subject:"\"Bug#917206\\\\\\\: linux\\\\\\\-image\\\\\\\-4.9.0\\\\\\\-8\\\\\\\-amd64\\\\\\\: NULL ptr dereference in xhci_hub_control \\\\\\\[xhci_hcd\\\\\\\] with USB Mass Storage \\\\\\\(Kingston\\\\\\\)\""

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

2019-01-02 Thread Cyril Brulebois

Hi Christoph,

Christoph Pfister  (2019-01-02):
> tl;dr: This is a regression introduced in Debian 9.6
> (linux/4.9.130-2); it is caused by [1] and fixed by [2]. Please fix :)
> 
> I'm taking the liberty to hijack this bug because I'm experiencing the
> same issue [3] when powering off a usb3 hdd. The oops is easy to
> reproduce; I've tested the following versions of
> linux-image-4.9.0-8-amd64:
> 
> - 4.9.110-3+deb9u6: works
> - 4.9.130-2 (current stretch): affected
> - 4.9.135-1 (stretch-proposed-updates): affected
> - 4.9.130-2 + manually applying [2]: works

No worries (from my point of view) with hijacking the bug report, esp.
with all the nice pointers! Thanks for tracking that down. :)


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

2019-01-02 Thread Salvatore Bonaccorso

Source: linux
Source-Version: 4.9.144-1

Hi Christoph,

On Wed, Jan 02, 2019 at 12:29:02PM +0100, Christoph Pfister wrote:
> found 917206 4.9.130-2
> thanks
> 
> tl;dr: This is a regression introduced in Debian 9.6
> (linux/4.9.130-2); it is caused by [1] and fixed by [2]. Please fix :)
> 
> I'm taking the liberty to hijack this bug because I'm experiencing the
> same issue [3] when powering off a usb3 hdd. The oops is easy to
> reproduce; I've tested the following versions of
> linux-image-4.9.0-8-amd64:
> 
> - 4.9.110-3+deb9u6: works
> - 4.9.130-2 (current stretch): affected
> - 4.9.135-1 (stretch-proposed-updates): affected
> - 4.9.130-2 + manually applying [2]: works

So this should be fixed in 4.9.136 upstrean and the change included in
the 4.9.144-1 upload which is pending in stable-new, and thus the next
increment for stretch-proposed-updates and the next point release.

Thanks for your triaging work and pin-pointing the fix!

Regards,
Salvatore

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

2019-01-02 Thread Christoph Pfister

found 917206 4.9.130-2
thanks

tl;dr: This is a regression introduced in Debian 9.6
(linux/4.9.130-2); it is caused by [1] and fixed by [2]. Please fix :)

I'm taking the liberty to hijack this bug because I'm experiencing the
same issue [3] when powering off a usb3 hdd. The oops is easy to
reproduce; I've tested the following versions of
linux-image-4.9.0-8-amd64:

- 4.9.110-3+deb9u6: works
- 4.9.130-2 (current stretch): affected
- 4.9.135-1 (stretch-proposed-updates): affected
- 4.9.130-2 + manually applying [2]: works

Thanks,

Christoph


[1] 
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/usb/host?h=linux-4.9.y&id=2679c2231bc3fb260f74e1faf7d6810427b1fc6e

[2] 
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/usb/host?h=linux-4.9.y&id=52f305530ab6e5915b5e5ee0cb9525df42f2b691

[3]

