On Wed, Oct 26, 2022 at 03:24:48PM +0800, ChiYuan Huang wrote: > 2) normal register access with negative length > Unable to handle kernel paging request at virtual address ffffffc009cefff2 > pc : __memcpy+0x1dc/0x260 > lr : _regmap_raw_write_impl+0x6d4/0x828 > Call trace: > __memcpy+0x1dc/0x260 > _regmap_raw_write+0xb4/0x130a > regmap_raw_write+0x74/0xb0 > > > After applying the patch, the first case is cleared. > But for the case 2, the root cause is not the mt6370_regmap_write() size > check. It's in __memcpy() before mt6370_regmap_write(). > > I'm wondering 'is it reasonable to give the negative value as the size?' > Thanks for testing! I'm not sure I understand exactly which code you're talking about. Could you just create a diff with the check for negative just so I can understand where the issue is? We can re-work it into a proper patch from there. regards, dan carpenter
