Return-Path: MIME-Version: 1.0 In-Reply-To: <4C505806.3040508@aircable.net> References: <4C46324D.5070800@aircable.net> <20100721101934.GA12188@jh-x301> <4C470E2D.7000607@aircable.net> <4C505806.3040508@aircable.net> Date: Wed, 28 Jul 2010 15:46:21 -0300 Message-ID: Subject: Re: [PATCH][RFC] Fix SDP resolving segfault From: Manuel Naranjo To: Luiz Augusto von Dentz Cc: Johan Hedberg , BlueZ Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-bluetooth-owner@vger.kernel.org List-ID: Luiz, Bad news it doesn't work, it keeps doing the same. This is the output of bluetoothd -n -d: bluetoothd[3572]: audio/manager.c:handle_uuid() server not enabled for 0000110a-0000-1000-8000-00805f9b34fb (0x110a) bluetoothd[3572]: audio/manager.c:handle_uuid() Found AV Target bluetoothd[3572]: audio/control.c:control_init() Registered interface org.bluez.Control on path /org/bluez/3572/hci0/dev_00_24_91_E4_E9_05 bluetoothd[3572]: audio/manager.c:handle_uuid() Found AV Target bluetoothd[3572]: src/device.c:btd_device_unref() 0x90f9e08: ref=2 bluetoothd[3572]: src/device.c:btd_device_ref() 0x90f9e08: ref=3 bluetoothd[3572]: src/device.c:search_cb() /org/bluez/3572/hci0/dev_00_24_91_E4_E9_05: No service update bluetoothd[3572]: src/device.c:btd_device_unref() 0x90f9e08: ref=2 bluetoothd[3572]: src/adapter.c:session_unref() 0x90b2790: ref=0 bluetoothd[3572]: src/adapter.c:session_remove() Discovery session 0x90b2790 with :1.81 deactivated bluetoothd[3572]: src/adapter.c:session_remove() Stopping discovery bluetoothd[3572]: Stopping discovery bluetoothd[3572]: src/device.c:btd_device_ref() 0x90adfd0: ref=2 bluetoothd[3572]: Discovery session 0x90fe178 with :1.81 activated bluetoothd[3572]: src/adapter.c:session_ref() 0x90fe178: ref=1 bluetoothd[3572]: src/adapter.c:adapter_remove_connection() Removing temporary device /org/bluez/3572/hci0/dev_C8_7E_75_DC_1E_86 bluetoothd[3572]: src/device.c:device_remove() Removing device /org/bluez/3572/hci0/dev_C8_7E_75_DC_1E_86 bluetoothd[3572]: src/device.c:btd_device_unref() 0x90fc080: ref=1 bluetoothd[3572]: src/device.c:btd_device_unref() 0x90fc080: ref=0 bluetoothd[3572]: src/device.c:device_free() 0x90fc080 bluetoothd[3572]: src/adapter.c:adapter_get_device() 00:05:4F:63:5A:E0 bluetoothd[3572]: src/adapter.c:session_unref() 0x90fe178: ref=0 bluetoothd[3572]: src/adapter.c:session_remove() Discovery session 0x90fe178 with :1.81 deactivated bluetoothd[3572]: src/adapter.c:session_remove() Stopping discovery bluetoothd[3572]: Stopping discovery bluetoothd[3572]: Discovery session 0x90b1e00 with :1.81 activated bluetoothd[3572]: src/adapter.c:session_ref() 0x90b1e00: ref=1 bluetoothd[3572]: <27>Jul 28 14:26:36 bluetoothd[3572]: : error updating services: Host is down (112) And this is the call trace during the crash: + 4 0x80ac636 (from 0x80a9a28) device_remove_connection(): /home/manuel/bluez/src/device.c:908 + 5 0x80ac4ca (from 0x80ac753) device_set_connected(): /home/manuel/bluez/src/device.c:875 + 6 0x80b0d08 (from 0x80ac517) emit_property_changed(): /home/manuel/bluez/src/dbus-common.c:266 + 7 0x80b0a31 (from 0x80b0da4) append_variant(): /home/manuel/bluez/src/dbus-common.c:195 + 7 0x805005d (from 0x80b0db6) g_dbus_send_message(): /home/manuel/bluez/gdbus/object.c:615 + 4 0x80ae60e (from 0x80a9a55) device_get_address(): /home/manuel/bluez/src/device.c:1654 + 5 0x80aa5a4 (from 0x80ae639) bacpy(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:132 + 4 0x808a77f (from 0x80a9a6d) hci_req_queue_remove(): /home/manuel/bluez/src/security.c:169 + 4 0x80affea (from 0x80a9a78) device_is_authenticating(): /home/manuel/bluez/src/device.c:2339 + 4 0x80ae749 (from 0x80a9a9a) device_is_temporary(): /home/manuel/bluez/src/device.c:1683 + 1 0x808a82f (from 0x808cdb4) check_pending_hci_req(): /home/manuel/bluez/src/security.c:186 + 0 0x8094781 (from 0x2cddab) connect_cb(): /home/manuel/bluez/src/btio.c:138 + 1 0x8094628 (from 0x80947be) check_nval(): /home/manuel/bluez/src/btio.c:103 + 1 0x8097b6e (from 0x8094849) bt_io_error_quark(): /home/manuel/bluez/src/btio.c:1296 + 1 0x8099523 (from 0x80948c1) connect_watch(): /home/manuel/bluez/src/glib-helper.c:283 + 2 0x80ae1c5 (from 0x809966f) browse_cb(): /home/manuel/bluez/src/device.c:1540 + 3 0x80adf2f (from 0x80ae312) search_cb(): /home/manuel/bluez/src/device.c:1476 + 4 0x8089ef6 (from 0x80adf90) error(): /home/manuel/bluez/src/log.c:47 If you go through the code it fails in the line: static void search_cb(sdp_list_t *recs, int err, gpointer user_data) { struct browse_req *req = user_data; struct btd_device *device = req->device; if (err < 0) { error("%s: error updating services: %s (%d)", device->path, strerror(-err), -err); goto send_reply; } It fails because device->path is not valid. My patch even though than ugly it worked. I know this is not the best for upstream, but at least is something to start with. For some reason either user_data or device is invalid when that callback gets. Manuel -- Manuel Francisco Naranjo Software Department Argentina Wireless Cables Inc www.aircable.net cel: +5493412010019 skype: naranjomanuelfrancisco