On Thu, Mar 16, 2023 at 05:19:35PM +0100, Greg Kroah-Hartman wrote: > On Thu, Mar 16, 2023 at 06:53:55PM +0300, Valery Zabrovsky wrote: > > In net2280_free_request(): > > If _ep is NULL, then ep is NULL and is dereferenced > > while trying to produce an error message. > > How can that ever happen? How did you test and hit this? > > > The patch replaces dev_err() with pr_err() which works fine. > > That's not a good idea for driver code to use, sorry. > > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > As I have said before, your testing framework needs a lot more work. > > good luck! In situations like this, it might be better to remove the check entirely. If a driver does pass a NULL pointer, it will lead to an invalid pointer dereference which will certainly cause an oops and might very well crash the system. That would be a lot more noticeable than an error message hidden in a kernel log! Greg, is there any general policy about the need for sanity checks such as this one? Like, don't put them in whenever a failure would lead to an immediate fault which would be easy to track down? Alan Stern
