Date: Wed, 25 Mar 2009 10:46:54 +0100 From: Hans Petter Selasky <hselasky@c2i.net> To: Weongyo Jeong <weongyo@freebsd.org> Cc: Sam Leffler <sam@freebsd.org>, freebsd-usb@freebsd.org, Andrew Thompson <thompsa@freebsd.org> Subject: Re: q: Memory modified after free in usb2 Message-ID: <200903251046.55586.hselasky@c2i.net> In-Reply-To: <20090325091756.GA14916@weongyo.cdnetworks.kr> References: <20090325091756.GA14916@weongyo.cdnetworks.kr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 25 March 2009, Weongyo Jeong wrote: > Hello Hans :), > > I think porting uath(4) to usb almost have done that it works well to > associate with AP and for WPA but I'm suffered from a strange panic after > detach as follows: > > Memory modified after free 0xc4da3600(508) val=24000000 @ 0xc4da3600 > panic: Most recently used by USBdev > > cpuid = 0 > KDB: enter: panic > [thread pid 17 tid 100036 ] > Stopped at kdb_enter+0x3a: movl $0,kdb_why > > The detach step is like as follows: > > usb2_transfer_unsetup(sc->sc_xfer, UATH_N_XFERS); > ... > uath_free_rx_data_list(sc); > uath_free_tx_data_list(sc); > uath_free_cmd_list(sc, sc->sc_cmd, UATH_CMD_LIST_COUNT); > > that I've checked all memory leaks or calls after freeing memory but it > looks it's not a driver problem. > > To solve this problem I modified codes slightly like below: > > usb2_transfer_unsetup(sc->sc_xfer, UATH_N_XFERS); > usb2_pause_mtx(NULL, 5 * hz); > ... > uath_free_rx_data_list(sc); > uath_free_tx_data_list(sc); > uath_free_cmd_list(sc, sc->sc_cmd, UATH_CMD_LIST_COUNT); > > After adding it I couldn't see `Memory modified after free' messages > anymore. My question is that I can't understand why adding > usb2_pause_mtx() helps this symptom? Did you drain all the taskqueues before unsetup ? --HPS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903251046.55586.hselasky>