The CFI flash driver starts at flash_init() which calls down into flash_get_size(). This starts by calling flash_detect_cfi(). If said function fails, flash_get_size() finishes by attempting to reset the flash. Unfortunately, it does this with an info->portwidth set to 0x10 which filters down into flash_make_cmd() and that happily smashes the stack by sticking info->portwidth bytes into a cfiword_t variable that lives on the stack. On a 64bit system you probably won't notice, but killing the last 8 bytes on a 32bit system usually leads to a corrupt return address. Which is what happens on a Blackfin system.
Signed-off-by: Mike Frysinger <[EMAIL PROTECTED]> --- drivers/mtd/cfi_flash.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/drivers/mtd/cfi_flash.c b/drivers/mtd/cfi_flash.c index 0d1ee8a..72d063a 100644 --- a/drivers/mtd/cfi_flash.c +++ b/drivers/mtd/cfi_flash.c @@ -1932,9 +1932,10 @@ ulong flash_get_size (ulong base, int banknum) /* XXX - Need to test on x8/x16 in parallel. */ info->portwidth >>= 1; } + + flash_write_cmd (info, 0, 0, info->cmd_reset); } - flash_write_cmd (info, 0, 0, info->cmd_reset); return (info->size); } -- 1.6.0.2 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ U-Boot-Users mailing list U-Boot-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/u-boot-users