On Mon. 15 Nov 2021 at 17:30, Pavel Skripkin <paskripkin@xxxxxxxxx> wrote: > On 11/15/21 11:16, Johan Hovold wrote: > > On Mon, Nov 15, 2021 at 11:15:07AM +0300, Pavel Skripkin wrote: > >> On 11/15/21 11:11, Johan Hovold wrote: > >> > Just a drive-by comment: > >> > > >> > Are you sure about this move of the netdev[channel_idx] initialisation? > >> > What happens if the registered can device is opened before you > >> > initialise the pointer? NULL-deref in es58x_send_msg()? > >> > > >> > You generally want the driver data fully initialised before you register > >> > the device so this looks broken. > >> > > >> > And either way it is arguably an unrelated change that should go in a > >> > separate patch explaining why it is needed and safe. > >> > > >> > >> > >> It was suggested by Vincent who is the maintainer of this driver [1]. > > > > Yeah, I saw that, but that doesn't necessarily mean it is correct. > > > > You're still responsible for the changes you make and need to be able to > > argue why they are correct. > > > > Sure! I should have check it before sending v2 :( My bad, sorry. I see > now, that there is possible calltrace which can hit NULL defer. I should be the one apologizing here. Sorry for the confusion. > One thing I am wondering about is why in some code parts there are > validation checks for es58x_dev->netdev[i] and in others they are missing. There is a validation when it is accessed in a for loop. It is not guarded in es58x_send_msg() because this function expects the channel_idx to be a valid index. Does this answer your wonders?
