Open alyssais opened 5 months ago
When I run rmmod adpdrm, I get a null pointer dereference in the kernel:
rmmod adpdrm
This happens because it is expected that every child of a MIPI DSI host device is a MIPI DSI device, but the driver gives the host a child that is not a MIPI DSI device.
When I run
rmmod adpdrm, I get a null pointer dereference in the kernel:Logs
``` Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Mem abort info: ESR = 0x0000000096000007 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x07: level 3 translation fault Data abort info: ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 16k pages, 48-bit VAs, pgdp=000000080dbc36a0 [0000000000000008] pgd=0800000af5dc0003, p4d=0800000af5dc0003, pud=0800000af7b34003, pmd=0800000af7b50003, pte=0000000000000000 Internal error: Oops: 0000000096000007 [#1] PREEMPT SMP Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device bnep des_generic libdes md4 brcmfmac_wcc joydev hci_bcm4377 bluetooth brcmfmac brcmutil cfg80211 hid_magicmouse ecdh_generic ecc panel_summit apple_isp rfkill xhci_plat_hcd videobuf2_dma_sg xhci_hcd snd_soc_macaudio videobuf2_memops videobuf2_v4l2 macsmc_power macsmc_hid macsmc_reboot videodev ofpart spi_nor videobuf2_common mc snd_soc_cs42l84 snd_soc_apple_mca snd_soc_tas2764 apple_dcp clk_apple_nco apple_admac pwm_apple adpdrm(-) mux_core leds_pwm apple_soc_cpufreq drm_dma_helper hid_apple xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_rpfilter ipt_rpfilter xt_pkttype xt_LOG nf_log_syslog nft_compat nf_tables nfnetlink loop tun tap macvlan bridge stp llc fuse zstd zram dm_crypt rtc_macsmc nvmem_spmi_mfd gpio_macsmc tps6598x dockchannel_hid simple_mfd_spmi regmap_spmi dwc3 nvme_apple phy_apple_atc pcie_apple pci_host_common typec macsmc_rtkit macsmc udc_core apple_dockchannel apple_sart apple_rtkit_helper mfd_core nvmem_apple_efuses spmi_apple_controller pinctrl_apple_gpio spi_apple i2c_apple apple_dart btrfs xor xor_neon raid6_pq CPU: 7 PID: 6105 Comm: rmmod Tainted: G S 6.6.0-asahi #1-NixOS Hardware name: Apple MacBook Pro (13-inch, M2, 2022) (DT) pstate: 61400009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) pc : mipi_dsi_remove_device_fn+0x1c/0x4c lr : device_for_each_child+0x5c/0xac sp : ffff80008c40bbc0 x29: ffff80008c40bbc0 x28: ffff00000ecba280 x27: 0000000000000000 x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000 x23: ffff00000c1b1090 x22: ffff00000c1b2090 x21: ffff800080792ea0 x20: 0000000000000000 x19: ffff00003ff2d400 x18: ffffffffffffffff x17: 0000000000000000 x16: 0000000000000000 x15: 444f4d00313d4e5f x14: 0000000000000004 x13: ffff000001f5ce10 x12: 0000000000000000 x11: ffff00000a3fddf0 x10: ffff00000a3fdda8 x9 : ffff000001f5ce10 x8 : 00000000820001c2 x7 : 0000000000000000 x6 : 0000000000000000 x5 : ffffff00000dc900 x4 : ffffff00000c49a0 x3 : 00000000820001c2 x2 : ffff00000c49a8c0 x1 : ffff00003ff2d3f8 x0 : 0000000000000000 Call trace: mipi_dsi_remove_device_fn+0x1c/0x4c device_for_each_child+0x5c/0xac mipi_dsi_host_unregister+0x3c/0x74 adp_remove+0x68/0x90 [adpdrm] platform_remove+0x54/0x6c device_remove+0x4c/0x80 device_release_driver_internal+0x1d4/0x228 driver_detach+0x50/0x98 bus_remove_driver+0x70/0xf4 driver_unregister+0x30/0x60 platform_driver_unregister+0x14/0x20 adp_platform_driver_exit+0x18/0x2d28 [adpdrm] __do_sys_delete_module.constprop.0+0x17c/0x284 __arm64_sys_delete_module+0x14/0x20 invoke_syscall.constprop.0+0x50/0xe8 do_el0_svc+0x40/0xc4 el0_svc+0x38/0x108 el0t_64_sync_handler+0x100/0x12c el0t_64_sync+0x190/0x194 Code: 910003fd f9000bf3 aa0003f3 f85f8000 (f9400402) ---[ end trace 0000000000000000 ]--- ```This happens because it is expected that every child of a MIPI DSI host device is a MIPI DSI device, but the driver gives the host a child that is not a MIPI DSI device.