This is the mail archive of the
ecos-patches@sourceware.org
mailing list for the eCos project.
Re: Check for illegal address range in io/flash
- From: Andrew Lunn <andrew at lunn dot ch>
- To: ?yvind Harboe <oyvind dot harboe at zylin dot com>
- Cc: ecos-patches at ecos dot sourceware dot org
- Date: Tue, 11 Dec 2007 10:42:52 +0100
- Subject: Re: Check for illegal address range in io/flash
- References: <c09652430712110102x684bcd2apd276cb0ff287caac@mail.gmail.com>
On Tue, Dec 11, 2007 at 10:02:32AM +0100, ?yvind Harboe wrote:
> io/flash has a broken address range check for flash_erase(). There is no address
> range check for flash_program_buf().
>
> This patch adds address range check & returns error if the address is invalid.
>
> Alternatively, address range checks could be left to higher level code and the
> broken flash_erase() addreess range check can be removed.
>
> Or alternatively, I'm about to get egg all over my face and hopefully someone
> will take pity and tell me what's really happening here. :-)
Well, i would expect the lower levels to fail. This could happen in a
number of ways. Your MMU could throw an exception, since you are
accessing addresses that do not exist. Or the flash operation would
fail, generally with a timeout.
It seems to me the lower levels are very likely to give you some
indication you did something stupid. So why bloat the middle level
with an extra check? Maybe an ASSERT makes sense so not to bloat
production images?
Now presumably, you have a platform that did not tell you and you
wrote past the end of the flash? Is your MMU correctly configured?
Does a timeout return an error code?
Andrew