Hello, Detaching plugged external usb disk with: "udisksctl power-off --block-device <disk>" causes NULL pointer dereference and kernel hang. Tested with 4.17-rc4 on Manjaro Linux config and my own custom config with two different usb disks. It doesn't happen with 4.16.x. Below are logs registered with my own kernel config: udisksd[1375]: Successfully sent SCSI command SYNCHRONIZE CACHE to /dev/sda udisksd[1375]: Successfully sent SCSI command START STOP UNIT to /dev/sda kernel: sd 0:0:0:0: [sda] Synchronizing SCSI cache kernel: sd 0:0:0:0: [sda] Synchronize Cache(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK upowerd[1387]: unhandled action 'unbind' on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/2-3:1.0 laptop udisksd[1375]: Powered off /dev/sda - successfully wrote to sysfs path /sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/remove kernel: usb 2-3: USB disconnect, device number 2 kernel: BUG: unable to handle kernel NULL pointer dereference at 000000000000001c kernel: PGD 0 P4D 0 kernel: Oops: 0000 [#1] PREEMPT SMP PTI kernel: Modules linked in: sd_mod uas usb_storage scsi_mod ccm arc4 iwlmvm mac80211 iwlwifi wacom ipt_REJECT nf_reject_ipv4 nf_log_ipv4 nf_log_common xt_LOG xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_mark xt_conntrack nf_conntrack snd_soc_skl libcrc32c snd_soc_acpi iptable_filter cfg80211 snd_soc_core nls_iso8859_1 nls_cp437 vfat hid_sensor_rotation hid_sensor_accel_3d hid_sensor_magn_3d fat hid_sensor_gyro_3d hid_sensor_als hid_sensor_trigger hid_sensor_iio_common industrialio_triggered_buffer kfifo_buf snd_hda_codec_hdmi snd_soc_skl_ipc industrialio snd_soc_sst_ipc snd_hda_codec_conexant snd_soc_sst_dsp rtsx_pci_ms joydev mei_wdt snd_hda_codec_generic memstick snd_hda_ext_core hid_sensor_hub mousedev intel_ishtp_hid wmi_bmof intel_wmi_thunderbolt intel_rapl snd_hda_intel x86_pkg_temp_thermal kernel: intel_powerclamp snd_hda_codec kvm_intel snd_hwdep snd_hda_core intel_cstate psmouse intel_uncore snd_pcm intel_rapl_perf input_leds mei_me snd_timer i2c_i801 ucsi_acpi mei intel_pch_thermal shpchp intel_ish_ipc typec_ucsi intel_ishtp typec thinkpad_acpi wmi nvram snd tpm_crb soundcore battery led_class ac rfkill rtc_cmos tpm_tis tpm_tis_core i2c_hid evdev tpm mac_hid rng_core coretemp msr ip_tables x_tables ext4 crc32c_generic crc16 mbcache jbd2 fscrypto algif_skcipher af_alg hid_logitech_hidpp hid_logitech_dj hid_generic usbhid hid dm_crypt dm_mod crct10dif_pclmul crc32_pclmul crc32c_intel rtsx_pci_sdmmc ghash_clmulni_intel pcbc mmc_core serio_raw atkbd libps2 aesni_intel aes_x86_64 crypto_simd cryptd glue_helper rtsx_pci xhci_pci i8042 serio xhci_hcd usbcore usb_common i915 intel_gtt kernel: i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops drm agpgart kvmgt vfio_mdev mdev vfio_iommu_type1 vfio kvm irqbypass kernel: CPU: 0 PID: 9318 Comm: kworker/0:0 Tainted: G T 4.17.0-1 #1 kernel: Hardware name: LENOVO 20JJS0HD00/20JJS0HD00, BIOS R0HET47W (1.27 ) 03/12/2018 kernel: Workqueue: usb_hub_wq hub_event [usbcore] kernel: RIP: 0010:xhci_hub_control+0x1ee5/0x1ff0 [xhci_hcd] kernel: RSP: 0018:ffffb634c9cd3b20 EFLAGS: 00010086 kernel: RAX: ffff90df8d1e0000 RBX: ffff90dfd39da008 RCX: 0000000000000060 kernel: RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000001 kernel: RBP: 0000000000000004 R08: 0000000000000010 R09: ffffffffc079f3f9 kernel: R10: 0000000000000002 R11: ffff90df925ef2e8 R12: ffff90dfd39d826c kernel: R13: 0000000000000002 R14: ffff90dfd39d8000 R15: 0000000000000005 kernel: FS: 0000000000000000(0000) GS:ffff90dfe1400000(0000) knlGS:0000000000000000 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 000000000000001c CR3: 0000000171008006 CR4: 00000000003606f0 kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 kernel: Call Trace: kernel: ? __wake_up_common+0x7a/0x180 kernel: ? __kmalloc+0x1f2/0x300 kernel: usb_hcd_submit_urb+0x24c/0xb00 [usbcore] kernel: ? __slab_free+0x3a/0x3f0 kernel: ? __slab_free+0x3a/0x3f0 kernel: ? __slab_free+0x3a/0x3f0 kernel: usb_start_wait_urb+0x8a/0x180 [usbcore] kernel: usb_control_msg+0xdc/0x140 [usbcore] kernel: set_port_feature+0x39/0x50 [usbcore] kernel: hub_port_disable+0xcc/0x130 [usbcore] kernel: hub_event+0xcf9/0x15f0 [usbcore] kernel: process_one_work+0x17f/0x360 kernel: ? process_one_work+0x360/0x360 kernel: worker_thread+0x31/0x380 kernel: ? process_one_work+0x360/0x360 kernel: kthread+0x112/0x130 kernel: ? kthread_create_on_node+0x80/0x80 kernel: ret_from_fork+0x35/0x40 kernel: Code: 14 24 e9 bf fb ff ff 31 ed eb 10 48 ff c5 48 81 fd 00 01 00 00 0f 84 ff ee ff ff 49 8b 84 ee b8 03 00 00 48 85 c0 74 e3 48 8b 30 <83> 7e 1c 04 40 0f 96 c7 83 bb 90 00 00 00 3f 40 0f 9f c6 40 38 kernel: RIP: xhci_hub_control+0x1ee5/0x1ff0 [xhci_hcd] RSP: ffffb634c9cd3b20 Jordan -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
