[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bluetooth-dev] Major changes in memory managment ?



Using the latest CVS.
My system initialises correctly.

(
By the way, there is a bug in btd.h : the IOCTL value for send_raw_data is 
not the same as the value in the stack.
)

But, when I receive a connection for an SDP session, the following happens 
(commented log) :

hci_receive_data:  (13):
0x04 0x04 0x0a 0x40 0x00 0x13 0xcd 0x50 0x00 0x00 0x00 0x76 0x01
hci_receive_data: hci-13
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (10):
0x40 0x00 0x13 0xcd 0x50 0x00 0x00 0x00 0x76 0x01
HCI: process_event: CONNECTION_REQUEST

----->  Ok, someone tries to connect

HCI: lp_connect_rsp: Status: 1
HCI: accept_connection_request: bd_addr 40 0 13 cd 50 0
HCI: insert_cmd
HCI: send_cmd_queue: start: Num_HCI_Command_Packets=4

send_cmd_queue:  (11):
0x01 0x09 0x04 0x07 0x40 0x00 0x13 0xcd 0x50 0x00 0x01
HCI: send_cmd_queue: end : 0 cmds left in queue

hci_receive_data:  (7):
0x04 0x0f 0x04 0x00 0x03 0x09 0x04
hci_receive_data: hci-7
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (4):
0x00 0x03 0x09 0x04
HCI: process_event: COMMAND_STATUS
HCI: update_nhcp: Num_HCI_Command_Packets=3
HCI: send_cmd_queue: start: Num_HCI_Command_Packets=3
HCI: send_cmd_queue: end : 0 cmds left in queue

hci_receive_data:  (20):
0x04 0x03 0x0b 0x00 0x01 0x00 0x40 0x00 0x13 0xcd 0x50 0x00 0x01 0x00 0x04 
0x1b 0x03 0x01 0x00 0x05
hci_receive_data: hci-20
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (11):
0x00 0x01 0x00 0x40 0x00 0x13 0xcd 0x50 0x00 0x01 0x00
HCI: process_event: CONNECTION_COMPLETE: Success!
lp_connect_cfm (pos), wake up flag not set
BT SYS: process_event: ACL link is up

-----> Ok, now ACL data can flow, we just do a couple of baseband related 
stuff (as I understand)

HCI: change_connection_packet_type: for connnection handle 0x1
HCI: insert_cmd
HCI: remote_name_request:  for bd address 0x00:50:cd:13:00:40
HCI: insert_cmd
HCI: insert_cmd: WRAP
HCI: write_link_policy_settings
HCI: insert_cmd
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (3):
0x01 0x00 0x05
HCI: process_event: MAX_SLOTS_CHANGE to 5
HCI: send_cmd_queue: start: Num_HCI_Command_Packets=3

send_cmd_queue:  (8):
0x01 0x0f 0x04 0x04 0x01 0x00 0x00 0xcc
HCI: get_next_cmd: next_to_send WRAP

send_cmd_queue:  (14):
0x01 0x19 0x04 0x0a 0x40 0x00 0x13 0xcd 0x50 0x00 0x00 0x00 0x00 0x00

send_cmd_queue:  (8):
0x01 0x0d 0x08 0x04 0x01 0x00 0x01 0x00
HCI: send_cmd_queue: end : 0 cmds left in queue

hci_receive_data:  (289):
0x04 0x0f 0x04 0x00 0x03 0x0f 0x04 0x04 0x1d 0x05 0x00 0x01 0x00 0x00 0xcc 
0x04 0x0f 0x04 0x00 0x03 0x19 0x04 0x04 0x0e 0x06 0x03 0x0d 0x08 0x00 0x01 
0x00 0x04 0x07 0xff 0x00 0x40 0x00 0x13 0xcd 0x50 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x 
00
0x00 0x00 x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00
hci_receive_data: hci-289
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (4):
0x00 0x03 0x0f 0x04
HCI: process_event: COMMAND_STATUS
HCI: update_nhcp: Num_HCI_Command_Packets=3
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (5):
0x00 0x01 0x00 0x00 0xcc
HCI: process_event: CHANGE_CONNECTION_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (4):
0x00 0x03 0x19 0x04
HCI: process_event: COMMAND_STATUS
HCI: update_nhcp: Num_HCI_Command_Packets=3
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (6):
0x03 0x0d 0x08 0x00 0x01 0x00
HCI: process_event: COMMAND_COMPLETE
HCI: <CC>
HCI: process_return_param: WRITE_LINK_POLICY_SETTINGS
 HCI: update_nhcp: Num_HCI_Command_Packets=3
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_TYPE
HCI: hci_receive_data: WAIT_FOR_EVENT_LENGTH

