You are not logged in.

Pages: 1

#1 2025-05-28 18:09:37

quellen
Member
From: Italy
Registered: 2014-05-24
Posts: 364

kernel panic after connecting SATA DVD Drive

Hey everyone,

Today, after a long time, I reconnected the internal SATA DVD drive to my desktop PC, and when I booted into Arch Linux, I was greeted with this blue screen of death showing a kernel panic and a QR code:

kernel.jpg

Panic Report
Arch: x86_64
Version: 6.14.7-arch2-1
[   21.536406]  __x64_sys_finit_module+0x67/0xc0
[   21.536409]  do_syscall_64+0x7b/0x190
[   21.536413]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536415]  ? vfs_read+0x162/0x390
[   21.536419]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536421]  ? __rseq_handle_notify_resume+0x9c/0x4d0
[   21.536426]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536428]  ? arch_exit_to_user_mode_prepare.isra.0+0x7c/0x90
[   21.536431]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536433]  ? syscall_exit_to_user_mode+0x37/0x1c0
[   21.536436]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536438]  ? do_syscall_64+0x87/0x190
[   21.536441]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536442]  ? syscall_exit_to_user_mode+0x37/0x1c0
[   21.536445]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536447]  ? do_syscall_64+0x87/0x190
[   21.536449]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536451]  ? do_sys_openat2+0x96/0xe0
[   21.536455]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536457]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536458]  ? syscall_exit_to_user_mode+0x37/0x1c0
[   21.536461]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536463]  ? do_syscall_64+0x87/0x190
[   21.536465]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536467]  ? do_syscall_64+0x87/0x190
[   21.536469]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536471]  ? do_user_addr_fault+0x188/0x640
[   21.536476]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536478]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.536480]  ? irqentry_exit_to_user_mode+0x2c/0x1b0
[   21.536483]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   21.536486] RIP: 0033:0x7fe842d26eed
[   21.536498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d f3 ed 0c 00 f7 d8 64 89 01 48
[   21.536500] RSP: 002b:00007ffe3ecebfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   21.536502] RAX: ffffffffffffffda RBX: 00005602f7192910 RCX: 00007fe842d26eed
[   21.536504] RDX: 0000000000000004 RSI: 00007fe84336d2f2 RDI: 0000000000000013
[   21.536505] RBP: 00007ffe3ecec080 R08: 0000000000000000 R09: 00005602f7194a50
[   21.536507] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe84336d2f2
[   21.536508] R13: 0000000000020000 R14: 00005602f7190370 R15: 00005602f7192910
[   21.536513]  </TASK>
[   21.536514] ---[ end trace 0000000000000000 ]---
[   21.536516] object pointer: 0x00000000c07b5673
[   21.536583] smsusb:smsusb_probe: Device initialized with return code -62
[   21.539177] BUG: kernel NULL pointer dereference, address: 0000000000000018
[   21.539194] #PF: supervisor read access in kernel mode
[   21.539206] #PF: error_code(0x0000) - not-present page
[   21.539219] PGD 0 P4D 0 
[   21.539232] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
[   21.539248] CPU: 8 UID: 0 PID: 0 Comm: swapper/8 Tainted: G        W  OE      6.14.7-arch2-1 #1 b64f38217d3fe6ae2df8fdbff12b3e301689405c
[   21.539278] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   21.539293] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./A520M-HVS, BIOS P2.10 02/24/2022
[   21.539313] RIP: 0010:smsusb_onresponse+0x49/0x180 [smsusb]
[   21.539333] Code: 87 84 00 00 00 4c 8b 6b 18 83 f9 94 0f 84 18 04 00 00 48 89 fd 45 85 c0 0f 84 ed 03 00 00 85 c9 0f 85 e5 03 00 00 48 8b 43 10 <4c> 8b 60 18 4c 89 e7 e8 eb 1a f5 ff 44 8b 85 84 00 00 00 41 0f b7
[   21.539366] RSP: 0018:ffffacea40314e60 EFLAGS: 00010246
[   21.539382] RAX: 0000000000000000 RBX: ffff9b444105c0e8 RCX: 0000000000000000
[   21.539400] RDX: ffff9b4440943600 RSI: 000000000000001e RDI: ffff9b444c376540
[   21.539416] RBP: ffff9b444c376540 R08: 0000000000000958 R09: ffffffff86960cc0
