BUG: divide error in ubi_attach_mtd_dev
Zhihao Cheng
chengzhihao1 at huawei.com
Sun Apr 23 02:13:18 PDT 2023
在 2023/4/23 16:02, Richard Weinberger 写道:
> ----- Ursprüngliche Mail -----
>> Von: "chengzhihao1" <chengzhihao1 at huawei.com>
>>>> root at syzkaller:~# cat /proc/mtd
>>>> dev: size erasesize name
>>>> mtd0: 00020000 00001000 “mtdram test device”
>>>
>>> Hmm, mtdram should be fine, erasesize is not zero.
>>>
>>
>> I guess the zero-erasesize mtd device is dynamically generated in
>> runtime, after looking through the code, I find erasesize is
>> initiallized in specific flash driver and it won't be updated later(eg.
>> ioctl\sysctl). And some mtd devices may have zero erasesize, eg.
>> drivers/mtd/devices/mchp23k256.c[1]. Unfortunately, I don't know how to
>> load/simulate this mtd, maybe it requires a real device? If we load this
>> mtd device as ubi, it will trigger the problem?
>
> Indeed. I guess qemu can emulate such chips.
> So better fix UBI to reject attaching of mtd's with erasesize being 0.
> (Please note, we cannot test for MTD_NO_ERASE, this one means there is no
> erase method).
Phram is an exception, it has erase function but is set flag
'MTD_CAP_RAM'. May I interpret 'MTD_NO_ERASE' as erase function is not
necessary?
More information about the linux-mtd
mailing list