From: tony <tony.makkiel@convergeddevices.net>
To: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
Cc: "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>
Subject: Re: BlueZ-5.36 segfault
Date: Thu, 5 Nov 2015 10:40:10 +0000 [thread overview]
Message-ID: <563B320A.2040300@convergeddevices.net> (raw)
In-Reply-To: <CABBYNZ+WMvoJxrrt59xx7r0thdLcJgfcBvYWN2_-QzCv+hzaHw@mail.gmail.com>
On 05/11/15 09:12, Luiz Augusto von Dentz wrote:
> Hi Tony,
>
> On Wed, Nov 4, 2015 at 4:38 PM, tony <tony.makkiel@convergeddevices.net> wrote:
>> Hello,
>> I am getting a segfault within BlueZ-5.36.
>>
>> [ 8816.157843] bluetoothd[9264]: segfault at 2000000064 ip 00007fb2da31d216
>> sp 00007ffc65426b48 error 4 in libc-2.19.so[7fb2da1dd000+1bb000].
>>
>> "deviceinfo_init" seems to be the cause of the problem. As 'external' flag
>> is set for "deviceinfo_profile", one of the entry in
>>
>> GSList ext_profiles
>>
>> will be of type 'struct btd_profile'.
>>
>> Unfortunately later when "src/profile.c:register_profile" calls
>> "find_ext_profile", g_strcmp0 tries to access "ext->owner" which does not
>> exist for "deviceinfo" entry.
>
>
> Are you sure it is really crashing in g_strcmp0, it is supposed to
> handle NULL pointers and in fact it was introduced to fix this
> problem. Can you try to provide a backtrace, perhaps something else
> needs fixing.
>
Yes, that is what I also thought initially. For some reason the pointer
is not NULL! I made an NULL check for "ext->owner" before it goes to
'g_strcmp0' and it was not null. I guess it is address of some memory
not meant for it?
Following is the gdb backtrace.
------------------------------------
(gdb) bt
#0 __strcmp_ssse3 () at ../sysdeps/x86_64/multiarch/../strcmp.S:209
#1 0x00000000004538e8 in find_ext_profile (owner=owner@entry=0x6e16c8
":1.100",
path=0x6df154 "/Profile/HSPAGProfile") at src/profile.c:749
#2 0x0000000000455c4e in register_profile (conn=0x6dc930, msg=0x6df060,
user_data=<optimised out>)
at src/profile.c:2377
#3 0x0000000000476264 in process_message (connection=0x6dc930,
message=<optimised out>,
iface_user_data=<optimised out>, method=<optimised out>,
method=<optimised out>) at gdbus/object.c:259
#4 0x00007ffff78a8e96 in ?? () from /lib/x86_64-linux-gnu/libdbus-1.so.3
#5 0x00007ffff789ba21 in dbus_connection_dispatch () from
/lib/x86_64-linux-gnu/libdbus-1.so.3
#6 0x0000000000472ed0 in message_dispatch (data=0x6dc930) at
gdbus/mainloop.c:72
#7 0x00007ffff7b1ace5 in g_main_context_dispatch () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#8 0x00007ffff7b1b048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#9 0x00007ffff7b1b30a in g_main_loop_run () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x000000000040b046 in main (argc=1, argv=0x7fffffffe688) at
src/main.c:661
---------------------------------------------
Following is the bluetoothd trace
----------------------------------
bluetoothd[6404]: Bluetooth daemon 5.36
bluetoothd[6404]: src/adapter.c:adapter_init() sending read version command
bluetoothd[6404]: Starting SDP server
bluetoothd[6404]: src/sdpd-service.c:register_device_id() Adding device
id record for 0002:1d6b:0246:0524
bluetoothd[6404]: src/plugin.c:plugin_init() Loading builtin plugins
bluetoothd[6404]: src/plugin.c:add_plugin() Loading hostname plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading wiimote plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading autopair plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading policy plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading a2dp plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading avrcp plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading network plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading input plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading hog plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading gap plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading scanparam plugin
bluetoothd[6404]: src/plugin.c:add_plugin() Loading deviceinfo plugin
bluetoothd[6404]: src/plugin.c:plugin_init() Loading plugins
/usr/lib/bluetooth/plugins
bluetoothd[6404]: profiles/input/suspend-none.c:suspend_init()
bluetoothd[6404]: profiles/network/manager.c:read_config() Config
options: Security=true
bluetoothd[6404]: plugins/hostname.c:read_dmi_fallback() chassis: laptop
bluetoothd[6404]: plugins/hostname.c:read_dmi_fallback() major: 0x01
minor: 0x03
bluetoothd[6404]: src/main.c:main() Entering main loop
bluetoothd[6404]: src/rfkill.c:rfkill_event() RFKILL event idx 0 type 2
op 0 soft 0 hard 0