[   21.539433] R10: ffff9b44400516c0 R11: fefefefefefefeff R12: 0000000000000000
[   21.539450] R13: ffff9b444105c000 R14: 0000000000000000 R15: ffff9b44461ad1d8
[   21.539467] FS:  0000000000000000(0000) GS:ffff9b4576600000(0000) knlGS:0000000000000000
[   21.539487] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.539502] CR2: 0000000000000018 CR3: 00000001039fb000 CR4: 0000000000f50ef0
[   21.539519] PKRU: 55555554
[   21.539529] Call Trace:
[   21.539539]  <IRQ>
[   21.539550]  __usb_hcd_giveback_urb+0xa0/0x120
[   21.539568]  usb_giveback_urb_bh+0xc4/0x150
[   21.539584]  process_one_work+0x17f/0x340
[   21.539601]  bh_worker+0x1ac/0x210
[   21.539615]  ? sched_clock_cpu+0xf/0x200
[   21.539632]  tasklet_action+0x10/0x30
[   21.539648]  handle_softirqs+0xe6/0x2a0
[   21.539665]  __irq_exit_rcu+0xcb/0xf0
[   21.539679]  common_interrupt+0x85/0xa0
[   21.539695]  </IRQ>
[   21.539704]  <TASK>
[   21.539713]  asm_common_interrupt+0x26/0x40
[   21.539729] RIP: 0010:mwait_idle+0x46/0x70
[   21.539745] Code: 8e 54 7b 80 75 34 31 c9 48 89 f0 48 89 ca 0f 01 c8 48 8b 06 a8 08 75 18 eb 07 0f 00 2d 9f cd 13 00 31 c0 48 89 c1 fb 0f 01 c9 <fa> 0f 1f 44 00 00 f0 80 66 02 df e9 45 3e e3 fe 0f ae f0 0f ae 3e
[   21.539777] RSP: 0018:ffffacea40153ec8 EFLAGS: 00000246
[   21.539793] RAX: 0000000000000000 RBX: ffff9b4440943600 RCX: 0000000000000000
[   21.539811] RDX: 0000000000000000 RSI: ffff9b4440943600 RDI: 00000000000e3214
[   21.539829] RBP: 0000000000000008 R08: 0000000000000002 R09: 0000000000000000
[   21.539847] R10: 0000000503b69e9b R11: 0000000000000001 R12: 0000000000000000
[   21.539865] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   21.539887]  ? srso_alias_return_thunk+0x5/0xfbef5
[   21.539904]  default_idle_call+0x29/0x100
[   21.539919]  do_idle+0x1cc/0x210
[   21.539934]  cpu_startup_entry+0x29/0x30
[   21.539948]  start_secondary+0x11e/0x140
[   21.539963]  common_startup_64+0x13e/0x141
[   21.539982]  </TASK>
[   21.539991] Modules linked in: nct6775 nct6775_core hwmon_vid vfat fat amd_atl intel_rapl_msr intel_rapl_common snd_hda_codec_realtek kvm_amd snd_hda_codec_generic snd_hda_scodec_component snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg kvm snd_intel_sdw_acpi irqbypass snd_hda_codec polyval_clmulni polyval_generic snd_hda_core ghash_clmulni_intel sha512_ssse3 snd_hwdep sha256_ssse3 ee1004 smsusb(+) r8169 sha1_ssse3 snd_pcm sp5100_tco smsmdtv aesni_intel snd_timer realtek crypto_simd xpad mdio_devres joydev mousedev snd ff_memless mc cryptd i2c_piix4 sr_mod libphy soundcore ccp rapl wmi_bmof pcspkr cdrom k10temp i2c_smbus acpi_cpufreq gpio_amdpt gpio_generic mac_hid sg vhba(OE) dm_mod loop nfnetlink ip_tables x_tables hid_generic serio_raw atkbd libps2 vivaldi_fmap usbhid i8042 serio amdgpu amdxcp i2c_algo_bit drm_ttm_helper ttm drm_exec gpu_sched drm_suballoc_helper video wmi drm_panel_backlight_quirks drm_buddy drm_display_helper cec
[   21.542841] CR2: 0000000000000018
[   21.543382] ---[ end trace 0000000000000000 ]---
[   21.543930] RIP: 0010:smsusb_onresponse+0x49/0x180 [smsusb]
[   21.544474] Code: 87 84 00 00 00 4c 8b 6b 18 83 f9 94 0f 84 18 04 00 00 48 89 fd 45 85 c0 0f 84 ed 03 00 00 85 c9 0f 85 e5 03 00 00 48 8b 43 10 <4c> 8b 60 18 4c 89 e7 e8 eb 1a f5 ff 44 8b 85 84 00 00 00 41 0f b7
[   21.545037] RSP: 0018:ffffacea40314e60 EFLAGS: 00010246
[   21.545603] RAX: 0000000000000000 RBX: ffff9b444105c0e8 RCX: 0000000000000000
[   21.546169] RDX: ffff9b4440943600 RSI: 000000000000001e RDI: ffff9b444c376540
[   21.546735] RBP: ffff9b444c376540 R08: 0000000000000958 R09: ffffffff86960cc0
[   21.547300] R10: ffff9b44400516c0 R11: fefefefefefefeff R12: 0000000000000000
[   21.547867] R13: ffff9b444105c000 R14: 0000000000000000 R15: ffff9b44461ad1d8
[   21.548435] FS:  0000000000000000(0000) GS:ffff9b4576600000(0000) knlGS:0000000000000000
[   21.549004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.549589] CR2: 0000000000000018 CR3: 00000001039fb000 CR4: 0000000000f50ef0
[   21.550169] PKRU: 55555554
[   21.550740] Kernel panic - not syncing: Fatal exception in interrupt
[   21.551241] Kernel Offset: 0x2800000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)

