Hi
On 10.05.2018 14:49, Jordan Glover wrote:
Hello,
Detaching plugged external usb disk with: "udisksctl power-off --block-device <disk>" causes NULL pointer dereference and kernel hang. Tested with 4.17-rc4 on Manjaro Linux config and my own custom config with two different usb disks. It doesn't happen with 4.16.x. Below are logs registered with my own kernel config:
I'm able to reproduce this.
udisksd[1375]: Successfully sent SCSI command SYNCHRONIZE CACHE to /dev/sda
udisksd[1375]: Successfully sent SCSI command START STOP UNIT to /dev/sda
kernel: sd 0:0:0:0: [sda] Synchronizing SCSI cache
kernel: sd 0:0:0:0: [sda] Synchronize Cache(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK
upowerd[1387]: unhandled action 'unbind' on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/2-3:1.0
laptop udisksd[1375]: Powered off /dev/sda - successfully wrote to sysfs path /sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/remove
kernel: usb 2-3: USB disconnect, device number 2
kernel: BUG: unable to handle kernel NULL pointer dereference at 000000000000001c
kernel: RIP: 0010:xhci_hub_control+0x1ee5/0x1ff0 [xhci_hcd]
looks like xhci issue, triggered by speed = xhci->devs[i]->udev->speed in
xhci_find_slot_id_by_port()
xhci->devs[i]->udev seems to be NULL, probably because of commit 44a182b9d177
("xhci: Fix use-after-free in xhci_free_virt_device")
That patch itself fixes another regression, I'll see igf there is a better solution
Thanks
-Mathias
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
