Patchwork [U-Boot,4/7] JFFS2: Improve error checking

login
register
mail settings
Submitter Baidu Boy
Date April 24, 2011, 3:37 a.m.
Message ID <001f01cc0231$0c3896b0$6401a8c0@LENOVOE5CA6843>
Download mbox | patch
Permalink /patch/92633/
State New
Delegated to: Detlev Zundel
Headers show

Comments

Baidu Boy - April 24, 2011, 3:37 a.m.
Check the return value when we do malloc.

Signed-off-by: Baidu Liu <liucai.lfn@gmail.com>
---
 fs/jffs2/jffs2_1pass.c      |   12 ++++++++++--
 fs/jffs2/jffs2_nand_1pass.c |    5 ++++-
 2 files changed, 14 insertions(+), 3 deletions(-)
Detlev Zundel - April 29, 2011, 1:18 p.m.
Hi Baidu,

>  Check the return value when we do malloc.
>
> Signed-off-by: Baidu Liu <liucai.lfn@gmail.com>
> ---
>  fs/jffs2/jffs2_1pass.c      |   12 ++++++++++--
>  fs/jffs2/jffs2_nand_1pass.c |    5 ++++-
>  2 files changed, 14 insertions(+), 3 deletions(-)
>
> diff --git a/fs/jffs2/jffs2_1pass.c b/fs/jffs2/jffs2_1pass.c
> index be6ac78..b3d94af 100644
> --- a/fs/jffs2/jffs2_1pass.c
> +++ b/fs/jffs2/jffs2_1pass.c
> @@ -662,7 +662,8 @@ jffs2_free_cache(struct part_info *part)
>  		pL = (struct b_lists *)part->jffs2_priv;
>  		free_nodes(&pL->frag);
>  		free_nodes(&pL->dir);
> -		free(pL->readbuf);
> +		if(pL->readbuf)
> +			free(pL->readbuf);
>  		free(pL);
>  	}
>  }

This looks ok.

> @@ -1470,9 +1471,16 @@ jffs2_1pass_build_lists(struct part_info * part)
>  	/* lcd_off(); */
>  
>  	/* if we are building a list we need to refresh the cache. */
> -	jffs_init_1pass_list(part);
> +	if(! jffs_init_1pass_list(part))
> +		return 0;
> +	

This is strange.  We now check for an error of jffs2_init_1pass_list,
which currently always returns 0, so let's see where you change that.
Ah, you don't (it's in line 671 in this file).  It's only in
jffs2_nand_1pass that you do a change, but even there we have a problem:

> diff --git a/fs/jffs2/jffs2_nand_1pass.c b/fs/jffs2/jffs2_nand_1pass.c
> index 9bad690..885fa3c 100644
> --- a/fs/jffs2/jffs2_nand_1pass.c
> +++ b/fs/jffs2/jffs2_nand_1pass.c
> @@ -251,6 +251,7 @@ jffs_init_1pass_list(struct part_info *part)
>  		pL->dir.listCompare = compare_dirents;
>  		pL->frag.listCompare = compare_inodes;
>  #endif
> +		return 1;

When malloc fails, we get no error output.

>  	}
>  	return 0;
>  }
> @@ -806,7 +807,9 @@ jffs2_1pass_build_lists(struct part_info * part)
>  	nand = nand_info + id->num;
>  
>  	/* if we are building a list we need to refresh the cache. */
> -	jffs_init_1pass_list(part);
> +	if(! jffs_init_1pass_list(part))
> +		return 0;
> +	

And the caller fails also, so the user in this case will see no error
message and no output.  Not good.

Cheers
  Detlev
Baidu Boy - April 29, 2011, 3:02 p.m.
Hi, Detlev


>> @@ -1470,9 +1471,16 @@ jffs2_1pass_build_lists(struct part_info * part)
>>       /* lcd_off(); */
>>
>>       /* if we are building a list we need to refresh the cache. */
>> -     jffs_init_1pass_list(part);
>> +     if(! jffs_init_1pass_list(part))
>> +             return 0;
>> +
>
> This is strange.  We now check for an error of jffs2_init_1pass_list,
> which currently always returns 0, so let's see where you change that.
> Ah, you don't (it's in line 671 in this file).  It's only in
> jffs2_nand_1pass that you do a change, but even there we have a problem:
Yes, we check the return value of function jffs_init_1pass_list().
Also we add the check in nand flash.
I do not konw what you are talking about.

