Return-Path: Date: Fri, 23 Jan 2009 14:46:09 -0800 From: Eric Rannaud To: linux-bluetooth@vger.kernel.org Subject: bluez: bluetoothd: segmentation fault Message-ID: <20090123224609.GC6670@nc050> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-bluetooth-owner@vger.kernel.org List-ID: With bluez-4.22-2.fc10.x86_64.rpm (built from the SRPM with debug information enabled), when starting/stopping 'mplayer -ao:device=bluetooth' several times, bluetoothd regularly segfaults. I got the following information from gdb and valgrind. It seems somewhat similar to the segfault in: http://markmail.org/message/patvlq26erojxbj6 (I also tried with git HEAD, but I have another problem, see end of the email.) bluetoothd[29533]: Accepted new client connection on unix socket (fd=29) bluetoothd[29533]: Unix client disconnected (fd=27) bluetoothd[29533]: Audio API: received BT_GETCAPABILITIES_REQ bluetoothd[29533]: Audio API: sending BT_GETCAPABILITIES_RSP bluetoothd[29533]: Audio API: received BT_SETCONFIGURATION_REQ bluetoothd[29533]: config sco - device = 00:1A:0E:16:18:B2 access_mode = 2 bluetoothd[29533]: Audio API: sending BT_STREAMSTART_RSP bluetoothd[29533]: Error Bad file descriptor(9) bluetoothd[29533]: Audio API: sending BT_STREAMFD_IND bluetoothd[29533]: Error Bad file descriptor(9) bluetoothd[29533]: unix_sendmsg_fd: Bad file descriptor(9) bluetoothd[29533]: headset_resume_complete: resume failed bluetoothd[29533]: Audio API: sending BT_SETCONFIGURATION_RSP bluetoothd[29533]: Audio API: received BT_STREAMSTART_REQ bluetoothd[29533]: Unix client disconnected (fd=29) bluetoothd[29533]: Accepted new client connection on unix socket (fd=27) bluetoothd[29533]: Audio API: received BT_GETCAPABILITIES_REQ bluetoothd[29533]: Audio API: sending BT_GETCAPABILITIES_RSP bluetoothd[29533]: Audio API: received BT_SETCONFIGURATION_REQ bluetoothd[29533]: config sco - device = 00:1A:0E:16:18:B2 access_mode = 2 bluetoothd[29533]: Audio API: sending BT_STREAMSTART_RSP bluetoothd[29533]: Error Socket operation on non-socket(88) bluetoothd[29533]: Audio API: sending BT_STREAMFD_IND bluetoothd[29533]: Error Socket operation on non-socket(88) bluetoothd[29533]: unix_sendmsg_fd: Socket operation on non-socket(88) Program received signal SIGSEGV, Segmentation fault. 0x00000000f29c9453 in dbus_message_append_args () from /usr/lib64/bluetooth/plugins/audio.so (gdb) bt #0 0x00000000f29c9453 in dbus_message_append_args () from /usr/lib64/bluetooth/plugins/audio.so #1 0x00000000f29bff17 in dbus_message_append_args () from /usr/lib64/bluetooth/plugins/audio.so #2 0x00000000f29c4eb7 in dbus_message_append_args () from /usr/lib64/bluetooth/plugins/audio.so #3 0x00000000003873fd in g_slist_foreach () from /lib64/libglib-2.0.so.0 #4 0x00000000f29c4ef8 in dbus_message_append_args () from /usr/lib64/bluetooth/plugins/audio.so #5 0x00000000f29c8968 in dbus_message_append_args () from /usr/lib64/bluetooth/plugins/audio.so #6 0x000000000036879b in g_main_context_dispatch () from /lib64/libglib-2.0.so.0 #7 0x000000000036bf6d in ?? () from /lib64/libglib-2.0.so.0 #8 0x000000000036c49d in g_main_loop_run () from /lib64/libglib-2.0.so.0 #9 0x00007ffff7fd2b2f in main () from /usr/sbin/bluetoothd (gdb) i r rax 0x5a1 1441 rbx 0x58 88 rcx 0x100f 4111 rdx 0xf 15 rsi 0xf82053f0 4162868208 rdi 0x7ffff82139b0 140737356315056 rbp 0x7fffffffe190 0x7fffffffe190 rsp 0x7fffffffe170 0x7fffffffe170 r8 0x7ffff8214fe0 140737356320736 r9 0x0 0 r10 0x4000 16384 r11 0x246 582 r12 0xf29c4e5a 4070329946 r13 0x1 1 r14 0x0 0 r15 0x7ffff820f650 140737356297808 rip 0xf29c9453 0xf29c9453 eflags 0x10202 [ IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 fctrl 