Re: [PATCH] intel_menlow: prevent NULL pointer dereference

[Darren Hart]

On Thu, Jun 09, 2016 at 07:24:52PM +0200, Vincent Stehlé wrote:
> On Wed, Jun 08, 2016 at 01:38:46PM -0700, Darren Hart wrote:
> > Under what circumstances can the .remove op be called with a NULL struct
> > acpi_device * as a parameter? From what I can see, most acpi_* calls accpeting
> > an acpi_device rely on it not being null, and they are regularly called from
> > driver remove functions.
> > Did you observe an explicit failure or can you describe a call path where this
> > can occur?
> 
> Hi Darren,
> 
> Thank you for reviewing.
> 
> I am not sure about when the .remove() functions are called with a NULL
> pointer, or if that can ever happen. I just noticed that dereferencing the
> pointer and checking for NULL after did not seem to be the right thing to
> do. So I wanted to replicate instead the same construct as e.g.
> xen_acpi_processor_remove().
> 
> Your remark encouraged me to do some more digging into the sources and it
> appears that 13 .remove() functions do indeed check their input device
> pointer for NULL, while 26 do not (the remaining do not use their input
> pointer at all). Now I am puzzled about the necessity to check the pointer
> for NULL or not, and there does not seem to be a definitive answer in the
> docs either...

Either way, some change appears to be needed.

Rafael, with respect to acpi .remove functions, is it even possible to be called
with a NULL struct acpi_device *?

-- 
Darren Hart
Intel Open Source Technology Center