We're trying to use USB memory sticks in a "hostile" environment, where
devices may be plugged and unplugged unexpectedly, and we need to be
sure that the kernel and our application won't crash as a result. We've
hit crashes doing a straightforward test: plugging and unplugging one
or more memory sticks repeatedly. These were fairly common with 2.4.25;
it seems less common in 2.4.26, but we've still hit an oops.
Our application is doing a number of things when a card is inserted:
scans /proc/bus/usb/devices and /proc/scsi/usb-storage* to figure out
which USB port and hub the device is plugged in and which device to
use to mount it; mount the device; and read and write some files.
The attached oops happened after a couple hundred iterations of plugging
and unplugging a single memory card. (In 2.4.25, I believe we only
reproduced oopses while toggling two sticks at once, but I can't prove
a negative--it might have been coincidence, although we tried pretty
hard.)
We'll keep trying to narrow down the crash more. It's time-consuming,
since it can take so many iterations to reproduce.
In case anybody's actually bored enough to look at the code:
http://cvs.sourceforge.net/viewcvs.py/stepmania/stepmania/src/arch/MemoryCard/MemoryCardDriverThreaded_Linux.cpp?view=markup
--
Glenn Maynard
ksymoops 2.4.9 on i686 2.4.26. Options used
-V (default)
-k /proc/ksyms (default)
-l /proc/modules (default)
-o /lib/modules/2.4.26/ (default)
-m /boot/System.map-2.4.26 (default)
Warning: You did not tell me where to find symbol information. I will
assume that the log matches the kernel and modules that are running
right now and I'll use the default options above for symbol resolution.
If the current kernel and/or modules do not match the log, you can get
more accurate output by telling me the kernel version and where to find
map, modules, ksyms etc. ksymoops -h explains the options.
Warning (compare_maps): mismatch on symbol _nv000173rm , nvidia says cea024a0,
/lib/modules/2.4.26/kernel/drivers/nvidia.o says cea02280. Ignoring
/lib/modules/2.4.26/kernel/drivers/nvidia.o entry
Reading Oops report from the terminal
Stack: 00000000 c5b92130 c
cea6b3f8
*pde = 00000000
CPU: 0
EIP: 0010:[<cea6b3f8>] Tainted: P
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010287
eax: 00000002 ebx: 00000000 ecx: cea6f810 edx: cea6f6e9
esi: c5b92130 edi: 00000000 ebp: 00000000 esp: ca135e60
ds: 0018 es: 0018 ss: 0018
Process stepmania (pid: 462, stackpage=ca135000)
Stack: 00000000 c5b92130 cd1aa6a0 00000000 cea6f810 00000001 c5b920eb cea6b654
00000002 c5b92130 c5b93f00 00000000 cdd176c0 00000000 c5b920eb 00000000
cea6b758 00000002 c5b920eb c5b93f00 cdd176c0 00000000 00000000 cb171800
Call trace: [<cea6f810>] [<cea6b654>] [<cea6b758>] [<cea6b986>] [<cea6bad3>]
[<cea6bbe0>] [<cea70b20>] [<cea6bcb6>] [<c0130726>] [<c01084d7>]
Code: 8a 47 02 24 80 0f b6 d8 c6 44 24 1b 4f 85 db 74 05 c6 44 24
>>EIP; cea6b3f8 <[usbcore]usb_dump_endpoint_descriptor+24/1b8> <=====
>>ecx; cea6f810 <[usbcore]clas_info+dc/136>
>>edx; cea6f6e9 <[usbcore]__module_usb_device_size+821/86c>
>>esi; c5b92130 <_end+57bc958/e464888>
>>esp; ca135e60 <_end+9d60688/e464888>
Trace; cea6f810 <[usbcore]clas_info+dc/136>
Trace; cea6b654 <[usbcore]usb_dump_interface+50/68>
Trace; cea6b758 <[usbcore]usb_dump_config+94/c4>
Trace; cea6b986 <[usbcore]usb_dump_desc+6a/88>
Trace; cea6bad3 <[usbcore]usb_device_dump+12f/25c>
Trace; cea6bbe0 <[usbcore]usb_device_dump+23c/25c>
Trace; cea70b20 <[usbcore]usb_bus_list_lock+0/14>
Trace; cea6bcb6 <[usbcore]usb_device_read+b6/e0>
Trace; c0130726 <sys_read+96/f0>
Trace; c01084d7 <system_call+33/38>
Code; cea6b3f8 <[usbcore]usb_dump_endpoint_descriptor+24/1b8>
