On Tue, Oct 4, 2011 at 6:08 PM, larsi <[email protected]> wrote: > This patch fixes an issue when ubifs reads a bad superblock. Later it > tries to free memory, that was not allocated, which freezes u-boot. > This is fixed by looking for a non null pointer before free. > > Signed-off-by: Lars Poeschel <[email protected]> > Cc: Kyungmin Park <[email protected]> > --- > The message I got before u-boot freezes: > UBI: max/mean erase counter: 53/32 > UBIFS: mounted UBI device 0, volume 1, name "rootfs" > UBIFS: mounted read-only > UBIFS: file system size: 49140 bytes (50319360 KiB, 0 MiB, 49140 LEBs) > UBIFS: journal size: 49 bytes (6838272 KiB, 0 MiB, 6678 LEBs) > UBIFS: media format: w4/r0 (latest is w4/r0) > UBIFS: default compressor: LZO > UBIFS: reserved for root: 0 bytes (0 KiB) > UBIFS error (pid 0): ubifs_read_node: bad node type (255 but expected 9) > UBIFS error (pid 0): ubifs_read_node: bad node at LEB 330:13104 > UBIFS error (pid 0): ubifs_iget: failed to read inode 1, error -22 > Error reading superblock on volume 'ubi:rootfs'! > > fs/ubifs/super.c | 6 ++++-- > 1 files changed, 4 insertions(+), 2 deletions(-) > > diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c > index 63b2164..20fb244 100644 > --- a/fs/ubifs/super.c > +++ b/fs/ubifs/super.c > @@ -848,8 +848,10 @@ void ubifs_umount(struct ubifs_info *c) > ubifs_debugging_exit(c); > > /* Finally free U-Boot's global copy of superblock */ > - free(ubifs_sb->s_fs_info); > - free(ubifs_sb); > + if (ubifs_sb != null) { > + free(ubifs_sb->s_fs_info); > + free(ubifs_sb); > + } Which statement is problem? Basically free() check the null address. so If ubifs_sb->s_fs_info doesn't have value its skipped. and ubifs_sb is similar.
Thank you, Kyungmin Park > } > > /** > -- > 1.7.4.1 > > _______________________________________________ U-Boot mailing list [email protected] http://lists.denx.de/mailman/listinfo/u-boot
