"PRO CPU has been reset by WDT" when using ESP32 bluetooth stack (IDFGH-12718)

[Zakary-D]

Answers checklist.

• [X] I have read the documentation ESP-IDF Programming Guide and the issue is not addressed there.
• [X] I have updated my IDF branch (master or release) to the latest version and checked that the issue is present there.
• [X] I have searched the issue tracker for a similar issue and not found a similar issue.

IDF version.

v5.1.3-416-gd23b7a0361

Espressif SoC revision.

ESP32D0WDQ5(revision 3)

Operating System used.

Linux

How did you build your project?

Command line with idf.py

If you are using Windows, please specify command line type.

None

Development Kit.

ESP-WROVER-KIT

Power Supply used.

USB

What is the expected behavior?

send modified AVDTP packet to peer.

What is the actual behavior?

"PRO CPU has been reset by WDT" and the development board has been reset

Steps to reproduce.

1. modify code: esp-idf/components/bt/host/bluedroid/stack/avdt/avdt_ad.c/advt_ad_write_req `UINT8 avdt_ad_write_req(UINT8 type, tAVDT_CCB p_ccb, tAVDT_SCB p_scb, BT_HDR *p_buf) { UINT8 tcid;

   / get tcid from type, scb / tcid = avdt_ad_type_to_tcid(type, p_scb);

   srand(time(NULL)); // p_buf[0].event = (uint16_t)rand();

   // if(type == AVDT_CHAN_MEDIA){ p_buf->event = (uint16_t)rand(); p_buf->len = (uint16_t)rand(); p_buf->offset = (uint16_t)rand(); p_buf->layer_specific = (uint16_t)rand(); for(int i = 0; i < p_buf->len; ++i) p_buf->data[i] = (uint16_t)rand(); // }

   // static int dk_cnt = 0; // if(++dk_cnt % 1000 == 0){ // dk_cnt = 0, printf("\n\n avdt_ad_write_req \n");
   // printf("%" PRIu16 " ", p_buf->event); // printf("%" PRIu16 " ", p_buf->len); // printf("%" PRIu16 " ", p_buf->offset); // printf("%" PRIu16 " \n", p_buf->layer_specific); // for(int i = 0; i < p_buf->len; ++i) printf("%" PRIu16 " ", p_buf->data[i]); // printf("\n\n"); // }

   return L2CA_DataWrite(avdt_cb.ad.rt_tbl[avdt_ccb_to_idx(p_ccb)][tcid].lcid, p_buf); }`

2.change the target of esp-idf/examples/bluetooth/bluedroid/classic_bt/a2dp_source to "HUAWEI FreeBuds 4i" `/ device name /

define TARGET_DEVICE_NAME "HUAWEI FreeBuds 4i"`

3. use idf.py to build a2dp_source
4. flash it to ESP-WROVER-KIT and monitor it
5. "PRO CPU has been reset by WDT" and the development board has been reset, the information of pairing has been deleted, I must set my headphone to broadcast state to reconnect. ...

Debug Logs.

TTTT  HUAWEI FreeBuds 4i
I (9877) BT_AV: Found a target device, address b8:8e:82:9a:be:50, name HUAWEI FreeBuds 4i
I (9887) BT_AV: Cancel device discovery ...
I (9897) BT_AV: Device discovery stopped.
I (9897) BT_AV: a2dp connecting to peer: HUAWEI FreeBuds 4i
W (9907) BT_APPL: reset flags
I (9917) BT_AV: bt_app_av_sm_hdlr state: 4, event: 0x0
W (10367) BT_HCI: hcif conn complete: hdl 0x80, st 0x0
I (10367) BT_AV: event: 16
ets Jul 29 2019 12:21:46

rst:0x7 (TG0WDT_SYS_RESET),boot:0x1e (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:7132
ho 0 tail 12 room 4
load:0x40078000,len:15624
ho 0 tail 12 room 4
load:0x40080400,len:4
0x40080400: _init at ??:?

