From mboxrd@z Thu Jan 1 00:00:00 1970 From: Scott Wood Date: Fri, 23 Oct 2015 16:14:21 -0500 Subject: [U-Boot] [PATCH] mtd: pxa3xx_nand: Correct allocation and init bug In-Reply-To: <562A9F4D.4050609@elecsyscorp.com> References: <1445622596-18764-1-git-send-email-kevin.smith@elecsyscorp.com> <1445624429.701.184.camel@freescale.com> <562A90FD.9050907@elecsyscorp.com> <1445632454.701.214.camel@freescale.com> <562A9F4D.4050609@elecsyscorp.com> Message-ID: <1445634861.701.234.camel@freescale.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Fri, 2015-10-23 at 20:57 +0000, Kevin Smith wrote: > On 10/23/2015 03:34 PM, Scott Wood wrote: > > Does Linux have this problem? Assuming no, please fix this by making the > > driver look more like Linux. At least then it would be the same ugliness. > There are 2 problems and one improvement: > 1) Invalid dereference. This is U-Boot-only code not taken from Linux. > Removed. > 2) Bad pointer math. This is different from Linux, and I have fixed it > by making it more like Linux. It still doesn't look very much like Linux. Linux has: mtd = (void *)&info[1] + (sizeof(*mtd) + sizeof(*host)) * cs; chip = (struct nand_chip *)(&mtd[1]); > 3) Unnecessary memory allocation. I just noticed this while > investigating my crashes caused by the other two issues. > > > Can you explain how the change in the calculation of "chip" and the > > allocation size is relevant to the NULL dereference? Couldn't that be > > fixed > > by just removing the "info->host[0]->mtd" line? > It's not, they are two separate bugs that crash when I try to load from > NAND. Perhaps I should submit a patch series for this? The allocation size issue causes a crash, not just wasted memory? -Scott