[PATCH 1/4] nanddump: correct rounding to next page (lead to infinite loop)

Richard Genoud richard.genoud at gmail.com
Thu Jun 19 15:59:08 UTC 2014


The rounding to next page formula was wrong:
ex: (len | ~(meminfo->writesize - 1)) + 1;
len=128K
writesize=4K
(len | ~(meminfo->writesize - 1)) + 1 => 4 294 963 201 ?!

correct rounding formula:
((len - 1) | (meminfo->writesize - 1)) + 1 => 128K
len = 130K
((len - 1) | (meminfo->writesize - 1)) + 1 => 132K

modprobe nandsim parts="20,20" badblocks="22,23"

without patch:
nanddump  /dev/mtd1 | wc -c
[...] infinite loop

with the patch:
nanddump /dev/mtd1 | wc -c
327680

Signed-off-by: Richard Genoud <richard.genoud at gmail.com>
---
 miscutils/nandwrite.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/miscutils/nandwrite.c b/miscutils/nandwrite.c
index e3f9b565dae4..8c4da802f6b3 100644
--- a/miscutils/nandwrite.c
+++ b/miscutils/nandwrite.c
@@ -64,8 +64,8 @@ static void dump_bad(struct mtd_info_user *meminfo, unsigned len, int oob)
 	unsigned char buf[meminfo->writesize];
 	unsigned count;
 
-	/* round len to the next page */
-	len = (len | ~(meminfo->writesize - 1)) + 1;
+	/* round len to the next page only if len is not already on a page */
+	len = ((len - 1) | (meminfo->writesize - 1)) + 1;
 
 	memset(buf, 0xff, sizeof(buf));
 	for (count = 0; count < len; count += meminfo->writesize) {
-- 
1.8.5.5



More information about the busybox mailing list