load:0x40080404,len:3876
entry 0x4008064c
I (65) boot: ESP-IDF v5.1.3-416-gd23b7a0361-dirty 2nd stage bootloader
I (65) boot: compile time Apr 23 2024 07:46:47
I (68) boot: Multicore bootloader
I (72) boot: chip revision: v3.1
I (76) boot.esp32: SPI Speed      : 40MHz
I (81) boot.esp32: SPI Mode       : DIO
I (85) boot.esp32: SPI Flash Size : 2MB
W (90) boot.esp32: PRO CPU has been reset by WDT.
W (95) boot.esp32: WDT reset info: PRO CPU PC=0x4000c056
0x4000c056: xthal_get_ccount in ROM

W (101) boot.esp32: WDT reset info: APP CPU PC=0x400d3952
0x400d3952: panic_handler at /root/esp/esp-idf/components/esp_system/port/panic_handler.c:138 (discriminator 1)

I (107) boot: Enabling RNG early entropy source...
I (113) boot: Partition Table:
I (116) boot: ## Label            Usage          Type ST Offset   Length
I (124) boot:  0 nvs              WiFi data        01 02 00009000 00006000
I (131) boot:  1 phy_init         RF data          01 01 0000f000 00001000
I (139) boot:  2 factory          factory app      00 00 00010000 00100000
I (146) boot: End of partition table
I (151) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=2b044h (176196) map
I (223) esp_image: segment 1: paddr=0003b06c vaddr=3ffbdb60 size=04988h ( 18824) load
I (230) esp_image: segment 2: paddr=0003f9fc vaddr=40080000 size=0061ch (  1564) load
I (231) esp_image: segment 3: paddr=00040020 vaddr=400d0020 size=a26fch (665340) map
I (477) esp_image: segment 4: paddr=000e2724 vaddr=4008061c size=15814h ( 88084) load
I (525) boot: Loaded app from partition at offset 0x10000
I (525) boot: Disabling RNG early entropy source...
I (537) cpu_start: Multicore app
I (537) cpu_start: Pro cpu up.
I (537) cpu_start: Starting app cpu, entry point is 0x400813f4
0x400813f4: call_start_cpu1 at /root/esp/esp-idf/components/esp_system/port/cpu_start.c:159

I (0) cpu_start: App cpu up.
I (557) cpu_start: Pro cpu start user code
I (557) cpu_start: cpu freq: 160000000 Hz
I (558) cpu_start: Application information:
I (562) cpu_start: Project name:     a2dp_source
I (567) cpu_start: App version:      1
I (572) cpu_start: Compile time:     Apr 23 2024 07:46:52
I (578) cpu_start: ELF file SHA256:  c8def851c5f44aa9...
I (584) cpu_start: ESP-IDF:          v5.1.3-416-gd23b7a0361-dirty
I (591) cpu_start: Min chip rev:     v0.0
I (595) cpu_start: Max chip rev:     v3.99 
I (600) cpu_start: Chip rev:         v3.1
I (605) heap_init: Initializing. RAM available for dynamic allocation:
I (612) heap_init: At 3FFAFF10 len 000000F0 (0 KiB): DRAM
I (618) heap_init: At 3FFB6388 len 00001C78 (7 KiB): DRAM
I (624) heap_init: At 3FFB9A20 len 00004108 (16 KiB): DRAM
I (631) heap_init: At 3FFCC6D8 len 00013928 (78 KiB): DRAM
I (637) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (643) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (649) heap_init: At 40095E30 len 0000A1D0 (40 KiB): IRAM
I (657) spi_flash: detected chip: generic
I (660) spi_flash: flash io: dio
W (664) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
I (678) coexist: coex firmware version: d96c1e51f
I (683) app_start: Starting scheduler on CPU0
I (688) app_start: Starting scheduler on CPU1
I (688) main_task: Started on CPU0
I (698) main_task: Calling app_main()
I (718) BTDM_INIT: BT controller compile version [1175e0a]
I (718) BTDM_INIT: Bluetooth MAC: 48:e7:29:a3:b3:ae
I (718) phy_init: phy_version 4791,2c4672b,Dec 20 2023,16:06:06

More Information.

No response

[shangke1112]

Same as the issus https://github.com/espressif/esp-idf/issues/13664.