Kernel Oops when plugging in Archos USB device
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Tim Gardner |
Bug Description
On Hardy when plugging in my Archos Jukebox 6000 USB device the kernel does an oops and the device. It previously showed up as a drive on my desktop. The Archos Jukebox uses the ISD 200 chipset for its USB functionality.
[ 25.609279] ieee1394: Host added: ID:BUS[0-00:1023] GUID[374fc00034
[ 29.772630] usb-storage: device scan complete
[ 29.772738] BUG: unable to handle kernel NULL pointer dereference at virtual address 00000000
[ 29.772745] printing eip: f097e8b2 *pde = 00000000
[ 29.772751] Oops: 0000 [#1] SMP
[ 29.772755] Modules linked in: ext3 jbd mbcache sg usb_storage sr_mod libusual sd_mod cdrom pata_acpi ohci1394 ieee1394 b44 mii ata_piix ssb ata_generic libata scsi_mod ehci_hcd uhci_hcd usbcore thermal processor fan fbcon tileblit font bitblit softcursor fuse
[ 29.772781]
[ 29.772784] Pid: 2333, comm: usb-storage Not tainted (2.6.24-12-generic #1)
[ 29.772787] EIP: 0060:[<f097e8b2>] EFLAGS: 00010216 CPU: 0
[ 29.772799] EIP is at usb_stor_
[ 29.772802] EAX: edc2ff3c EBX: 0000003c ECX: 00000000 EDX: c15c7940
[ 29.772804] ESI: dfa8c424 EDI: 00000024 EBP: 00000000 ESP: edc2ff04
[ 29.772807] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[ 29.772810] Process usb-storage (pid: 2333, ti=edc2e000 task=edc90b40 task.ti=edc2e000)
[ 29.772813] Stack: 00000060 dfa8c400 00000024 c15c7940 00000024 00000060 df806d80 edc2ff78
[ 29.772821] dfa8c400 f097ea2d edc2ff38 edc2ff3c 00000000 00000000 00000000 dfa8c800
[ 29.772829] df878c00 f0985603 00000292 df878f30 edc90b40 edc2ff68 df878e78 df806d80
[ 29.772837] Call Trace:
[ 29.772842] [<f097ea2d>] usb_stor_
[ 29.772853] [<f0985603>] isd200_
[ 29.772865] [<c0318f10>] __down_
[ 29.772875] [<f097ff30>] usb_stor_
[ 29.772885] [<f09800c8>] usb_stor_
[ 29.772896] [<c0124a30>] complete+0x40/0x60
[ 29.772904] [<f097ff30>] usb_stor_
[ 29.772912] [<c01418c2>] kthread+0x42/0x70
[ 29.772918] [<c0141880>] kthread+0x0/0x70
[ 29.772922] [<c0106677>] kernel_
[ 29.772929] =======
[ 29.772931] Code: 24 08 83 c4 14 5b 5e 5f 5d c3 8b 7c 24 2c 8d 04 13 85 db 89 07 75 41 8b 44 24 08 39 04 24 76 d8 8b 44 24 2c 8b 1c 24 2b 5c 24 08 <8b> 4d 00 8b 10 8b 45 0c 8b 75 04 29 d0 39 d8 77 ce 8b 5c 24 2c
[ 29.772975] EIP: [<f097e8b2>] usb_stor_
[ 29.772986] ---[ end trace 360fc2e2283e921e ]---
[ 32.454795] usb 1-1: USB disconnect, address 3
Kernel discussion and patches that seem to be applicable:
http://<email address hidden>
http://<email address hidden>
Hi Stef,
It seems like patches were merged upstream for this. I'm including the upstream git commit id's and descriptions:
commit 7084191d53b224b 953c8e1db525ea6 c31aca5fc7
Author: Alan Stern <email address hidden>
Date: Wed Feb 20 14:15:58 2008 -0500
USB: usb-storage: don't access beyond the end of the sg buffer
This patch (as1035) fixes a bug in usb_stor_ access_ xfer_buf( ) (the bug
was originally found by Boaz Harrosh): The routine must not attempt to
write beyond the end of a scatter-gather list or beyond the number of
bytes requested. It also fixes up the formatting of a few comments
and similar whitespace issues.
Signed-off-by: Alan Stern <email address hidden>
Signed-off-by: Greg Kroah-Hartman <email address hidden>
and
commit 6d512a80c26d87f 8599057c86dc920 fbfe0aa3aa
Author: Alan Stern <email address hidden>
Date: Fri Feb 22 17:00:06 2008 -0500
usb-storage: update earlier scatter-gather bug fix
This patch (as1037) makes a small update to the earlier as1035 patch. stor_access_ xfer_buf( ), since that routine can be called multiple stor_set_ xfer_buf( ) instead, which gets called only once.
The minimum-length computation shouldn't be done in
usb_
times for a single transfer. It should be done in
usb_
The way it is now isn't really _wrong_, but it isn't really _right_
either. Moving the statement will be an improvement.
Signed-off-by: Alan Stern <email address hidden>
Signed-off-by: Greg Kroah-Hartman <email address hidden>
However, please note that we're currently in Beta freeze for Hardy so these may not get in. If this is the case, they should automatically be available in the Intrepid Ibex release as the kernel will be rebased with mainline. Thanks.