Hi All, I have used Umap2 to scan OpenBSD 5.9 on i386 for supported USB devices, and during this scan I have found 4 issues with the USB stack. Umap2 can be downloaded from github [1].
The scanning requires some hardware - facedancer/beaglebone board, and consists of emulating USB devices with single configuration, single interface and multiple (5 IN, 5 OUT) endpoints on this interface. Each time the VID (vendor ID) and PID (product ID) of the emulated USB device are changed to match one of 155 known USB VID/PID that are currently in a DB in Umap2. It aims on triggering the specific driver for that VID/PID combination in order to detect support for it in the OS. I would refer to the issues by their VID/PID tuple from now. The first two issues - 13d3_3346 and 0cf3_9170 (handling devices with VID/PID 0x13d3/0x3346 and 0x0cf3/0x9170) cause a kernel panic due to kernel diagnostic assertion in the usbtask (file dev/usb/ehci.c, line 1654). The third issue - 50c2_4013 - is a page fault, caused when trying to read from invalid address in ehci_check_intr (movzbl 0x3(%eax), %eax). The fourth issue - 04bb_0904 - does not cause a crash, but it seems to cause the USB stack to hang, and so it does not communicate with any device that is inserted after this one, even if it was removed. I was not able to find any more information about this one. All issues were reproduced on my machine multiple times. In the next 4 emails I will send the details regarding each of the issues, as this is my first encounter with OpenBSD, I am not very familiar with debugging and analyzing the system, and I'll surely miss some required information. If so, please let me know what's missing and I will try my best to provide it. Most of the information is based on pictures, as I couldn't copy the data from the computer in any other way. If there is - please let me know. Regards, Binyamin Sharet Cisco, STARE-C [1]: https://github.com/nccgroup/umap2