0x37f 895 fstat 0x0 0 ftag 0xffff 65535 fiseg 0x0 0 fioff 0x0 0 foseg 0x0 0 fooff 0x0 0 fop 0x0 0 mxcsr 0x1f80 [ IM DM ZM OM UM PM ] bluetoothd[31752]: Received AT+VGM=13 bluetoothd[31752]: Unix client disconnected (fd=16) bluetoothd[31752]: Accepted new client connection on unix socket (fd=16) bluetoothd[31752]: Audio API: received BT_GETCAPABILITIES_REQ bluetoothd[31752]: Audio API: sending BT_GETCAPABILITIES_RSP bluetoothd[31752]: Audio API: received BT_SETCONFIGURATION_REQ bluetoothd[31752]: config sco - device = 00:1A:0E:16:18:B2 access_mode = 2 ==31752== Invalid write of size 4 ==31752== at 0x5237D80: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831fc is 68 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== ==31752== Invalid read of size 4 ==31752== at 0x5237DAD: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831d8 is 32 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) bluetoothd[31752]: Audio API: sending BT_STREAMSTART_RSP ==31752== ==31752== Invalid read of size 4 ==31752== at 0x523785B: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5237E29: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831f0 is 56 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) bluetoothd[31752]: Audio API: sending BT_STREAMFD_IND ==31752== ==31752== Invalid read of size 4 ==31752== at 0x523785B: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5237E6D: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831f0 is 56 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== ==31752== Invalid write of size 4 ==31752== at 0x5237E94: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831f8 is 64 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== ==31752== Invalid read of size 4 ==31752== at 0x5237EAF: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831f8 is 64 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== ==31752== Invalid read of size 4 ==31752== at 0x5237EB9: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831f0 is 56 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) bluetoothd[31752]: unix_sendmsg_fd: Bad file descriptor(9) ==31752== ==31752== Invalid read of size 4 ==31752== at 0x5237F06: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831d8 is 32 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== ==31752== Invalid read of size 8 ==31752== at 0x5237F0F: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523CEB6: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E563FC: g_slist_foreach (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x523CEF7: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5240967: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x4d831b8 is 0 bytes inside a block of size 88 free'd ==31752== at 0x4A0609F: free (vg_replace_malloc.c:323) ==31752== by 0x5237728: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x5239B28: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) bluetoothd[31752]: telephony-dummy: device 0x4d624b8 disconnected bluetoothd[31752]: State changed /org/bluez/31752/hci0/dev_00_1A_0E_16_18_B2: HEADSET_STATE_PLAY_IN_PROGRESS -> HEADSET_STATE_DISCONNECTED bluetoothd[31752]: headset_resume_complete: resume failed bluetoothd[31752]: Audio API: sending BT_SETCONFIGURATION_RSP bluetoothd[31752]: Error Broken pipe(32) bluetoothd[31752]: Unix client disconnected (fd=16) bluetoothd[31752]: connect(): Connection timed out (110) ==31752== ==31752== Invalid read of size 4 ==31752== at 0x3563C12D35: (within /lib64/libdbus-1.so.3.4.0) ==31752== by 0x3563C178F9: dbus_message_get_sender (in /lib64/libdbus-1.so.3.4.0) ==31752== by 0x3563C1AE95: dbus_message_new_error (in /lib64/libdbus-1.so.3.4.0) ==31752== by 