Bug #1871143 “Kernel crash during USB device enumeration or moun...” : Bugs : linux package : Ubuntu

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-04-06:

#1

dmesg file from kdump Edit (185.6 KiB, text/plain)
AlsaInfo.txt Edit (39.8 KiB, text/plain; charset="utf-8")
CRDA.txt Edit (454 bytes, text/plain; charset="utf-8")
CurrentDmesg.txt Edit (81.7 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (2.4 KiB, text/plain; charset="utf-8")
Lspci.txt Edit (7.6 KiB, text/plain; charset="utf-8")
Lsusb.txt Edit (850 bytes, text/plain; charset="utf-8")
Lsusb-t.txt Edit (1.5 KiB, text/plain; charset="utf-8")
Lsusb-v.txt Edit (111.7 KiB, text/plain; charset="utf-8")
ProcCpuinfo.txt Edit (4.3 KiB, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (1.1 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (114 bytes, text/plain; charset="utf-8")
ProcInterrupts.txt Edit (2.9 KiB, text/plain; charset="utf-8")
ProcModules.txt Edit (5.7 KiB, text/plain; charset="utf-8")
PulseList.txt Edit (21.6 KiB, text/plain; charset="utf-8")
UdevDb.txt Edit (233.1 KiB, text/plain; charset="utf-8")
WifiSyslog.txt Edit (102.8 KiB, text/plain; charset="utf-8")

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-04-06:

#2

Download full text (6.7 KiB)

Key part of dmesg is:

[76704.227672] cdc_acm 1-1.4:1.0: failed to set dtr/rts
[76704.936301] usb 1-1.4: USB disconnect, device number 11
[76704.951638] blk_update_request: I/O error, dev sdc, sector 1110 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951644] Buffer I/O error on dev sdc1, logical block 1109, lost async page write
[76704.951647] Buffer I/O error on dev sdc1, logical block 1110, lost async page write
[76704.951656] blk_update_request: I/O error, dev sdc, sector 1128 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951658] Buffer I/O error on dev sdc1, logical block 1127, lost async page write
[76704.951661] Buffer I/O error on dev sdc1, logical block 1128, lost async page write
[76704.951679] blk_update_request: I/O error, dev sdc, sector 1150 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951682] Buffer I/O error on dev sdc1, logical block 1149, lost async page write
[76704.951684] Buffer I/O error on dev sdc1, logical block 1150, lost async page write
[76704.951689] blk_update_request: I/O error, dev sdc, sector 1174 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951691] Buffer I/O error on dev sdc1, logical block 1173, lost async page write
[76704.951693] Buffer I/O error on dev sdc1, logical block 1174, lost async page write
[76704.951717] blk_update_request: I/O error, dev sdc, sector 1194 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951718] Buffer I/O error on dev sdc1, logical block 1193, lost async page write
[76704.951719] Buffer I/O error on dev sdc1, logical block 1194, lost async page write
[76704.951722] blk_update_request: I/O error, dev sdc, sector 1212 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951734] blk_update_request: I/O error, dev sdc, sector 1232 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951739] blk_update_request: I/O error, dev sdc, sector 1252 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951748] blk_update_request: I/O error, dev sdc, sector 1272 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951751] blk_update_request: I/O error, dev sdc, sector 1290 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76707.579590] usb 1-1.4: new full-speed USB device number 12 using ehci-pci
[76707.691410] usb 1-1.4: New USB device found, idVendor=239a, idProduct=8014, bcdDevice= 1.00
[76707.691413] usb 1-1.4: New USB device strings: Mfr=2, Product=3, SerialNumber=1
[76707.691415] usb 1-1.4: Product: Metro M0 Express
[76707.691417] usb 1-1.4: Manufacturer: Adafruit Industries LLC
[76707.691418] usb 1-1.4: SerialNumber: DFAE9D970323D4050213E2932141E0FF
[76707.692717] general protection fault: 0000 [#1] SMP PTI
[76707.692723] CPU: 3 PID: 75883 Comm: kworker/3:1 Kdump: loaded Not tainted 5.4.0-21-generic #25-Ubuntu
[76707.692725] Hardware name: Dell Inc. OptiPlex 7010/0WR7PY, BIOS A29 06/28/2018
[76707.692732] Workqueue: usb_hub_wq hub_event
[76707.692738] RIP: 0010:__kmalloc+0xa5/0x270
[76707.692741] Code: 65 49 8b 50 08 65 4c 03 05 40 a0 76 4d 4d 8b 38 4d 85 ff 0f 84 93 01 00 00 41 8b 59 20 49 8b 39 48 8d 4a 01 4c 89 f8 4c 01 fb <48> 33 1b 49 33 99 70 01 00 00 65 48 0f c7 0f 0f 94 c0 84 c0 74 bd
[76707.692743] RSP: 0018:ffffa85b4...

