1.问题背景
之前做过一个项目,RK3562+RTL8821CS (经封装为模组,下通称RTL8821CS ) 刷机之后蓝牙只能打开一次,即使断电重启、恢复出厂设置也不行。
2.问题分析
2.1 排查BT-EN 对应GPIO状态
按照以往经验蓝牙无法重复打开多半是由于BT_EN脚无法正常复位导致。于是开始尝试手动复位,但未正常:
rk3562_t:/ # echo 0 > /sys/class/rfkill/rfkill0/state
rk3562_t:/ # echo 0 > /proc/bluetooth/sleep/btwrite
rk3562_t:/ # echo 1 > sys/class/rfkill/rfkill0/state
rk3562_t:/ # echo 1 > /proc/bluetooth/sleep/btwrite
同时观察首次刷机开机后,第一次打开蓝牙,关闭蓝牙,BT_EN GPIO的状态。看起来BT-EN是正常复位的。
2.2 log分析
继续分析logcat。 正常、异常log中存在如下明显差异。
其中异常log中伴随着明显的crash
06-11 06:40:50.839 1214 1214 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
06-11 06:40:50.839 1214 1214 F DEBUG : Build fingerprint: 'rockchip/rk3562_t/rk3562_t:13/TQ3C.230805.001.B2/eng.q.20240611.143815:userdebug/release-keys'
06-11 06:40:50.839 1214 1214 F DEBUG : Revision: '0'
06-11 06:40:50.839 1214 1214 F DEBUG : ABI: 'arm64'
06-11 06:40:50.839 1214 1214 F DEBUG : Timestamp: 2024-06-11 06:40:50.099224254+0000
06-11 06:40:50.839 1214 1214 F DEBUG : Process uptime: 0s
06-11 06:40:50.839 1214 1214 F DEBUG : Cmdline: com.android.bluetooth
06-11 06:40:50.839 1214 1214 F DEBUG : pid: 835, tid: 1006, name: bt_stack_manage >>> com.android.bluetooth <<<
06-11 06:40:50.839 1214 1214 F DEBUG : uid: 1002
06-11 06:40:50.839 1214 1214 F DEBUG : tagged_addr_ctrl: 0000000000000001 (PR_TAGGED_ADDR_ENABLE)
06-11 06:40:50.839 1214 1214 F DEBUG : signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
06-11 06:40:50.839 1214 1214 F DEBUG : Abort message: 'assertion 'init_status == std::future_status::ready' failed - Can't start stack, last instance: starting Btaa Module'
06-11 06:40:50.839 1214 1214 F DEBUG : x0 0000000000000000 x1 00000000000003ee x2 0000000000000006 x3 0000006d50793ab0
06-11 06:40:50.839 1214 1214 F DEBUG : x4 6539396373721f3c x5 6539396373721f3c x6 6539396373721f3c x7 7f7f7f7f7f7f7f7f
06-11 06:40:50.839 1214 1214 F DEBUG : x8 00000000000000f0 x9 000000706bd9ea00 x10 0000000000000001 x11 000000706bde06a0
06-11 06:40:50.839 1214 1214 F DEBUG : x12 0000006d50792980 x13 0000000000000075 x14 0000006d50793d10 x15 0000000000000000
06-11 06:40:50.839 1214 1214 F DEBUG : x16 000000706be4ed58 x17 000000706be29770 x18 0000006d4fa94070 x19 00000000000000ac
06-11 06:40:50.840 1214 1214 F DEBUG : x20 00000000000000b2 x21 0000000000000343 x22 00000000000003ee x23 00000000ffffffff
06-11 06:40:50.840 1214 1214 F DEBUG : x24 0000006d50795000 x25 0000006d57bf9c18 x26 b400006e8b0653c8 x27 0000006dcaa16000
06-11 06:40:50.840 1214 1214 F DEBUG : x28 00000000000fc000 x29 0000006d50793b30
06-11 06:40:50.840 1214 1214 F DEBUG : lr 000000706bdd03f4 sp 0000006d50793a90 pc 000000706bdd0424 pst 0000000000000000
06-11 06:40:50.840 1214 1214 F DEBUG : backtrace:
06-11 06:40:50.840 1214 1214 F DEBUG : #00 pc 0000000000053424 /apex/com.android.runtime/lib64/bionic/libc.so (abort+180) (BuildId: e2429c64ab29f2d0ffc5a8f42c0c1b80)
06-11 06:40:50.840 1214 1214 F DEBUG : #01 pc 000000000062b894 /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+116) (BuildId: 09f4c90e00a00128fb4fe134e47c34c5)
06-11 06:40:50.840 1214 1214 F DEBUG : #02 pc 0000000000017560 /system/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_3::__invoke(char const*)+80) (BuildId: 167481ebf6d9d15c317feb684fe496e7)
06-11 06:40:50.840 1214 1214 F DEBUG : #03 pc 0000000000006f24 /system/lib64/liblog.so (__android_log_assert+308) (BuildId: 0e909ef4f5b24050ff5e86e0408d0749)
