x86_64 libbluez-debuginfo-5.46-alt0.c896183.x86_64 libbluez-5.46-alt0.c896183.x86_64 bluetoothd[31069]: attrib/gattrib.c:g_attrib_unref() 0x73aae0: g_attrib_unref=0 bluetoothd[31069]: src/device.c:connect_profiles() /org/bluez/hci0/dev_F4_5F_69_01_3D_69 (all), client :1.868 bluetoothd[31069]: src/device.c:connect_profiles() Resolving services for /org/bluez/hci0/dev_F4_5F_69_01_3D_69 bluetoothd[31069]: src/adapter.c:connected_callback() hci0 device F4:5F:69:01:3D:69 connected eir_len 13 bluetoothd[31069]: src/gatt-database.c:connect_cb() New incoming BR/EDR ATT connection bluetoothd[31069]: attrib/gattrib.c:g_attrib_ref() 0x73d280: g_attrib_ref=1 bluetoothd[31069]: src/device.c:load_gatt_db() Restoring F4:5F:69:01:3D:69 gatt database from file bluetoothd[31069]: No cache for F4:5F:69:01:3D:69 bluetoothd[31069]: src/gatt-client.c:btd_gatt_client_connected() Device connected. bluetoothd[31069]: src/device.c:gatt_debug() Primary service discovery failed. ATT ECODE: 0x0a bluetoothd[31069]: src/device.c:gatt_client_ready_cb() status: success, error: 0 bluetoothd[31069]: src/gatt-client.c:btd_gatt_client_ready() GATT client ready bluetoothd[31069]: src/gatt-client.c:create_services() Exporting objects for GATT services: F4:5F:69:01:3D:69 bluetoothd[31069]: src/device.c:device_svc_resolved() /org/bluez/hci0/dev_F4_5F_69_01_3D_69 err 0 bluetoothd[31069]: src/device.c:connect_profiles() /org/bluez/hci0/dev_F4_5F_69_01_3D_69 (all), client :1.868 Program received signal SIGSEGV, Segmentation fault. 0x000000000048eb8d in browse_cb () 164615 3 lakostis 2017-07-08 14:45:57 +0300 https://bugzilla.kernel.org/attachment.cgi?id=257395 - автором bluez предложен патч, который исправляет падения с одной гарнитурой, но все еще падает со второй. 165409 4 lakostis 2017-08-24 22:56:03 +0300 (In reply to comment #3) > https://bugzilla.kernel.org/attachment.cgi?id=257395 - автором bluez предложен > патч, который исправляет падения с одной гарнитурой, но все еще падает со > второй. Уже не падает. Так что патч нужно применить. 165550 5 lakostis 2017-09-04 00:47:06 +0300 - Fixed in 5.46-alt1.