Key part of dmesg is:

[76704.227672] cdc_acm 1-1.4:1.0: failed to set dtr/rts
[76704.936301] usb 1-1.4: USB disconnect, device number 11
[76704.951638] blk_update_request: I/O error, dev sdc, sector 1110 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951644] Buffer I/O error on dev sdc1, logical block 1109, lost async page write
[76704.951647] Buffer I/O error on dev sdc1, logical block 1110, lost async page write
[76704.951656] blk_update_request: I/O error, dev sdc, sector 1128 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951658] Buffer I/O error on dev sdc1, logical block 1127, lost async page write
[76704.951661] Buffer I/O error on dev sdc1, logical block 1128, lost async page write
[76704.951679] blk_update_request: I/O error, dev sdc, sector 1150 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951682] Buffer I/O error on dev sdc1, logical block 1149, lost async page write
[76704.951684] Buffer I/O error on dev sdc1, logical block 1150, lost async page write
[76704.951689] blk_update_request: I/O error, dev sdc, sector 1174 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951691] Buffer I/O error on dev sdc1, logical block 1173, lost async page write
[76704.951693] Buffer I/O error on dev sdc1, logical block 1174, lost async page write
[76704.951717] blk_update_request: I/O error, dev sdc, sector 1194 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951718] Buffer I/O error on dev sdc1, logical block 1193, lost async page write
[76704.951719] Buffer I/O error on dev sdc1, logical block 1194, lost async page write
[76704.951722] blk_update_request: I/O error, dev sdc, sector 1212 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951734] blk_update_request: I/O error, dev sdc, sector 1232 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951739] blk_update_request: I/O error, dev sdc, sector 1252 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951748] blk_update_request: I/O error, dev sdc, sector 1272 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76704.951751] blk_update_request: I/O error, dev sdc, sector 1290 op 0x1:(WRITE) flags 0x0 phys_seg 2 prio class 0
[76707.579590] usb 1-1.4: new full-speed USB device number 12 using ehci-pci
[76707.691410] usb 1-1.4: New USB device found, idVendor=239a, idProduct=8014, bcdDevice= 1.00
[76707.691413] usb 1-1.4: New USB device strings: Mfr=2, Product=3, SerialNumber=1
[76707.691415] usb 1-1.4: Product: Metro M0 Express
[76707.691417] usb 1-1.4: Manufacturer: Adafruit Industries LLC
[76707.691418] usb 1-1.4: SerialNumber: DFAE9D970323D4050213E2932141E0FF
[76707.692717] general protection fault: 0000 [#1] SMP PTI
[76707.692723] CPU: 3 PID: 75883 Comm: kworker/3:1 Kdump: loaded Not tainted 5.4.0-21-generic #25-Ubuntu
[76707.692725] Hardware name: Dell Inc. OptiPlex 7010/0WR7PY, BIOS A29 06/28/2018
[76707.692732] Workqueue: usb_hub_wq hub_event
[76707.692738] RIP: 0010:__kmalloc+0xa5/0x270
[76707.692741] Code: 65 49 8b 50 08 65 4c 03 05 40 a0 76 4d 4d 8b 38 4d 85 ff 0f 84 93 01 00 00 41 8b 59 20 49 8b 39 48 8d 4a 01 4c 89 f8 4c 01 fb <48> 33 1b 49 33 99 70 01 00 00 65 48 0f c7 0f 0f 94 c0 84 c0 74 bd
[76707.692743] RSP: 0018:ffffa85b4316f6c0 EFLAGS: 00010286
[76707.692745] RAX: af73d55600000000 RBX: af73d55600000000 RCX: 0000000000140e86
[76707.692747] RDX: 0000000000140e85 RSI: 0000000000000cc0 RDI: 000000000002f100
