From: tony <tony.makkiel@convergeddevices.net>
To: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
Cc: "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>
Subject: Re: BlueZ-5.36 segfault
Date: Thu, 5 Nov 2015 10:40:10 +0000 [thread overview]
Message-ID: <563B320A.2040300@convergeddevices.net> (raw)
In-Reply-To: <CABBYNZ+WMvoJxrrt59xx7r0thdLcJgfcBvYWN2_-QzCv+hzaHw@mail.gmail.com>
On 05/11/15 09:12, Luiz Augusto von Dentz wrote:
> Hi Tony,
>
> On Wed, Nov 4, 2015 at 4:38 PM, tony <tony.makkiel@convergeddevices.net> wrote:
>> Hello,
>> I am getting a segfault within BlueZ-5.36.
>>
>> [ 8816.157843] bluetoothd[9264]: segfault at 2000000064 ip 00007fb2da31d216
>> sp 00007ffc65426b48 error 4 in libc-2.19.so[7fb2da1dd000+1bb000].
>>
>> "deviceinfo_init" seems to be the cause of the problem. As 'external' flag
>> is set for "deviceinfo_profile", one of the entry in
>>
>> GSList ext_profiles
>>
>> will be of type 'struct btd_profile'.
>>
>> Unfortunately later when "src/profile.c:register_profile" calls
>> "find_ext_profile", g_strcmp0 tries to access "ext->owner" which does not
>> exist for "deviceinfo" entry.
>
>
> Are you sure it is really crashing in g_strcmp0, it is supposed to
> handle NULL pointers and in fact it was introduced to fix this
> problem. Can you try to provide a backtrace, perhaps something else
> needs fixing.
>
Yes, that is what I also thought initially. For some reason the pointer
is not NULL! I made an NULL check for "ext->owner" before it goes to
'g_strcmp0' and it was not null. I guess it is address of some memory
not meant for it?
Following is the gdb backtrace.
------------------------------------
(gdb) bt
#0 __strcmp_ssse3 () at ../sysdeps/x86_64/multiarch/../strcmp.S:209
#1 0x00000000004538e8 in find_ext_profile (owner=owner@entry=0x6e16c8
":1.100",
path=0x6df154 "/Profile/HSPAGProfile") at src/profile.c:749
#2 0x0000000000455c4e in register_profile (conn=0x6dc930, msg=0x6df060,
user_data=<optimised out>)
at src/profile.c:2377
#3 0x0000000000476264 in process_message (connection=0x6dc930,
message=<optimised out>,
iface_user_data=<optimised out>, method=<optimised out>,
method=<optimised out>) at gdbus/object.c:259
#4 0x00007ffff78a8e96 in ?? () from /lib/x86_64-linux-gnu/libdbus-1.so.3
#5 0x00007ffff789ba21 in dbus_connection_dispatch () from
/lib/x86_64-linux-gnu/libdbus-1.so.3
#6 0x0000000000472ed0 in message_dispatch (data=0x6dc930) at
gdbus/mainloop.c:72
#7 0x00007ffff7b1ace5 in g_main_context_dispatch () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#8 0x00007ffff7b1b048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#9 0x00007ffff7b1b30a in g_main_loop_run () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x000000000040b046 in main (argc=1, argv=0x7fffffffe688) at
src/main.c:661
---------------------------------------------
Following is the bluetoothd trace
----------------------------------
bluetoothd[6404]: Bluetooth daemon 5.36
bluetoothd[6404]: src/adapter.c:adapter_init() sending read version command
bluetoothd[6404]: Starting SDP server
bluetoothd[6404]: src/sdpd-service.c:register_device_id() Adding device
id record for 0002:1d6b:0246:0524
bluetoothd[6404]: src/plugin.c:plugin_init() Loading builtin plugins
bluetoothd[6404]: src/plugin.c:add_plugin() Loading hostname plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading wiimote plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading autopair plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading policy plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading a2dp plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading avrcp plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading network plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading input plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading hog plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading gap plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading scanparam plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading deviceinfo plugin
bluetoothd[6404]: src/plugin.c:plugin_init() Loading plugins
/usr/lib/bluetooth/plugins
bluetoothd[6404]: profiles/input/suspend-none.c:suspend_init()
bluetoothd[6404]: profiles/network/manager.c:read_config() Config
options: Security=true
bluetoothd[6404]: plugins/hostname.c:read_dmi_fallback() chassis: laptop
bluetoothd[6404]: plugins/hostname.c:read_dmi_fallback() major: 0x01
minor: 0x03
