mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-21 07:09:15 +07:00
412b16d623
Unregistering the i2c_client of the demod driver destroys the frontend object. Calling vb2_dvb_unregister_bus later accesses the frontend (and with the refcount_t) conversion the refcount_t code complains: kernel: ------------[ cut here ]------------ kernel: WARNING: CPU: 0 PID: 7883 at lib/refcount.c:128 refcount_sub_and_test+0x70/0x80 kernel: refcount_t: underflow; use-after-free. kernel: Modules linked in: bluetooth si2165(O) a8293(O) tda10071(O) tea5767(O) tuner(O) cx23885(O-) tda18271(O) videobuf2_dvb(O) videobuf2_dma_sg(O) m88ds3103(O) tveeprom(O) cx2341x(O) v4l2_common(O) dvb_core(O) rc_core(O) videobuf2_memops(O) videobuf2_v4l2(O) ums_realtek videobuf2_core(O) uas videodev(O) media(O) rtl8192cu i2c_mux usb_storage rtl_usb rtl8192c_common rtlwifi snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hwdep snd_hda_core x86_pkg_temp_thermal kvm_intel kvm irqbypass kernel: CPU: 0 PID: 7883 Comm: rmmod Tainted: G W O 4.11.3-gentoo #3 kernel: Hardware name: MEDION E2050 2391/H81H3-EM2, BIOS H81EM2W08.308 08/25/2014 kernel: Call Trace: kernel: dump_stack+0x4d/0x66 kernel: __warn+0xc6/0xe0 kernel: warn_slowpath_fmt+0x46/0x50 kernel: ? kobject_put+0x2f/0x60 kernel: refcount_sub_and_test+0x70/0x80 kernel: refcount_dec_and_test+0x11/0x20 kernel: dvb_unregister_frontend+0x42/0x60 [dvb_core] kernel: vb2_dvb_dealloc_frontends+0x9e/0x100 [videobuf2_dvb] kernel: vb2_dvb_unregister_bus+0xd/0x20 [videobuf2_dvb] kernel: cx23885_dvb_unregister+0xc3/0x110 [cx23885] kernel: cx23885_dev_unregister+0xea/0x150 [cx23885] kernel: cx23885_finidev+0x4f/0x70 [cx23885] kernel: pci_device_remove+0x34/0xb0 kernel: device_release_driver_internal+0x150/0x200 kernel: driver_detach+0x33/0x70 kernel: bus_remove_driver+0x47/0xa0 kernel: driver_unregister+0x27/0x50 kernel: pci_unregister_driver+0x34/0x90 kernel: cx23885_fini+0x10/0x12 [cx23885] kernel: SyS_delete_module+0x166/0x220 kernel: ? exit_to_usermode_loop+0x7b/0x80 kernel: entry_SYSCALL_64_fastpath+0x17/0x98 kernel: RIP: 0033:0x7f5901680b07 kernel: RSP: 002b:00007ffdf6cdb028 EFLAGS: 00000206 ORIG_RAX: 00000000000000b0 kernel: RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f5901680b07 kernel: RDX: 000000000000000a RSI: 0000000000000800 RDI: 0000000001500258 kernel: RBP: 00000000015001f0 R08: 0000000000000000 R09: 1999999999999999 kernel: R10: 0000000000000884 R11: 0000000000000206 R12: 00007ffdf6cda010 kernel: R13: 0000000000000000 R14: 00000000015001f0 R15: 00000000014ff010 kernel: ---[ end trace c3a4659b89086061 ]--- Signed-off-by: Matthias Schwarzott <zzam@gentoo.org> Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com> |
||
|---|---|---|
| .. | ||
| altera-ci.c | ||
| altera-ci.h | ||
| cimax2.c | ||
| cimax2.h | ||
| cx23885-417.c | ||
| cx23885-alsa.c | ||
| cx23885-av.c | ||
| cx23885-av.h | ||
| cx23885-cards.c | ||
| cx23885-core.c | ||
| cx23885-dvb.c | ||
| cx23885-f300.c | ||
| cx23885-f300.h | ||
| cx23885-i2c.c | ||
| cx23885-input.c | ||
| cx23885-input.h | ||
| cx23885-ioctl.c | ||
| cx23885-ioctl.h | ||
| cx23885-ir.c | ||
| cx23885-ir.h | ||
| cx23885-reg.h | ||
| cx23885-vbi.c | ||
| cx23885-video.c | ||
| cx23885-video.h | ||
| cx23885.h | ||
| cx23888-ir.c | ||
| cx23888-ir.h | ||
| Kconfig | ||
| Makefile | ||
| netup-eeprom.c | ||
| netup-eeprom.h | ||
| netup-init.c | ||
| netup-init.h | ||