[76707.692749] RBP: ffffa85b4316f6f0 R08: ffff8ef6ce1af100 R09: ffff8ef6cc403180
[76707.692751] R10: 0000000000000cc0 R11: 0000000001320122 R12: 0000000000000cc0
[76707.692752] R13: 00000000000000b8 R14: ffff8ef6cc403180 R15: af73d55600000000
[76707.692755] FS:  0000000000000000(0000) GS:ffff8ef6ce180000(0000) knlGS:0000000000000000
[76707.692757] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[76707.692758] CR2: 00007fd69c2ee000 CR3: 0000000210f8e006 CR4: 00000000001606e0
[76707.692760] Call Trace:
[76707.692767]  ? usb_alloc_urb+0x29/0x60
[76707.692772]  usb_alloc_urb+0x29/0x60
[76707.692779]  acm_probe+0x6da/0xdb0 [cdc_acm]
[76707.692786]  usb_probe_interface+0xed/0x290
[76707.692792]  really_probe+0x2b3/0x3e0
[76707.692796]  driver_probe_device+0xbc/0x100
[76707.692799]  __device_attach_driver+0x71/0xd0
[76707.692803]  ? driver_allows_async_probing+0x50/0x50
[76707.692807]  bus_for_each_drv+0x84/0xd0
[76707.692810]  __device_attach+0xe1/0x160
[76707.692814]  device_initial_probe+0x13/0x20
[76707.692817]  bus_probe_device+0x8f/0xa0
[76707.692820]  device_add+0x3c7/0x6b0
[76707.692825]  ? _cond_resched+0x19/0x30
[76707.692828]  usb_set_configuration+0x433/0x7d0
[76707.692833]  ? kernfs_activate+0x77/0x80
[76707.692836]  generic_probe+0x43/0x60
[76707.692839]  usb_probe_device+0x31/0x70
[76707.692842]  really_probe+0x2b3/0x3e0
[76707.692846]  driver_probe_device+0xbc/0x100
[76707.692849]  __device_attach_driver+0x71/0xd0
[76707.692853]  ? driver_allows_async_probing+0x50/0x50
[76707.692856]  bus_for_each_drv+0x84/0xd0
[76707.692860]  __device_attach+0xe1/0x160
[76707.692863]  device_initial_probe+0x13/0x20
[76707.692866]  bus_probe_device+0x8f/0xa0
[76707.692869]  device_add+0x3c7/0x6b0
[76707.692873]  ? add_device_randomness+0xa0/0x1c0
[76707.692876]  usb_new_device.cold+0x12d/0x304
[76707.692879]  hub_port_connect+0x500/0x850
[76707.692883]  port_event+0x502/0x780
[76707.692886]  ? __switch_to_asm+0x34/0x70
[76707.692889]  hub_event+0x152/0x390
[76707.692893]  ? psi_avgs_work+0x64/0xd0
[76707.692897]  process_one_work+0x1eb/0x3b0
[76707.692900]  worker_thread+0x4d/0x400
[76707.692904]  kthread+0x104/0x140
[76707.692907]  ? process_one_work+0x3b0/0x3b0
[76707.692909]  ? kthread_park+0x90/0x90
[76707.692914]  ret_from_fork+0x35/0x40
[76707.692917] Modules linked in: nls_utf8 udf crc_itu_t nls_iso8859_1 rfcomm cmac algif_hash algif_skcipher af_alg bnep intel_rapl_msr uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common videodev mei_hdcp intel_rapl_common x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm crct10dif_pclmul ghash_clmulni_intel binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio aesni_intel crypto_simd cryptd glue_helper intel_cstate snd_hda_intel intel_rapl_perf snd_intel_nhlt snd_hda_codec snd_hda_core snd_usb_audio snd_usbmidi_lib snd_hwdep snd_seq_midi snd_seq_midi_event snd_rawmidi mc snd_pcm snd_seq joydev btusb btrtl uas btbcm btintel cdc_acm usb_storage input_leds bluetooth snd_seq_device snd_timer dell_wmi ecdh_generic ecc dell_smbios i915 dcdbas serio_raw sparse_keymap dell_wmi_descriptor wmi_bmof snd drm_kms_helper mei_me i2c_algo_bit fb_sys_fops ie31200_edac syscopyarea sysfillrect soundcore mei sysimgblt mac_hid sch_fq_codel
[76707.692958]  parport_pc ppdev lp parport drm sunrpc ip_tables x_tables autofs4 hid_generic usbhid hid crc32_pclmul psmouse i2c_i801 ahci libahci lpc_ich e1000e wmi video

