[BUG] A bug about ubi
赖圳雄 (Zhenxiong Lai)
Zhenxiong.Lai at unisoc.com
Fri Jan 10 12:18:49 CET 2020
Dear Sir
I found a bug about UBI, the specific problem is as follows:
When ubi is attaching in function ubi_attach(),
int ubi_attach(struct ubi_device *ubi, int force_scan)
{
…
err = ubi_read_volume_table(ubi, ai);
if (err)
goto out_ai;
err = ubi_wl_init(ubi, ai);
if (err)
goto out_vtbl;
err = ubi_eba_init(ubi, ai);
if (err)
goto out_wl;
…
}
it gonna call ubi wl init() and then call ubi eba init(), and on ubi_wl_init(), ensure_wear_leveling() was called immediately.
static int ensure_wear_leveling(struct ubi_device *ubi, int nested)
{
…
if (!(e2->ec - e1->ec >= UBI_WL_THRESHOLD))
goto out_unlock;
dbg_wl("schedule wear-leveling");
…
if (nested)
__schedule_ubi_work(ubi, wrk);
else
schedule_ubi_work(ubi, wrk);
return err;
…
}
If e2->ec - e1->ec >= UBI_WL_THRESHOLD, schedule_ubi_work(ubi, wrk) was call immediately,and gonna call err = wrk->func(ubi, wrk, 0);
wrk->func = &wear_leveling_worker,soon ubi_eba_copy_leb() was called.
int ubi_eba_copy_leb(struct ubi_device *ubi, int from, int to,
struct ubi_vid_hdr *vid_hdr)
{
…
err = leb_write_trylock(ubi, vol_id, lnum);
if (err) {
dbg_wl("contention on LEB %d:%d, cancel", vol_id, lnum);
return MOVE_RETRY;
}
/*
* The LEB might have been put meanwhile, and the task which put it is
* probably waiting on @ubi->move_mutex. No need to continue the work,
* cancel it.
*/
if (vol->eba_tbl[lnum] != from) {
dbg_wl("LEB %d:%d is no longer mapped to PEB %d, mapped to PEB %d, cancel",
vol_id, lnum, from, vol->eba_tbl[lnum]);
err = MOVE_CANCEL_RACE;
goto out_unlock_leb;
}
…
}
At this place vol->eba_tbl[lnum] was access, but vol->eba_tbl actually need to wait until ubi_eba_init(ubi, ai) was called, so at this point, vol->eba_tbl is NULL point
so bug on here.
Thanks
________________________________
This email (including its attachments) is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. Unauthorized use, dissemination, distribution or copying of this email or the information herein or taking any action in reliance on the contents of this email or the information herein, by anyone other than the intended recipient, or an employee or agent responsible for delivering the message to the intended recipient, is strictly prohibited. If you are not the intended recipient, please do not read, copy, use or disclose any part of this e-mail to others. Please notify the sender immediately and permanently delete this e-mail and any attachments if you received it in error. Internet communications cannot be guaranteed to be timely, secure, error-free or virus-free. The sender does not accept liability for any errors or omissions.
本邮件及其附件具有保密性质,受法律保护不得泄露,仅发送给本邮件所指特定收件人。严禁非经授权使用、宣传、发布或复制本邮件或其内容。若非该特定收件人,请勿阅读、复制、 使用或披露本邮件的任何内容。若误收本邮件,请从系统中永久性删除本邮件及所有附件,并以回复邮件的方式即刻告知发件人。无法保证互联网通信及时、安全、无误或防毒。发件人对任何错漏均不承担责任。
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 2488 bytes
Desc: image001.gif
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200110/2e929dd0/attachment.gif>
More information about the U-Boot
mailing list