bluetoothd[6404]: Bluetooth management interface 1.10 initialized
bluetoothd[6404]: src/adapter.c:read_version_complete() sending read
supported commands command
bluetoothd[6404]: src/adapter.c:read_version_complete() sending read
index list command
bluetoothd[6404]: src/rfkill.c:rfkill_event() RFKILL event idx 1 type 1
op 0 soft 0 hard 0
bluetoothd[6404]: src/adapter.c:read_commands_complete() Number of
commands: 61
bluetoothd[6404]: src/adapter.c:read_commands_complete() Number of
events: 34
bluetoothd[6404]: src/adapter.c:read_commands_complete() enabling
kernel-side connection control
bluetoothd[6404]: src/adapter.c:read_index_list_complete() Number of
controllers: 1
bluetoothd[6404]: src/adapter.c:read_index_list_complete() Found index 0
bluetoothd[6404]: src/adapter.c:index_added() index 0
bluetoothd[6404]: src/adapter.c:btd_adapter_new() System name: BlueZ 5.36
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Major class: 0
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Minor class: 0
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Modalias:
usb:v1D6Bp0246d0524
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Discoverable timeout:
180 seconds
bluetoothd[6404]: src/adapter.c:btd_adapter_new() Pairable timeout: 0
seconds
bluetoothd[6404]: src/adapter.c:index_added() sending read info command
for index 0
bluetoothd[6404]: src/adapter.c:read_info_complete() index 0 status 0x00
bluetoothd[6404]: src/adapter.c:clear_uuids() sending clear uuids
command for index 0
bluetoothd[6404]: src/adapter.c:clear_devices() sending clear devices
command for index 0
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10001
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000007-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001800-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: src/gatt-database.c:gatt_db_service_added() GATT
Service added to local database
bluetoothd[6404]: Failed to obtain handles for "Service Changed"
characteristic
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10002
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000007-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001801-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: src/gatt-database.c:gatt_db_service_added() GATT
Service added to local database
bluetoothd[6404]: profiles/audio/a2dp.c:media_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: plugins/hostname.c:hostname_probe()
bluetoothd[6404]: plugins/hostname.c:update_class() major: 0x01 minor: 0x03
bluetoothd[6404]: src/adapter.c:btd_adapter_set_class() class: major 1
minor 3
bluetoothd[6404]: src/adapter.c:set_dev_class() sending set device class
command for index 0
bluetoothd[6404]: profiles/network/manager.c:panu_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/network/server.c:server_register() Registered
interface org.bluez.NetworkServer1 on path /org/bluez/hci0
bluetoothd[6404]: profiles/network/manager.c:gn_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/network/manager.c:nap_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/audio/avrcp.c:avrcp_controller_server_probe()
path /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10003
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000017-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110e-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110f-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: profiles/audio/avrcp.c:avrcp_target_server_probe()
path /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10004
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000017-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110c-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110e-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: profiles/audio/a2dp.c:a2dp_sink_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: profiles/audio/a2dp.c:a2dp_source_server_probe() path
/org/bluez/hci0
bluetoothd[6404]: src/adapter.c:btd_adapter_unblock_address() hci0
00:00:00:00:00:00
bluetoothd[6404]: src/adapter.c:get_ltk_info() 00:22:37:20:C2:E7
bluetoothd[6404]: src/device.c:device_create_from_storage() address
00:22:37:20:C2:E7
bluetoothd[6404]: src/device.c:device_new() address 00:22:37:20:C2:E7
bluetoothd[6404]: src/device.c:device_new() Creating device
/org/bluez/hci0/dev_00_22_37_20_C2_E7
bluetoothd[6404]: src/device.c:btd_device_set_temporary() temporary 0
bluetoothd[6404]: src/device.c:device_set_bonded()
bluetoothd[6404]: src/adapter.c:load_link_keys() hci0 keys 1 debug_keys 0
bluetoothd[6404]: src/adapter.c:load_ltks() hci0 keys 0