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2020-04-06: Status changed to Confirmed

#3

This change was made by a bot.

Changed in linux (Ubuntu):
status:	New → Confirmed

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-04-30:

#4

Download full text (6.2 KiB)

Another crash, with a different backtrace. with a different board, but related USB implementation. Since the report above, the underlying USB implementation on the boards has changed somewhat, but the circumstances of the crash are similar:

[40859.232293] usb 1-1.3: USB disconnect, device number 34
[40859.250102] FAT-fs (sdc): unable to read boot sector to mark fs as dirty
[40862.270362] usb 1-1.3: new full-speed USB device number 35 using ehci-pci
[40862.387543] usb 1-1.3: New USB device found, idVendor=239a, idProduct=8014, bcdDevice= 1.00
[40862.387546] usb 1-1.3: New USB device strings: Mfr=2, Product=3, SerialNumber=1
[40862.387548] usb 1-1.3: Product: Metro M0 Express
[40862.387550] usb 1-1.3: Manufacturer: Adafruit Industries LLC
[40862.387552] usb 1-1.3: SerialNumber: DFAE9D970323D4050213E2932141E0FF
[40862.388969] cdc_acm 1-1.3:1.0: ttyACM0: USB ACM device
[40862.392200] usb-storage 1-1.3:1.2: USB Mass Storage device detected
[40862.392599] scsi host6: usb-storage 1-1.3:1.2
[40862.397276] input: Adafruit Industries LLC Metro M0 Express Keyboard as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input97
[40862.454787] input: Adafruit Industries LLC Metro M0 Express Mouse as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input98
[40862.455133] input: Adafruit Industries LLC Metro M0 Express Consumer Control as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input99
[40862.455322] input: Adafruit Industries LLC Metro M0 Express as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input100
[40862.455689] hid-generic 0003:239A:8014.0016: input,hidraw3: USB HID v1.11 Keyboard [Adafruit Industries LLC Metro M0 Express] on usb-0000:00:1a.0-1.3/input3
[40863.416330] scsi host6: scsi scan: INQUIRY result too short (5), using 36
[40863.416338] scsi 6:0:0:0: Direct-Access Adafruit Metro M0 Express 1.0 PQ: 0 ANSI: 2
[40863.416732] sd 6:0:0:0: Attached scsi generic sg3 type 0
[40863.418307] sd 6:0:0:0: [sdc] 4089 512-byte logical blocks: (2.09 MB/2.00 MiB)
[40863.419611] sd 6:0:0:0: [sdc] Write Protect is off
[40863.419615] sd 6:0:0:0: [sdc] Mode Sense: 03 00 00 00
[40863.420650] sd 6:0:0:0: [sdc] No Caching mode page found
[40863.420656] sd 6:0:0:0: [sdc] Assuming drive cache: write through
[40863.464434] sdc: sdc1
[40863.472071] sd 6:0:0:0: [sdc] Attached SCSI removable disk
[40864.285807] FAT-fs (sdc1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[40866.329111] cdc_acm 1-1.3:1.0: failed to set dtr/rts
[40866.349335] general protection fault: 0000 [#1] SMP PTI
[40866.349339] CPU: 3 PID: 134345 Comm: systemd-udevd Kdump: loaded Not tainted 5.4.0-28-generic #32-Ubuntu
[40866.349340] Hardware name: Dell Inc. OptiPlex 7010/0WR7PY, BIOS A29 06/28/2018
[40866.349346] RIP: 0010:kmem_cache_alloc_trace+0x88/0x230
[40866.349348] Code: 65 49 8b 50 08 65 4c 03 05 fd 95 36 60 4d 8b 38 4d 85 ff 0f 84 80 01 00 00 41 8b 59 20 49 8b 39 48 8d 4a 01 4c 89 f8 4c 01 fb <48> 33 1b 49 33 99 70 01 00 00 65 48 0f c7 0f 0f 94 c0 84 c0 74 bd
[40866.349349] RSP: 0018:ffffa5f589357bf0 EFLAGS: ...

