Odd, BRB_L2CA_OPEN_CHANNEL is returning IO_TIMEOUT

There is very little documentation on bluetooth client profile drivers (need to create a custom one to modify the behaviour of a device), but following the two samples, from the DDK, and HIDWiiRemote from git, it is fairly simple.

The devices address and name are returned OK, the SDP record and PSM is parsed OK, so all working up to the point where BRB_L2CA_OPEN_CHANNEL fails with STATUS_IO_TIMEOUT.

I tried it with and without a call back (the call back when active did get the reference/deeference notifications), tried with various MTU sizes. This is the setup of the BRB, as you can see it is pretty much boiler plate stuff, nothing unusual:

pBrb->BtAddress = pDevExt->DevInfoAddress;
pBrb->Psm =  pDevExt->PSM;
pBrb->ChannelFlags = CF_ROLE_EITHER;

pBrb->ConfigOut.Flags = 0;
pBrb->ConfigIn.Flags = 0;

pBrb->ConfigOut.Flags |= CFG_MTU;
pBrb->ConfigOut.Mtu.Max = L2CAP_DEFAULT_MTU;
pBrb->ConfigOut.Mtu.Min =  L2CAP_MIN_MTU;
pBrb->ConfigOut.Mtu.Preferred = L2CAP_DEFAULT_MTU;

pBrb->ConfigIn.Flags = CFG_MTU;
pBrb->ConfigIn.Mtu.Max = L2CAP_DEFAULT_MTU;
pBrb->ConfigIn.Mtu.Min =  L2CAP_MIN_MTU;
pBrb->ConfigIn.Mtu.Preferred = L2CAP_DEFAULT_MTU;

pBrb->ConfigOut.ExtraOptions = 0;
pBrb->ConfigOut.NumExtraOptions = 0;
pBrb->ConfigOut.LinkTO = 0;

pBrb->CallbackFlags = 0;
pBrb->Callback = 0;;
pBrb->CallbackContext = 0;;

pBrb->ReferenceObject =  (PVOID)pDevExt->pFunctionalDeviceObject;
pBrb->IncomingQueueDepth = 10;

Is this a device issue perhaps?

Hard to see where it can go wrong it is so simple.

Hi Matt,

Can you provide traces of you reproducing the issue?

The only trace is what my driver produces, which sees the failure from IoCallDriver, and prints it to windbg, nothing additional to that.

IOCTL_INTERNAL_BTHENUM_GET_DEVINFO, IOCTL_INTERNAL_BTHENUM_GET_ENUMINFO, IOCTL_BTH_SDP_CONNECT, IOCTL_BTH_SDP_SERVICE_ATTRIBUTE_SEARCH, BRB_HCI_GET_LOCAL_BD_ADDR all work and return the expected data.

If I change the parameters too much in the call to BRB_L2CA_OPEN_CHANNEL the stack returns with an ‘invalid argument’ error, for example if I change the address to the local one, instead of the devinfo address, so it look like the parameters being used are correct.

This is why I am a bit puzzled. With the in box profile driver (HID) it is OK (it is a game controller, and joy.cpl sees the device and talks to it properly), so the device itself appears to function correctly.

Is there anything special about HID devices? Do they need different parameters?

The documentation on bluetooth, what there is, is badly entirely lacking. MSDN hasnot got much, but the bluetooth site is more like a marketing portal, their so called ‘developer’ section is pitiful!