From ec4d8c1c1d94a790c1473ae8aace282b817c3123 Mon Sep 17 00:00:00 2001
From: "Nikita V. Youshchenko" <yoush@cs.msu.su>
Date: Fri, 3 Oct 2008 00:03:55 +0400
Subject: [PATCH] fsl_diu: fix alignment error that caused malloc corruption
When aligning malloc()ed screen_base, invalid offset was added.
This not only caused misaligned result (which did not cause hardware
misbehaviour), but - worse - caused screen_base + smem_len to
be out of malloc()ed space, which in turn caused breakage of
futher malloc()/free() operation.
This patch fixes screen_base alignment.
Also this patch makes memset() that cleans framebuffer to be executed
on first initialization of diu, not only on re-initialization. It looks
correct to clean the framebuffer instead of displaying random garbage;
I believe that was disabled only because that memset caused breakage
of malloc/free described above - which no longer happens with the fix
described above.
Signed-off-by: Nikita V. Youshchenko <yoush@debian.org>
---
board/freescale/common/fsl_diu_fb.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/board/freescale/common/fsl_diu_fb.c b/board/freescale/common/fsl_diu_fb.c
index 75f782e9da..4d4b0a1460 100644
--- a/board/freescale/common/fsl_diu_fb.c
+++ b/board/freescale/common/fsl_diu_fb.c
@@ -242,10 +242,10 @@ int fsl_diu_init(int xres,
printf("Unable to allocate fb memory 1\n");
return -1;
}
- } else {
- memset(info->screen_base, 0, info->smem_len);
}
+ memset(info->screen_base, 0, info->smem_len);
+
dr.diu_reg->desc[0] = (unsigned int) &dummy_ad;
dr.diu_reg->desc[1] = (unsigned int) &dummy_ad;
dr.diu_reg->desc[2] = (unsigned int) &dummy_ad;
@@ -403,7 +403,7 @@ static int map_video_memory(struct fb_info *info, unsigned long bytes_align)
mask = bytes_align - 1;
offset = (unsigned long)info->screen_base & mask;
if (offset) {
- info->screen_base += offset;
+ info->screen_base += (bytes_align - offset);
info->smem_len = info->smem_len - (bytes_align - offset);
} else
info->smem_len = info->smem_len - bytes_align;
--
GitLab