bluetoothd[6404]: src/adapter.c:load_irks() hci0 irks 0
bluetoothd[6404]: src/adapter.c:load_conn_params() hci0 conn params 0
bluetoothd[6404]: src/device.c:device_probe_profiles() Probing profiles
for device 00:22:37:20:C2:E7
bluetoothd[6404]: profiles/audio/a2dp.c:a2dp_sink_probe() path
/org/bluez/hci0/dev_00_22_37_20_C2_E7
bluetoothd[6404]: profiles/audio/sink.c:sink_init()
/org/bluez/hci0/dev_00_22_37_20_C2_E7
bluetoothd[6404]: src/service.c:btd_service_ref() 0x6e75c0: ref=2
bluetoothd[6404]: src/service.c:change_state() 0x6e75c0: device
00:22:37:20:C2:E7 profile a2dp-sink state changed: unavailable ->
disconnected (0)
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: src/adapter.c:set_did() hci0 source 2 vendor 1d6b
product 246 version 524
bluetoothd[6404]: src/adapter.c:adapter_register() Adapter
/org/bluez/hci0 registered
bluetoothd[6404]: src/adapter.c:set_dev_class() sending set device class
command for index 0
bluetoothd[6404]: src/adapter.c:set_name() sending set local name
command for index 0
bluetoothd[6404]: src/adapter.c:add_whitelist_complete()
00:22:37:20:C2:E7 added to kernel whitelist
bluetoothd[6404]: src/adapter.c:load_link_keys_complete() link keys
loaded for hci0
bluetoothd[6404]: src/adapter.c:load_ltks_complete() LTKs loaded for hci0
bluetoothd[6404]: src/adapter.c:load_irks_complete() IRKs loaded for hci0
bluetoothd[6404]: src/adapter.c:load_conn_params_complete() Connection
Parameters loaded for hci0
bluetoothd[6404]: plugins/hostname.c:property_changed() static hostname:
Thor
bluetoothd[6404]: plugins/hostname.c:property_changed() pretty hostname:
bluetoothd[6404]: plugins/hostname.c:update_name() name: Thor
bluetoothd[6404]: src/adapter.c:adapter_set_name() name: Thor
bluetoothd[6404]: plugins/hostname.c:property_changed() chassis: laptop
bluetoothd[6404]: plugins/hostname.c:update_class() major: 0x01 minor: 0x03
bluetoothd[6404]: profiles/audio/avdtp.c:avdtp_register_sep() SEP
0x6e2c00 registered: type:0 codec:0 seid:1
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10005
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000019-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110a-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110d-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: Endpoint registered: sender=:1.100
path=/MediaEndpoint/A2DPSource
bluetoothd[6404]: profiles/audio/avdtp.c:avdtp_register_sep() SEP
0x6e81c0 registered: type:1 codec:0 seid:2
bluetoothd[6404]: src/adapter.c:adapter_service_add() /org/bluez/hci0
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Adding
record with handle 0x10006
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000019-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00000100-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 00001002-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110b-0000-1000-8000-00805f9
bluetoothd[6404]: src/sdpd-service.c:add_record_to_server() Record
pattern UUID 0000110d-0000-1000-8000-00805f9
bluetoothd[6404]: src/adapter.c:adapter_service_insert() /org/bluez/hci0
bluetoothd[6404]: src/adapter.c:add_uuid() sending add uuid command for
index 0
bluetoothd[6404]: Endpoint registered: sender=:1.100
path=/MediaEndpoint/A2DPSink
bluetoothd[6404]: src/profile.c:register_profile() sender :1.100
-----------------------------------
>> The problem was gone by removing external flag.
>>
>> --- a/profiles/deviceinfo/deviceinfo.c
>> +++ b/profiles/deviceinfo/deviceinfo.c
>> @@ -142,7 +142,6 @@ static int deviceinfo_driver_accept(struct btd_service
>> *service)
>> static struct btd_profile deviceinfo_profile = {
>> .name = "deviceinfo",
>> .remote_uuid = DEVICE_INFORMATION_UUID,
>> - .external = true,
>> .device_probe = deviceinfo_driver_probe,
>> .device_remove = deviceinfo_driver_remove,
>> .accept = deviceinfo_driver_accept,
>>
>> Many Thanks,
>> Tony
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth"
>> in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
>
prev parent reply other threads:[~2015-11-05 10:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-19 13:23 SEC SEM BV 09, MITM + No Bonding tony
2015-08-19 16:23 ` Johan Hedberg
2015-08-28 14:44 ` tony
2015-09-02 14:50 ` Bluez-4.101 LE SMP support tony
2015-09-02 17:09 ` Marcel Holtmann
[not found] ` <563A1880.8000608@convergeddevices.net>
2015-11-05 9:12 ` BlueZ-5.36 segfault Luiz Augusto von Dentz
2015-11-05 10:40 ` tony [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=563B320A.2040300@convergeddevices.net \
--to=tony.makkiel@convergeddevices.net \
--cc=linux-bluetooth@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).