00000000 <_EIP>:
Code; cea6b3f8 <[usbcore]usb_dump_endpoint_descriptor+24/1b8> <=====
0: 8a 47 02 mov 0x2(%edi),%al <=====
Code; cea6b3fb <[usbcore]usb_dump_endpoint_descriptor+27/1b8>
3: 24 80 and $0x80,%al
Code; cea6b3fd <[usbcore]usb_dump_endpoint_descriptor+29/1b8>
5: 0f b6 d8 movzbl %al,%ebx
Code; cea6b400 <[usbcore]usb_dump_endpoint_descriptor+2c/1b8>
8: c6 44 24 1b 4f movb $0x4f,0x1b(%esp,1)
Code; cea6b405 <[usbcore]usb_dump_endpoint_descriptor+31/1b8>
d: 85 db test %ebx,%ebx
Code; cea6b407 <[usbcore]usb_dump_endpoint_descriptor+33/1b8>
f: 74 05 je 16 <_EIP+0x16>
Code; cea6b409 <[usbcore]usb_dump_endpoint_descriptor+35/1b8>
11: c6 44 24 00 00 movb $0x0,0x0(%esp,1)
2 warnings issued. Results may not be reliable.
Bus 002 Device 001: ID 0000:0000
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.00
bDeviceClass 9 Hub
bDeviceSubClass 0 Unused
bDeviceProtocol 0
bMaxPacketSize0 8
idVendor 0x0000
idProduct 0x0000
bcdDevice 0.00
iManufacturer 0
iProduct 2 USB UHCI Root Hub
iSerial 1 df40
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 25
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x40
Self Powered
MaxPower 0mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 1
bInterfaceClass 9 Hub
bInterfaceSubClass 0 Unused
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0008 bytes 8 once
bInterval 255
Bus 002 Device 002: ID 04e8:0100 Samsung Electronics Co., Ltd
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.10
bDeviceClass 0 (Defined at Interface level)
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 8
idVendor 0x04e8 Samsung Electronics Co., Ltd
idProduct 0x0100
bcdDevice 0.01
iManufacturer 1 KINGSTON
iProduct 2 USB DRIVE
iSerial 3 1125198948886
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 32
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x80
MaxPower 90mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 2
bInterfaceClass 8 Mass Storage
bInterfaceSubClass 6 SCSI
bInterfaceProtocol 80 Bulk (Zip)
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 bytes 64 once
bInterval 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x03 EP 3 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 bytes 64 once
bInterval 0
Bus 001 Device 001: ID 0000:0000
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.00
bDeviceClass 9 Hub
bDeviceSubClass 0 Unused
bDeviceProtocol 0
bMaxPacketSize0 8
idVendor 0x0000
idProduct 0x0000
bcdDevice 0.00
iManufacturer 0
iProduct 2 USB UHCI Root Hub
iSerial 1 df80
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 25
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x40
Self Powered
MaxPower 0mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 1
bInterfaceClass 9 Hub
bInterfaceSubClass 0 Unused
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0008 bytes 8 once
bInterval 255
Bus 001 Device 002: ID 07c0:1580 Code Mercenaries Hard- und Software GmbH
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.01
bDeviceClass 0 (Defined at Interface level)
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 8
idVendor 0x07c0 Code Mercenaries Hard- und Software GmbH
idProduct 0x1580
bcdDevice 10.03
iManufacturer 1 Code Mercenaries
iProduct 2 uGCI-6
iSerial 0
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 59
bNumInterfaces 2
bConfigurationValue 1
iConfiguration 4 Generic IO
bmAttributes 0xa0
Remote Wakeup
MaxPower 100mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 1
bInterfaceClass 3 Human Interface Devices
bInterfaceSubClass 0 No Subclass
bInterfaceProtocol 0 None
iInterface 5 Plain I/O
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0004 bytes 4 three times
bInterval 10
HID Device Descriptor:
bLength 9
bDescriptorType 33
