Apparently I've missed a mandatory step to reproduce the crash. You have to stop pipewire before suspend. So the step to reproduce the crash are: - Start bluetoothd; - Start pipewire; - Connect headphones; - Play something (!mandatory!); - Stop pipewire; - Suspend (pm_test="freeze" is enough); - When you resume bluetoothd has crashed. Pipewire often causes hangs preventing suspend, so I have to stop it upfront. The hangs don't seem to be bluetooth related. I suspect amdgpu-audio. I found that's mandatory step because I hit another very similar bug. I also get a crash if the Bluetooth USB dongle is unplugged instead of doing suspend. Apparently stuff is properly freed on pipewire shutdown, but is still referenced somewhere and double-freed on occasions. The bisect of the new crash landed me on 05f8bd489fd1fbf27dfdc4828bb15aeece3a50a3 and I don't think reverting that is viable workaround. Best Regards Ivan Kalvachev