06-11 06:40:50.840 1214 1214 F DEBUG : #04 pc 00000000008e2ae0 /apex/com.android.btservices/lib64/libbluetooth_jni.so (bluetooth::StackManager::StartUp(bluetooth::ModuleList*, bluetooth::os::Thread*)+656) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #05 pc 00000000003be670 /apex/com.android.btservices/lib64/libbluetooth_jni.so (bluetooth::shim::Stack::Start(bluetooth::ModuleList*)+192) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #06 pc 00000000003bede8 /apex/com.android.btservices/lib64/libbluetooth_jni.so (bluetooth::shim::Stack::StartEverything()+1752) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #07 pc 00000000003be260 /apex/com.android.btservices/lib64/libbluetooth_jni.so (ShimModuleStartUp()+16) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #08 pc 00000000006655e8 /apex/com.android.btservices/lib64/libbluetooth_jni.so (module_start_up(module_t const*)+200) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #09 pc 000000000054d40c /apex/com.android.btservices/lib64/libbluetooth_jni.so (event_start_up_stack(void*)+332) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #10 pc 0000000000c6ed24 /apex/com.android.btservices/lib64/libbluetooth_jni.so (base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*)+196) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #11 pc 0000000000c6dfa0 /apex/com.android.btservices/lib64/libbluetooth_jni.so (base::MessageLoop::RunTask(base::PendingTask*)+352) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #12 pc 0000000000c6e374 /apex/com.android.btservices/lib64/libbluetooth_jni.so (base::MessageLoop::DoWork()+468) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #13 pc 0000000000c7160c /apex/com.android.btservices/lib64/libbluetooth_jni.so (base::MessagePumpDefault::Run(base::MessagePump::Delegate*)+108) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #14 pc 0000000000c9aec8 /apex/com.android.btservices/lib64/libbluetooth_jni.so (base::RunLoop::Run()+72) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #15 pc 00000000006bd9bc /apex/com.android.btservices/lib64/libbluetooth_jni.so (bluetooth::common::MessageLoopThread::Run(std::__1::promise<void>)+348) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #16 pc 00000000006bd3b0 /apex/com.android.btservices/lib64/libbluetooth_jni.so (bluetooth::common::MessageLoopThread::RunThread(bluetooth::common::MessageLoopThread*, std::__1::promise<void>)+48) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #17 pc 00000000006bdf14 /apex/com.android.btservices/lib64/libbluetooth_jni.so (void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(bluetooth::common::MessageLoopThread*, std::__1::promise<void>), bluetooth::common::MessageLoopThread*, std::__1::promise<void> > >(void*)+84) (BuildId: 63edf3a0f16390f2fcb3fb266984de9f)
06-11 06:40:50.840 1214 1214 F DEBUG : #18 pc 00000000000c2ba0 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+208) (BuildId: e2429c64ab29f2d0ffc5a8f42c0c1b80)
06-11 06:40:50.840 1214 1214 F DEBUG : #19 pc 0000000000054c50 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: e2429c64ab29f2d0ffc5a8f42c0c1b80)
06-11 06:40:50.845 162 162 D vold : Finished restorecon of /data/misc_ce/0
06-11 06:40:50.845 162 162 D vold : /system/bin/vold_prepare_subdirs
06-11 06:40:50.845 162 162 D vold : prepare
06-11 06:40:50.845 162 162 D vold :
06-11 06:40:50.845 162 162 D vold : 0
06-11 06:40:50.845 162 162 D vold : 2
06-11 06:40:50.860 285 1118 E bt_hwcfg_uart: hw_config_cback, status = sync timeout(3),
怀疑可能是蓝牙串口存在问题,造成的crash。于是寻求BSP同事帮助。经排查并未发现异常点。
2.3 排查硬件
由于之前涉及到硬件改版(WCN芯片集成模组,以及EVB 均有改版),但前后两款 WCN芯片集成模组 是Pin To Pin的,固件也通用。尝试回退版本进行软件上的交叉验证。发现问题与硬件关联性较大。
硬件同事排查了GPIO以及Clock的设计差异等,仍未定位到rootcause. 最后建议硬件同事着重测量BT-EN这部分的设计。发现问题所在:
由于RK3562 GPIO只有1.8V输出,而RTL8821CS集成模组 BT_EN需要3.3V才可以正常工作,因此需要一颗电源转换芯片。而经过实际测试发现,问题就出现这颗电源转换芯片上。
各个阶段RTL8821CS集成模组上BT-EN对应GPIO电压如下:
1)初次刷机
RK3562 0V ------->电源转换芯片------→ RTL8821CS集成模组 0V
2)蓝牙打开
RK3562 1.8V ------->电源转换芯片------→ RTL8821CS集成模组 3.3V
3)蓝牙关闭
RK3562 0V ------->电源转换芯片------→ RTL8821CS集成模组 1.0V(左右)
所以BT-EN根本就没有正常复位
我们在adb shell中sys/kernel/debug/gpio上 BT-EN的状态是RK3562上GPIO的状态,未能准确反应RTL8821CS集成模组 的BT-EN对应GPIO的状态。
将老版的EVB上电源转换芯片替换到新EVB上,问题得到解决。
3.问题总结
后续遇到类似于蓝牙无法重复打开的问题,还是要优先确认蓝牙芯片/蓝牙模组 上对应BT-EN的GPIO状态是否已正常复位。
6614
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
