[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bluetooth-dev] "management" bug in the stack



Hi all,

In btdm.
If you have an incomming RFCOMM connection on DLCI 2, btdm will launch pppd 
(or memul) on the corresponding line. If the remote terminal closes the 
RFCOMM link before closing PPP and tries to reopen the RFCCOMM link, then the 
bt module crashes the kernel : 

new connection after "hill terminated connection" :

l2cap options:  (0):
    L2CAP process_response: Got response: 0x5 id:4
    L2CAP process_response: Got configuration response
    L2CAP Current state of (67:66) is OPEN
BT SYS: l2cap channel (67,66) [RFCOMM] connected
    L2CAP l2ca_config_cfm: remote cid : 66 result 0
BT SYS: rfcomm_config_cfm: l2cap is now open
BT (driver) bt_connect_ind : RFCOMM dlci : 0
BT (driver) bt_connect_ind : RFCOMM dlci : 2
BT SYS: bt_register_rfcomm : dlci 2 on line 0
BT (driver) bt_connect_cfm, line 0 [RCOMM]
Unable to handle kernel paging request at virtual address fffffffc
pgd = c0024000
...

I think the way "lines" are managed in btdm is neither very clear nor clean.
Anyone working on this ? (or is everyone working on its own security server 
:-) ? )

David.
-
To unsubscribe from this list: send the line "unsubscribe bluetooth-dev" in
the body of a message to majordomo@xxxxxxx.com