Another crash, with a different backtrace. with a different board, but related USB implementation. Since the report above, the underlying USB implementation on the boards has changed somewhat, but the circumstances of the crash are similar:

[40859.232293] usb 1-1.3: USB disconnect, device number 34
[40859.250102] FAT-fs (sdc): unable to read boot sector to mark fs as dirty
[40862.270362] usb 1-1.3: new full-speed USB device number 35 using ehci-pci
[40862.387543] usb 1-1.3: New USB device found, idVendor=239a, idProduct=8014, bcdDevice= 1.00
[40862.387546] usb 1-1.3: New USB device strings: Mfr=2, Product=3, SerialNumber=1
[40862.387548] usb 1-1.3: Product: Metro M0 Express
[40862.387550] usb 1-1.3: Manufacturer: Adafruit Industries LLC
[40862.387552] usb 1-1.3: SerialNumber: DFAE9D970323D4050213E2932141E0FF
[40862.388969] cdc_acm 1-1.3:1.0: ttyACM0: USB ACM device
[40862.392200] usb-storage 1-1.3:1.2: USB Mass Storage device detected
[40862.392599] scsi host6: usb-storage 1-1.3:1.2
[40862.397276] input: Adafruit Industries LLC Metro M0 Express Keyboard as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input97
[40862.454787] input: Adafruit Industries LLC Metro M0 Express Mouse as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input98
[40862.455133] input: Adafruit Industries LLC Metro M0 Express Consumer Control as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input99
[40862.455322] input: Adafruit Industries LLC Metro M0 Express as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:239A:8014.0016/input/input100
[40862.455689] hid-generic 0003:239A:8014.0016: input,hidraw3: USB HID v1.11 Keyboard [Adafruit Industries LLC Metro M0 Express] on usb-0000:00:1a.0-1.3/input3
[40863.416330] scsi host6: scsi scan: INQUIRY result too short (5), using 36
[40863.416338] scsi 6:0:0:0: Direct-Access     Adafruit Metro M0 Express 1.0  PQ: 0 ANSI: 2
[40863.416732] sd 6:0:0:0: Attached scsi generic sg3 type 0
[40863.418307] sd 6:0:0:0: [sdc] 4089 512-byte logical blocks: (2.09 MB/2.00 MiB)
[40863.419611] sd 6:0:0:0: [sdc] Write Protect is off
[40863.419615] sd 6:0:0:0: [sdc] Mode Sense: 03 00 00 00
[40863.420650] sd 6:0:0:0: [sdc] No Caching mode page found
[40863.420656] sd 6:0:0:0: [sdc] Assuming drive cache: write through
[40863.464434]  sdc: sdc1
[40863.472071] sd 6:0:0:0: [sdc] Attached SCSI removable disk
[40864.285807] FAT-fs (sdc1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[40866.329111] cdc_acm 1-1.3:1.0: failed to set dtr/rts
[40866.349335] general protection fault: 0000 [#1] SMP PTI
[40866.349339] CPU: 3 PID: 134345 Comm: systemd-udevd Kdump: loaded Not tainted 5.4.0-28-generic #32-Ubuntu
[40866.349340] Hardware name: Dell Inc. OptiPlex 7010/0WR7PY, BIOS A29 06/28/2018
[40866.349346] RIP: 0010:kmem_cache_alloc_trace+0x88/0x230
[40866.349348] Code: 65 49 8b 50 08 65 4c 03 05 fd 95 36 60 4d 8b 38 4d 85 ff 0f 84 80 01 00 00 41 8b 59 20 49 8b 39 48 8d 4a 01 4c 89 f8 4c 01 fb <48> 33 1b 49 33 99 70 01 00 00 65 48 0f c7 0f 0f 94 c0 84 c0 74 bd
[40866.349349] RSP: 0018:ffffa5f589357bf0 EFLAGS: 00010206
[40866.349350] RAX: 02f74afdcaf6e6c0 RBX: 02f74afdcaf6e6c0 RCX: 00000000001b8e41
[40866.349351] RDX: 00000000001b8e40 RSI: 0000000000000dc0 RDI: 000000000002f100
[40866.349352] RBP: ffffa5f589357c20 R08: ffff935a0e1af100 R09: ffff935a0c403180
