Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1921626imu; Sat, 26 Jan 2019 14:16:01 -0800 (PST) X-Google-Smtp-Source: ALg8bN7jJ1vldN0O824SnjoKW27CWUh6Pi44pk7JFrbaKM4/b5O01F+FwTk8jWW55BSGQpAXNOGE X-Received: by 2002:a63:5207:: with SMTP id g7mr14878331pgb.253.1548540961845; Sat, 26 Jan 2019 14:16:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1548540961; cv=none; d=google.com; s=arc-20160816; b=e3agt0YshtQaG3rn6pGYWQEPzfsCj1kPQTn2EkoXkJWMbLNnq4UKaEQKQ4DwLWSpaA X9vwt5CZuDwgzL9eMyhSFuniVQjsimQ74hIAvtjBgTM0BjMeNC/RVfs4lk1wU6CXBeuR 4dA6Hy0tl56INIKelefXPnN/6fqOgBi+ufyhSBGZa2CFG7beQsd9ukBLs/hV/zS4Bsw/ lAsFvmnyImAMVTrlU9HGrs1lrSt3OUBpDX4rlakiO9F7byxS5z1RONNLe2TvDiW4ZVpS Pp8qtCXccHVat2hhnN7j6Vk5ns7BkspC+H85OspohB/QlPYmSNBfF4avcGajmsDhfsHo 3hhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=oN/RG/NczLuQggCzhL4uB7wLCuY4YFBKkpSelxHuQPs=; b=u2YbvX1z1Rq17YHTD9hBUOVapAAwzwL8BkFrs2Q8UjyfIxFUijcXeIpupOCH5IuGaU mFNgj9b/MAsm6kpaG7V3TM+0GLinZziIm6qioWS5UDqJS9814mFodkqNxpo+amvHUnWr DqzlNW45go5TQ1B43RomE9lZKLJzj7pOZKKyfyg0+4xLoy5sMB+5OBmQUd/LEpERlLRG lIp3JrXdgVfmfJshZIsoctUMPLolphuBImRC0rw3SPbcxxU2JroS6AKWdgtDYPEjNxrp gQ7ZRmy9G5UFi+UeB9EWIyFWGT5oHdu+a1sfhndsuz0f+X0TZNyZvb02X8ernPjugQ/I Nyng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Xu8P9oRf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n24si26845203pgv.119.2019.01.26.14.15.33; Sat, 26 Jan 2019 14:16:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Xu8P9oRf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726398AbfAZWP1 (ORCPT + 99 others); Sat, 26 Jan 2019 17:15:27 -0500 Received: from mail-it1-f194.google.com ([209.85.166.194]:40282 "EHLO mail-it1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726367AbfAZWP1 (ORCPT ); Sat, 26 Jan 2019 17:15:27 -0500 Received: by mail-it1-f194.google.com with SMTP id h193so14491903ita.5; Sat, 26 Jan 2019 14:15:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oN/RG/NczLuQggCzhL4uB7wLCuY4YFBKkpSelxHuQPs=; b=Xu8P9oRfqH+pmqjApV2ISjT0SeLXXRJuTKBoBYpEOdHRAyzo4RnM2CgUqssoBhaiIj C5uZotaBLp7SC4+wFM/IOtIbncU3bpj+mU9OaILrYv0yZoz8UTcHo2txrvLXeckg30HO U3iUU9OfaL2RCvQkEWlAwxxhR2wABaTA7+aATEkqfxaQLnQ1EbMeyW03UlTqh2xNXtdD Wc0rus501/sAoUkqpJjpBySMbjcxF9eMvS0PmuvwERIkVOX6j2ybGsbB/cn+Xi9uQTbC rSmlKagwmjONA1NPRu86d+zRvKNQwOUaLmjItNhPlIcdFEVKtFO7bBnVAdvmrlOHLVjI OC4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oN/RG/NczLuQggCzhL4uB7wLCuY4YFBKkpSelxHuQPs=; b=CQkNXNcPldbkJnfbOA74sdv+5K04FaIQQKwJL5z5z7oAEA/ZAwSjhOfNv1kmanxINT 4P/UIvZIe13KfjUOChom7ry2khU9GmR0rhpUkbYoRDmEqHnRHULEvL/rxs3PB0wd4mbQ znk62w+e/g79w86p5afOzQJKIM+oNfbuFgEieQGUE4KbBQMYHPjSn+76/AF1IcWOCwMI r3xml6gUthxssasGZmEmE6MyF4Qr4ukwxKE58zBVCOTigeIhZx39fac0spc/c7FZXVzU R/yyhmuV2rMFh/lASlEcos4bdblF23JxY7zWsB1wGTxzOI9MX1uw+jZnxXYDxQGkBo2x sdHg== X-Gm-Message-State: AJcUukfpDsY/BRgxfIKi9LNURDw+U5WZlNJF6D5dIoKnMZ9euSMCxFBP AdXCBPWRFXhdpGtlvjGGl5cLkWkH0xbIUlHVUss= X-Received: by 2002:a24:36cf:: with SMTP id l198mr7806705itl.102.1548540925131; Sat, 26 Jan 2019 14:15:25 -0800 (PST) MIME-Version: 1.0 References: <20190122185351.GA28627@kadam> In-Reply-To: From: Dmitry Torokhov Date: Sat, 26 Jan 2019 14:15:12 -0800 Message-ID: Subject: Re: [bug report] Input: add st-keyscan driver To: Ken Sloat Cc: Dan Carpenter , linux-input , Gabriel FERNANDEZ , lkml , Nate Drude Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Jan 26, 2019 at 1:25 PM Ken Sloat wrote: > > On Tue, Jan 22, 2019 at 1:53 PM Dan Carpenter wrote: > > > > Hello Gabriel FERNANDEZ, > > Hello Dan, > > I have added CCs for the maintainers as well as Gabriel Fernandez as > currently you just have the linux-input mailing list > > > The patch 062589b13991: "Input: add st-keyscan driver" from Apr 12, > > 2014, leads to the following static checker warning: > > > > drivers/input/keyboard/st-keyscan.c:156 keyscan_probe() > > error: