Re: 2.6.27-rc7-git1: usb-storage breakage with non-functional disk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

On Tue, June 24, 2008 16:41, Alan Stern wrote:
> This is a nasty problem.  What happened is that the endpoint pointer
> arrays ep_in and ep_out in struct usb_device get cleared before the
> device drivers' disconnect methods are called.  Since usb-storage
> dereferences one of the pointers in those arrays, you ended up with an
> invalid memory access.
>
> In principle the arrays should not be cleared until after the drivers
> have been unbound.  However for now it is simpler to remove the
> dereference in usb-storage.  Especially since the reason for adding it
> in the first place turned out to be wrong.
>
> Is this oops fairly reproducible?  If it is, then you should be able to
> test whether this patch fixes it.
>
> Alan Stern
>
>
>
> Index: usb-2.6/drivers/usb/storage/scsiglue.c
> ===================================================================
> --- usb-2.6.orig/drivers/usb/storage/scsiglue.c
> +++ usb-2.6/drivers/usb/storage/scsiglue.c
> @@ -71,7 +71,6 @@ static const char* host_info(struct Scsi
>  static int slave_alloc (struct scsi_device *sdev)
>  {
>  	struct us_data *us = host_to_us(sdev->host);
> -	struct usb_host_endpoint *bulk_in_ep;
>
>  	/*
>  	 * Set the INQUIRY transfer length to 36.  We don't use any of
> @@ -80,16 +79,22 @@ static int slave_alloc (struct scsi_devi
>  	 */
>  	sdev->inquiry_len = 36;
>
> -	/* Scatter-gather buffers (all but the last) must have a length
> -	 * divisible by the bulk maxpacket size.  Otherwise a data packet
> -	 * would end up being short, causing a premature end to the data
> -	 * transfer.  We'll use the maxpacket value of the bulk-IN pipe
> -	 * to set the SCSI device queue's DMA alignment mask.
> +	/* USB has unusual DMA-alignment requirements: Although the
> +	 * starting address of each scatter-gather element doesn't matter,
> +	 * the length of each element except the last must be divisible
> +	 * by the Bulk maxpacket value.  There's currently no way to
> +	 * express this by block-layer constraints, so we'll cop out
> +	 * and simply require addresses to be aligned at 512-byte
> +	 * boundaries.  This is okay since most block I/O involves
> +	 * hardware sectors that are multiples of 512 bytes in length,
> +	 * and since host controllers up through USB 2.0 have maxpacket
> +	 * values no larger than 512.
> +	 *
> +	 * But it doesn't suffice for Wireless USB, where Bulk maxpacket
> +	 * values can be as large as 2048.  To make that work properly
> +	 * will require changes to the block layer.
>  	 */
> -	bulk_in_ep = us->pusb_dev->ep_in[usb_pipeendpoint(us->recv_bulk_pipe)];
> -	blk_queue_update_dma_alignment(sdev->request_queue,
> -			le16_to_cpu(bulk_in_ep->desc.wMaxPacketSize) - 1);
> -			/* wMaxPacketSize must be a power of 2 */
> +	blk_queue_update_dma_alignment(sdev->request_queue, (512 - 1));
>
>  	/*
>  	 * The UFI spec treates the Peripheral Qualifier bits in an
>

I hit almost the same BUG, so tried out this patch, and can confirm that
it fixes the BUG. Other devices still work too. As it's 2.6.26-rc9 it might
be time to send this patch upstream, before it's too late.

Any idea why my cardreader doesn't work in the first place though?

The error is basically:

usb 1-5: new high speed USB device using ehci_hcd and address 22
usb 1-5: device not accepting address 22, error -71
usb 1-5: new high speed USB device using ehci_hcd and address 23
usb 1-5: configuration #1 chosen from 1 choice
scsi17 : SCSI emulation for USB Mass Storage devices
usb-storage: device found at 23
usb-storage: waiting for device to settle before scanning
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: reset high speed USB device using ehci_hcd and address 23
scsi 17:0:0:0: Direct-Access     Generic  USB SD Reader    1.00 PQ: 0 ANSI: 0
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: device not accepting address 23, error -71
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: reset high speed USB device using ehci_hcd and address 23
usb 1-5: can't restore configuration #1 (error=-71)
usb 1-5: USB disconnect, address 23
sd 17:0:0:0: [sdb] READ CAPACITY failed
sd 17:0:0:0: [sdb] Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK,SUGGEST_OK
sd 17:0:0:0: [sdb] Sense not available.
sd 17:0:0:0: [sdb] Write Protect is off
sd 17:0:0:0: [sdb] Mode Sense: 00 00 00 00
sd 17:0:0:0: [sdb] Assuming drive cache: write through
sd 17:0:0:0: [sdb] Attached SCSI removable disk
sd 17:0:0:0: Attached scsi generic sg2 type 0
usb-storage: device scan complete
usb 1-5: new high speed USB device using ehci_hcd and address 24
usb 1-5: string descriptor 0 read error: -71
usb 1-5: configuration #1 chosen from 1 choice
usb 1-5: can't set config #1, error -71

It's a new Trust Mini Cardreader, model CR-1350p.

$ lsusb -s 24 -v

Bus 001 Device 024: ID 058f:6332 Alcor Micro Corp.
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            0 (Defined at Interface level)
  bDeviceSubClass         0
  bDeviceProtocol         0
  bMaxPacketSize0        64
  idVendor           0x058f Alcor Micro Corp.
  idProduct          0x6332
  bcdDevice            1.02
  iManufacturer           1
  iProduct                2
  iSerial                 3
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           32
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0
    bmAttributes         0x80
      (Bus Powered)
    MaxPower              100mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           2
      bInterfaceClass         8 Mass Storage
      bInterfaceSubClass      6 SCSI
      bInterfaceProtocol     80 Bulk (Zip)
      iInterface              0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x01  EP 1 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               0

It doesn't matter in which port I put the thing (front, back),
and I've tried older kernels too (2.6.12), but I get the same
error there. This is with an Intel 945G chipset.
(I've no Windows to test if it works there.)

Is it just a crappy device which I should bring back, or is
there more going on?

Greetings,

Indan


--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]
  Powered by Linux