Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp3038100rwd; Wed, 14 Jun 2023 10:19:20 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7UuY4en6oq/Bg+mej7R1BoGpMzxa8BtB2UQExcRGeuqiBjTPzVti0Cpqzs6MccmTNBp4X5 X-Received: by 2002:a17:902:e5c1:b0:1b3:f6b8:61cf with SMTP id u1-20020a170902e5c100b001b3f6b861cfmr4640479plf.56.1686763160389; Wed, 14 Jun 2023 10:19:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686763160; cv=none; d=google.com; s=arc-20160816; b=sSNNFaCOzM8+aZAhFuY+02tANXmCFw+eOZMbfqIe26BaLppIOZco3gaiw+/zFrQ3xW pUvv/9inAtipygY8kLbv9sl0pMt1tbjfMLC/rMflXdqXU4qYyWc5kPLyt620YvWsAx5b 8LGg/2RY3ZpTmFvHXx0nqAUlKAsN4mPt9N4tBKGm7gqkP3/JiJxnmNo3L+VZhpnDktnV FsBUtXqFjYs3HtW6rZKMhC2+mnXsDkxiQRXJuBV/BEhVGq4he+KbpaVvbPU8tkekodes pH0HVFnwqjc8chfYsKTUulNUILnXaJLPKBAGsOlDvs0EtmqUwDKRM224mSThPJ8TltNJ hUUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=89SNXLVjRRh/evD99q3dU0l5uK6Zmh2A8ng5JFQSecQ=; b=sMQ97QddQe7C0/bLzoEtLGpeoLW7YS/+LsjB/TfLP6GzO0bPm4X73+Sp7p/KEPNRYx YwRY6vGRQ5kGzD+e8H6KvsSxORyZ8K5Kn/+iy+38Cv6wHZHikZW2lTRBedxASKLPNHo5 J2VFFr/fwcoAQmFGC1F1g2z0GMpMoPAu7zBIkeeN1zbl+c0hBtJHKZBsPrZ7Jt4RihRi BIUROsbWEf2TrIEkQbY6yOAZD7Ghkgg2KGClrvnktf8GBP/5VQxbQ67JOCJoJvMPJOu2 pQnLwY0h0EnLvCmuFJboPFK2fXKh1w0RageAfHMtQGwXuRhArdyBRF+XHd+e3lv0NPNe TRcg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=gjIO8CbJ; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r1-20020a1709028bc100b001b20e2ba8e1si2969661plo.23.2023.06.14.10.18.44; Wed, 14 Jun 2023 10:19:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=gjIO8CbJ; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233840AbjFNQyL (ORCPT + 99 others); Wed, 14 Jun 2023 12:54:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33288 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236187AbjFNQyK (ORCPT ); Wed, 14 Jun 2023 12:54:10 -0400 Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E88232120 for ; Wed, 14 Jun 2023 09:54:08 -0700 (PDT) Received: by mail-lj1-x22d.google.com with SMTP id 38308e7fff4ca-2b1b30445cfso13727921fa.1 for ; Wed, 14 Jun 2023 09:54:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1686761647; x=1689353647; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=89SNXLVjRRh/evD99q3dU0l5uK6Zmh2A8ng5JFQSecQ=; b=gjIO8CbJpdtXqNAXQ4pt3LkyuEan3/zaZHHTwTUKK5jNGmX0RoFcb1unkFb+oidDFC DYDEmXhAaWZa/D2s84iB76FmRK2cvOBeJH322kl5QoRirwFlsCYR6TZGkBuyQuPyQ1No XBLwy9PtAjEzLwvS2VbYK2Uonb5gcHYRTLgKUVMaQjMYqQQekQvG4VVinks7/YYeVYvi EqDcUSvE43D/6iNbhwJRygVvjCpzxCLKLlE9s4phJjscyw42PS/tQPwWuFvVDpkxotlT 5WuO+57D++f7q4pgd4N0/xBgfMJwZ9wSUOGxAlhPMgyAD/VIqnVhBlMRCD7O1cGNz1VT NWPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686761647; x=1689353647; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=89SNXLVjRRh/evD99q3dU0l5uK6Zmh2A8ng5JFQSecQ=; b=H+8ynSUPEMpjFM4DOaVB5ZZkK+KUVrMHLJ3dlDu8UMeCTvBWvHUD4qK8cUZorwqkC3 dhSvkYk8DI2Wp6Gonq0E/a40u3ojg9Xul1ei/bbjPCeU4jIIJ0zu4FGJPhh0+WuAPpMR EKgyUl3rhV8F8rTMlpdOuOIwz4UDAveit5PWyNpJaKQG7KRu210pCr0SsBJIgMZLclIZ Stannkk7ygTmOMUILudrOhQSetk+8Ijpvez1PGOcEAKVKlxObgB9zpUVUIdVMcFmZaog +gvcWVvWQZ4pv8k9hP2CjXUizeGe0uOrUcRP43/4hWXEYuOnm6My3e/xv6aRo5K9lmju h6qg== X-Gm-Message-State: AC+VfDw0Bm56sm21j8x5ygTnCN7s7pO1mpRUqmjiC2Y7zznANrAV5Im1 +p3RSeHh8X0074p/34hb4qXCYMtJe5HKOFPZPLnPyeADqWJNW2iO X-Received: by 2002:a2e:3c10:0:b0:2b1:fda8:e653 with SMTP id j16-20020a2e3c10000000b002b1fda8e653mr6477279lja.27.1686761646851; Wed, 14 Jun 2023 09:54:06 -0700 (PDT) MIME-Version: 1.0 References: <6704ebbea9d1bb64e54b45b1b3d6cd321b28971b.camel@infinera.com> In-Reply-To: From: Luiz Augusto von Dentz Date: Wed, 14 Jun 2023 09:53:54 -0700 Message-ID: Subject: Re: bluez SEGV in current master To: Joakim Tjernlund Cc: "linux-bluetooth@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Hi Joakim, On Wed, Jun 14, 2023 at 9:32=E2=80=AFAM Joakim Tjernlund wrote: > > On Wed, 2023-06-14 at 09:25 -0700, Luiz Augusto von Dentz wrote: > > Hi Joakim, > > > > On Wed, Jun 14, 2023 at 5:36=E2=80=AFAM Joakim Tjernlund > > wrote: > > > > > > commit bap: Add broadcast source support, 3030883, in bluez.git > > > > > > A co-worker see this SEGV when connecting a headset: > > > > > > Jun 13 13:38:15 systemd-coredump[3941]: Process 1897 (bluetoothd) of = user 0 dumped core. > > > Module bluetoothd without bui= ld-id. > > > #0 0x0000556bea93277a a2dp_r= esume_complete (bluetoothd + 0x3e77a) > > > #1 0x0000556bea9210a2 finali= ze_resume (bluetoothd + 0x2d0a2) > > > #2 0x0000556bea92afaf avdtp_= start_resp (bluetoothd + 0x36faf) > > > #6 0x0000556bea9dcc85 mainlo= op_run (bluetoothd + 0xe8c85) > > > #7 0x0000556bea9dd0dc mainlo= op_run_with_signal (bluetoothd + 0xe90dc) > > > #8 0x0000556bea91a4ef main (= bluetoothd + 0x264ef) > > > #11 0x0000556bea91ace1 _start= (bluetoothd + 0x26ce1) > > > Jun 13 13:38:15 systemd[1]: bluetooth.service: Main process exited, c= ode=3Ddumped, status=3D11/SEGV > > > > > > > > > Crash seems to be at: > > > > > > 342 static void a2dp_resume_complete(struct avdtp *session, int e= rr, > > > 343 void = *user_data) > > > 344 { > > > 345 struct media_owner *owner =3D user_data; > > > 346 struct media_request *req =3D owner->pending; > > > 347 struct media_transport *transport =3D owner->transpor= t; > > > 348 struct a2dp_sep *sep =3D media_endpoint_get_sep(trans= port->endpoint); > > > > > > A good start(but does NOT fix the problem) might be: > > > > > > --- bluez-9999/profiles/audio/transport.c.org 2023-06-13 18:38:14.5= 42137531 +0200 > > > +++ bluez-9999/profiles/audio/transport.c 2023-06-13 18:48:32.5= 42527882 +0200 > > > @@ -345,7 +345,7 @@ > > > struct media_owner *owner =3D user_data; > > > struct media_request *req =3D owner->pending; > > > struct media_transport *transport =3D owner->transport; > > > - struct a2dp_sep *sep =3D media_endpoint_get_sep(transport->en= dpoint); > > > + struct a2dp_sep *sep; > > > struct avdtp_stream *stream; > > > int fd; > > > uint16_t imtu, omtu; > > > @@ -355,7 +355,10 @@ > > > > > > if (err) > > > goto fail; > > > + if (!transport) > > > + goto fail; > > > > > > + sep =3D media_endpoint_get_sep(transport->endpoint); > > > stream =3D a2dp_sep_get_stream(sep); > > > if (stream =3D=3D NULL) > > > goto fail; > > > > > > bluez-5.66 Works fine though. > > > > > > Headset: WH-1000XM3 > > > > > > Jocke > > > > Weird, I don't think much has changed for A2DP, but perhaps there is > > some BAP related changes affecting A2DP for some reason, any chance to > > bisect the patch that introduces this problem? Or it is not always > > reproducible? > > It is reproducible but on an remote laptop used for daily work so would d= isturb quite a lot. > Can I turn off BAP somehow to see if it is interfering ? > > Any chance it is related to https://github.com/bluez/bluez/issues/533 ? Right, yeah that is possible since it appears to be some unbalanced reference count issue, that said that was a very old version, not sure if we haven't fixed that. > Jocke --=20 Luiz Augusto von Dentz