Hi David, > I've been debugging a problem using pulseaudio on top of an alsa > bluetooth device for a week or so and I've found the cause of the > problem (which manifests as a pulseaudio daemon segfault). > > The bug is an line audio/pcm_bluetooth.c:802: > > > if (pfds[1].revents & (POLLERR | POLLHUP | POLLNVAL)) > io->state = SND_PCM_STATE_DISCONNECTED; > > revents[0] = (pfds[0].revents & ~POLLIN) | POLLOUT; > -->here revents[1] = (pfds[1].revents & ~POLLIN); > > return 0; > > The 'unsigned short *revents' argument is NOT an array of shorts, but in > fact a pointer to a single short. The assignment to revents[1] trashes > memory. > > My guess is that all the flags should be combined into revents[0] (or > *revents, as that would be more semantically correct), but I'm not > really sure what the exact fix should be. > > See this post by Jaroslav Kysela on the method > snd_pcm_poll_descriptors_revents, which ultimately ends up in the above > code: > > http://osdir.com/ml/linux.alsa.devel/2002-07/msg00258.html this is a real problem since it seem audicious seems to break if we not using revents[1]. So I have no clue what's the right fix is here. The problem seems to be more complex. Seems we need an ALSA expert to fix this for us. Regards Marcel -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
