[PATCH 2/3 v3] P4080/mtd: Only make elbc nand driver detect nand flash partitions
Zang Roy-R61911
r61911 at freescale.com
Thu Sep 16 20:08:14 EST 2010
> -----Original Message-----
> From: Anton Vorontsov [mailto:cbouatmailru at gmail.com]
> Sent: Thursday, September 16, 2010 17:26 PM
> To: Zang Roy-R61911
> Cc: linux-mtd at lists.infradead.org; dwmw2 at infradead.org; dedekind1 at gmail.com;
> akpm at linux-foundation.org; Lan Chunhe-B25806; Wood Scott-B07421; Gala Kumar-
> B11780; linuxppc-dev at ozlabs.org
> Subject: Re: [PATCH 2/3 v3] P4080/mtd: Only make elbc nand driver detect nand
> flash partitions
>
> On Thu, Sep 16, 2010 at 04:50:05PM +0800, Zang Roy-R61911 wrote:
> > > On Thu, Sep 16, 2010 at 02:41:23PM +0800, Roy Zang wrote:
> > > [...]
> > > > -static int __devinit fsl_elbc_chip_probe(struct fsl_elbc_ctrl *ctrl,
> > > > - struct device_node *node)
> > > > +/*
> > > > + * Currently only one elbc probe is supported.
> > > > + */
> > > > +static int __devinit fsl_elbc_nand_probe(struct platform_device *dev)
> > > > {
> > > > - struct fsl_lbc_regs __iomem *lbc = ctrl->regs;
> > > > + struct fsl_lbc_regs __iomem *lbc;
> > > > struct fsl_elbc_mtd *priv;
> > > > struct resource res;
> > > > + struct fsl_elbc_fcm_ctrl *elbc_fcm_ctrl = NULL;
> > > [...]
> > > > - ctrl->chips[bank] = priv;
> > > > + if (fsl_lbc_ctrl_dev->nand == NULL) {
> > > > + elbc_fcm_ctrl = kzalloc(sizeof(*elbc_fcm_ctrl),
> GFP_KERNEL);
> > > > + if (!elbc_fcm_ctrl) {
> > > [...]
> > > > + goto err;
> > > > + }
> > > > + fsl_lbc_ctrl_dev->nand = elbc_fcm_ctrl;
> > > > + }
> > > > +
> > > > + elbc_fcm_ctrl->chips[bank] = priv;
> > >
> > > Again, this will oops on the second probe.
> > Why?
>
> Because of a NULL dereference ("elbc_fcm_ctrl->").
>
> I understand that you don't have to believe me, but will you believe
> a compiler?
>
> oksana:~$ cat a.c
> #include <stdio.h>
> #include <malloc.h>
>
> char *foo;
>
> void probe(void)
> {
> char *bar = NULL;
>
> if (!foo) {
> bar = malloc(sizeof(*bar));
> if (!bar)
> return;
> foo = bar;
> }
> *bar = 'a';
> }
>
> int main(void)
> {
> probe();
> probe();
> return 0;
> }
> oksana:~$ gcc a.c && ./a.out
> Segmentation fault
Interesting.
How about this?
#include <stdio.h>
#include <malloc.h>
char *foo;
void probe(void)
{
char *bar = NULL;
if (!foo) {
bar = malloc(sizeof(*bar));
if (!bar)
return;
foo = bar;
} else
bar = foo;
*bar = 'a';
}
int main(void)
{
probe();
probe();
return 0;
}
More information about the Linuxppc-dev
mailing list