[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bluetooth-dev] segmentaion fault: btd in usermode



Hi Peter,


Peter Kjellerstedt wrote:
> 
> Could you do 'bt' and 'p *rfcomm' at the gdb prompt after it crashes?
> 
Here it comes:

HCI: hci_receive_data, WAIT_FOR_ACL_DATA
HCI: hci_receive_data, in_buf->count = 53
HCI: hci_receive_data, Copied 42 bytes into inbuffer
HCI: process_acl_data, in_buf->count:53, in_buf->l2cap_len:0
 
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1026 (LWP 3703)]
0x804ba44 in bt_receive_top (rfcomm=0x30004,
    data=0x806d1d3 "~}#!}!}!} }4}\"}&} } } } }%}&a!?}'}\"}(}\"5>~e",
len=45)
    at btd.c:2247
2247      BT_DATA("   |X|--> %3d [%d]\n", len, rfcomm->line);
(gdb) bt
#0  0x804ba44 in bt_receive_top (rfcomm=0x30004,
    data=0x806d1d3 "~}#!}!}!} }4}\"}&} } } } }%}&a!?}'}\"}(}\"5>~e",
len=45)
    at btd.c:2247
#1  0x8054ff2 in rfcomm_receive_data (l2cap=0x807b470,
    data=0x806d1d0 "\023[~}#!}!}!} }4}\"}&} } } }
}%}&a!?}'}\"}(}\"5>~e",
    len=49) at rfcomm.c:1289
#2  0x805216f in process_frame (con=0x807b470,
    data=0x806d1d0 "\023[~}#!}!}!} }4}\"}&} } } }
}%}&a!?}'}\"}(}\"5>~e",
    len=49) at l2cap.c:1430
#3  0x8051639 in l2cap_receive_data (data=0x806d1cc "1", len=53,
hci_handle=1,
    l2cap_len=0x806d1c8) at l2cap.c:582
#4  0x804eaea in process_acl_data (in_buf=0x806d1b4, pb_flag=2) at
hci.c:1379
#5  0x804d57a in hci_receive_data (
    data=0xbf7fea74 "!}!}!} }4}\"}&} } } } }%}&a!?}'}\"}(}\"5>~e",
count=42)
    at hci.c:512
#6  0x804b7fa in hci_receive_thread () at btd.c:2148
#7  0x40058ca3 in pthread_start_thread () from /lib/libpthread.so.0
#8  0x40058cee in pthread_start_thread_event () from
/lib/libpthread.so.0
(gdb) p *rfcomm
Cannot access memory at address 0x30004
(gdb) 

It seems that the pointer (rfcomm) that is passed to bt_receive_top is
not ok !

Matthias
-
To unsubscribe from this list: send the line "unsubscribe bluetooth-dev" in
the body of a message to majordomo@xxxxxxx.com