After a reboot, everything worked normally. What could have caused this issue? Also, why did I get an error related to smusb? The DVD drive is SATA, so I'm confused about the smusb reference.

EDIT:
Maybe the problem is related to a DVB-T decoder that was connected to the USB port (when I turned off the PC to connect the DVD player, the DVB-T decoder was playing a tv channel with mpv):
https://bbs.archlinux.org/viewtopic.php?id=303474

Last edited by quellen (2025-05-28 18:15:53)

sorry for my bad english

Offline

#2 2025-05-28 23:03:34

gromit
Administrator
From: Germany
Registered: 2024-02-10
Posts: 1,523
Website

Re: kernel panic after connecting SATA DVD Drive

Do you already have a good way to reproduce the issue so we could check what's causing it?

Offline

#3 2025-05-29 08:16:39

quellen
Member
From: Italy
Registered: 2014-05-24
Posts: 364

Re: kernel panic after connecting SATA DVD Drive

gromit wrote:

Do you already have a good way to reproduce the issue so we could check what's causing it?

I don't know how to reproduce the kernel panic, but I do know how to reproduce the USB DVB-T decoder (lsusb: 2040:5500 Hauppauge Windham) issue:

1. Connect the DVB-T decoder.
2. Play a TV channel using MPV (mpv dvb://channel_name)
3. Disconnect the decoder while the TV channel is playing.
When I do this, the entire system crashes: the keyboard and mouse stop working, and I'm forced to reset using the reset button on the case.

