Red Hat Bugzilla – Bug 356491
bluez/hcid crashes when trying to pair audio headset
Last modified: 2014-06-23 07:11:10 EDT
Description of problem:
trying to pair a Motorola H500 headset to my laptop, I get a crash
in the hcid debug log when trying to play audio.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Go through the cumbersome process of registering the device
2. Try to play to pcm.bluetooth in an audio player
hcid debug info, including library backtrace:
audio: Accepted new client connection on unix socket (fd=8)
audio: Package PKT_TYPE_CFG_REQ:0
audio: State changed /org/bluez/audio/device0: DISCONNECTED -> CONNECTING
hcid: /org/bluez/hci0: org.bluez.Adapter.GetRemoteServiceHandles()
hcid: no matching session found. creating a new one
hcid: sdp session added to cache
hcid: /org/bluez/hci0: org.bluez.Adapter.GetRemoteServiceRecord()
hcid: found matching session, removing from list
hcid: sdp session added to cache
audio: /org/bluez/audio/device0: Connecting to 00:19:1F:19:2D:5D channel 2
hcid: /org/bluez/hci0: org.bluez.Adapter.FinishRemoteServiceTransaction()
hcid: found matching session, removing from list
hcid: pin_code_request (sba=00:03:7A:C6:C5:22, dba=00:19:1F:19:2D:5D)
hcid: Calling PasskeyAgent.Request: name=:1.19, path=/org/bluez/passkey
hcid: New Request API failed, trying old one
hcid: /org/bluez/hci0: org.bluez.Adapter.GetName()
hcid: /org/bluez/hci0: org.bluez.Adapter.GetRemoteName()
audio: connect(): Connection refused (111)
*** glibc detected *** /usr/lib64/bluetooth/bluetoothd-service-audio: corrupted
double-linked list: 0x00002aaaaacee020 ***
======= Backtrace: =========
======= Memory map: ========
2aaaaaaab000-2aaaaaac9000 r-xp 00000000 fd:00 17465355
2aaaaacc8000-2aaaaacca000 rw-p 0001d000 fd:00 17465355
2aaaaacca000-2aaaaace5000 r-xp 00000000 fd:00 10551299
2aaaaace5000-2aaaaade7000 rw-p 2aaaaace5000 00:00 0
2aaaaade7000-2aaaaadee000 r--s 00000000 fd:00 16484013
2aaaaaee4000-2aaaaaee5000 r--p 0001a000 fd:00 10551299
2aaaaaee5000-2aaaaaee6000 rw-p 0001b000 fd:00 10551299
2aaaaaee6000-2aaaaafac000 r-xp 00000000 fd:00 10551310
2aaaaafac000-2aaaab1ab000 ---p 000c6000 fd:00 10551310
2aaaab1ab000-2aaaab1ad000 rw-p 000c5000 fd:00 10551310
2aaaab1ad000-2aaaab1e6000 r-xp 00000000 fd:00 10551330
2aaaab1e6000-2aaaab3e6000 ---p 00039000 fd:00 10551330
2aaaab3e6000-2aaaab3e8000 rw-p 00039000 fd:00 10551330
2aaaab3e8000-2aaaab3fd000 r-xp 00000000 fd:00 16425976
2aaaab3fd000-2aaaab5fd000 ---p 00015000 fd:00 16425976
2aaaab5fd000-2aaaab5ff000 rw-p 00015000 fd:00 16425976
2aaaab5ff000-2aaaab600000 rw-p 2aaaab5ff000 00:00 0
2aaaab600000-2aaaab74d000 r-xp 00000000 fd:00 10551304
2aaaab74d000-2aaaab94d000 ---p 0014d000 fd:00 10551304
2aaaab94d000-2aaaab951000 r--p 0014d000 fd:00 10551304
2aaaab951000-2aaaab952000 rw-p 00151000 fd:00 10551304
2aaaab952000-2aaaab957000 rw-p 2aaaab952000 00:00 0
2aaaab957000-2aaaab95a000 r-xp 00000000 fd:00 10551328
2aaaab95a000-2aaaabb59000 ---p 00003000 fd:00 10551328
2aaaabb59000-2aaaabb5a000 rw-p 00002000 fd:00 10551328
2aaaabb5a000-2aaaabb5c000 rw-p 2aaaabb5a000 00:00 0
2aaaabb5c000-2aaaabb69000 r-xp 00000000 fd:00 10551364
2aaaabb69000-2aaaabd69000 ---p 0000d000 fd:00 10551364
2aaaabd69000-2aaaabd6a000 rw-p 0000d000 fd:00 10551364
2aaaac000000-2aaaac021000 rw-p 2aaaac000000 00:00 0
2aaaac021000-2aaab0000000 ---p 2aaaac021000 00:00 0
7fffd223e000-7fffd2253000 rw-p 7ffffffea000 00:00 0 [stack]
7fffd23fe000-7fffd2400000 r-xp 7fffd23fe000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
hcid: Audio service (audio) was killed by signal 6
hcid: Service owner exited: :1.61
hcid: Removing record with handle 0x10000
hcid: Service classes 0x08
hcid: Removing record with handle 0x10001
hcid: Service classes 0x00
hcid: PasskeyAgent.Request(/org/bluez/hci0, 00:19:1F:19:2D:5D) was canceled
