On Tue, Aug 19, 2014 at 10:38:08AM -0500, Wolfram Sang wrote: > On Tue, Aug 19, 2014 at 06:16:49PM +0300, Mika Westerberg wrote: > > On Tue, Aug 19, 2014 at 10:03:55AM -0500, Wolfram Sang wrote: > > > On Tue, Aug 12, 2014 at 10:33:38AM +0800, Xiubo Li wrote: > > > > Since we cannot make sure the 'data_len' will always be none zero here, > > > > and then if 'data_len' equals to zero, the kzalloc() will return ZERO_SIZE_PTR, > > > > which equals to ((void *)16). > > > > > > I assume the read request with length == 0 comes from a broken BIOS? > > > > I'm also interested. Does this trigger in a real system? > > Even if not now, we should consider potentially broken BIOSes, or? Which > extends the question to: Do we need even more sanity checks when taking > broken BIOSes into account? Typically ACPICA has done this work for us (e.g it fixes things upfront so that we get sane data). I'm not sure if it does that for I2C Operation Regions, though (that's why I'm asking if it happens in a real system or is this more like a theoretical possibility). Tianyu, any comments? -- To unsubscribe from this list: send the line "unsubscribe linux-i2c" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html