From: Bob Moore Date: Tue, 10 Jun 2008 06:29:26 +0000 (+0800) Subject: ACPICA: Fix for access to deleted object X-Git-Tag: firefly_0821_release~19982^2~2 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=8410565f540db87ca938f56f92780d251e4f157d;p=firefly-linux-kernel-4.4.55.git ACPICA: Fix for access to deleted object Fixes problem introduced in 20080123, with fix for Unload operator. Parse tree object can be already deleted; must use the opcode within the WalkState. ACPI: kmemcheck: Caught 16-bit read from freed memory http://bugzilla.kernel.org/show_bug.cgi?id=10669 Signed-off-by: Lin Ming Signed-off-by: Bob Moore Signed-off-by: Len Brown --- diff --git a/drivers/acpi/parser/psargs.c b/drivers/acpi/parser/psargs.c index f1e8bf65e24e..e94463778845 100644 --- a/drivers/acpi/parser/psargs.c +++ b/drivers/acpi/parser/psargs.c @@ -268,7 +268,7 @@ acpi_ps_get_next_namepath(struct acpi_walk_state *walk_state, */ if (ACPI_SUCCESS(status) && possible_method_call && (node->type == ACPI_TYPE_METHOD)) { - if (walk_state->op->common.aml_opcode == AML_UNLOAD_OP) { + if (walk_state->opcode == AML_UNLOAD_OP) { /* * acpi_ps_get_next_namestring has increased the AML pointer, * so we need to restore the saved AML pointer for method call. @@ -691,7 +691,7 @@ acpi_ps_get_next_arg(struct acpi_walk_state *walk_state, /* To support super_name arg of Unload */ - if (walk_state->op->common.aml_opcode == AML_UNLOAD_OP) { + if (walk_state->opcode == AML_UNLOAD_OP) { status = acpi_ps_get_next_namepath(walk_state, parser_state, arg,