From mboxrd@z Thu Jan 1 00:00:00 1970 From: Kevin Smith Date: Fri, 23 Oct 2015 21:18:54 +0000 Subject: [U-Boot] [PATCH] mtd: pxa3xx_nand: Correct allocation and init bug In-Reply-To: <1445634861.701.234.camel@freescale.com> References: <1445622596-18764-1-git-send-email-kevin.smith@elecsyscorp.com> <1445624429.701.184.camel@freescale.com> <562A90FD.9050907@elecsyscorp.com> <1445632454.701.214.camel@freescale.com> <562A9F4D.4050609@elecsyscorp.com> <1445634861.701.234.camel@freescale.com> Message-ID: <562AA440.10907@elecsyscorp.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On 10/23/2015 04:14 PM, Scott Wood wrote: > On Fri, 2015-10-23 at 20:57 +0000, Kevin Smith wrote: >> On 10/23/2015 03:34 PM, Scott Wood wrote: >>> Does Linux have this problem? Assuming no, please fix this by making the >>> driver look more like Linux. At least then it would be the same ugliness. >> There are 2 problems and one improvement: >> 1) Invalid dereference. This is U-Boot-only code not taken from Linux. >> Removed. >> 2) Bad pointer math. This is different from Linux, and I have fixed it >> by making it more like Linux. > It still doesn't look very much like Linux. Linux has: > mtd = (void *)&info[1] + (sizeof(*mtd) + sizeof(*host)) * cs; > chip = (struct nand_chip *)(&mtd[1]); > >> 3) Unnecessary memory allocation. I just noticed this while >> investigating my crashes caused by the other two issues. >> >>> Can you explain how the change in the calculation of "chip" and the >>> allocation size is relevant to the NULL dereference? Couldn't that be >>> fixed >>> by just removing the "info->host[0]->mtd" line? >> It's not, they are two separate bugs that crash when I try to load from >> NAND. Perhaps I should submit a patch series for this? > The allocation size issue causes a crash, not just wasted memory? No, just wasted memory. Only the invalid dereference and the bad "chip" pointer cause crashes.