potential zalloc NULL dereference: 'keypad_data->input_dev' > > > > drivers/input/keyboard/st-keyscan.c > > 125 static int keyscan_probe(struct platform_device *pdev) > > 126 { > > 127 struct st_keyscan *keypad_data; > > 128 struct input_dev *input_dev; > > 129 struct resource *res; > > 130 int error; > > 131 > > 132 if (!pdev->dev.of_node) { > > 133 dev_err(&pdev->dev, "no DT data present\n"); > > 134 return -EINVAL; > > 135 } > > 136 > > 137 keypad_data = devm_kzalloc(&pdev->dev, sizeof(*keypad_data), > > 138 GFP_KERNEL); > > 139 if (!keypad_data) > > 140 return -ENOMEM; > > 141 > > 142 input_dev = devm_input_allocate_device(&pdev->dev); > > 143 if (!input_dev) { > > 144 dev_err(&pdev->dev, "failed to allocate the input device\n"); > > 145 return -ENOMEM; > > 146 } > > 147 > > 148 input_dev->name = pdev->name; > > 149 input_dev->phys = "keyscan-keys/input0"; > > 150 input_dev->dev.parent = &pdev->dev; > > 151 input_dev->open = keyscan_open; > > 152 input_dev->close = keyscan_close; > > 153 > > 154 input_dev->id.bustype = BUS_HOST; > > 155 > > --> 156 error = keypad_matrix_key_parse_dt(keypad_data); > > ^^^^^^^^^^^ > I agree with you this would be a problem > to clarify the NULL derefence would occur here within keypad_matrix_key_parse_dt > > struct device *dev = keypad_data->input_dev->dev.parent; > > > This assumes we have set "keypad_data->input_dev = input_dev;" but we > > don't do that until... > > > > 157 if (error) > > 158 return error; > > 159 > > 160 error = matrix_keypad_build_keymap(NULL, NULL, > > 161 keypad_data->n_rows, > > 162 keypad_data->n_cols, > > 163 NULL, input_dev); > > 164 if (error) { > > 165 dev_err(&pdev->dev, "failed to build keymap\n"); > > 166 return error; > > 167 } > > 168 > > 169 input_set_drvdata(input_dev, keypad_data); > > 170 > > 171 keypad_data->input_dev = input_dev; > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > this line here. This driver has never worked and it was included almost > > five years ago. Is it worth fixing? > > > > 172 > > 173 res = platform_get_resource(pdev, IORESOURCE_MEM, 0); > > 174 keypad_data->base = devm_ioremap_resource(&pdev->dev, res); > > 175 if (IS_ERR(keypad_data->base)) > > 176 return PTR_ERR(keypad_data->base); > > 177 > > > > regards, > > dan carpenter > > > > Here is the interesting thing, I was looking on patchwork, and several > of the patches including what appears to be the latest actually set > "keypad_data->input_dev = input_dev" before calling > "keypad_matrix_key_parse_dt" > > From v4 on patchwork > + if (IS_ERR(keypad_data->clk)) { > + dev_err(&pdev->dev, "cannot get clock"); > + return PTR_ERR(keypad_data->clk); > + } > + > + keypad_data->input_dev = input_dev; > + > + input_dev->name = pdev->name; > + input_dev->phys = "keyscan-keys/input0"; > + input_dev->dev.parent = &pdev->dev; > + input_dev->open = keyscan_open; > + input_dev->close = keyscan_close; > + > + input_dev->id.bustype = BUS_HOST; > + > + error = keypad_matrix_key_parse_dt(keypad_data); > > According to patchwork, these aren't listed as accepted, so I'm not > sure where the exact accepted patch came from. Looking at the commit > log, it looks like the issue you showed above was made in the original > commit 062589b1399176a9c14bc68e16169f40439d658c so I'm not quite sure > what is going on here. Maybe the maintainer can chime in with the > original patch/mailing list discussion on this. For reference, I've > added the patchwork links below > https://patchwork.kernel.org/patch/3854341/ > https://patchwork.kernel.org/patch/3968891/ > https://patchwork.kernel.org/patch/3969991/ It may very well be that I messed up when applying the patch. I guess whatever platform that is using the driver has not attempted to update their kernel since then. Thanks. -- Dmitry