We've been using flashrom quite successfully for months to program an SST49LF160C chip, but today we came across one flash image that flashrom kept failing to verify after writing it.
When we dumped the contents of the flash after the verify, we saw that one byte at offset 0x1e5555 was getting changed from 0x4c to 0x08.
I managed to narrow down the corruption to the chip probe process, when probe_28sf040() is called followed by probe_jedec(). The comments in probe_28sf040() indicate that it's trying to restore the value at offset 0 after writing probe commands to that location. But the chip interprets the write to offset 0 as the beginning of a command, and the reads and writes in the subsequent call to probe_jedec() somehow forms a write-byte command if some magic values are present in the flash (is it a coincidence that the part ID is 0x4c?).
All of this sounds ridiculously unlikely, and without understanding the details of the flash protocols it's hard to know whether I'm misdiagnosing the problem. The attached patch removes the seemingly unnecessary restoring of the value at location 0 in probe_28sf040(), and indeed fixes the problem.
--Ed