Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 173223 - hcid crashes on pin_code_request
hcid crashes on pin_code_request
Product: Fedora
Classification: Fedora
Component: bluez-utils (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: David Woodhouse
Depends On:
  Show dependency treegraph
Reported: 2005-11-15 04:45 EST by rolf dubitzky
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-09-10 04:53:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description rolf dubitzky 2005-11-15 04:45:34 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7

Description of problem:

I try to pair my jabraBT200 headset with a USB-BT dongle on FedoraC4.  
(details below) I used the dongle to communicate with the phone and that 
works just fine.  The headset works fine with the phone as well.  I suspect, 
that I have a compatibility problem with the package mix on my FC4 box (see 
below), since when starting hcid -n I get the following backtrace in the very 
second I try to communicate with the headset (e.g. l2ping and headset in 
pairing mode).  This is not a problem of the pin-helper application.  It is not even started at that point.  I solved the problem by downloading and compiling
bluez-2.22 from sourceforge (just make clear that this not a problem with my setup or hardware.).  Also, it is repeatable in my home-PC, laptop and office-PC.

More info here:

Cheers, Rolf

# hcid -n
hcid[28766]: Bluetooth HCI daemon
hcid[28766]: Starting security manager 0

hcid[28766]: pin_code_request (sba=00:09:DD:10:53:4E, dba=00:07:A4:03:97:24)
28766: arguments to dbus_type_is_basic() were incorrect, assertion 
"_dbus_type_is_valid (typecode) || typecode == DBUS_TYPE_INVALID" failed in 
file dbus-signature.c line 259.
This is normally a bug in some application using the D-BUS library.
type unknown isn't supported yet in dbus_message_append_args_valist
*** buffer overflow detected ***: hcid: processing events terminated
======= Backtrace: =========
hcid: processing events[0x891e8b]
hcid: processing events[0x8919c0]
hcid: processing events[0x8918b0]
hcid: processing events(main+0x4c5)[0x88dfef]
hcid: processing events[0x88d071]
======= Memory map: ========
005c2000-0062b000 r-xp 00000000 03:01 4896232    /usr/lib/libdbus-1.so.1.0.0
0062b000-00630000 rwxp 00069000 03:01 4896232    /usr/lib/libdbus-1.so.1.0.0
0077d000-0077e000 r-xp 0077d000 00:00 0          [vdso]
0088b000-00895000 r-xp 00000000 03:01 4256755    /usr/sbin/hcid
00895000-00896000 rwxp 00009000 03:01 4256755    /usr/sbin/hcid
008e5000-008f1000 r-xp 00000000 03:01 
4265003    /usr/lib/libbluetooth.so.1.0.15
008f1000-008f2000 rwxp 0000c000 03:01 
4265003    /usr/lib/libbluetooth.so.1.0.15
009f3000-00a05000 r-xp 00000000 03:01 3755952    /lib/libnsl-2.3.5.so
00a05000-00a06000 r-xp 00011000 03:01 3755952    /lib/libnsl-2.3.5.so
00a06000-00a07000 rwxp 00012000 03:01 3755952    /lib/libnsl-2.3.5.so
00a07000-00a09000 rwxp 00a07000 00:00 0
00aa7000-00ac1000 r-xp 00000000 03:01 3753769    /lib/ld-2.3.5.so
00ac1000-00ac2000 r-xp 00019000 03:01 3753769    /lib/ld-2.3.5.so
00ac2000-00ac3000 rwxp 0001a000 03:01 3753769    /lib/ld-2.3.5.so
00df6000-00dff000 r-xp 00000000 03:01 
3755943    /lib/libgcc_s-4.0.1-20050727.so.1
00dff000-00e00000 rwxp 00009000 03:01 
3755943    /lib/libgcc_s-4.0.1-20050727.so.1
00ea1000-00fc4000 r-xp 00000000 03:01 3753771    /lib/libc-2.3.5.so
00fc4000-00fc6000 r-xp 00123000 03:01 3753771    /lib/libc-2.3.5.so
00fc6000-00fc8000 rwxp 00125000 03:01 3753771    /lib/libc-2.3.5.so
00fc8000-00fca000 rwxp 00fc8000 00:00 0
08650000-08671000 rw-p 08650000 00:00 0          [heap]
b7f91000-b7f93000 rw-p b7f91000 00:00 0
b7fb0000-b7fb1000 rw-p b7fb0000 00:00 0
bf99b000-bf9b1000 rw-p bf99b000 00:00 0          [stack]


FC4 packages installed:



# hciconfig hci0 revision
hci0:   Type: USB
        BD Address: 00:09:DD:10:53:4E ACL MTU: 192:8 SCO MTU: 64:8
        HCI 17.11
        Chip version: BlueCore02
        Max key size: 128 bit
        SCO mapping:  HCI

# hcitool scan
Scanning ...
        00:07:A4:03:97:24       JABRA BT200

# hcidump -X -V  (I can provide more, but I doubt it is informative)
> HCI Event: PIN Code Request (0x16) plen 6
    bdaddr 00:07:A4:03:97:24
==> crash

Version-Release number of selected component (if applicable):
bluez* 2.15-1

How reproducible:

Steps to Reproduce:
1. start hcid
2. l2ping a headset in pairing mode (or otherwise create a pin_code_request)
3. see hcid crash

Additional info:
Comment 1 David Woodhouse 2006-09-10 04:53:04 EDT
dbus is horrid. This should be fixed in current releases, where bluez should
once again be in sync (albeit briefly) with the constantly-changing dbus API.

Note You need to log in before you can comment on or make changes to this bug.