0x17D73: error_common_reply (in /usr/sbin/bluetoothd) ==31752== by 0x523C64A: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523D3BE: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x29085: (within /usr/sbin/bluetoothd) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== Address 0x10102464c45bb is not stack'd, malloc'd or (recently) free'd ==31752== ==31752== Process terminating with default action of signal 11 (SIGSEGV) ==31752== General Protection Fault ==31752== at 0x3563C12D35: (within /lib64/libdbus-1.so.3.4.0) ==31752== by 0x3563C178F9: dbus_message_get_sender (in /lib64/libdbus-1.so.3.4.0) ==31752== by 0x3563C1AE95: dbus_message_new_error (in /lib64/libdbus-1.so.3.4.0) ==31752== by 0x17D73: error_common_reply (in /usr/sbin/bluetoothd) ==31752== by 0x523C64A: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x523D3BE: (within /usr/lib64/bluetooth/plugins/audio.so) ==31752== by 0x29085: (within /usr/sbin/bluetoothd) ==31752== by 0x3E78E3779A: g_main_context_dispatch (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3AF6C: (within /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0x3E78E3B49C: g_main_loop_run (in /lib64/libglib-2.0.so.0.1800.3) ==31752== by 0xCB2E: main (in /usr/sbin/bluetoothd) ==31752== ==31752== ERROR SUMMARY: 10 errors from 10 contexts (suppressed: 22 from 1) ==31752== malloc/free: in use at exit: 63,482 bytes in 833 blocks. ==31752== malloc/free: 3,087 allocs, 2,254 frees, 3,214,137 bytes allocated. ==31752== For counts of detected errors, rerun with: -v ==31752== searching for pointers to 833 not-freed blocks. ==31752== checked 183,216 bytes. ==31752== ==31752== LEAK SUMMARY: ==31752== definitely lost: 88 bytes in 1 blocks. ==31752== possibly lost: 992 bytes in 2 blocks. ==31752== still reachable: 62,402 bytes in 830 blocks. ==31752== suppressed: 0 bytes in 0 blocks. ==31752== Rerun with --leak-check=full to see details of leaked memory. Segmentation fault I tried to reproduce this segmentation fault with git HEAD, but when running 'src/bluetooth -dn', running 'mplayer -ao:device=headset' fails with: [AO_ALSA] alsa-lib: pcm_bluetooth.c:1531:(audioservice_recv) Error receiving data from audio service: Success(0) [AO_ALSA] alsa-lib: pcm_bluetooth.c:1547:(audioservice_expect) Bogus message BT_GETCAPABILITIES_REQ received while BT_GETCAPABILITIES_RSP was expected [AO_ALSA] Playback open error: Invalid argument while: ... bluetoothd[31939]: Computer is classified as laptop bluetoothd[31939]: Current device class is 0x4a010c bluetoothd[31939]: Setting 0x00010c for major/minor device class bluetoothd[31939]: Agent registered for hci0 at :1.34:/org/bluez/agent/hci0 bluetoothd[20499]: Accepted new client connection on unix socket (fd=16) bluetoothd[20499]: Audio API: BT_REQUEST <- (null) bluetoothd[20499]: Invalid message: length mismatch (note: this is not doing 'make install', but running on top of the F10 bluez package. I realize that's far from ideal, but 'make install' doesn't give me a running configuration: bluetoothd[24656]: Bluetooth daemon bluetoothd[24656]: Enabling debug information bluetoothd[24656]: parsing main.conf bluetoothd[24656]: discovto=0 bluetoothd[24656]: pairto=0 bluetoothd[24656]: pageto=8192 bluetoothd[24656]: name=%h-%d bluetoothd[24656]: class=0x000100 bluetoothd[24656]: inqmode=0 bluetoothd[24656]: Key file does not have key 'InitiallyPowered' bluetoothd[24656]: Key file does not have key 'RememberPowered' bluetoothd[24656]: Key file does not have key 'DeviceID' bluetoothd[24656]: Key file does not have key 'ReverseServiceDiscovery' bluetoothd[24656]: Unable to get on D-Bus and I have no idea how to address that).