[PATCH 2/3 v3] P4080/mtd: Only make elbc nand driver detect nand flash partitions

Zang Roy-R61911 r61911 at freescale.com
Thu Sep 16 20:08:14 EST 2010



> -----Original Message-----
> From: Anton Vorontsov [mailto:cbouatmailru at gmail.com]
> Sent: Thursday, September 16, 2010 17:26 PM
> To: Zang Roy-R61911
> Cc: linux-mtd at lists.infradead.org; dwmw2 at infradead.org; dedekind1 at gmail.com;
> akpm at linux-foundation.org; Lan Chunhe-B25806; Wood Scott-B07421; Gala Kumar-
> B11780; linuxppc-dev at ozlabs.org
> Subject: Re: [PATCH 2/3 v3] P4080/mtd: Only make elbc nand driver detect nand
> flash partitions
> 
> On Thu, Sep 16, 2010 at 04:50:05PM +0800, Zang Roy-R61911 wrote:
> > > On Thu, Sep 16, 2010 at 02:41:23PM +0800, Roy Zang wrote:
> > > [...]
> > > > -static int __devinit fsl_elbc_chip_probe(struct fsl_elbc_ctrl *ctrl,
> > > > -                                      struct device_node *node)
> > > > +/*
> > > > + * Currently only one elbc probe is supported.
> > > > + */
> > > > +static int __devinit fsl_elbc_nand_probe(struct platform_device *dev)
> > > >  {
> > > > -     struct fsl_lbc_regs __iomem *lbc = ctrl->regs;
> > > > +     struct fsl_lbc_regs __iomem *lbc;
> > > >       struct fsl_elbc_mtd *priv;
> > > >       struct resource res;
> > > > +     struct fsl_elbc_fcm_ctrl *elbc_fcm_ctrl = NULL;
> > > [...]
> > > > -     ctrl->chips[bank] = priv;
> > > > +     if (fsl_lbc_ctrl_dev->nand == NULL) {
> > > > +             elbc_fcm_ctrl = kzalloc(sizeof(*elbc_fcm_ctrl),
> GFP_KERNEL);
> > > > +             if (!elbc_fcm_ctrl) {
> > > [...]
> > > > +                     goto err;
> > > > +             }
> > > > +             fsl_lbc_ctrl_dev->nand = elbc_fcm_ctrl;
> > > > +     }
> > > > +
> > > > +     elbc_fcm_ctrl->chips[bank] = priv;
> > >
> > > Again, this will oops on the second probe.
> > Why?
> 
> Because of a NULL dereference ("elbc_fcm_ctrl->").
> 
> I understand that you don't have to believe me, but will you believe
> a compiler?
> 
> oksana:~$ cat a.c
> #include <stdio.h>
> #include <malloc.h>
> 
> char *foo;
> 
> void probe(void)
> {
>         char *bar = NULL;
> 
>         if (!foo) {
>                 bar = malloc(sizeof(*bar));
>                 if (!bar)
>                         return;
>                 foo = bar;
>         }
>         *bar = 'a';
> }
> 
> int main(void)
> {
>         probe();
>         probe();
>         return 0;
> }
> oksana:~$ gcc a.c && ./a.out
> Segmentation fault
Interesting.
How about this?
#include <stdio.h>
#include <malloc.h>

char *foo;

void probe(void)
{
        char *bar = NULL;

        if (!foo) {
                bar = malloc(sizeof(*bar));
                if (!bar)
                        return;
                foo = bar;
        } else
		   bar = foo;	  
        *bar = 'a';
}

int main(void)
{
        probe();
        probe();
        return 0;
}



More information about the Linuxppc-dev mailing list