[U-Boot] [PATCH] fix get_ram_size memory corruption

Gerd Hoffmann kraxel at redhat.com
Tue Oct 21 12:31:07 CEST 2014


base[0] is saved, but never restored.

Test case:  Start u-boot in qemu, using vexpress-a9 emulation.
qemu places the fdt at the start of ram, as a service for the
guest.  Trying to pick it up there by setting fdt_addr
accordingly fails because the fdt magic cookie is gone (zeroed
out) after calling get_ram_size.

Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
---
 common/memsize.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/common/memsize.c b/common/memsize.c
index 589400d..ad79ff1 100644
--- a/common/memsize.c
+++ b/common/memsize.c
@@ -48,7 +48,9 @@ long get_ram_size(long *base, long maxsize)
 	*addr = 0;
 
 	sync ();
-	if ((val = *addr) != 0) {
+	val = *addr;
+	*addr = save[i];
+	if (val != 0) {
 		/* Restore the original data before leaving the function.
 		 */
 		sync ();
-- 
1.8.3.1



More information about the U-Boot mailing list