From: Daniel Rosenthal Date: Sun, 5 Oct 2008 21:43:10 +0000 (-0400) Subject: [MTD] [INFTL] Fix infinite loop in INFTL_foldchain X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=63fd7f30f328f99956d3c774d17219c3c8d54131;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git [MTD] [INFTL] Fix infinite loop in INFTL_foldchain When iterating over a chain in reverse (oldest block first), this patch correctly marks the PUtable[] entry of the second to last erase block of a chain as BLOCK_NIL, regardless of whether or not it can format the last block successfully. Before, the second to last block was only marked as pointing to BLOCK_NIL if INFTL_formatblock() succeeded on the last block of the chain, which could potentially result in an infinite loop if the block was worn out and refused to format. Signed-off-by: Daniel Rosenthal Acked-by: Greg Ungerer Signed-off-by: David Woodhouse --- diff --git a/drivers/mtd/inftlcore.c b/drivers/mtd/inftlcore.c index c4f9d3378b24..50ce13887f63 100644 --- a/drivers/mtd/inftlcore.c +++ b/drivers/mtd/inftlcore.c @@ -388,6 +388,10 @@ static u16 INFTL_foldchain(struct INFTLrecord *inftl, unsigned thisVUC, unsigned if (thisEUN == targetEUN) break; + /* Unlink the last block from the chain. */ + inftl->PUtable[prevEUN] = BLOCK_NIL; + + /* Now try to erase it. */ if (INFTL_formatblock(inftl, thisEUN) < 0) { /* * Could not erase : mark block as reserved. @@ -396,7 +400,6 @@ static u16 INFTL_foldchain(struct INFTLrecord *inftl, unsigned thisVUC, unsigned } else { /* Correctly erased : mark it as free */ inftl->PUtable[thisEUN] = BLOCK_FREE; - inftl->PUtable[prevEUN] = BLOCK_NIL; inftl->numfreeEUNs++; } }