em28xx modules unloading causes kernel crash

[deeptho]

With a Hauppage wintv dual hd USB stick connected, trying to unload modules with sudo modprobe -r em28xx-dvb; sudo modprobe -r em28xx-rc causes dvb_module_release to e called too many times, resulting in a NULL pointer dereference in the kernel.

Kernel log is attached: null_dereference.txt

There seem to be multiple bugs involved: dvb_module_release is called too many times on the tuners causing a warning that reference coutns drop below zero. In addition, the em28x.ko module calls code in em28x-dvb after the latter has been unloaded.

The attached patch seems to fix the problem. patch.txt

I would not be surprised that there are still some memory leaks.

[deeptho]

There seem to be more bugs causing a kernel crash when removing the usb device, which leads to a different code path than module unload. Second patch attached. 0001-em28xx-crash-on-usb-disconnect.txt