Re: [BUG] rmmod g_mass_storage result to segmentation fault

From: Peter Chen
Date: Wed Jan 09 2019 - 21:39:40 EST


>
> When running an imx_defconfig on a imx6q-sabrelite, rmmod g_mass_storage lead to the following crash:
> [ 143.952834] Internal error: Oops: 817 [#1] SMP ARM
> [ 143.957639] Modules linked in: dmatest psmouse serport da9063_wdt wl12xx wl18xx wlcore wlcore_sdio brcmfmac brcmutil mwifiex_sdio mwifiex_pcie mwifiex rtl8150 pegasus cdc_eem i2c_algo_pca i2c_algo_pcf echainiv bnep crc_ccitt libcrc32c crc7 isofs nls_iso8859_15 udf crc_itu_t msdos binfmt_misc gspca_main uvcvideo adv7180 snd_usb_audio snd_hwdep snd_usbmidi_lib usb_f_uac2 usb_f_hid usb_f_uac1 u_audio usb_f_obex usb_f_eem usb_f_printer usb_f_uvc usb_f_ecm usb_f_midi snd_rawmidi usb_f_ecm_subset usb_f_ss_lb usb_f_serial usb_f_ncm g_ffs usb_f_fs g_zero g_audio g_mass_storage(-) usb_f_mass_storage usb_f_rndis u_ether usb_f_acm u_serial libcomposite configfs usb_wwan usbserial imx_vdoa videobuf2_vmalloc [last unloaded: g_ncm]
> [ 144.021308] CPU: 3 PID: 9158 Comm: rmmod Not tainted 5.0.0-rc1-next-20190108 #1
> [ 144.028623] Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
> [ 144.035170] PC is at usb_gadget_unregister_driver+0xac/0xd4
> [ 144.040748] LR is at 0x1242afc4
> [ 144.043895] pc : [<c079af08>] lr : [<1242afc4>] psr: 60000013
> [ 144.050166] sp : ed0e7f48 ip : a54b4ce2 fp : 00000000
> [ 144.055396] r10: 00000081 r9 : ed0e6000 r8 : c01011c4
> [ 144.060626] r7 : 00000081 r6 : bec49b98 r5 : bf12916c r4 : c129176c
> [ 144.067159] r3 : 00000200 r2 : 00000100 r1 : 00000200 r0 : 00000100
> [ 144.073693] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
> [ 144.080833] Control: 10c5387d Table: 3d33404a DAC: 00000051
> [ 144.086585] Process rmmod (pid: 9158, stack limit = 0x2ac398d3)
> [ 144.092510] Stack: (0xed0e7f48 to 0xed0e8000)
> [ 144.096877] 7f40: bf129200 c120c908 bec49b98 c01c965c 616d5f67 735f7373
> [ 144.105063] 7f60: 61726f74 b6006567 00000017 c01175c8 b6f114c8 ed0e7fb0 bec49e14 000a1a98
> [ 144.113249] 7f80: bec49b7c c0117aec ffffffff c33d43a5 000278d4 c33d43a5 000278d4 616d5f67
> [ 144.121435] 7fa0: 735f7373 c0101000 000278d4 616d5f67 bec49b98 00000880 00000000 bec49e18
> [ 144.129621] 7fc0: 000278d4 616d5f67 735f7373 00000081 00000000 00000000 b6faf000 00000000
> [ 144.137807] 7fe0: bec49b90 bec49b80 000277b8 b6eb52f0 60000010 bec49b98 00000000 00000000
> [ 144.146006] [<c079af08>] (usb_gadget_unregister_driver) from [<c01c965c>] (sys_delete_module+0x130/0x1dc)
> [ 144.155586] [<c01c965c>] (sys_delete_module) from [<c0101000>] (ret_fast_syscall+0x0/0x28)
> [ 144.163855] Exception stack(0xed0e7fa8 to 0xed0e7ff0)
> [ 144.168914] 7fa0: 000278d4 616d5f67 bec49b98 00000880 00000000 bec49e18
> [ 144.177100] 7fc0: 000278d4 616d5f67 735f7373 00000081 00000000 00000000 b6faf000 00000000
> [ 144.185283] 7fe0: bec49b90 bec49b80 000277b8 b6eb52f0
> [ 144.190344] Code: e5953070 e595206c e3a00c01 e3a01c02 (e5823004)
> [ 144.196538] ---[ end trace 86952e6cc74d8e8b ]---
> Segmentation fault

Some questions:
- Do you have issue for previous version,eg, v4.19 or v4.20?
- Legacy gadget driver is not supported well now, do you have issues
with configfs?
- Any differences if the cable is connected or not?

Peter