Hi, I've been testing PTS 5.3 MCAP profile against Android 4.4.4 on Nexus 5 using mcaptest (in bluez/tools/) and I've found a kernel bug with closing l2cap ERTM channels. I've tested MACP using android 4.4.4 on Nexus 5, kernel in version 3.4 with 3.17 backports. If MCL connection fails or some other error occurs mcaptest get stucked and don't react to closing (ctrl+C, ctrl+Z, or even kill process). Mcaptest process stuck on Uninterruptible sleep (D) state. I debugged kernel space and it happens while shutting down ERTM l2cap channel of MCAP. Kernel tries to clear l2cap timers (ack, retransmission, monitor) and call l2cap_clear_timer function defined in l2cap header. l2cap_clear_timer function try to cancel_delayed_work which is in every timer defined. It never gets back from cancel_delayed_work (get stuck there) - defined in workqueue.c kernel function. After this stuck channel mutex get locked (l2cap_chan_lock) in l2cap_conn_del before each channel delete l2cap and it's never unlocked (In my case it happens on first timer clear). In meantime l2cap_sock_release->l2cap_sock_shutdown happens and it tries to lock its own channel mutex - but it can't because it's still locked. It works properly on computer with kernel 3.16 with 3.17 backports. I've also checked what different in both versions since kernel 3.4 is quiet old. In result, cancel_delayed_work (workqueue.c - in kernel) function implementation gets knowingly changed in ~3.9 version of kernel. Bug can be easily reproduced: - start mcaptest on device with android: mcaptest -C 4099 -D 4101 -dc <some dummy bdaddr> after receive error message "Could not connect MCL: connect error: Host is down (112)" I've got stucked - only device restart helps. Until we don't get newer kernel for those devices we'll get stucked here. Any suggestion how to fix it on our existing 3.4 kernel. ps. I've commented those clear timers functions (and it works well) for test purposes because they don't have impact for test cases flow (this is l2cap channel shutdown phase in ERTM mode). Best regards, Grzegorz -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
