If a (un)intentionally malformed mDNS response packet is received by avahi-daemon, it will die. Such a mDNS response packet contains a domain name with "strange" characters (for example, "fóobar.local" - notice the acute in "ó"). See attached ethereal capture for an example.
How to reproduce: set up a device in the local network that identifies itself as "fóobar.local", then run "avahi-browse -at". An example of devices that allow such names are the Axis IP cameras, that can be configured via HTTP to do so ("wget http://{camera_ip_address}/axis-cgi/admin/param.cgi?action=update&Network.Bonjour.FriendlyName=fóobar").
Symptoms: "avahi-browse -at" dies with the following error message if there are no more devices in the local network:
Client failure, exiting: Daemon connection failed
17956: arguments to dbus_connection_get_is_connected() were incorrect, assertion "connection != NULL" failed in file dbus-connection.c line 1984.
This is normally a bug in some application using the D-BUS library.
Or with this error message if there are more devices:
avahi_service_browser_new() failed: Daemon not running
In either case, the avahi-daemon processes die (the dbus-daemon remains alive), and the following line gets into the syslog:
Mar 21 18:17:45 localhost avahi-daemon[17964]: Disconnnected from D-BUS, terminating...
In the same scenario, Bonjour seems to ignore those "strange" characters in the domain name (i.e. "fóobar.local" becomes "fobar.local"). It's worth noting that blank spaces in the domain name remain intact.
Related discussion on the mailing list: http://lists.freedesktop.org/archives/avahi/2006-March/000586.html