Age | Commit message (Collapse) | Author |
|
Report of the static analyzer:
The value of an arithmetic expression 'bit_to_flip->block * mtd.eb_size + blkoffs' is a subject to overflow because its operands are not cast to a larger data type before performing arith$
Corrections explained:
Prevent arithmetic overflow in OOB read operation
Resolved an issue where the calculation of the offset in the OOB read operation could overflow due to operands not being cast to a larger data type. Specifically, the multiplication of bi$
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In nandflipbits, nandtest and ubiscan, uint64_t integers are printed
to stdout using "%llu" as a format specifier, but on platforms like
x86_64, uint64_t is actually typedef'd as `unsigned long` only.
For compatibillity across platforms, simply use the C99 printfs
macros instead.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
If a bit is flipped in block 1 or higher, the OOB is corrupted with the
OOB of block 0. Mtd_read_oob API has to take into account the block number
to be able to calculate the right offset.
Fixes: 9fc8db29cf62 ("mtd-utils: Add nandflipbits tool")
Signed-off-by: Christophe Kerello <christophe.kerello@foss.st.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The nandflipbits tool is intended to be used when one need to flip one or
several specific bits on a NAND media.
It can be useful to manually recover from an unexpected bit flip on a flash
device, though the main purpose of this tool is to provide a way to test
ECC algorithms robustness.
One typical example I used this tool for is testing HW ECC engines behavior
when bitflips occur in an erased page: most HW engines do not correctly
handle this case, because, most of the time, ECC bits generated for an
empty page are not all 1s, and, empty page detection embedded in such
engines is only validating that all bits are set to 1s (which is not true
when a bit-flip has occurred).
Another use of this tool is replacing nandbiterrs test which
absolutely do not work with MLC-like chips because of the rewriting of
the pages in raw mode to toggle ones into zeroes.
Signed-off-by: Boris Brezillon <boris.brezillon@collabora.com>
[miquel: Took Boris' work from 2014, addressed comments from Brian made
in 2015, updated it, tested more extensively and fixed issues]
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|