The bug seems to stem from the fact that bluetooth_killswitch_init in lib/bluetooth-killswitch.c sets up an IO watch, but bluetooth_killswitch_finalize doesn't clean it up. As such, when the event actually does come, event_cb goes and uses a freed object handle and promptly explodes.
Attached is a patch that solves this problem, but I think there's another, more fundamental bug here; if the bluetooth dongle isn't plugged in at startup, it seems to deinitialize killswitch handling permanently. For example, if I start it up with the dongle in, then unplug the dongle: ** Message: adding killswitch idx 22 state 1 ** Message: Reading of RFKILL events failed ** Message: killswitch 22 is 1 ** Message: killswitches state 1 ** Message: killswitch 22 is 1 ** Message: killswitches state 1 ** Message: RFKILL event: idx 22 type 2 op 1 soft 0 hard 0 ** Message: removing killswitch idx 22 ** Message: killswitches state 1 But if I start with it out, then plug it in and remove it: ** Message: Reading of RFKILL events failed ** Message: killswitches state 1 Perhaps the killswitch-unreffing in main.c:990 should be removed as well? I'm not familiar enough with the code to know if this is the right approach, though. ** Attachment added: "fix-killswitch-unref.patch" http://launchpadlibrarian.net/33466769/fix-killswitch-unref.patch ** Tags added: patch -- bluetooth-applet crashed with SIGSEGV in g_type_instance_get_private() https://bugs.launchpad.net/bugs/445422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