bluetoothd[6404]: src/main.c:main() Entering main loop
bluetoothd[6404]: src/rfkill.c:rfkill_event() RFKILL event idx 0 type 2
op 0 soft 0 hard 0
bluetoothd[6404]: Bluetooth management interface 1.10 initialized
bluetoothd[6404]: src/adapter.c:read_version_complete() sending read
supported commands command
bluetoothd[6404]: src/adapter.c:read_version_complete() sending read
index list command
bluetoothd[6404]: src/rfkill.c:rfkill_event() RFKILL event idx 1 type 1
op 0 soft 0 hard 0
bluetoothd[6404]: src/adapter.c:read_commands_complete() Number of
commands: 61
bluetoothd[6404]: src/adapter.c:read_commands_complete() Number of
events: 34
bluetoothd[6404]: src/adapter.c:read_commands_complete() enabling
kernel-side connection control
bluetoothd[6404]: src/adapter.c:read_index_list_complete() Number of
controllers: 1
bluetoothd[6404]: src/adapter.c:read_index_list_complete() Found index 0
bluetoothd[6404]: src/adapter.c:index_added() index 0
bluetoothd[6404]: src/adapter.c:btd_adapter_new() System name: BlueZ 5.36
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Major class: 0
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Minor class: 0
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Modalias:
usb:v1D6Bp0246d0524
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Discoverable timeout:
180 seconds
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Pairable timeout: 0
seconds
bluetoothd[6404]: src/adapter.c:index_added() sending read info command
for index 0
bluetoothd[6404]: src/adapter.c:read_info_complete() index 0 status 0x00
bluetoothd[6404]: src/adapter.c:clear_uuids() sending clear uuids
command for index 0
bluetoothd[6404]: src/adapter.c:clear_devices() sending clear devices
command for index 0
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10001
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000007-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001800-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: src/gatt-database.c:gatt_db_service_added() GATT
Service added to local database
bluetoothd[6404]: Failed to obtain handles for "Service Changed"
characteristic
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10002
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000007-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001801-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: src/gatt-database.c:gatt_db_service_added() GATT
Service added to local database
bluetoothd[6404]: profiles/audio/a2dp.c:media_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: plugins/hostname.c:hostname_probe()
bluetoothd[6404]: plugins/hostname.c:update_class() major: 0x01 minor: 0x03
bluetoothd[6404]: src/adapter.c:btd_adapter_set_class() class: major 1
minor 3
bluetoothd[6404]: src/adapter.c:set_dev_class() sending set device class
command for index 0
bluetoothd[6404]: profiles/network/manager.c:panu_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/network/server.c:server_register() Registered
interface org.bluez.NetworkServer1 on path /org/bluez/hci0
bluetoothd[6404]: profiles/network/manager.c:gn_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/network/manager.c:nap_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/audio/avrcp.c:avrcp_controller_server_probe()
path /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10003
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000017-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110e-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110f-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: profiles/audio/avrcp.c:avrcp_target_server_probe()
path /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10004
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000017-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110c-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110e-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: profiles/audio/a2dp.c:a2dp_sink_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/audio/a2dp.c:a2dp_source_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: src/adapter.c:btd_adapter_unblock_address() hci0
00:00:00:00:00:00
bluetoothd[6404]: src/adapter.c:get_ltk_info() 00:22:37:20:C2:E7
bluetoothd[6404]: src/device.c:device_create_from_storage() address
00:22:37:20:C2:E7
bluetoothd[6404]: src/device.c:device_new() address 00:22:37:20:C2:E7
bluetoothd[6404]: src/device.c:device_new() Creating device
/org/bluez/hci0/dev_00_22_37_20_C2_E7
