On Thu, Apr 09, 2020 at 03:36:22PM +0300, Andy Shevchenko wrote: > On Thu, Apr 09, 2020 at 02:02:42PM +0200, Oliver Graute wrote: > > On 09/04/20, Marco Felsch wrote: > > > Hi Oliver, > > > > > > thanks for your patch. > > > > > > On 20-04-09 11:27, Oliver Graute wrote: > > > > From: Oliver Graute <oliver.graute@xxxxxxxxxxxxxxxxx> > > > > > > ... > > > > > > > drivers/input/touchscreen/edt-ft5x06.c | 4 ---- > > > > 1 file changed, 4 deletions(-) > > > > > > > > diff --git a/drivers/input/touchscreen/edt-ft5x06.c b/drivers/input/touchscreen/edt-ft5x06.c > > > > index 06aa8ba0b6d7..6fbc87d041a1 100644 > > > > --- a/drivers/input/touchscreen/edt-ft5x06.c > > > > +++ b/drivers/input/touchscreen/edt-ft5x06.c > > > > @@ -819,10 +819,6 @@ static int edt_ft5x06_ts_identify(struct i2c_client *client, > > > > * to have garbage in there > > > > */ > > > > memset(rdbuf, 0, sizeof(rdbuf)); > > > > - error = edt_ft5x06_ts_readwrite(client, 1, "\xBB", > > > > - EDT_NAME_LEN - 1, rdbuf); > > > > - if (error) > > > > - return error; > > > > > > > > > I don't see how this call can corrupt the stack.. > > > > I admit that this is strange. The patch fixed my problems so I posted > > it. Still interested in the root-cause. > > I'm wondering how you nailed down to this function? Have you able to use kASAN? > > By the way, what I²C controller behind this? Maybe the bug in its driver? I would try instrumenting drivers/i2c/busses/i2c-imx-lpi2c.c to make sure it does not try to stuff into the rdbuf more data than requested... Thanks. -- Dmitry
