From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mika Westerberg <mika.westerberg@linux.intel.com>
Subject: Re: ACPI / scan: Simplify acpi_match_device()
Date: Tue, 14 Apr 2015 13:37:29 +0300
Message-ID: <20150414103729.GE1677@lahna.fi.intel.com>
References: <20150413192159.GA10774@mwanda>
 <1668402.ZSbgXyXmVa@vostro.rjw.lan>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <linux-acpi-owner@vger.kernel.org>
Received: from mga11.intel.com ([192.55.52.93]:20964 "EHLO mga11.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753022AbbDNKhd (ORCPT <rfc822;linux-acpi@vger.kernel.org>);
	Tue, 14 Apr 2015 06:37:33 -0400
Content-Disposition: inline
In-Reply-To: <1668402.ZSbgXyXmVa@vostro.rjw.lan>
Sender: linux-acpi-owner@vger.kernel.org
List-Id: linux-acpi@vger.kernel.org
To: "Rafael J. Wysocki" <rjw@rjwysocki.net>
Cc: Dan Carpenter <dan.carpenter@oracle.com>, rafael.j.wysocki@intel.com, linux-acpi@vger.kernel.org

On Mon, Apr 13, 2015 at 09:59:48PM +0200, Rafael J. Wysocki wrote:
> On Monday, April 13, 2015 10:21:59 PM Dan Carpenter wrote:
> > Hello Rafael J. Wysocki,
> > 
> > The patch e1acdeb0e770: "ACPI / scan: Simplify acpi_match_device()"
> > from Apr 10, 2015, leads to the following static checker warning:
> > 
> > 	drivers/acpi/scan.c:269 acpi_companion_match()
> > 	error: potential NULL dereference 'adev'.
> > 
> > drivers/acpi/scan.c
> >    247  static struct acpi_device *acpi_companion_match(const struct device *dev)
> >    248  {
> >    249          struct acpi_device *adev;
> >    250  
> >    251          adev = ACPI_COMPANION(dev);
> >    252          if (!adev)
> >    253                  return NULL;
> >    254  
> >    255          if (list_empty(&adev->pnp.ids))
> >    256                  return NULL;
> >    257  
> >    258          mutex_lock(&adev->physical_node_lock);
> >    259          if (list_empty(&adev->physical_node_list)) {
> >    260                  adev = NULL;
> >                         ^^^^^^^^^^^
> >    261          } else {
> >    262                  const struct acpi_device_physical_node *node;
> >    263  
> >    264                  node = list_first_entry(&adev->physical_node_list,
> >    265                                          struct acpi_device_physical_node, node);
> >    266                  if (node->dev != dev)
> >    267                          adev = NULL;
> >                                 ^^^^^^^^^^^^
> >    268          }
> >    269          mutex_unlock(&adev->physical_node_lock);
> >                               ^^^^^^
> > Dereference.
> > 
> >    270  
> >    271          return adev;
> >    272  }
> 
> Right, thanks.
> 
> The patch below should fix it.
> 
> ---
> From: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
> Subject: ACPI / scan: Fix NULL pointer dereference in acpi_companion_match()
> 
> Commit e1acdeb0e770 "ACPI / scan: Simplify acpi_match_device()"
> introduced code that may lead to a NULL pointer dereference when
> trying to unlock a mutex.  Fix that.
> 
> Fixes: e1acdeb0e770 "ACPI / scan: Simplify acpi_match_device()"
> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>

Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>