On Sat, Jan 05, 2002, Peter Osterlund <[EMAIL PROTECTED]> wrote: > Pete Zaitcev <[EMAIL PROTECTED]> writes: > > > > Here is part of the stack trace from the oops/panic in my first > > > message about this problem: > > > > > > >>EIP; c012ad65 <kfree+35/a0> <===== > > > Trace; c4817ee4 <[usbcore]usb_destroy_configuration+104/210> > > > Trace; c48171e2 <[usbcore]usb_free_dev+22/50> > > > Trace; c48288b5 <[usb-uhci]process_urb+1e5/200> > > > Trace; c4828991 <[usb-uhci]uhci_interrupt+c1/130> > > > > > > As can be seen from the above, usb_destroy_configuration is called > > > from interrupt context [...] > > > > Always remember that on x86 there are no frame pointers, so > > the stack trace is dirty with unrelated stuff. Cross-check > > with a code path. > > I did and that call chain is possible. The only tricky part was to > figure out that the call to usb_dec_dev_use in process_urb was > actually calling usb_free_dev, because of the following define in > usb.h: > > #define usb_dec_dev_use usb_free_dev > > What's the purpose of that define? Just to confuse readers? ;-)
I take blame for it. It was actually to make more sense to readers. The reason I did that was because having a usb_free_dev call in the HCD code wouldn't make logical sense. The HCD isn't freeing the device, it's just decrementing the reference count it incremented with usb_inc_dev_use. Just so turns out, the implementation of usb_dec_dev_use and usb_free_dev need to be identical because of the reference counting, so I just setup a macro. > I also disassembled the kfree code to figure out that the oops was > caused by dividing by zero at line 1434 in mm/slab.c. That happened > because cachep->objsize was zero, which I think must have been caused > by trying to free a bogus memory area. > > Then I disassembled the usb_destroy_configuration code to find out > that kfree crashed when freing as->extra. I believe your analysis atleast :) The backtrace code path is possible and would make sense given your failure scenario. JE _______________________________________________ [EMAIL PROTECTED] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
