[9fans] panic - Plan9

This is a discussion on [9fans] panic - Plan9 ; hi, i got the following panic in a kernel I compiled today: panic: D2B called on non-block f0d72af8 (double-free?) panic: D2B called on non-block f0d72af8 (double-free?) dumpstack disabled cpu0: exiting it happen evertime i plug a usb device in. i ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: [9fans] panic

  1. [9fans] panic

    hi,
    i got the following panic in a kernel I compiled today:

    panic: D2B called on non-block f0d72af8 (double-free?)
    panic: D2B called on non-block f0d72af8 (double-free?)
    dumpstack disabled
    cpu0: exiting

    it happen evertime i plug a usb device in. i don't know how
    to debug this. any suggestions?
    with my old kernel(2008-04-30) everthing works fine.

    markus



  2. Re: [9fans] panic

    > hi,
    > i got the following panic in a kernel I compiled today:
    >
    > panic: D2B called on non-block f0d72af8 (double-free?)
    > panic: D2B called on non-block f0d72af8 (double-free?)
    > dumpstack disabled
    > cpu0: exiting
    >
    > it happen evertime i plug a usb device in. i don't know how
    > to debug this. any suggestions?
    > with my old kernel(2008-04-30) everthing works fine.


    it's very difficult to say without access to
    a) the stack dump and
    b) the kernel in question.
    this is because it's hard to find this sort of problem without
    knowing where the problem occurred. the stack dump
    will provide addresses and the kernel image will be
    enough to tie addresses to particular bits of code.

    as an unrelated aside, this reference counting updates uninitialized memory.

    /n/sources/plan9/sys/src/9/pc/usbohci.c:1454,1455
    if(dirin == Dirout && bp)
    _xinc(&bp->ref);

    since the definition for _allocb is so

    if((b = mallocz(sizeof(Block)+size+Hdrspc, 0)) == nil)
    return nil;

    b->next = nil;
    b->list = nil;
    b->free = 0;
    b->flag = 0;
    [...]

    either the unused reference counting needs to be dropped, usbohci
    needs to initialize its own reference count or _allocb needs to initialize
    it to 1. i assume the reason blocks are not zeroed is for performance
    reasons.

    i'm not sure i understand a reference count for a Block, since i thought
    part of deal was that each Block has a unique owner. am i wrong?

    - erik



  3. Re: [9fans] panic

    Sorry about that. We're soaking a version of the kernel that includes
    a reference count in the Block struct. It's so far used by the
    Ethernet drivers, IP stack and USB code, and usbohci.c escaped a
    little too early.

    I've just pushed out a newer allocb.c to sources that initializes the
    refence count at allocation.



+ Reply to Thread