Re: [android-kernel] Binder driver code
289 views
Skip to first unread message
Vladimir Murzin
Nov 5, 2012, 12:38:45 AM11/5/12
to android...@googlegroups.com
On Thu, Oct 25, 2012 at 5:14 PM, shunty <vikasb...@gmail.com> wrote:
> Hi
>
> I am trying to fix a android kernel panic, which occurred by BUG call in
> function binder_get_ref_for_node() in binder.c. More specifically
>
> while (*p) {
> parent = *p;
> ref = rb_entry(parent, struct binder_ref, rb_node_desc);
>
> if (new_ref->desc < ref->desc)
> p = &(*p)->rb_left;
> else if (new_ref->desc > ref->desc)
> p = &(*p)->rb_right;
> else
> BUG();
> }
>
> According to my understanding it is not able to find a suitable node to
> insert in the rbtree. Can some one please tell why there is call to BUG(),
> Binder can handle this case and return from here by saying traction fail or
> something.
>
> Does this mean that there is some problem while deleting the reference of
> node?
>
> Any suggestions ?
>
> Regards
> Shunty
>
> --
> unsubscribe: android-kerne...@googlegroups.com
> website: http://groups.google.com/group/android-kernel
Hi
I think BUG() is called because this path should never be taken. It
means that something strange or serious has been happened like memory
corruption and the further operation can lead to dramatic effects.
Best wishes
Vladimir Murzin
> Hi
>
> I am trying to fix a android kernel panic, which occurred by BUG call in
> function binder_get_ref_for_node() in binder.c. More specifically
>
> while (*p) {
> parent = *p;
> ref = rb_entry(parent, struct binder_ref, rb_node_desc);
>
> if (new_ref->desc < ref->desc)
> p = &(*p)->rb_left;
> else if (new_ref->desc > ref->desc)
> p = &(*p)->rb_right;
> else
> BUG();
> }
>
> According to my understanding it is not able to find a suitable node to
> insert in the rbtree. Can some one please tell why there is call to BUG(),
> Binder can handle this case and return from here by saying traction fail or
> something.
>
> Does this mean that there is some problem while deleting the reference of
> node?
>
> Any suggestions ?
>
> Regards
> Shunty
>
> --
> unsubscribe: android-kerne...@googlegroups.com
> website: http://groups.google.com/group/android-kernel
Hi
I think BUG() is called because this path should never be taken. It
means that something strange or serious has been happened like memory
corruption and the further operation can lead to dramatic effects.
Best wishes
Vladimir Murzin
Prabagaran Thangavel
Nov 5, 2012, 7:42:48 AM11/5/12
to android-kernel
From the Snippet , BUG is called when new_ref->desc == ref->desc.
It seems to add a binder reference which already present in the RB tree and causes the panic.
Thanks and Regards,
Prabagaran.
MOHIT KUMAR
Jul 1, 2013, 6:10:30 AM7/1/13
to android...@googlegroups.com
Binder concept is based on unique binder-token id. So no ids can be same. Happening of which is a bug.
Please correct me if i am wrong.
Reply all
Reply to author
Forward
0 new messages