[linux-dvb] Fw: NULL pointer dereference when loading the budget-av module

Ralph Metzler rjkm at metzlerbros.de
Sun Sep 25 02:30:53 CEST 2005

Andrew Morton writes:
 > Begin forwarded message:
 > Date: Sat, 24 Sep 2005 17:21:07 +0200
 > From: Bernhard Rosenkraenzer <bero at arklinux.org>
 > To: linux-kernel at vger.kernel.org
 > Subject: NULL pointer dereference when loading the budget-av module


 > [  115.304801] Call Trace:
 > [  115.304843]  [<d08dcc33>] i2c_transfer+0x3e/0x50 [i2c_core]
 > [  115.304889]  [<ce83196a>] tda10021_attach+0x7c/0xca [tda10021]

AFAIR, there is a bug in tda10021.c in tda10021_readreg() which
references state->frontend.dvb->num
This is fatal if the frontend is not at the probed address and thus
not yet registered (no dvb entry set yet -> NULL pointer ...).

This happens with some batches of KNC cards, probably the older ones? 
I got one of the old KNC prototypes. They are not properly supported by the
linuxtv drivers. The wrong I2C addresses are scanned, which
exposes the above bug, and changes in the config of the tda10021 from
earlier this year screw up the signal timing for those cards (but seem
to improve that of the current production cards?).