process_event (255):
0x00 0x40 0x00 0x13 0xcd 0x50 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
HCI: process_event: REMOTE_NAME_REQUEST_COMPLETE
HCI: send_cmd_queue: start: Num_HCI_Command_Packets=3
HCI: send_cmd_queue: end : 0 cmds left in queue

-------> After that, we receive the first ACL packet (which a L2CAP connect 
request)

hci_receive_data:  (17):
0x02 0x01 0x20 0x0c 0x00 0x08 0x00 0x01 0x00 0x02 0x07 0x04 0x00 0x01 0x00 
0x40 0x00
hci_receive_data: hci-17
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_ACL_HDR
HCI: hci_receive_data: New frame
HCI: get_free_inbuffer: inbuffer 0 was free
HCI: hci_receive_data: WAIT_FOR_ACL_DATA
HCI: hci_receive_data: in_buf->count = 12
HCI: hci_receive_data: Copied 12 bytes into inbuffer
HCI: process_acl_data: in_buf->count:12, in_buf->l2cap_len:0
HCI: hci_send_data: 16 bytes
HCI: hci_clear_buffer
HCI: get_inbuffer: Found inbuffer for hci_hdl 1 c204611c

----> We send an L2CAP Connect Response

HCI: send_acl_data_task: 16 bytes
HCI: send_acl_data_task: 16 bytes
HCI: send_acl_packet: send 16 bytes (excl HCI header) out of 16
HCI: send_acl_packet: There are 5 bytes space for the headers

send_acl_packet:  (21):
0x02 0x01 0x20 0x10 0x00 0x0c 0x00 0x01 0x00 0x03 0x07 0x08 0x00 0x40 0x00 
0x40 0x00 0x00 0x00 0x00 0x00
HCI: send_acl_packet: now c = 16
HCI: send_acl_packet: unsubscribing tx_buf.
HCI: <--0 (7)

----> We receive an L2CAP Config request

hci_receive_data:  (21):
0x02 0x01 0x20 0x10 0x00 0x0c 0x00 0x01 0x00 0x04 0x08 0x08 0x00 0x40 0x00 
0x00 0x00 0x01 0x02 0x00 0x02
hci_receive_data: hci-21
HCI: hci_receive_data: WAIT_FOR_PACKET_TYPE
HCI: hci_receive_data: WAIT_FOR_ACL_HDR
HCI: hci_receive_data: New frame
HCI: get_free_inbuffer: inbuffer 0 was free
HCI: hci_receive_data: WAIT_FOR_ACL_DATA
HCI: hci_receive_data: in_buf->count = 16
HCI: hci_receive_data: Copied 16 bytes into inbuffer
HCI: process_acl_data: in_buf->count:16, in_buf->l2cap_len:0

----> We send an L2CAP Config response, try to setup the mtu to 512

BT SYS: Setting remote mtu (64:64) to 512 bytes
HCI: hci_send_data: 14 bytes

l2cap options:  (0):
HCI: hci_send_data: 12 bytes
HCI: hci_clear_buffer
HCI: get_inbuffer: Found inbuffer for hci_hdl 1 c204611c
Unable to handle kernel paging request at virtual address f8a8c019
pgd = c0024000
*pgd = 00000000, *pmd = 00000000
Internal error: Oops: 0
CPU: 0

And the system craches... probably due to a bug in the buffers managment...

I suppose that this has already been tested right ? Does anyone see anything 
strange in that log ?

David.
-
To unsubscribe from this list: send the line "unsubscribe bluetooth-dev" in
the body of a message to majordomo@xxxxxxx.com