I have noticed some weird behaviour which indicates a memory allocation
problem. I have a pc with an intel motherboard (thus the UHCI usb
controlling stuff) and connected to it a HP usb scanner model 6250C (which
is a 6200C with a page feeder). When I add support for USB, UHCI usb, and
HP USB scanner in the latest 2.3.33 kernel I get the following error
message if I run dmesg:
>USB new device connect, assigned device number 1
>Set toggle from c1464140 rval 0* for status=380007ff to 0, exp=8, act=0
>Set toggle from c1464140 rval 0* for status=380007ff to 0, exp=8, act=0
>requested 18 bytes, got 0
>usb: selecting invalid configuration 0
>usbcore: failed to set default configuration
Now if I add 2 printk statements in drivers/usb/usb.c in the
usb_set_configuration function like this:
>int usb_set_configuration(struct usb_device *dev, int configuration)
>{
> int i, ret;
> struct usb_config_descriptor *cp = NULL;
>
> printk(KERN_INFO "usb: GERRIT checking for configuration %d\n",
> configur
>ation);
> printk(KERN_INFO "usb: GERRIT Max nr configurations %d\n",
> dev->descriptor.bNumConfigurations);
> for (i=0; i<dev->descriptor.bNumConfigurations; i++) {
> if (dev->config[i].bConfigurationValue == configuration) {
> cp = &dev->config[i];
> break;
> }
> }
Then I suddenly get this output:
>USB new device connect, assigned device number 1
>Set toggle from c1464200 rval 15* for status=38000006 to 1, exp=8, act=7
>Set toggle from c1464200 rval 15* for status=38000006 to 1, exp=8, act=7
>requested 39 bytes, got 15
>usb: unexpected descriptor 0x7
>usb: unexpected descriptor 0x7
>usb: descriptor data left
>usb: GERRIT checking for configuration 16
>usb: GERRIT Max nr configurations 1
It seems that the configuration parameter suddenly changed from 0 to 16.
And futhermore I get these messages later on:
>Failed control msg - r:06 rt:80 v:0301 i:0409 s:0020 - ret: -203
> 80 06 01 03 09 04 20 00
>usb: error retrieving string
>Failed control msg - r:06 rt:80 v:0302 i:0409 s:0004 - ret: -203
> 80 06 02 03 09 04 04 00
>usb: error retrieving string
>Set toggle from c1464200 rval 2* for status=38000001 to 0, exp=8, act=2
>Set toggle from c1464200 rval 2* for status=38000001 to 0, exp=8, act=2
>requested 26 bytes, got 2
>SerialNumber:
>Scanner model not supported/tested.
>Unable to handle kernel NULL pointer dereference at virtual address 00000005
> printing eip:
>c0231483
>*pde = 00000000
>Oops: 0000
>CPU: 0
>EIP: 0010:[<c0231483>]
>EFLAGS: 00010292
>eax: c14734a0 ebx: c02b97c4 ecx: c029df54 edx: 00000000
>esi: c02b9950 edi: 00000000 ebp: c14734a0 esp: c1463eb4
>ds: 0018 es: 0018 ss: 0018
>Process uhci-control (pid: 7, stackpage=c1463000)
>Stack: 00000000 c14734a0 c0294d20 c02b995c c02b9a3c c022ca50 c14734a0 00000000
> 00000000 00000000 c14734a0 0000ff92 c1463ef8 c15fbde0 c022ca9d
> c14734a0
> 00000000 c14734a0 00000001 0000ff92 c022dde0 c14734a0 c14734a0
> c14734a0
>Call Trace: [<c0294d20>] [<c022ca50>] [<c022ca9d>] [<c022dde0>]
>[<c02335a0>] [<c
>023360c>] [<c02943bc>]
> [<c023410a>] [<c010befa>] [<c0234098>] [<c0230018>] [<c0109e92>]
> [<c0109e
>9b>]
>Code: 80 7a 05 09 75 1e 80 7a 06 01 77 18 80 7a 04 01 75 12 8b 6a
Seems to me that there is somewhere a memory allocation problem or a
dangled pointer reference.
People who are involved in the development of this stuff may always contact
me to run some additional tests.
Regards,
Gerrit.
-------------------- Marble Consulting ----------------------
Gerrit Cap http://www.ping.be/marble
OO Solutions Engineer mailto:Gerrit.Cap@marble.be
Marble Consulting
Blauwe Gaanweg, 53 tel : +32 75 72.94.36
B-9150 Kruibeke-Bazel fax : +32 3 744.19.17
Belgium
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/