bcdHID 1.01
bCountryCode 0 Not supported
bNumDescriptors 1
bDescriptorType 34 Report
wDescriptorLength 33
Report Descriptor: (length is 33)
Item(Global): Usage Page, data= [ 0x01 ] 1
Generic Desktop Controls
Item(Local ): Usage, data= [ 0x00 ] 0
Undefined
Item(Main ): Collection, data= [ 0x01 ] 1
Application
Item(Global): Usage Page, data= [ 0x09 ] 9
Buttons
Item(Local ): Usage Minimum, data= [ 0x01 ] 1
Button 1 (Primary)
Item(Local ): Usage Maximum, data= [ 0x20 ] 32
(null)
Item(Global): Logical Minimum, data= [ 0x00 ] 0
Item(Global): Logical Maximum, data= [ 0x01 ] 1
Item(Global): Report Count, data= [ 0x20 ] 32
Item(Global): Report Size, data= [ 0x01 ] 1
Item(Main ): Input, data= [ 0x02 ] 2
Data Variable Absolute No_Wrap Linear
Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x08 ] 8
LEDs
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x20 ] 32
Item(Global): Report Size, data= [ 0x01 ] 1
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Main ): End Collection, data=none
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 0
bNumEndpoints 1
bInterfaceClass 3 Human Interface Devices
bInterfaceSubClass 0 No Subclass
bInterfaceProtocol 0 None
iInterface 6 Complex Interfaces
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0008 bytes 8 once
bInterval 10
HID Device Descriptor:
bLength 9
bDescriptorType 33
bcdHID 1.01
bCountryCode 0 Not supported
bNumDescriptors 1
bDescriptorType 34 Report
wDescriptorLength 107
Report Descriptor: (length is 107)
Item(Global): Usage Page, data= [ 0x01 ] 1
Generic Desktop Controls
Item(Local ): Usage, data= [ 0x00 ] 0
Undefined
Item(Main ): Collection, data= [ 0x01 ] 1
Application
Item(Global): Logical Minimum, data= [ 0x00 ] 0
Item(Global): Logical Maximum, data= [ 0x01 ] 1
Item(Global): Report Size, data= [ 0x01 ] 1
Item(Global): Usage Page, data= [ 0x08 ] 8
LEDs
Item(Global): Report ID, data= [ 0x01 ] 1
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Report ID, data= [ 0x02 ] 2
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x09 ] 9
Buttons
Item(Local ): Usage Minimum, data= [ 0x01 ] 1
Button 1 (Primary)
Item(Local ): Usage Maximum, data= [ 0x38 ] 56
(null)
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Input, data= [ 0x02 ] 2
Data Variable Absolute No_Wrap Linear
Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x08 ] 8
LEDs
Item(Global): Report ID, data= [ 0x03 ] 3
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x09 ] 9
Buttons
Item(Local ): Usage Minimum, data= [ 0x01 ] 1
Button 1 (Primary)
Item(Local ): Usage Maximum, data= [ 0x38 ] 56
(null)
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Input, data= [ 0x02 ] 2
Data Variable Absolute No_Wrap Linear
Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x08 ] 8
LEDs
Item(Global): Report ID, data= [ 0x04 ] 4
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Report ID, data= [ 0x05 ] 5
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Report ID, data= [ 0x06 ] 6
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x09 ] 9
Buttons
Item(Local ): Usage Minimum, data= [ 0x01 ] 1
Button 1 (Primary)
Item(Local ): Usage Maximum, data= [ 0x38 ] 56
(null)
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Input, data= [ 0x02 ] 2
Data Variable Absolute No_Wrap Linear
Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Global): Usage Page, data= [ 0x08 ] 8
LEDs
Item(Global): Report ID, data= [ 0x12 ] 18
Item(Local ): Usage, data= [ 0x4b ] 75
Generic Indicator
Item(Global): Report Count, data= [ 0x38 ] 56
Item(Main ): Output, data= [ 0x20 ] 32
Data Array Absolute No_Wrap Linear
No_Preferred_State No_Null_Position Non_Volatile Bitfield
Item(Main ): End Collection, data=none
