On 08/16/2016 05:49 PM, Greg KH wrote: > On Tue, Aug 16, 2016 at 04:42:23PM +0300, Binyamin Sharet wrote: >> Kernel version: raspberrypi 4.4.6-v7+ #871 >> Kernel version: 4.4.0-24-generic #43-Ubuntu SMP >> Driver source file: drivers/staging/media/lirc/lirc_imon.c >> Umap2 command line: umap2vsscan -P <PHY> -s 0aa8:8001 >> >> After connecting such a device, the host usb stack became unresponsive. >> Please see attached dmesg log. >> >> Binyamin Sharet >> Cisco, STARE-C >> [ 1206.083207] usb 3-2: new high-speed USB device number 2 using xhci_hcd >> [ 1206.504969] usb 3-2: New USB device found, idVendor=0aa8, idProduct=8001 >> [ 1206.504978] usb 3-2: New USB device strings: Mfr=1, Product=2, SerialNumber=3 >> [ 1206.504982] usb 3-2: Product: UMAP2. PID:0x8001 >> [ 1206.504985] usb 3-2: Manufacturer: UMAP2. VID:0x0aa8 >> [ 1206.504988] usb 3-2: SerialNumber: 123456 >> [ 1207.732370] lirc_dev: IR Remote Control driver registered, major 244 >> [ 1207.735697] lirc_imon: module is from the staging directory, the quality is unknown, you have been warned. >> [ 1207.736244] lirc_imon 3-2:1.0: lirc_dev: driver lirc_imon registered at minor = 0 >> [ 1207.736251] lirc_imon 3-2:1.0: Registered iMON driver (lirc minor: 0) >> [ 1207.736268] lirc_imon 3-2:1.0: iMON device (0aa8:8001, intf0) on usb<3:2> initialized >> [ 1207.736320] usbcore: registered new interface driver lirc_imon >> [ 1210.702280] lirc_imon 3-2:1.0: imon usb_rx_callback: status(-71): ignored >> [ 1210.702356] usb 3-2: USB disconnect, device number 2 >> [ 1210.702503] lirc_imon 3-2:1.0: imon usb_rx_callback: status(-71): ignored >> >> >> >> >> [ 1440.146097] INFO: task kworker/1:0:14 blocked for more than 120 seconds. >> [ 1440.146107] Tainted: G C OE 4.4.0-24-generic #43-Ubuntu >> [ 1440.146110] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. >> [ 1440.146113] kworker/1:0 D ffff8802149bfa68 0 14 2 0x00000000 >> [ 1440.146126] Workqueue: usb_hub_wq hub_event >> [ 1440.146129] ffff8802149bfa68 0000000076b5ce45 ffff8800c83fe040 ffff8802149b1b80 >> [ 1440.146134] ffff8802149c0000 ffff8800aaca261c ffff8802149b1b80 00000000ffffffff >> [ 1440.146137] ffff8800aaca2620 ffff8802149bfa80 ffffffff81821b15 ffff8800aaca2618 >> [ 1440.146141] Call Trace: >> [ 1440.146152] [<ffffffff81821b15>] schedule+0x35/0x80 >> [ 1440.146157] [<ffffffff81821dbe>] schedule_preempt_disabled+0xe/0x10 >> [ 1440.146162] [<ffffffff818239f9>] __mutex_lock_slowpath+0xb9/0x130 >> [ 1440.146167] [<ffffffff81823a8f>] mutex_lock+0x1f/0x30 >> [ 1440.146177] [<ffffffffc0839b2d>] imon_disconnect+0x3d/0x110 [lirc_imon] >> [ 1440.146183] [<ffffffff81616023>] usb_unbind_interface+0x83/0x260 >> [ 1440.146190] [<ffffffff8154d0f1>] __device_release_driver+0xa1/0x150 >> [ 1440.146194] [<ffffffff8154d1c3>] device_release_driver+0x23/0x30 >> [ 1440.146197] [<ffffffff8154c811>] bus_remove_device+0x101/0x170 >> [ 1440.146202] [<ffffffff81548969>] device_del+0x139/0x260 >> [ 1440.146207] [<ffffffff8161a93f>] ? usb_remove_ep_devs+0x1f/0x30 >> [ 1440.146212] [<ffffffff816137e9>] usb_disable_device+0x89/0x270 >> [ 1440.146216] [<ffffffff816091b2>] usb_disconnect+0x92/0x280 >> [ 1440.146220] [<ffffffff8160ad82>] hub_port_connect+0x82/0x9c0 >> [ 1440.146223] [<ffffffff8160bd91>] hub_event+0x6d1/0xb10 >> [ 1440.146229] [<ffffffff810b92f5>] ? put_prev_entity+0x35/0x7d0 >> [ 1440.146235] [<ffffffff8109a175>] process_one_work+0x165/0x480 >> [ 1440.146240] [<ffffffff8109a4db>] worker_thread+0x4b/0x4c0 >> [ 1440.146244] [<ffffffff8109a490>] ? process_one_work+0x480/0x480 >> [ 1440.146248] [<ffffffff810a06a8>] kthread+0xd8/0xf0 >> [ 1440.146252] [<ffffffff810a05d0>] ? kthread_create_on_node+0x1e0/0x1e0 >> [ 1440.146256] [<ffffffff81825f8f>] ret_from_fork+0x3f/0x70 >> [ 1440.146260] [<ffffffff810a05d0>] ? kthread_create_on_node+0x1e0/0x1e0 >> [ 1440.146329] INFO: task colord-sane:4439 blocked for more than 120 seconds. >> [ 1440.146332] Tainted: G C OE 4.4.0-24-generic #43-Ubuntu >> [ 1440.146334] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. >> [ 1440.146336] colord-sane D ffff8801d8123d78 0 4439 1163 0x00000000 >> [ 1440.146341] ffff8801d8123d78 00000000ffffffff ffffffff81e11500 ffff8800c83fe040 >> [ 1440.146345] ffff8801d8124000 ffff8802107b68fc ffff8800c83fe040 00000000ffffffff >> [ 1440.146349] ffff8802107b6900 ffff8801d8123d90 ffffffff81821b15 ffff8802107b68f8 >> [ 1440.146353] Call Trace: >> [ 1440.146358] [<ffffffff81821b15>] schedule+0x35/0x80 >> [ 1440.146362] [<ffffffff81821dbe>] schedule_preempt_disabled+0xe/0x10 >> [ 1440.146367] [<ffffffff818239f9>] __mutex_lock_slowpath+0xb9/0x130 >> [ 1440.146371] [<ffffffff81823a8f>] mutex_lock+0x1f/0x30 >> [ 1440.146375] [<ffffffff81619dd7>] read_descriptors+0x37/0x100 >> [ 1440.146382] [<ffffffff8128c9ba>] sysfs_kf_bin_read+0x4a/0x70 >> [ 1440.146387] [<ffffffff8128bf2b>] kernfs_fop_read+0xab/0x160 >> [ 1440.146393] [<ffffffff8120c6d8>] __vfs_read+0x18/0x40 >> [ 1440.146398] [<ffffffff8120cca6>] vfs_read+0x86/0x130 >> [ 1440.146402] [<ffffffff8120d9f5>] SyS_read+0x55/0xc0 >> [ 1440.146409] [<ffffffff81825bf2>] entry_SYSCALL_64_fastpath+0x16/0x71 > > Just an idea, can you provide the descriptors that you are using to fuzz > these drivers with? Without that, it's a tough slog through the code to > try to figure out what went wrong... > > thanks, > > greg k-h Sure, I will send the descriptors that I used as a reply to the first mail, as they are all the same (except for VID/PID in the device descriptor). Binyamin Sharet Cisco, STARE-C -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html