[40866.349353] R10: 0000000000000001 R11: 0000000000000006 R12: 0000000000000dc0
[40866.349354] R13: 0000000000000098 R14: ffff935a0c403180 R15: 02f74afdcaf6e6c0
[40866.349355] FS:  00007f4619b2e880(0000) GS:ffff935a0e180000(0000) knlGS:0000000000000000
[40866.349356] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[40866.349357] CR2: 000055c433bfa8b0 CR3: 0000000111b80005 CR4: 00000000001606e0
[40866.349358] Call Trace:
[40866.349363]  ? kernfs_fop_open+0xc2/0x3b0
[40866.349366]  kernfs_fop_open+0xc2/0x3b0
[40866.349368]  ? kernfs_fop_read+0x1b0/0x1b0
[40866.349372]  do_dentry_open+0x143/0x3a0
[40866.349373]  vfs_open+0x2d/0x30
[40866.349376]  do_last+0x194/0x900
[40866.349392]  path_openat+0x8d/0x290
[40866.349394]  do_filp_open+0x91/0x100
[40866.349397]  ? __alloc_fd+0x46/0x150
[40866.349398]  do_sys_open+0x17e/0x290
[40866.349400]  __x64_sys_openat+0x20/0x30
[40866.349402]  do_syscall_64+0x57/0x190
[40866.349405]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[40866.349407] RIP: 0033:0x7f461a0a3d1b
[40866.349409] Code: 25 00 00 41 00 3d 00 00 41 00 74 4b 64 8b 04 25 18 00 00 00 85 c0 75 67 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 91 00 00 00 48 8b 4c 24 28 64 48 33 0c 25
[40866.349410] RSP: 002b:00007ffd5b8a6190 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[40866.349411] RAX: ffffffffffffffda RBX: 000055c433b7e9b0 RCX: 00007f461a0a3d1b
[40866.349412] RDX: 0000000000080000 RSI: 00007ffd5b8a6300 RDI: 00000000ffffff9c
[40866.349413] RBP: 00007ffd5b8a6300 R08: 0000000000000008 R09: 0000000000000001
[40866.349413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080000
[40866.349414] R13: 000055c432f13390 R14: 000055c433962e60 R15: 00007ffd5b8a6398
[40866.349416] Modules linked in: nls_iso8859_1 rfcomm cmac algif_hash algif_skcipher af_alg bnep intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm mei_hdcp crct10dif_pclmul ghash_clmulni_intel snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic aesni_intel ledtrig_audio crypto_simd cryptd glue_helper intel_cstate intel_rapl_perf snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_usb_audio snd_hda_core snd_usbmidi_lib snd_hwdep snd_pcm snd_seq_midi btusb snd_seq_midi_event btrtl snd_rawmidi uvcvideo btbcm i915 snd_seq videobuf2_vmalloc videobuf2_memops btintel videobuf2_v4l2 dell_wmi binfmt_misc videobuf2_common dell_smbios snd_seq_device bluetooth drm_kms_helper videodev dcdbas snd_timer joydev i2c_algo_bit ecdh_generic cdc_acm input_leds snd mc ecc wmi_bmof serio_raw sparse_keymap fb_sys_fops dell_wmi_descriptor mei_me syscopyarea mei soundcore sysfillrect sysimgblt ie31200_edac mac_hid sch_fq_codel parport_pc ppdev lp parport drm sunrpc
[40866.349443]  ip_tables x_tables autofs4 uas usb_storage hid_generic usbhid hid crc32_pclmul psmouse i2c_i801 e1000e ahci libahci lpc_ich video wmi

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2020-06-09:

#5

Disconnect:
[76704.227672] cdc_acm 1-1.4:1.0: failed to set dtr/rts
[76704.936301] usb 1-1.4: USB disconnect, device number 11

Reprobe:
[76707.579590] usb 1-1.4: new full-speed USB device number 12 using ehci-pci

Then:
[76707.692717] general protection fault: 0000 [#1] SMP PTI

Could be use after free, or stack corruption. Probably some resources aren't freed in USB stack.