kernel: usb 7-2: USB disconnect, device number 4
kernel: BUG: unable to handle kernel NULL pointer dereference at
001c
kernel: IP: [] xhci_hub_control+0x1a13/0x1c50 [xhci_hcd]
kernel: PGD 0
kernel:
kernel: Oops:  [#1] SMP
kernel: Modules linked in: cpufreq_powersave cpufreq_userspace
cpufreq_conservative nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter
ip6_tables nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack
iptable_filter edac_mce_amd edac_core kvm_amd
kernel:  glue_helper lrw gf128mul ablk_helper cryptd ahci libahci
xhci_pci xhci_hcd i2c_piix4 ohci_hcd libata ehci_pci ehci_hcd scsi_mod
usbcore usb_common r8169 mii
kernel: CPU: 0 PID: 138 Comm: kworker/0:3 Not tainted 4.9.0-8-amd64 #1
Debian 4.9.130-2
kernel: Hardware name: Gigabyte Technology Co., Ltd. To be filled by
O.E.M./F2A88XM-HD3, BIOS F7 07/09/2014
kernel: Workqueue: usb_hub_wq hub_event [usbcore]
kernel: task: 8e3435468100 task.stack: ae9040928000
kernel: RIP: 0010:[]  []
xhci_hub_control+0x1a13/0x1c50 [xhci_hcd]
kernel: RSP: 0018:ae904092ba90  EFLAGS: 00010086
kernel: RAX: 8e3435552000 RBX: 8e34354dc000 RCX: 
kernel: RDX: 0060 RSI: 1261 RDI: 8e34354ba284
kernel: RBP: ffed R08: 0008 R09: 0001
kernel: R10: 0001 R11: 0212 R12: 0001
kernel: R13: 8e34354ba000 R14: 8e34354ba284 R15: 0002
kernel: FS:  () GS:8e343ec0()
knlGS:
kernel: CS:  0010 DS:  ES:  CR0: 80050033
kernel: CR2: 001c CR3: 0001365a4000 CR4: 000406f0
kernel: Stack:
kernel:  00ff90625600 c6542f720005 0002 8e34
kernel:  0005  8e34354ba238 907e
kernel:  8e343ac00302 4092bba0 8e3435d28e40 8e343561
kernel: Call Trace:
kernel:  [] ? mempolicy_nodemask_intersects+0x10/0x70
kernel:  [] ? ep_poll_callback+0x106/0x230
kernel:  [] ? usb_hcd_submit_urb+0x2aa/0xaf0 [usbcore]
kernel:  [] ? lock_timer_base+0x74/0x90
kernel:  [] ? __internal_add_timer+0x1a/0x50
kernel:  [] ? add_timer+0x110/0x270
kernel:  [] ? usb_start_wait_urb+0x6d/0x170 [usbcore]
kernel:  [] ? usb_release_interface_cache+0x32/0x50 [usbcore]
kernel:  [] ? usb_control_msg+0xdd/0x140 [usbcore]
kernel:  [] ? device_release+0x30/0x90
kernel:  [] ? set_port_feature+0x44/0x50 [usbcore]
kernel:  [] ? hub_port_disable+0xc9/0x140 [usbcore]
kernel:  [] ? hub_event+0xd8b/0x15c0 [usbcore]
kernel:  [] ? __switch_to_asm+0x34/0x70
kernel:  [] ? __switch_to_asm+0x40/0x70
kernel:  [] ? process_one_work+0x18a/0x420
kernel:  [] ? worker_thread+0x4d/0x490
kernel:  [] ? process_one_work+0x420/0x420
kernel:  [] ? kthread+0xd9/0xf0
kernel:  [] ? kthread_park+0x60/0x60
kernel:  [] ? ret_from_fork+0x44/0x70
kernel: Code: e9 49 f8 ff ff 45 31 e4 eb 11 49 83 c4 01 49 81 fc 00 01
00 00 0f 84 c3 f2 ff ff 4b 8b 84 e5 08 04 00 00 48 85 c0 74 e2 48 8b
08 <83> 79 1c 04 40 0f 96 c6 83 bb a0 00 00 00 3f 0f 9f c1 40 38 ce
kernel: RIP  [] xhci_hub_control+0x1a13/0x1c50 [xhci_hcd]
kernel:  RSP 
kernel: CR2: 001c
kernel: ---[ end trace 8be8c1ab53920c10 ]---

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

2018-12-23 Thread Cyril Brulebois

Package: src:linux
Version: 4.9.135-1
Severity: important

Hi kernel team,

I've reproduced this kernel BUG a few times already, with simple
operations on various USB devices like brand new Kingston DataTraveler
3.0 (8, 16 or 32GB):

[ 1992.998316] BUG: unable to handle kernel NULL pointer dereference at 
001c
[ 1992.998372] IP: [] xhci_hub_control+0x19cf/0x1c10 
[xhci_hcd]


Steps to reproduce:
 - plug a USB device either on an port of the laptop's base, or on the
   USB3 port on the laptop;
 - zero out the /dev/sd? that pops up when the USB device is inserted,
   to make sure any preexisting partitioning is no factor (did that on
   the full device first time, then decided to only wipe out the
   beginning of the block device);
 - partprobe to make extra sure;
 - create a partition table with fdisk (not sure I did anything
   specific here, can double check, probably went for the default);
 - create a single partition with all free space;
 - assign type 'b' (W95 FAT32) to it;
 - use mkfs.vfat -F 32 on the new block device.

