Luiz, >> This looks like a different issue, at least it doesn't seems to crash >> in the same point, so I assume the patch does fix something but >> uncover another problem. But we have to find out where exactly is this >> other problem because btd_device_unref doesn't seems to be the place, >> can't you get any core dumps from the tests you did? >> > > I agree it looks like it triggered another issue, I will try to get logs > tomorrow. > Here's the call trace, unfortunately I don't have bluetoothd debug messages, just this + 0 0x804e4ea (from 0x7e0dab) watch_func(): /home/manuel/bluez/gdbus/mainloop.c:94 + 1 0x804ea3b (from 0x7140dd) dispatch_status(): /home/manuel/bluez/gdbus/mainloop.c:244 + 2 0x804e49b (from 0x804ea7d) queue_dispatch(): /home/manuel/bluez/gdbus/mainloop.c:87 + 0 0x804e436 (from 0x7aa53c) message_dispatch(): /home/manuel/bluez/gdbus/mainloop.c:73 + 1 0x8050fa1 (from 0x716c8d) message_filter(): /home/manuel/bluez/gdbus/watch.c:408 + 1 0x804f506 (from 0x723f13) generic_message(): /home/manuel/bluez/gdbus/object.c:236 + 2 0x804f483 (from 0x804f549) find_interface(): /home/manuel/bluez/gdbus/object.c:219 + 2 0x80a4d46 (from 0x804f5cb) adapter_start_discovery(): /home/manuel/bluez/src/adapter.c:1215 + 3 0x80a354c (from 0x80a4da5) find_session(): /home/manuel/bluez/src/adapter.c:621 + 3 0x80a4cce (from 0x80a4dfa) adapter_start_inquiry(): /home/manuel/bluez/src/adapter.c:1203 + 4 0x80a2744 (from 0x80a4d0c) pending_remote_name_cancel(): /home/manuel/bluez/src/adapter.c:263 + 5 0x80a208d (from 0x80a27aa) bacpy(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:132 + 5 0x80a8b8e (from 0x80a27c3) adapter_search_found_devices(): /home/manuel/bluez/src/adapter.c:2667 + 4 0x808831a (from 0x80a4d29) hciops_start_discovery(): /home/manuel/bluez/plugins/hciops.c:570 + 3 0x80a2de5 (from 0x80a4e45) create_session(): /home/manuel/bluez/src/adapter.c:425 + 4 0x80514c7 (from 0x80a2ea9) g_dbus_add_disconnect_watch(): /home/manuel/bluez/gdbus/watch.c:572 + 5 0x80513cc (from 0x8051510) g_dbus_add_service_watch(): /home/manuel/bluez/gdbus/watch.c:544 + 6 0x8050753 (from 0x8051430) filter_data_get(): /home/manuel/bluez/gdbus/watch.c:177 + 7 0x80502a8 (from 0x80507a0) filter_data_find(): /home/manuel/bluez/gdbus/watch.c:69 + 7 0x80502a8 (from 0x8050803) filter_data_find(): /home/manuel/bluez/gdbus/watch.c:69 + 7 0x8050572 (from 0x80508a4) add_match(): /home/manuel/bluez/gdbus/watch.c:134 + 8 0x8050402 (from 0x80505cc) format_rule(): /home/manuel/bluez/gdbus/watch.c:111 + 8 0x804e8bd (from 0x729783) add_timeout(): /home/manuel/bluez/gdbus/mainloop.c:207 + 8 0x804ea3b (from 0x7140dd) dispatch_status(): /home/manuel/bluez/gdbus/mainloop.c:244 + 9 0x804e49b (from 0x804ea7d) queue_dispatch(): /home/manuel/bluez/gdbus/mainloop.c:87 + 8 0x804e96c (from 0x7296ff) remove_timeout(): /home/manuel/bluez/gdbus/mainloop.c:227 + 8 0x804e85f (from 0x729469) timeout_handler_free(): /home/manuel/bluez/gdbus/mainloop.c:195 + 6 0x8050af5 (from 0x8051470) filter_data_add_callback(): /home/manuel/bluez/gdbus/watch.c:272 + 4 0x8089ea8 (from 0x80a2ee4) info(): /home/manuel/bluez/src/log.c:36 + 4 0x80a2d65 (from 0x80a2eef) session_ref(): /home/manuel/bluez/src/adapter.c:416 + 5 0x8089f44 (from 0x80a2dc7) btd_debug(): /home/manuel/bluez/src/log.c:58 + 0 0x808c945 (from 0x7e0dab) io_security_event(): /home/manuel/bluez/src/security.c:967 + 1 0x808a32d (from 0x808caa9) hci_test_bit(): /home/manuel/bluez/./lib/bluetooth/hci_lib.h:167 + 1 0x808bc97 (from 0x808cb24) cmd_complete(): /home/manuel/bluez/src/security.c:690 + 2 0x808b951 (from 0x808bd70) start_inquiry(): /home/manuel/bluez/src/security.c:570 + 3 0x80a1a5d (from 0x808b9a0) manager_find_adapter(): /home/manuel/bluez/src/manager.c:343 + 4 0x80a1955 (from 0x7c947e) adapter_cmp(): /home/manuel/bluez/src/manager.c:319 + 5 0x80a89ca (from 0x80a198d) adapter_get_address(): /home/manuel/bluez/src/adapter.c:2625 + 6 0x80a208d (from 0x80a89f8) bacpy(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:132 + 5 0x80a1000 (from 0x80a199f) bacmp(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:128 + 3 0x80a8b15 (from 0x808b9ca) adapter_get_state(): /home/manuel/bluez/src/adapter.c:2657 + 3 0x80a995b (from 0x808b9d8) adapter_has_discov_sessions(): /home/manuel/bluez/src/adapter.c:3021 + 3 0x80a8a0d (from 0x808b9fc) adapter_set_state(): /home/manuel/bluez/src/adapter.c:2630 + 4 0x80b0b44 (from 0x80a8aeb) emit_property_changed(): /home/manuel/bluez/src/dbus-common.c:266 + 5 0x80b086d (from 0x80b0be0) append_variant(): /home/manuel/bluez/src/dbus-common.c:195 + 5 0x805005d (from 0x80b0bf2) g_dbus_send_message(): /home/manuel/bluez/gdbus/object.c:615 + 1 0x808a82f (from 0x808cdb4) check_pending_hci_req(): /home/manuel/bluez/src/security.c:186 + 0 0x808c945 (from 0x7e0dab) io_security_event(): /home/manuel/bluez/src/security.c:967 + 1 0x808a32d (from 0x808caa9) hci_test_bit(): /home/manuel/bluez/./lib/bluetooth/hci_lib.h:167 + 1 0x808bc30 (from 0x808cafa) cmd_status(): /home/manuel/bluez/src/security.c:681 + 1 0x808a82f (from 0x808cdb4) check_pending_hci_req(): /home/manuel/bluez/src/security.c:186 + 0 0x808c945 (from 0x7e0dab) io_security_event(): /home/manuel/bluez/src/security.c:967 + 1 0x808a32d (from 0x808caa9) hci_test_bit(): /home/manuel/bluez/./lib/bluetooth/hci_lib.h:167 + 1 0x808c6e1 (from 0x808cd1b) disconn_complete(): /home/manuel/bluez/src/security.c:916 + 2 0x80b2947 (from 0x808c734) hcid_dbus_disconn_complete(): /home/manuel/bluez/src/dbus-hci.c:779 + 3 0x80a1a5d (from 0x80b29a3) manager_find_adapter(): /home/manuel/bluez/src/manager.c:343 + 4 0x80a1955 (from 0x7c947e) adapter_cmp(): /home/manuel/bluez/src/manager.c:319 + 5 0x80a89ca (from 0x80a198d) adapter_get_address(): /home/manuel/bluez/src/adapter.c:2625 + 6 0x80a208d (from 0x80a89f8) bacpy(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:132 + 5 0x80a1000 (from 0x80a199f) bacmp(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:128 + 3 0x80a45fd (from 0x80b29d2) adapter_find_connection(): /home/manuel/bluez/src/adapter.c:1025 + 4 0x80ac5b0 (from 0x80a4644) device_has_connection(): /home/manuel/bluez/src/device.c:934 + 3 0x80a97f0 (from 0x80b2a2c) adapter_remove_connection(): /home/manuel/bluez/src/adapter.c:2992 + 4 0x80ac472 (from 0x80a9864) device_remove_connection(): /home/manuel/bluez/src/device.c:908 + 5 0x80ac306 (from 0x80ac58f) device_set_connected(): /home/manuel/bluez/src/device.c:875 + 6 0x80b0b44 (from 0x80ac353) emit_property_changed(): /home/manuel/bluez/src/dbus-common.c:266 + 7 0x80b086d (from 0x80b0be0) append_variant(): /home/manuel/bluez/src/dbus-common.c:195 + 7 0x805005d (from 0x80b0bf2) g_dbus_send_message(): /home/manuel/bluez/gdbus/object.c:615 + 4 0x80ae44a (from 0x80a9891) device_get_address(): /home/manuel/bluez/src/device.c:1654 + 5 0x80aa3e0 (from 0x80ae475) bacpy(): /home/manuel/bluez/./lib/bluetooth/bluetooth.h:132 + 4 0x808a77f (from 0x80a98a9) hci_req_queue_remove(): /home/manuel/bluez/src/security.c:169 + 4 0x80afe26 (from 0x80a98b4) device_is_authenticating(): /home/manuel/bluez/src/device.c:2339 + 4 0x80ae585 (from 0x80a98d6) device_is_temporary(): /home/manuel/bluez/src/device.c:1683 + 1 0x808a82f (from 0x808cdb4) check_pending_hci_req(): /home/manuel/bluez/src/security.c:186 + 0 0x8099459 (from 0x7e0dab) connect_watch(): /home/manuel/bluez/src/glib-helper.c:257 + 1 0x80ae001 (from 0x809963a) browse_cb(): /home/manuel/bluez/src/device.c:1540 I think it keeps crashing the same way, when browse_cb gets called user_data points to non valid data. Manuel -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
