On Mon, May 28, 2018 at 07:03:05AM -0300, Mauro Carvalho Chehab wrote: > I can't see how brx can be NULL. At the sequence of ifs: > > if (pipe->num_inputs > 2) > brx = &vsp1->bru->entity; > else if (pipe->brx && !drm_pipe->force_brx_release) > brx = pipe->brx; > else if (!vsp1->bru->entity.pipe) > brx = &vsp1->bru->entity; > else > brx = &vsp1->brs->entity; > > > The usage of brx = &(something) will always return a non NULL > value[1]. That's not right. It can be NULL if it's &foo->first_struct_member and ->entity is the first struct member. If it weren't the first struct member then Smatch would say that brx was non-NULL. > [1] It might be doing a NULL deref - with seems to be your concern > when you're talking about the case where vsp1->brs is NULL - but > that's not what Smatch is complaining here. If vsp1->bru were NULL, it wouldn't be a NULL dereference because it's not dereferencing it; it's just taking the address. On the path where we do: else if (!vsp1->bru->entity.pipe) brx = &vsp1->bru->entity; Then Smatch sees that vsp1->bru is dereferenced and marks "brx" as non-NULL. regards, dan carpenter
