So I also tried with 2.6.33.3 and it also oopsed there:
May 2 15:12:05 maggie kernel: [ 55.127568] usb 4-1: new full speed USB device using ohci_hcd and address 2
May 2 15:12:05 maggie kernel: [ 55.305262] usb 4-1: too many configurations: 25, using maximum allowed: 8
May 2 15:12:05 maggie kernel: [ 55.361257] usb 4-1: New USB device found, idVendor=2471, idProduct=0853
May 2 15:12:05 maggie kernel: [ 55.361266] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
May 2 15:12:47 maggie kernel: [ 97.124348] Unable to handle kernel paging request for data at address 0x00000008
May 2 15:12:47 maggie kernel: [ 97.124358] Faulting instruction address: 0xc05d5a64
May 2 15:12:47 maggie kernel: [ 97.124371] Oops: Kernel access of bad area, sig: 11 [#1]
May 2 15:12:47 maggie kernel: [ 97.124374] PREEMPT PowerMac
May 2 15:12:47 maggie kernel: [ 97.124377] Modules linked in: lp parport md_mod dm_crypt b43 mac80211 appletouch ssb
May 2 15:12:47 maggie kernel: [ 97.124388] NIP: c05d5a64 LR: c05e1474 CTR: c05df9e0
May 2 15:12:47 maggie kernel: [ 97.124393] REGS: ebe9fd20 TRAP: 0300 Not tainted (2.6.33.3)
May 2 15:12:47 maggie kernel: [ 97.124396] MSR: 00009032 <EE,ME,IR,DR> CR: 82442442 XER: 20000000
May 2 15:12:47 maggie kernel: [ 97.124404] DAR: 00000008, DSISR: 40000000
May 2 15:12:47 maggie kernel: [ 97.124408] TASK = ebfb8000[3097] 'python' THREAD: ebe9e000
May 2 15:12:47 maggie kernel: [ 97.124410] GPR00: 00000054 ebe9fdd0 ebfb8000 00000000 00000000 ef0d7da0 c05dfa10 00000000
May 2 15:12:47 maggie kernel: [ 97.124418] GPR08: 00000000 ef0d7d98 00000000 00000000 48442424 1016fd84 10169518 101294cc
May 2 15:12:47 maggie kernel: [ 97.124426] GPR16: 10160000 00000001 4803b350 102f40e4 104ab990 ebf52000 40045505 c098524c
May 2 15:12:47 maggie kernel: [ 97.124434] GPR24: ef1c7000 ebed1e00 ffffffc2 00000000 efbc84c4 ef1c7050 ebf52000 00000001
May 2 15:12:47 maggie kernel: [ 97.124450] NIP [c05d5a64] usb_altnum_to_altsetting+0x0/0x48
May 2 15:12:47 maggie kernel: [ 97.124459] LR [c05e1474] usb_reset_configuration+0x1ac/0x2a0
May 2 15:12:47 maggie kernel: [ 97.124462] Call Trace:
May 2 15:12:47 maggie kernel: [ 97.124467] [ebe9fdd0] [c05e1428] usb_reset_configuration+0x160/0x2a0 (unreliable)
May 2 15:12:47 maggie kernel: [ 97.124476] [ebe9fe00] [c05ebb14] usbdev_ioctl+0xf5c/0x1590
May 2 15:12:47 maggie kernel: [ 97.124486] [ebe9fe80] [c00d6334] vfs_ioctl+0x4c/0x11c
May 2 15:12:47 maggie kernel: [ 97.124491] [ebe9fea0] [c00d6608] do_vfs_ioctl+0x90/0x804
May 2 15:12:47 maggie kernel: [ 97.124496] [ebe9ff10] [c00d6dcc] sys_ioctl+0x50/0x94
May 2 15:12:47 maggie kernel: [ 97.124502] [ebe9ff40] [c0014dd4] ret_from_syscall+0x0/0x38
May 2 15:12:47 maggie kernel: [ 97.124508] --- Exception: c01 at 0xfe05068
May 2 15:12:47 maggie kernel: [ 97.124509] LR = 0xfe04fcc
May 2 15:12:47 maggie kernel: [ 97.124511] Instruction dump:
May 2 15:12:47 maggie kernel: [ 97.124514] 409d0024 4240ffd0 80690054 39290004 81630000 880b0002 7f802000 409effe8
May 2 15:12:47 maggie kernel: [ 97.124522] 4e800020 38000001 7c0903a6 4bffffd8 <80030008> 2f800000 419e0038 80630000
May 2 15:12:47 maggie kernel: [ 97.124551] ---[ end trace 5694f3b41a609e29 ]---
It oopsed on unplug of the confused (due to illegal data sent to it) device.
However, it is not 100% reproducible. I tried another few times to crash it, but did not
succeed.
Note that the device announces a completely braindead device descriptor. Maybe it is also related
to that partially bogus descriptor data and the kernel lacks some sanity checks on the descriptor?
Note how it announces lots of bogus config descriptors. The first descriptor is the one that
is used. The interrupt EPs are also bogus and unused (or at least the windows software does
not use them).
I only communicate with the device through bulk EPs of the first config.
Bus 004 Device 010: ID 2471:0853
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.00
bDeviceClass 220 Diagnostic
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 16
idVendor 0x2471
idProduct 0x0853
bcdDevice 1.00
iManufacturer 0
iProduct 0
iSerial 0
bNumConfigurations 8
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 11776
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x60
(Missing must-be-set bit!)
Self Powered
Remote Wakeup
MaxPower 2mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 4
bInterfaceClass 220 Diagnostic
bInterfaceSubClass 160
bInterfaceProtocol 176
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01 EP 1 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x1000 3x 0 bytes
bInterval 10
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x4000 1x 0 bytes
bInterval 1
Device Status: 0x0001
Self Powered
--
Greetings, Michael.
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
