spa_dbus_connection_get may result in a null pointer exception
If you are filing this issue with a regular release please try master as it might already be fixed.
Version, Distribution, Desktop Environment: 0.3.28, Gentoo, XFCE4
Description of Problem: pipewire-pulse crashes when started from systemd
How Reproducible:
Steps to Reproduce:
- systemctl --user restart pipewire-pulse.service
Actual Results:
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/master/src/modules/module-protocol-pulse/dbus-name.c#L49 may return NULL. This eventually causes dbus_connection_send_with_reply_and_block to SEGV.
Core was generated by `/usr/bin/pipewire-pulse'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f31c501ecf4 in dbus_connection_send_with_reply_and_block (connection=0x0, message=0x558228554630, timeout_milliseconds=-1, error=0x7ffde34281e0)
at /var/tmp/portage/sys-apps/dbus-1.12.20-r1/work/dbus-1.12.20/dbus/dbus-connection.c:3551
3551 CONNECTION_LOCK (connection);
[Current thread is 1 (Thread 0x7f31c58feb80 (LWP 516396))]
(gdb) bt
#0 0x00007f31c501ecf4 in dbus_connection_send_with_reply_and_block (connection=0x0, message=0x558228554630, timeout_milliseconds=-1, error=0x7ffde34281e0)
at /var/tmp/portage/sys-apps/dbus-1.12.20-r1/work/dbus-1.12.20/dbus/dbus-connection.c:3551
#1 0x00007f31c501b672 in dbus_bus_request_name (connection=0x0, name=0x7f31c46d8f4b "org.pulseaudio.Server", flags=4, error=0x7ffde34281e0) at /var/tmp/portage/sys-apps/dbus-1.12.20-r1/work/dbus-1.12.20/dbus/dbus-bus.c:1146
#2 0x00007f31c46aca6a in dbus_request_name (context=0x558228542020, name=0x7f31c46d8f4b "org.pulseaudio.Server") at ../pipewire-0.3.28/src/modules/module-protocol-pulse/dbus-name.c:53
#3 0x00007f31c46c61ee in pw_protocol_pulse_new (context=0x558228542020, props=0x55822855b390, user_data_size=0) at ../pipewire-0.3.28/src/modules/module-protocol-pulse/pulse-server.c:6304
#4 0x00007f31c469dc12 in pipewire__module_init (module=0x55822855ac50,
args=0x558228550982 "{\n\t # the addresses this server listens on\n", ' ' <repeats 12 times>, "server.address = [\n", ' ' <repeats 16 times>, "\"unix:native\"\n", ' ' <repeats 16 times>, "# \"tcp:4713\"\n", ' ' <repeats 12 times>, "]\n\t #pulse.min.req = 256/48000", ' ' <repeats 14 times>, "# 5ms"...) at ../pipewire-0.3.28/src/modules/module-protocol-pulse.c:99
#5 0x00007f31c5b67ac6 in pw_context_load_module (context=0x558228542020, name=0x558228550951 "libpipewire-module-protocol-pulse",
args=0x558228550982 "{\n\t # the addresses this server listens on\n", ' ' <repeats 12 times>, "server.address = [\n", ' ' <repeats 16 times>, "\"unix:native\"\n", ' ' <repeats 16 times>, "# \"tcp:4713\"\n", ' ' <repeats 12 times>, "]\n\t #pulse.min.req = 256/48000", ' ' <repeats 14 times>, "# 5ms"..., properties=0x0) at ../pipewire-0.3.28/src/pipewire/impl-module.c:250
#6 0x00007f31c5b3db5f in load_module (context=0x558228542020, key=0x558228550951 "libpipewire-module-protocol-pulse",
args=0x558228550982 "{\n\t # the addresses this server listens on\n", ' ' <repeats 12 times>, "server.address = [\n", ' ' <repeats 16 times>, "\"unix:native\"\n", ' ' <repeats 16 times>, "# \"tcp:4713\"\n", ' ' <repeats 12 times>, "]\n\t #pulse.min.req = 256/48000", ' ' <repeats 14 times>, "# 5ms"..., flags=0x0) at ../pipewire-0.3.28/src/pipewire/conf.c:314
#7 0x00007f31c5b3dff6 in parse_modules (context=0x558228542020, str=0x558228550790 "[\n { name = libpipewire-module-rtkit") at ../pipewire-0.3.28/src/pipewire/conf.c:377
#8 0x00007f31c5b3eaa8 in pw_context_parse_conf_section (context=0x558228542020, conf=0x558228542340, section=0x7f31c5ba598d "context.modules") at ../pipewire-0.3.28/src/pipewire/conf.c:562
#9 0x00007f31c5b40cea in pw_context_new (main_loop=0x558228539c10, properties=0x558228539a50, user_data_size=0) at ../pipewire-0.3.28/src/pipewire/context.c:368
#10 0x00005582269e6698 in main (argc=1, argv=0x7ffde3429bc8) at ../pipewire-0.3.28/src/daemon/pipewire.c:111
(gdb) list
3546 _dbus_return_val_if_fail (timeout_milliseconds >= 0 || timeout_milliseconds == -1, NULL);
3547 _dbus_return_val_if_error_is_set (error, NULL);
3548
3549 #ifdef HAVE_UNIX_FD_PASSING
3550
3551 CONNECTION_LOCK (connection);
3552 if (!_dbus_transport_can_pass_unix_fd(connection->transport) &&
3553 message->n_unix_fds > 0)
3554 {
3555 CONNECTION_UNLOCK (connection);
(gdb) up
#1 0x00007f31c501b672 in dbus_bus_request_name (connection=0x0, name=0x7f31c46d8f4b "org.pulseaudio.Server", flags=4, error=0x7ffde34281e0) at /var/tmp/portage/sys-apps/dbus-1.12.20-r1/work/dbus-1.12.20/dbus/dbus-bus.c:1146
1146 reply = dbus_connection_send_with_reply_and_block (connection, message, -1,
(gdb) up
#2 0x00007f31c46aca6a in dbus_request_name (context=0x558228542020, name=0x7f31c46d8f4b "org.pulseaudio.Server") at ../pipewire-0.3.28/src/modules/module-protocol-pulse/dbus-name.c:53
53 if (dbus_bus_request_name(bus, name,
(gdb) list
48
49 bus = spa_dbus_connection_get(conn);
50
51 dbus_error_init(&error);
52
53 if (dbus_bus_request_name(bus, name,
54 DBUS_NAME_FLAG_DO_NOT_QUEUE,
55 &error) == DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER)
56 return conn;
57
(gdb) p conn
$1 = (struct spa_dbus_connection *) 0x55822855bb60
(gdb) p *conn
$2 = {version = 1, get = 0x7f31c549977c <impl_connection_get>, destroy = 0x7f31c5499be0 <impl_connection_destroy>, add_listener = 0x7f31c5499de1 <impl_connection_add_listener>}
(gdb) p *bus
Cannot access memory at address 0x0
Expected Results: At this moment I don't understand how pipewire-pulse is started by systemd, because it works if pipewire-pulse is started manually.