It seems to be a smsusb bug:
https://access.redhat.com/security/cve/cve-2023-4132
https://access.redhat.com/security/cve/CVE-2019-15218

Last edited by quellen (2025-05-29 09:06:10)

sorry for my bad english

Offline

#4 2025-05-29 11:03:54

mmy8x
Member
Registered: 2025-03-02
Posts: 97

Re: kernel panic after connecting SATA DVD Drive

quellen wrote:
[   21.536583] smsusb:smsusb_probe: Device initialized with return code -62
[   21.539177] BUG: kernel NULL pointer dereference, address: 0000000000000018
[   21.539194] #PF: supervisor read access in kernel mode
[   21.539206] #PF: error_code(0x0000) - not-present page
[   21.539219] PGD 0 P4D 0 
[   21.539232] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
[   21.539248] CPU: 8 UID: 0 PID: 0 Comm: swapper/8 Tainted: G        W  OE      6.14.7-arch2-1 #1 b64f38217d3fe6ae2df8fdbff12b3e301689405c
[   21.539278] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   21.539293] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./A520M-HVS, BIOS P2.10 02/24/2022
[   21.539313] RIP: 0010:smsusb_onresponse+0x49/0x180 [smsusb]
[   21.539333] Code: 87 84 00 00 00 4c 8b 6b 18 83 f9 94 0f 84 18 04 00 00 48 89 fd 45 85 c0 0f 84 ed 03 00 00 85 c9 0f 85 e5 03 00 00 48 8b 43 10 <4c> 8b 60 18 4c 89 e7 e8 eb 1a f5 ff 44 8b 85 84 00 00 00 41 0f b7
[   21.539366] RSP: 0018:ffffacea40314e60 EFLAGS: 00010246
[   21.539382] RAX: 0000000000000000 RBX: ffff9b444105c0e8 RCX: 0000000000000000
[   21.539400] RDX: ffff9b4440943600 RSI: 000000000000001e RDI: ffff9b444c376540
[   21.539416] RBP: ffff9b444c376540 R08: 0000000000000958 R09: ffffffff86960cc0
[   21.539433] R10: ffff9b44400516c0 R11: fefefefefefefeff R12: 0000000000000000
[   21.539450] R13: ffff9b444105c000 R14: 0000000000000000 R15: ffff9b44461ad1d8
[   21.539467] FS:  0000000000000000(0000) GS:ffff9b4576600000(0000) knlGS:0000000000000000
[   21.539487] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.539502] CR2: 0000000000000018 CR3: 00000001039fb000 CR4: 0000000000f50ef0
[   21.539519] PKRU: 55555554
[   21.539529] Call Trace:
[   21.539539]  <IRQ>
[   21.539550]  __usb_hcd_giveback_urb+0xa0/0x120
[   21.539568]  usb_giveback_urb_bh+0xc4/0x150
[   21.539584]  process_one_work+0x17f/0x340
[   21.539601]  bh_worker+0x1ac/0x210
[   21.539615]  ? sched_clock_cpu+0xf/0x200
[   21.539632]  tasklet_action+0x10/0x30
[   21.539648]  handle_softirqs+0xe6/0x2a0
[   21.539665]  __irq_exit_rcu+0xcb/0xf0
[   21.539679]  common_interrupt+0x85/0xa0
[   21.539695]  </IRQ>

Not sure what the preceding stack trace is about, but this here looks like another smsusb bug. Namely, it seems to fail initialization and then some of its URBs completes for one reason or another when some driver data are either not completely initialized or already freed and nulled. This crash is caused simply by connecting the device or loading the driver, either if the device is in some particular state that the driver doesn't expect or simply under bad phase of the moon.

Crashes of media drivers on disconnection while in use are not entirely unheard of, looks like those drivers aren't top quality. I have an old webcam which does that too, good news is that at least uvcvideo doesn't.

Last edited by mmy8x (2025-05-29 11:10:50)

Offline

Pages: 1

Board footer

Powered by FluxBB