Crash on connecting Bluetooth device
On current master (7ae1ea14) I got a SIGSEGV on pipewire-media-session when connecting a new Bluetooth device:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00000000004171b1 in bluez_device_event (data=0x1374eb0, event=0x7ffd2e1d8a60)
at ../src/examples/media-session/bluez-monitor.c:253
253 pw_node_set_param((struct pw_node*)node->snode->obj.proxy,
[Current thread is 1 (Thread 0x7f74dd2e47c0 (LWP 14618))]
Missing separate debuginfos, use: dnf debuginfo-install alsa-lib-1.2.4-5.fc33.x86_64 dbus-libs-1.12.20-2.fc33.x86_64 fdk-aac-2.0.1-3.fc33.x86_64 glibc-2.32-2.fc33.x86_64 libgcc-10.2.1-9.fc33.x86_64 libgcrypt-1.8.7-1.fc33.x86_64 libgpg-error-1.41-1.fc33.x86_64 libsbc-1.4-6.fc33.x86_64 libzstd-1.4.7-1.fc33.x86_64 lz4-libs-1.9.1-3.fc33.x86_64 sssd-client-2.4.0-4.fc33.x86_64 systemd-libs-246.7-2.fc33.x86_64 xz-libs-5.2.5-4.fc33.x86_64
(gdb) bt
#0 0x00000000004171b1 in bluez_device_event (data=0x1374eb0, event=0x7ffd2e1d8a60)
at ../src/examples/media-session/bluez-monitor.c:253
#1 0x00007f74dc83eb86 in node_set_mute (this=0x1374048, node=0x13743a8, mute=false) at ../spa/plugins/bluez5/bluez5-device.c:611
#2 0x00007f74dc83ed00 in apply_device_props (this=0x1374048, node=0x13743a8, props=0x11a5ff0)
at ../spa/plugins/bluez5/bluez5-device.c:640
#3 0x00007f74dc83f1dc in impl_set_param (object=0x1374048, id=13, flags=0, param=0x11a5fa8)
at ../spa/plugins/bluez5/bluez5-device.c:708
#4 0x00007f74dd2d89ea in device_demarshal_set_param (object=0x1322870, msg=0x119ce90)
at ../src/modules/module-client-device/protocol-native.c:188
#5 0x00007f74dca55e1c in process_remote (impl=0x119bd90) at ../src/modules/module-protocol-native.c:762
#6 0x00007f74dca55fdc in on_remote_data (data=0x119bd90, fd=20, mask=1) at ../src/modules/module-protocol-native.c:795
#7 0x00007f74ddaed6e6 in source_io_func (source=0x11ae000) at ../spa/plugins/support/loop.c:320
#8 0x00007f74ddaed667 in loop_iterate (object=0x1173cc8, timeout=-1) at ../spa/plugins/support/loop.c:308
#9 0x00007f74ddb7689b in pw_main_loop_run (loop=0x1173b80) at ../src/pipewire/main-loop.c:158
#10 0x000000000043295b in main (argc=1, argv=0x7ffd2e1db6b8) at ../src/examples/media-session/media-session.c:2373
(gdb) p node->snode->obj.proxy
$1 = (struct pw_proxy *) 0x0
(gdb) p *node->snode
$1 = {obj = {id = 4294967295, type = 0x488e68 "PipeWire:Interface:Node", link = {next = 0x0, prev = 0x0}, session = 0x7ffd2e1da360,
mask = 12, avail = 12, changed = 0, props = 0x13c7f70, proxy = 0x0, proxy_listener = {link = {next = 0x0, prev = 0x0}, cb = {
funcs = 0x0, data = 0x0}, removed = 0x0, priv = 0x0}, object_listener = {link = {next = 0x0, prev = 0x0}, cb = {funcs = 0x0,
data = 0x0}, removed = 0x0, priv = 0x0}, destroy = 0x42ca0f <node_destroy>, pending = 0, handle = 0x1ba51f0,
handle_listener = {link = {next = 0x1ba5238, prev = 0x1c2d4a0}, cb = {funcs = 0x489380 <proxy_events>, data = 0x1ba5268},
removed = 0x0, priv = 0x0}, hooks = {list = {next = 0x1ba5358, prev = 0x1ba5358}}, methods = {funcs = 0x0, data = 0x0}, data = {
next = 0x1ba5378, prev = 0x1ba5378}}, device = 0x13228e8, link = {next = 0x1322a28, prev = 0x1789f20}, n_params = 0,
param_list = {next = 0x1ba53a8, prev = 0x1ba53a8}, info = 0x0, port_list = {next = 0x1ba53c0, prev = 0x1ba53c0}, target_node = 0x0}
(gdb) p *node
$5 = {impl = 0x11f2ba0, direction = SPA_DIRECTION_INPUT, device = 0x1374eb0, link = {next = 0x1374f60, prev = 0x13837a8}, id = 1,
props = 0x1376290, adapter = 0x13f61b0, snode = 0x1ba5268}
I haven't managed to reproduce this so far, this does not happen always.
I've now seen this occur several times. It seems that sometimes it does not happen at all, but sometimes it happens on every pipewire restart. I think this issue has appeared after a81158f3 as I do not remember seeing it then.
Pipewire (+ valgrind) log on crash: pw.log