Does TinyUSB touch anything inside kernel?

Changed in linux (Ubuntu):
status:	Confirmed → Incomplete

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-06-09:

#6

Thanks for the reply.

TinyUSB runs on the microcontroller board; it is the USB stack implementation used by the software on the board. So it doesn't touch the kernel, by definition. It is behaving in some way that is unexpected to the Linux driver, and causing bad behavior on the part of the driver.

It is possible this is a timing or kernel driver state machine. These crashes occur when I reset the board. So the USB device is forcibly disconnected, and then immediately tries to re-enumerate. This is much faster than the usual unplug/replug time you might see, if say, you unplugged a replugged a USB keyboard or USB flash drive.

Would a USB trace be helpful to you? I can use a Beagle and get a trace file. Is this the right place to continue discussing this bug, or should it be in some Linux kernel bug system?

Thanks.

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2020-06-09:

#7

Since the system is upgraded from 16.04, have you tried any older kernel? This could be a regression.

Also, please test latest mainline kernel:
https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.7

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-06-09:

#8

I was able to reproduce the problem after a few tries with the 5.7.0-050700-generic kernel. I then started trying older kernels. It appears the problem started somewhere between 4.10.0 an 4.18.0. But sometimes it takes several tries to reproduce, so I'll continue some ad-hoc bisecting to see if I can narrow it down.

For posterity, here is how I'm reproducing. It may take several tries, but it seems to happen about 1/3 of the time. I don't expect you to need to follow all of this for now:

Using CircuitPython 5.3.0 on Adafruit Metro M0 board. Connect to REPL and do:
>>> import storage
>>> storage.erase_filesystem()

can cause an immediate kernel crash, or it might be delayed by several seconds.

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-06-09:

#9

I'm wrong, I got this to happen on 4.10, which is quite old, so I'm not sure if it's worth going back much further in time.

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2020-07-04:

#10

Please raise the issue to linux-usb mailing list. Possible use-after-free bug here.

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-07-04:

#11

lspci-v.txt Edit (5.8 KiB, text/plain)

Thank you. Attaching lspci-v output in preparation for reporting to the linux-usb mailing list. lsusb -v output is already attached to the first port.

Revision history for this message

Dan Halbert (dhalbert) wrote on 2020-07-29:

#12

I brought this up on the linux-usb email list and was told it was more likely to be an issue in the filesystem code. In addition, that code (and the USB code) don't expect an MSC USB device to behave badly, and there's no guarantee that if it does, Linux will not crash. In this case, the filesystem changes abruptly out from under the filesystem code.

linux-usb thread:
https://marc.info/?l=linux-usb&m=159387610928589&w=2

I suppose you can close this now. I wish Linux were more robust about this, but it appears to be a "won't fix" from their point of view.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-09-28:

#13

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

Changed in linux (Ubuntu):
status:	Incomplete → Expired

Revision history for this message

Colin Godsey (crgodsey) wrote on 2021-01-30:

#14

This still seems to be happening on 5.8. Different board yet again, but same situation. Crashes every 1/X times when resetting the board. I don't have logs of the actual crash (ZFS root maybe?), but it locks up right after the "failed to set dtr/rts" like the others reported here, with similar logs up to that point.

Revision history for this message

Colin Godsey (crgodsey) wrote on 2021-01-30:

#15

For the other folks that see this, it does seem to help to use the reset button slower, for what its worth. Possibly offers a better disconnect/reconnect timing.

Ubuntu
linux package

Kernel crash during USB device enumeration or mounting

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntulinux package

Kernel crash during USB device enumeration or mounting

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
linux package