[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [bluetooth-dev] sending data while client



Hi Stefan,

Your observation is correct and we will fix this bug in our next release of the stack. Until then you can fix the problem by moving the lines:

--------------------------------------
if (!tmp_bt_buf) {
	page = get_free_page(GFP_KERNEL);
	if (!page)
		return -1;
     
	if (tmp_bt_buf)
		free_page(page);
	else
		tmp_bt_buf = (u8 *) page;
}
--------------------------------------

from bt_init() to bt_init_stack(), put them just bellow the call of bt_shutdown(). 

I hope that will solve your problem, unfortunately I haven't got time to test this new code that well.

Best Regards

/Mats

 

> -----Original Message-----
> From: Stefan Thomasson [mailto:st@xxxxxxx.com]
> Sent: Thursday, June 22, 2000 11:44 AM
> To: bluetooth-dev@xxxxxxx.com
> Subject: [bluetooth-dev] sending data while client
> 
> 
> Hi,
> 
> After connection
> I am issuing a send 100 2 from client. there will be the 
> following error
> :
> 
> kernel: BLUETOOTH: bt_write_top 100 bytes on line 0 (from_user : 1)
> kernel: Unable to handle kernel NULL pointer dereference at virtual
> address 00000000
> kernel: current->tss.cr3 = 00e0a000, %cr3 = 00e0a000
> kernel: *pde = 00000000
> 
> Which is during
>   if (from_user) {
>     copy_from_user(tmp_bt_buf, buf, count);
>     bytes_sent=rfcomm_send_data((unsigned char*)tmp_bt_buf, 
> count, line,
> 2);
>   }
> 
> in the function bt_write_top.
> tmp_bt_buf seem to only be allocated during insmod (init_module)?
> but it is deallocated in bt_shutdown which is called from 
> bt_init_stack.
> 
> Regards
> Stefan Thomasson
> 
> 
> 
>