[Crash-utility] unwind_arm.c: read_module_unwind_table free(tbl->idx) twice!

Dave Anderson anderson at redhat.com
Wed May 25 20:42:04 UTC 2011 


----- Original Message -----
> On Wed, May 25, 2011 at 09:34:57PM +0300, Mika Westerberg wrote:
> > On Wed, May 25, 2011 at 10:09:40AM -0400, Dave Anderson wrote:
> > >
> > >
> > > ----- Original Message -----
> > > > Hello Dave,
> > > >
> > > > While I was investigating ARM support for CONFIG_SPARSEMEM, I noticed 
> > > > read_module_unwind_table in unwind_arm.c would call free(tbl->idx) twice
> > > > if(!readmem(idx_start, KVADDR, tbl->idx, idx, size,
> > > >           "module unwind index table", RETURN_ON_ERROR))
> > > >
> > > > I think you can remove free(tbl->idx) which just before "return FALSE".
> > > >
> > > > Takuo
> > >
> > > The ARM code is maintained by the Jan and Mika, but you are correct.
> > > I also note that it would do a free(NULL) in the case of a calloc()
> > > failure just above that.
> >
> > Yeah, my bad. I'll send a patch for that asap.
> 
> Here is the patch. Hope I got it right this time.
> 
> Thanks,
> MW

Queued for the next release.

Also, I plan to queue your other patch initializing machdep->max_physmem_bits
machdep->section_size_bits in arm_init().  It makes just as much sense to
put potentially-guessed values in them as it does to leave them set to 0.

Thanks,
  Dave  
  
 
> diff --git a/unwind_arm.c b/unwind_arm.c
> index 18fdad9..fd6ac65 100644
> --- a/unwind_arm.c
> +++ b/unwind_arm.c
> @@ -185,8 +185,10 @@ init_kernel_unwind_table(void)
> 
> /* now read in the index table */
> if (!readmem(idx_start, KVADDR, kernel_unwind_table->idx, idx_size,
> - "master kernel unwind table", RETURN_ON_ERROR))
> + "master kernel unwind table", RETURN_ON_ERROR)) {
> + free(kernel_unwind_table->idx);
> goto fail;
> + }
> 
> kernel_unwind_table->start = kernel_unwind_table->idx;
> kernel_unwind_table->end = (struct unwind_idx *)
> @@ -210,7 +212,6 @@ init_kernel_unwind_table(void)
> return TRUE;
> 
> fail:
> - free(kernel_unwind_table->idx);
> free(kernel_unwind_table);
> return FALSE;
> }
> @@ -283,7 +284,6 @@ read_module_unwind_table(struct unwind_table *tbl,
> ulong addr)
> 
> fail:
> FREEBUF(buf);
> - free(tbl->idx);
> return FALSE;
> }
> 
> 
> --
> Crash-utility mailing list
> Crash-utility at redhat.com
> https://www.redhat.com/mailman/listinfo/crash-utility

More information about the Crash-utility mailing list