context: OpenBSD 6.0 (5.9 too), amd64, stock kernel, Intel EHCI USB controller, Android phone with USB debugging enabled
panic: ehci_device_clear_toggle: queue active Stopped at Debugger+0x9: leave TID PID UID PRFLAGS PFLAGS CPU COMMAND *98044 98044 0 0x3 0 1 adb-ugen-panic Debugger() at Debugger+0x9 panic() at panic+0xfe ehci_device_clear_toggle() at ehci_device_clear_toggle+0x2b usbd_clear_endpoint_stall() at usbd_clear_endpoint_stall+0x24 ugen_do_read() at ugen_do_read+0x4e6 ugenread() at ugenread+0x48 spec_read() at spec_read+0x2c5 VOP_READ() at VOP_READ+0x3f vn_read() at vn_read+0xa1 dofilereadv() at dofilereadv+0x204 sys_read() at sys_read+0x89 syscall() at syscall+0x27b --- syscall (number 3) --- end of kernel end trace frame: 0x7f7ffffe7070, count: 3 0x19d0cf3b64ea: http://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. how to reproduce: 1) attach the Android phone with USB debugging enabled (in Settings > Developer options) to EHCI USB port and note its ugen(4) node. 2) run as root "adb-ugen-panic ugenX". 3) kill the adb-ugen-panic process with a signal. 4) kernel assertion triggers; if not, keep the device attached and repeat steps 2,3 (four iterations is always enough in our setup). the panic does not happen with xHCI-attached phone. source code of adb-ugen-panic is attached (the key part is read(2) in the end of main), build it with cc -std=gnu99 -O2 -Wall -Wextra adb-ugen-panic.c -o adb-ugen-panic -- Best regards, Mobile Stream Support, http://www.mobile-stream.com
adb-ugen-panic.c
Description: Binary data