input: Unregistered manager path
hcid: Stopping SDP server
hcid: Releasing agent :1.19, /org/bluez/passkey
hcid: Releasing authorization agent :1.19, /org/bluez/auth
hcid: Unregistering service object: /org/bluez/service_echo
hcid: Unregistering service object: /org/bluez/service_audio
hcid: Unregistering service object: /org/bluez/service_input
hcid: Unregistering service object: /org/bluez/service_serial
hcid: Unregister path: /org/bluez/hci0
hcid: Unregister path: /org/bluez
hcid: Shutting down local server
[root@feather ~]# rpm -q bluez-libs
It's not supposed to work in F8, although it shouldn't crash.
Please test with 3.22:
And if it still fails, please gather a backtrace using the instructions at:
Bluetooth audio integration is planned for F9 (might get into an F8 update though).
Er, bluetooth audio was working fine in F8 a couple of weeks ago when I last
tested it. I thought it was one of the advertised features.
Created attachment 242011 [details]
crash of blues-utils fc9
hcid debug output from crash with latest fc9 binaries of bluez-utils/libs 3.22
Created attachment 242021 [details]
hcidump -XV output of operations to match hcid output
I tried out the fc9 binaries of blues-libs-3.22 and blues-utils-3.22 but
they still crash in a similar way. I have attached the hcid output
which includes the backtrace and the hcidump output to see whats going
on on the wire.
I cannot see how I can get you anymore backtrace than that.
Please read http://fedoraproject.org/wiki/StackTraces and provide a backtrace of
the crash. The builtin backtrace provided by the glibc isn't good enough for us
to be able to fix this bug.
(In reply to comment #2)
> Er, bluetooth audio was working fine in F8 a couple of weeks ago when I last
> tested it. I thought it was one of the advertised features.
Supposed to be working, yes, which is why this isn't closed, but it's not one of
the advertised features, as there's still no UI.
Rather than telling my to read that bogus bug-tracking page, maybe you can
tell me how you suggest I get a stack trace of this thing?
bluetooth-service-audio is called through some suspicious back channel,
so doing gdb -p <pid> on it isn't exactly a walk in the park. It's not hcid
I cannot install the debuginfo package for bluez-utils since it requires
a libgstbluetooth.so that isn't part of the package. Brilliant idea to have
the .debuginfo package require a special library it doesn't provide in it's
I've been through that stack traces page and there is nothing on it
that tells me how to get the stack trace you are asking for!
I added the info to:
Feel free to come back to me if the instructions aren't clear enough.
As for the debuginfo package, just install it with --nodeps. libgstbluetooth.so
is in bluez-utils-gstreamer, but the debuginfo package will still work fine
without that dependency installed.
This message is a reminder that Fedora 8 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 8. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora
'version' of '8'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version prior to Fedora 8's end of life.
Bug Reporter: Thank you for reporting this issue and we are sorry that
we may not be able to fix it before Fedora 8 is end of life. If you
would still like to see this bug fixed and are able to reproduce it
against a later version of Fedora please change the 'version' of this
bug to the applicable version. If you are unable to change the version,
please add a comment here and someone will do it for you.
Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.
The process we are following is described here:
Fedora 8 changed to end-of-life (EOL) status on 2009-01-07. Fedora 8 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version.
Thank you for reporting this bug and we are sorry it could not be fixed.