Re: [PATCH v3 33/37] mtd: nand: allocate aligned buffers if NAND_OWN_BUFFERS is unset

From: Leonard Crestez
Date: Thu Apr 06 2017 - 10:09:46 EST


On Thu, Mar 30, 2017 at 11:15 AM, Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> wrote:
>
> Some NAND controllers are using DMA engine requiring a specific
> buffer alignment.ÂÂThe core provides no guarantee on the nand_buffers
> pointers, which forces some drivers to allocate their own buffers
> and pass the NAND_OWN_BUFFERS flag.
>
> Rework the nand_buffers allocation logic to allocate each buffer
> independently.ÂÂThis should make most NAND controllers/DMA engine
> happy, and allow us to get rid of these custom buf allocation in
> NAND controller drivers.
>
> Signed-off-by: Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx>

> @@ -4914,8 +4930,12 @@ void nand_cleanup(struct nand_chip *chip)
> > ÂÂÂÂÂÂÂÂ/* Free bad block table memory */
> ÂÂÂÂÂÂÂÂkfree(chip->bbt);
> -ÂÂÂÂÂÂÂif (!(chip->options & NAND_OWN_BUFFERS))
> +ÂÂÂÂÂÂÂif (!(chip->options & NAND_OWN_BUFFERS)) {
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂkfree(chip->buffers->databuf);
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂkfree(chip->buffers->ecccode);
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂkfree(chip->buffers->ecccalc);
> ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂkfree(chip->buffers);
> +ÂÂÂÂÂÂÂ}

It seems that chip->buffers might not be allocated at this point, for
example if nand_cleanup is called during a failed probe. You should
check if (chip->buffers != NULL) before freeing stuff inside it.

When attempting to run linux-next on various imx6qdl-sabreauto boards
they now panic on boot. This happens because they have nand chips in
devicetree which are not physically populated on the board. This
normally fails in nand_scan_ident but now crashes later in
nand_cleanup.

--
Regards,
Leonard