>> diff --git a/fs/jffs2/jffs2_nand_1pass.c b/fs/jffs2/jffs2_nand_1pass.c
>> index 9bad690..885fa3c 100644
>> --- a/fs/jffs2/jffs2_nand_1pass.c
>> +++ b/fs/jffs2/jffs2_nand_1pass.c
>> @@ -251,6 +251,7 @@ jffs_init_1pass_list(struct part_info *part)
>>               pL->dir.listCompare = compare_dirents;
>>               pL->frag.listCompare = compare_inodes;
>>  #endif
>> +             return 1;
>
> When malloc fails, we get no error output.
You are too strict. Search the malloc in uboot. There are many places which
do not even check the return value.
Detlev Zundel - April 29, 2011, 5:31 p.m.
Hi Baidu,

> Hi, Detlev
>
>
>>> @@ -1470,9 +1471,16 @@ jffs2_1pass_build_lists(struct part_info * part)
>>>       /* lcd_off(); */
>>>
>>>       /* if we are building a list we need to refresh the cache. */
>>> -     jffs_init_1pass_list(part);
>>> +     if(! jffs_init_1pass_list(part))
>>> +             return 0;
>>> +
>>
>> This is strange.  We now check for an error of jffs2_init_1pass_list,
>> which currently always returns 0, so let's see where you change that.
>> Ah, you don't (it's in line 671 in this file).  It's only in
>> jffs2_nand_1pass that you do a change, but even there we have a problem:
> Yes, we check the return value of function jffs_init_1pass_list().
> Also we add the check in nand flash.
> I do not konw what you are talking about.

The function 'jffs_init_1pass_list' is implemented in two files, i.e. in
fs/jffs2/jffs2_1pass.c and in fs/jffs2/jffs2_nand_1pass.c.  Your patch
inserts the actual malloc error checking only in the latter file,
whereas the check for return code is done in both files.  Just look at
your changes - how could your new test in jffs2_1pass ever fail as you
did not change the called function?

This is _plain inconsistent_ - you missed to do the same error checking
for the NOR flash case.

>>> diff --git a/fs/jffs2/jffs2_nand_1pass.c b/fs/jffs2/jffs2_nand_1pass.c
>>> index 9bad690..885fa3c 100644
>>> --- a/fs/jffs2/jffs2_nand_1pass.c
>>> +++ b/fs/jffs2/jffs2_nand_1pass.c
>>> @@ -251,6 +251,7 @@ jffs_init_1pass_list(struct part_info *part)
>>>               pL->dir.listCompare = compare_dirents;
>>>               pL->frag.listCompare = compare_inodes;
>>>  #endif
>>> +             return 1;
>>
>> When malloc fails, we get no error output.
> You are too strict. Search the malloc in uboot. There are many places which
> do not even check the return value.

This is getting more and more ridiculous.  When writing new code, we
always have to conform to our own standards.  Now you insert an error
check but if it fails, you do not inform the user that he ran out of
memory but simply provide empty output?  So there is _no way_ of telling
a failed malloc from an empty directory?  And to argument for this
broken behavious you point to other places that do no error checking?

Sorry, you are loosing my interest of reviewing your code.

Best wishes
  Detlev

Patch

diff --git a/fs/jffs2/jffs2_1pass.c b/fs/jffs2/jffs2_1pass.c
index be6ac78..b3d94af 100644
--- a/fs/jffs2/jffs2_1pass.c
+++ b/fs/jffs2/jffs2_1pass.c
@@ -662,7 +662,8 @@  jffs2_free_cache(struct part_info *part)
 		pL = (struct b_lists *)part->jffs2_priv;
 		free_nodes(&pL->frag);
 		free_nodes(&pL->dir);
-		free(pL->readbuf);
+		if(pL->readbuf)
+			free(pL->readbuf);
 		free(pL);
 	}
 }
@@ -1470,9 +1471,16 @@  jffs2_1pass_build_lists(struct part_info * part)
 	/* lcd_off(); */
 
 	/* if we are building a list we need to refresh the cache. */
-	jffs_init_1pass_list(part);
+	if(! jffs_init_1pass_list(part))
+		return 0;
+	
 	pL = (struct b_lists *)part->jffs2_priv;
 	buf = malloc(buf_size);
+	if (!buf) {
+		printf("jffs2_1pass_build_lists: malloc failed\n");
+		return 0;
+	}
+	
 	puts ("Scanning JFFS2 FS:   ");
 
 	/* start at the beginning of the partition */
diff --git a/fs/jffs2/jffs2_nand_1pass.c b/fs/jffs2/jffs2_nand_1pass.c
index 9bad690..885fa3c 100644
--- a/fs/jffs2/jffs2_nand_1pass.c
+++ b/fs/jffs2/jffs2_nand_1pass.c
@@ -251,6 +251,7 @@  jffs_init_1pass_list(struct part_info *part)
 		pL->dir.listCompare = compare_dirents;
 		pL->frag.listCompare = compare_inodes;
 #endif
+		return 1;
 	}
 	return 0;
 }
@@ -806,7 +807,9 @@  jffs2_1pass_build_lists(struct part_info * part)
 	nand = nand_info + id->num;
 
 	/* if we are building a list we need to refresh the cache. */
-	jffs_init_1pass_list(part);
+	if(! jffs_init_1pass_list(part))
+		return 0;
+	
 	pL = (struct b_lists *)part->jffs2_priv;
 	pL->partOffset = part->offset;
 	puts ("Scanning JFFS2 FS:   ");