Thanks for taking time to look into this. I've tried to reproduce the segfault but I couldn't. It doesn't seem to happens when btmon is running which is quite weird. I still get the "bt_uhid_send: Invalid argument (22)" error. It happens for a few seconds and during this time my bluetooth mouse is unresponsive. Here's a capture file that produce this error: https://guillaumebesson.s3.eu-west-3.amazonaws.com/bt_uhid_send_bug.btsnoop I'll still try to reproduce the segfault while monitoring and send you the dump if it happens again. Thanks, Guillaume Besson On Fri, Mar 6, 2020, at 12:33 AM, Luiz Augusto von Dentz wrote: > Hi Guillaume, > > On Thu, Mar 5, 2020 at 8:45 AM Guillaume Besson <guillaume@xxxxxxxxx> wrote: > > > > Hello, > > On my Lenovo X1 Extreme Gen2, the bluetoothd process segfault frequently on mouse connection. The bluetooth chipset is integrated in the Intel Corporation Wi-Fi 6 AX200 card. I'm using the latest Linux kernel (5.5.4) and bluez-git (bluez-git-1:5.53.r4.g17516034a). > > Here's the stacktrace from the coredump: > > > > #0 queue_remove (queue=0x55e521458c90, data=data@entry=0x55e521454510) at src/shared/queue.c:258 > > #1 0x000055e51fde63fe in enable_ccc_callback (opcode=<optimized out>, pdu=<optimized out>, length=<optimized out>, user_data=0x55e521454510) at src/shared/gatt-client.c:1559 > > #2 0x000055e51fde157c in disc_att_send_op (data=0x55e521454b20) at src/shared/att.c:547 > > #3 0x000055e51fddd802 in queue_remove_all (queue=0x55e52144da10, function=function@entry=0x0, user_data=user_data@entry=0x0, destroy=destroy@entry=0x55e51fde1560 <disc_att_send_op>) at src/shared/queue.c:354 > > #4 0x000055e51fde285a in disconnect_cb (io=<optimized out>, user_data=0x55e521447330) at src/shared/att.c:576 > > #5 0x000055e51fded0d5 in watch_callback (channel=<optimized out>, cond=<optimized out>, user_data=<optimized out>) at src/shared/io-glib.c:170 > > #6 0x00007fbccc71726f in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 > > #7 0x00007fbccc7191b1 in ?? () from /usr/lib/libglib-2.0.so.0 > > #8 0x00007fbccc71a0c3 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 > > #9 0x000055e51fded6d6 in mainloop_run () at src/shared/mainloop-glib.c:79 > > #10 0x000055e51fdedb58 in mainloop_run_with_signal (func=<optimized out>, user_data=0x0) at src/shared/mainloop-notify.c:201 > > #11 0x000055e51fd56909 in main (argc=<optimized out>, argv=<optimized out>) at src/main.c:756 > > It looks like an early disconnect happens, can you collect the hci > trace with btmon when this happens. > > > The syslog also adds these line just before the segfault: > > > > Feb 19 09:12:49 geekuillaume-laptop bluetoothd[1189]: Read Report Reference descriptor failed: Request attribute has encountered an unlikely error > > Feb 19 09:12:49 geekuillaume-laptop bluetoothd[1189]: Read Report Reference descriptor failed: Request attribute has encountered an unlikely error > > Feb 19 09:12:49 geekuillaume-laptop bluetoothd[1189]: Protocol Mode characteristic read failed: Request attribute has encountered an unlikely error > > > > The mouse is a Logitech MX Master 2 which has no problem on Windows with the same laptop. I have a keyboard (Keychron K2) connected by Bluetooth before the crash which still works after the crash. If I restart the bluetoothd process with systemctl, the mouse reconnects and it works fine but can crash again after some random period of time. > > > > There is another issue with the mouse that could be related: sometimes, the mouse stops working and a lot of "bt_uhid_send: Invalid argument (22)" are logged to the syslog. After 10 seconds it goes back to working fine. > > > > What to do to debug this? > > Have btmon collecting the HCI traffic, I suspect the mouse may be > disconnecting after a period of inactivity and then reconnecting again > once active, in any case we need to figure out how to reproce and then > proceed to fix the problem. > > -- > Luiz Augusto von Dentz > ---------- Guillaume Besson +33 6 11 67 39 56 besson.co
