Comment 5 for bug 972723

Hi Brad,

This bug exists in all kernels up to and including mainline (which as of today was 3.4-rc1).

The ite_probe() function in the ite-cir driver (drivers/media/rc/ite-cir.c) installs an interrupt service routine via request_irq() before properly initializing both the hardware and crucial function tables the ISR uses. As the documentation for request_irq() specifies, all initialization required for an ISR to function properly must before performed before calling request_irq(), as an interrupt may be dispatched even before request_irq() returns.

Normally, this bug would be difficult to trigger and reproduce. However, now that CONFIG_IRQ_REMAPPING is on, the interrupt is being immediately triggered for remapping purposes.

Since the function table has not yet been initialized by the ite_probe() function, the ISR, ite_cir_isr(), tries to call through the function table which immediately panics (since it tries to jump to vma 0).

As the hardware does not perform a critical function, perhaps the best temporary solution is to blacklist it.