bluetoothd[6404]: src/device.c:btd_device_set_temporary() temporary 0
bluetoothd[6404]: src/device.c:device_set_bonded()
bluetoothd[6404]: src/adapter.c:load_link_keys() hci0 keys 1 debug_keys 0
bluetoothd[6404]: src/adapter.c:load_ltks() hci0 keys 0
bluetoothd[6404]: src/adapter.c:load_irks() hci0 irks 0
bluetoothd[6404]: src/adapter.c:load_conn_params() hci0 conn params 0
bluetoothd[6404]: src/device.c:device_probe_profiles() Probing profiles
for device 00:22:37:20:C2:E7
bluetoothd[6404]: profiles/audio/a2dp.c:a2dp_sink_probe() path
/org/bluez/hci0/dev_00_22_37_20_C2_E7
bluetoothd[6404]: profiles/audio/sink.c:sink_init()
/org/bluez/hci0/dev_00_22_37_20_C2_E7
bluetoothd[6404]: src/service.c:btd_service_ref() 0x6e75c0: ref=2
bluetoothd[6404]: src/service.c:change_state() 0x6e75c0: device
00:22:37:20:C2:E7 profile a2dp-sink state changed: unavailable ->
disconnected (0)
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: src/adapter.c:set_did() hci0 source 2 vendor 1d6b
product 246 version 524
bluetoothd[6404]: src/adapter.c:adapter_register() Adapter
/org/bluez/hci0 registered
bluetoothd[6404]: src/adapter.c:set_dev_class() sending set device class
command for index 0
bluetoothd[6404]: src/adapter.c:set_name() sending set local name
command for index 0
bluetoothd[6404]: src/adapter.c:add_whitelist_complete()
00:22:37:20:C2:E7 added to kernel whitelist
bluetoothd[6404]: src/adapter.c:load_link_keys_complete() link keys
loaded for hci0
bluetoothd[6404]: src/adapter.c:load_ltks_complete() LTKs loaded for hci0
bluetoothd[6404]: src/adapter.c:load_irks_complete() IRKs loaded for hci0
bluetoothd[6404]: src/adapter.c:load_conn_params_complete() Connection
Parameters loaded for hci0
bluetoothd[6404]: plugins/hostname.c:property_changed() static hostname:
Thor
bluetoothd[6404]: plugins/hostname.c:property_changed() pretty hostname:
bluetoothd[6404]: plugins/hostname.c:update_name() name: Thor
bluetoothd[6404]: src/adapter.c:adapter_set_name() name: Thor
bluetoothd[6404]: plugins/hostname.c:property_changed() chassis: laptop
bluetoothd[6404]: plugins/hostname.c:update_class() major: 0x01 minor: 0x03
bluetoothd[6404]: profiles/audio/avdtp.c:avdtp_register_sep() SEP
0x6e2c00 registered: type:0 codec:0 seid:1
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10005
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000019-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110a-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110d-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: Endpoint registered: sender=:1.100
path=/MediaEndpoint/A2DPSource
bluetoothd[6404]: profiles/audio/avdtp.c:avdtp_register_sep() SEP
0x6e81c0 registered: type:1 codec:0 seid:2
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10006
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000019-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110b-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110d-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: Endpoint registered: sender=:1.100
path=/MediaEndpoint/A2DPSink
bluetoothd[6404]: src/profile.c:register_profile() sender :1.100
-----------------------------------
>> The problem was gone by removing external flag.
>>
>> --- a/profiles/deviceinfo/deviceinfo.c
>> +++ b/profiles/deviceinfo/deviceinfo.c
>> @@ -142,7 +142,6 @@ static int deviceinfo_driver_accept(struct btd_service
>> *service)
>> static struct btd_profile deviceinfo_profile = {
>> .name = "deviceinfo",
>> .remote_uuid = DEVICE_INFORMATION_UUID,
>> - .external = true,
>> .device_probe = deviceinfo_driver_probe,
>> .device_remove = deviceinfo_driver_remove,
>> .accept = deviceinfo_driver_accept,
>>
>> Many Thanks,
>> Tony
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth"
>> in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
>
prev parent reply other threads:[~2015-11-05 10:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-19 13:23 SEC SEM BV 09, MITM + No Bonding tony
2015-08-19 16:23 ` Johan Hedberg
2015-08-28 14:44 ` tony
2015-09-02 14:50 ` Bluez-4.101 LE SMP support tony
2015-09-02 17:09 ` Marcel Holtmann
[not found] ` <563A1880.8000608@convergeddevices.net>
2015-11-05 9:12 ` BlueZ-5.36 segfault Luiz Augusto von Dentz
2015-11-05 10:40 ` tony [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=563B320A.2040300@convergeddevices.net \
--to=tony.makkiel@convergeddevices.net \
--cc=linux-bluetooth@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.