[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: AW: AW: AW: AW: problem with ioctl call



Schachner Thomas wrote:
> Hello!
> 
> It's me again!
> 
> Now segfault ( trough your help ) is gone and usb - kernel panic is here.

For the benefit of other developers, I'm going to expand a little on 
what happened, because I haven't seen this behaviour before.  The 
application wrote to uninitialized memory, which happened to point to 
glibc's data segment (gdb and /proc/<pid>/maps told me that).  That 
segment is writable since it contains the errno variable, for example. 
This caused a crash on a random library call (ioctl, printf, or 
somewhere in the exit call chain).

> here is the dmesg output:
> 
> usb_control/bulk_msg: timeout
> usbdevfs: USBDEVFS_BULK failed dev 6 ep 0x83 len 32 ret -110
> usb_control/bulk_msg: timeout
> usbdevfs: USBDEVFS_BULK failed dev 6 ep 0x81 len 32 ret -110
> usb_control/bulk_msg: timeout
> usbdevfs: USBDEVFS_BULK failed dev 6 ep 0x83 len 32 ret -110
> usb_control/bulk_msg: timeout
> usbdevfs: USBDEVFS_BULK failed dev 6 ep 0x81 len 32 ret -110
> usb_control/bulk_msg: timeout
> usbdevfs: USBDEVFS_BULK failed dev 6 ep 0x83 len 32 ret -110
> usb_control/bulk_msg: timeout
> usbdevfs: USBDEVFS_BULK failed dev 6 ep 0x81 len 32 ret -110
> usb-host.c: Got epid attn for control endpoint, epid 2
> usb-host.c: Perror for epid 2

Turn on USB_DEBUG_CTRL in usb-host.c (try the latest driver that I 
linked to earlier; it has prettier printing of the DMA list) and send 
the output.  I'm guessing this happens when you try and open the device, 
and that /proc/bus/usb/devices looks sane (device numbering succeeded etc).

-- 
Orjan Friberg
Axis Communications