From: Johan Hedberg <johan.hedberg@gmail.com>
To: BlueZ development <linux-bluetooth@vger.kernel.org>
Subject: Re: bluez-4.11 + 2.6.27-rc8 + SCO headset -> Invalid read of size 4
Date: Mon, 6 Oct 2008 10:47:35 +0200 [thread overview]
Message-ID: <A34AC171-77C2-4377-A60C-60A2793A2297@gmail.com> (raw)
In-Reply-To: <48E91E6F.1030202@pook.es>
Hi Stuart,
On Oct 5, 2008, at 22:07, Stuart Pook wrote:
> bluetoothd[15123]: connect(): Connection timed out (110)
> ==15123== Invalid read of size 4
> ==15123== at 0x490CBF3: (within /usr/lib/libdbus-1.so.3.4.0)
> ==15123== by 0x4911DD1: dbus_message_get_sender (in /usr/lib/
> libdbus-1.so.3.4.0)
> ==15123== by 0x49155C0: dbus_message_new_error (in /usr/lib/
> libdbus-1.so.3.4.0)
> ==15123== by 0x1361D: error_common_reply (in /usr/local/stow/
> bluez-4.11/sbin/bluetoothd)
> ==15123== by 0x4ED9D2C: error_connection_attempt_failed (in /usr/
> local/stow/bluez-4.11/lib/bluetooth/plugins/audio.so)
> ==15123== by 0x4EDAEA2: rfcomm_connect_cb (in /usr/local/stow/
> bluez-4.11/lib/bluetooth/plugins/audio.so)
> ==15123== by 0x2165E: connect_cb (in /usr/local/stow/bluez-4.11/
> sbin/bluetoothd)
> ==15123== by 0x48B465C: (within /usr/lib/libglib-2.0.so.0.1600.6)
> ==15123== by 0x487E1B7: g_main_context_dispatch (in /usr/lib/
> libglib-2.0.so.0.1600.6)
> ==15123== by 0x4881852: (within /usr/lib/libglib-2.0.so.0.1600.6)
> ==15123== by 0x4881D71: g_main_loop_run (in /usr/lib/
> libglib-2.0.so.0.1600.6)
> ==15123== by 0xA410: main (in /usr/local/stow/bluez-4.11/sbin/
> bluetoothd)
> ==15123== Address 0x464c45b3 is not stack'd, malloc'd or (recently)
> free'd
Thanks for the valgrind report. It definitely gives some hints at
what's going on. Apparently there's a bug in one error handling code
path of the rfcomm_connect_cb function. The weird thing here is that
the code path (which calls error_connection_attempt_failed) should
only be taken if the connection attempt was triggered by a D-Bus
message which is not the case for you (it's the alsa sound player that
triggers it, right?). I fixed some issues related to the connection
handling in git but none of it seemed to be directly related to the
backtrace you gave. Could you give the current git a try (git clone
git://git.kernel.org/pub/scm/bluetooth/bluez.git; cd bluez; ./
bootstrap-configure && make)? Also, try to run bluetoothd directly
from the source tree (src/.libs/bluetoothd) so that valgrind can pick
up the correct file names and line numbers as well.
Regarding why this code path is taken, it seems like your alsa
application gives up before the bluetooth connection has been created.
When bluetoothd sees that the alsa client exited it calls close() on
the connecting RFCOMM socket which in effect terminates the connection
creation and causes rfcomm_connect_cb to be called with an error code.
Why your application gives up prematurely is still unclear to me.
Johan
next prev parent reply other threads:[~2008-10-06 8:47 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-30 21:03 bluez-4.9 + 2.6.27-rc8 + SCO headset -> bluetoothd: connect: Operation not permitted Stuart Pook
2008-09-30 23:26 ` David Sainty
2008-10-01 17:30 ` Stuart Pook
2008-10-04 3:47 ` Luiz Augusto von Dentz
2008-10-04 11:25 ` Stuart Pook
2008-10-04 11:51 ` Marcel Holtmann
2008-10-04 23:24 ` bluez-4.11 + 2.6.27-rc8 + SCO headset -> bluetoothd: connect(): Connection timed out (110) Stuart Pook
2008-10-05 17:50 ` Johan Hedberg
2008-10-05 19:17 ` Stuart Pook
2008-10-05 20:07 ` bluez-4.11 + 2.6.27-rc8 + SCO headset -> Invalid read of size 4 Stuart Pook
2008-10-06 8:47 ` Johan Hedberg [this message]
2008-10-06 10:52 ` Johan Hedberg
2008-10-06 18:38 ` Stuart Pook
2008-10-06 19:56 ` Stuart Pook
2008-10-06 20:31 ` Johan Hedberg
2008-10-06 20:56 ` bluez/git + 2.6.27-rc8 + SCO headset -> SIGSEGV Stuart Pook
2008-10-06 21:03 ` Marcel Holtmann
2008-10-06 21:10 ` Stuart Pook
2008-10-06 21:21 ` Marcel Holtmann
2008-10-06 22:40 ` bluez/git + 2.6.27-rc8 + bluetoothd " Stuart Pook
2008-10-07 5:34 ` Johan Hedberg
2008-12-06 12:15 ` bluez-4.22 + twinkle -> Unable to lock headset Stuart Pook
2008-12-08 18:42 ` Luiz Augusto von Dentz
2008-12-09 12:23 ` sreevani medhahal
2008-10-06 20:39 ` bluez/git + 2.6.27-rc8 + Belkin F8T017 -> Can't read class of adapter Stuart Pook
2008-10-06 20:45 ` Marcel Holtmann
2008-10-06 21:55 ` Stuart Pook
2008-10-06 22:38 ` Marcel Holtmann
2008-10-06 23:17 ` bluez/git + 2.6.27-rc8 + Belkin F8T017 -> works with reset=1 Stuart Pook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=A34AC171-77C2-4377-A60C-60A2793A2297@gmail.com \
--to=johan.hedberg@gmail.com \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox