Hello, i have checked to sources of the linux kernel with the static code analyis tool cppcheck. It found a possible null pointer usage in file linux-2.6.30/drivers/net/tun.c at line 489. Take a look at file tun.c: static unsigned int tun_chr_poll(struct file *file, poll_table * wait) { struct tun_file *tfile = file->private_data; struct tun_struct *tun = __tun_get(tfile); 489 struct sock *sk = tun->sk; unsigned int mask = 0; 491 if (!tun) return POLLERR; .... Indeed, the pointer tun is used (see line 489) and at line 491 is checked if he is null. A possible way out might be: static unsigned int tun_chr_poll(struct file *file, poll_table * wait) { struct tun_file *tfile = file->private_data; struct tun_struct *tun = __tun_get(tfile); if (!tun) return POLLERR; struct sock *sk = tun->sk; unsigned int mask = 0; Best regards Ettl Martin