buffer =binder_alloc_new_buf_locked(alloc, data_size, offsets_size, extra_buffers_size, is_async, pid);mutex_unlock(&alloc->mutex);returnbuffer; } 直接调用了binder_alloc_new_buf_locked方法: staticstructbinder_buffer*binder_alloc_new_buf_locked(structbinder_alloc *alloc,size_tdata_size,size...
binder_insert_allocated_buffer_locked(alloc, buffer);//插入到已经使用了的buffer红黑树 binder_alloc_debug(BINDER_DEBUG_BUFFER_ALLOC, "%d: binder_alloc_buf size %zd got %pK\n", alloc->pid, size, buffer); buffer->data_size = data_size; buffer->offsets_size = offsets_size; buffer->async...
meta-data (eg, security context) int is_async) // buffer for async transaction { struct binder_buffer *buffer; mutex_lock(&alloc->mutex); buffer = binder_alloc_new_buf_locked(alloc, data_size, offsets_size, extra_buffers_size, is_async); mutex_unlock(&alloc->mutex); return buffer; ...
static void binder_insert_allocated_buffer_locked( struct binder_alloc *alloc, struct binder_buffer *new_buffer) { struct rb_node **p = &alloc->allocated_buffers.rb_node; struct rb_node *parent = NULL; struct binder_buffer *buffer; BUG_ON(new_buffer->free); while (...
debug_low_async_space_locked(alloc,pid); } } returnbuffer; Expand All@@ -508,6 +555,7 @@ static struct binder_buffer *binder_alloc_new_buf_locked( * @offsets_size: user specified buffer offset * @extra_buffers_size: size of extra space for meta-data (eg, security context) ...
binder_worklist_empty_ilocked(&proc->todo)) binder_wakeup_proc_ilocked(proc); } //写回给用户态 if (copy_to_user(ubuf, &bwr, sizeof(bwr))) { ret = -EFAULT; goto out; } return ret; } 1、首先从用户进程拷贝binder_write_read数据结构,我们通常说Binder只发生了“一次拷贝”,难道就是...
alloc->pid, current->pid, (u64)user_ptr); return NULL; } buffer->free_in_progress = 1; if (!buffer->allow_user_free) return ERR_PTR(-EPERM); buffer->allow_user_free = 0; return buffer; } } @@ -463,7 +461,7 @@ static struct binder_buffer *binder_alloc_new_buf_locked(rb...
This post is to discuss binder error log: binder_alloc_buf, no vma. The reference code base is android kernel 3.4. The log is borrowed from https://community.freescale.com/thread/342488. symptom: after process pid=357 crashes, lots of binder: 3057: ...
static struct binder_buffer *binder_alloc_buf(struct binder_proc *proc, size_t data_size, size_t offsets_size, int is_async) { struct rb_node *n = proc->free_buffers.rb_node; struct binder_buffer *buffer; size_t buffer_size; ...
[ 715.706909] binder: 1583: binder_alloc_buf, no vma [ 715.711914] binder: 1219:1233 transaction failed 29201, size 512-4 [ 716.615966] binder: 1583: binder_alloc_buf, no vma [ 716.621032] binder: 1219:1233 transaction failed 29201, size 1488-0...