[ This is obviously ancient code, but maybe you could still take a
look? -dan ]
Hello Bjorn Helgaas,
The patch 1f32ca31e740: "PNP: convert resource options to single
linked list" from Jun 27, 2008 (linux-next), leads to the following
Smatch static checker warning:
drivers/pnp/quirks.c:193 quirk_add_irq_optional_dependent_sets()
warn: list_entry() does not return NULL 'new_option'
drivers/pnp/quirks.c
180 static void quirk_add_irq_optional_dependent_sets(struct pnp_dev *dev)
181 {
182 struct pnp_option *new_option;
183 unsigned int num_sets, i, set;
184 struct pnp_irq *irq;
185
186 num_sets = dev->num_dependent_sets;
187 for (i = 0; i < num_sets; i++) {
188 new_option = pnp_clone_dependent_set(dev, i);
189 if (!new_option)
190 return;
191
192 set = pnp_option_set(new_option);
--> 193 while (new_option && pnp_option_set(new_option) == set) {
The new_option part of this condition is always non-NULL. I think
eventually we will call list_entry() on the list head so we end up
reading from invalid memory.
194 if (new_option->type == IORESOURCE_IRQ) {
195 irq = &new_option->u.irq;
196 irq->flags |= IORESOURCE_IRQ_OPTIONAL;
197 }
198 dbg_pnp_show_option(dev, new_option);
199 new_option = list_entry(new_option->list.next,
200 struct pnp_option, list);
201 }
202
203 dev_info(&dev->dev, "added dependent option set %d (same as "
204 "set %d except IRQ optional)\n", set, i);
205 }
206 }
regards,
dan carpenter
