On Tue, Oct 15, 2024 at 02:37:47PM +0800, Hui Guo wrote: > Hi Kernel Maintainers, > we found a crash "WARNING: refcount bug in put_device" in upstream, we > also have successfully reproduced it manually: > > HEAD Commit: 9852d85ec9d492ebef56dc5f229416c925758edc(tag 'v6.12-rc1') > kernel config: https://raw.githubusercontent.com/androidAppGuard/KernelBugs/main/6.12.config > > console output: > https://raw.githubusercontent.com/androidAppGuard/KernelBugs/main/9852d85ec9d492ebef56dc5f229416c925758edc/83e10c2b482009dbb3b32ece907dcc361978f9b9/log0 > repro report: https://raw.githubusercontent.com/androidAppGuard/KernelBugs/main/9852d85ec9d492ebef56dc5f229416c925758edc/83e10c2b482009dbb3b32ece907dcc361978f9b9/repro.report > syz reproducer: > https://raw.githubusercontent.com/androidAppGuard/KernelBugs/main/9852d85ec9d492ebef56dc5f229416c925758edc/83e10c2b482009dbb3b32ece907dcc361978f9b9/repro.prog > c reproducer: https://raw.githubusercontent.com/androidAppGuard/KernelBugs/main/9852d85ec9d492ebef56dc5f229416c925758edc/83e10c2b482009dbb3b32ece907dcc361978f9b9/repro.cprog As this is using a "fake" yealink device, odds are there's some reference counting bug on the disconnect path that you have found. Care to send a patch to fix it up as you can test it easily? thanks, greg k-h