At this point, said block device appears in Xfce's file manager, Thunar.
With or without having copied a few files to it, clicking the “eject”
button is sufficient to trigger this BUG. When that happens, input
devices work for a few seconds but it isn't possible to get much done;
an already-running dmesg -w wouldn't show any traces. Only an UEFI
glitch at reboot time would make half a screen appear with a fuzzied
trace…

Here's a capture obtained through netconsole, enabled a bit before
triggering the crash:

[ 1745.198739] console [netcon_ext0] disabled
[ 1745.198753] console [netcon0] disabled
[ 1748.295633] netpoll: netconsole: local port 6665
[ 1748.295637] netpoll: netconsole: local IPv4 address 0.0.0.0
[ 1748.295639] netpoll: netconsole: interface 'eth0'
[ 1748.295640] netpoll: netconsole: remote port 
[ 1748.295642] netpoll: netconsole: remote IPv4 address 192.168.0.1
[ 1748.295644] netpoll: netconsole: remote ethernet address 
d8:cb:8a:98:29:59
[ 1748.295647] netpoll: netconsole: local IP 192.168.0.21
[ 1748.295702] console [netcon0] enabled
[ 1748.295704] netconsole: network logging started
[ 1799.971353] usb 2-2: new SuperSpeed USB device number 4 using xhci_hcd
[ 1800.002355] usb 2-2: New USB device found, idVendor=0951, idProduct=1666
[ 1800.002373] usb 2-2: New USB device strings: Mfr=1, Product=2, 
SerialNumber=3
[ 1800.002380] usb 2-2: Product: DataTraveler 3.0
[ 1800.002386] usb 2-2: Manufacturer: Kingston
[ 1800.002392] usb 2-2: SerialNumber: 60A44C413BF2F270B62830FF
[ 1800.017208] usb-storage 2-2:1.0: USB Mass Storage device detected
[ 1800.017367] scsi host3: usb-storage 2-2:1.0
[ 1801.020259] scsi 3:0:0:0: Direct-Access Kingston DataTraveler 3.0
  PQ: 0 ANSI: 6
[ 1801.021997] sd 3:0:0:0: Attached scsi generic sg1 type 0
[ 1801.022211] sd 3:0:0:0: [sdb] 30218842 512-byte logical blocks: (15.5 
GB/14.4 GiB)
[ 1801.022788] sd 3:0:0:0: [sdb] Write Protect is off
[ 1801.022819] sd 3:0:0:0: [sdb] Mode Sense: 4f 00 00 00
[ 1801.023312] sd 3:0:0:0: [sdb] Write cache: disabled, read cache: 
enabled, doesn't support DPO or FUA
[ 1801.026302]  sdb: sdb1
[ 1801.027383] sd 3:0:0:0: [sdb] Attached SCSI removable disk
[ 1884.87] device eth0 left promiscuous mode
[ 1901.864615]  sdb: sdb1
[ 1939.154007] usb 2-2: USB disconnect, device number 4
[ 1941.618308] usb 2-2: new SuperSpeed USB device number 5 using xhci_hcd
[ 1941.649852] usb 2-2: New USB device found, idVendor=0951, idProduct=1666
[ 1941.649863] usb 2-2: New USB device strings: Mfr=1, Product=2, 
SerialNumber=3
[ 1941.649866] usb 2-2: Product: DataTraveler 3.0
[ 1941.649869] usb 2-2: Manufacturer: Kingston
[ 1941.649872] usb 2-2: SerialNumber: 60A44C413BF2F270B62830FF
[ 1941.659124] usb-storage 2-2:1.0: USB Mass Storage device detected
[ 1941.659303] scsi host3: usb-storage 2-2:1.0
[ 1942.682536] scsi 3:0:0:0: Direct-Access Kingston DataTraveler 3.0
  PQ: 0 ANSI: 6
[ 1942.683352] sd 3:0:0:0: [sdb] 30218842 512-byte logical blocks: (15.5 
GB/14.4 GiB)
[ 1942.683356] sd 3:0:0:0: Attached scsi generic sg1 type 0
[ 1942.683517] sd 3:0:0:0: [sdb] Write Protect is off
[ 1942.683525] sd 3:0:0:0: [sdb] Mode Sense: 4f 00 00 00
[ 1942.683714] sd 3:0:0:0: [sdb] Write cache: disabled, read cache: 
enabled, doesn't support DPO or FUA
[ 1942.687527]  sdb: sdb1
[ 1942.688360] sd 3:0:0:0: [sdb] Attached SCSI removable disk
[ 1978.720932]  sdb: sdb1
[ 1984.327018]  sdb: sdb1
[ 1984.414750]  sdb: sdb1
[ 1984.587241]  sdb: sdb1
[ 1992.998123] usb 2-2: USB disconnect, device number 5
[ 1992.998316] BUG: unable to handle kernel NULL pointer dereference at 
001c
[ 1992.998372] IP: [] xhci_hub_control+0x19cf/0x1c10 
[xhci_hcd]
[ 1992.998418] PGD 0 [ 1992.998433] 
[ 1992.99

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

Bug#917206: linux-image-4.9.0-8-amd64: NULL ptr dereference in xhci_hub_control [xhci_hcd] with USB Mass Storage (Kingston)

4 matches

Site Navigation

Mail list logo

Footer information