Warning: Permanently added '10.128.0.181' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 150.440128][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 150.800495][ T7] usb 1-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x4, skipping [ 150.990272][ T7] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 150.999491][ T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.007897][ T7] usb 1-1: Product: syz [ 151.012356][ T7] usb 1-1: Manufacturer: syz [ 151.017116][ T7] usb 1-1: SerialNumber: syz [ 151.081392][ T7] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 151.720136][ T8276] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 151.940244][ T8276] ===================================================== [ 151.947234][ T8276] BUG: KMSAN: kernel-usb-infoleak in kmsan_handle_urb+0x28/0x40 [ 151.954873][ T8276] CPU: 0 PID: 8276 Comm: kworker/0:3 Not tainted 5.10.0-rc4-syzkaller #0 [ 151.963283][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 151.973345][ T8276] Workqueue: events request_firmware_work_func [ 151.979502][ T8276] Call Trace: [ 151.982787][ T8276] dump_stack+0x21c/0x280 [ 151.987104][ T8276] kmsan_report+0xf7/0x1e0 [ 151.991517][ T8276] kmsan_internal_check_memory+0x202/0x520 [ 151.997314][ T8276] ? kmsan_get_metadata+0x116/0x180 [ 152.002515][ T8276] kmsan_handle_urb+0x28/0x40 [ 152.007193][ T8276] usb_submit_urb+0x87f/0x2530 [ 152.011961][ T8276] ? usb_anchor_urb+0x396/0x580 [ 152.016816][ T8276] hif_usb_send+0x5f8/0x1710 [ 152.021391][ T8276] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 152.027201][ T8276] htc_connect_service+0x14b4/0x19f0 [ 152.032479][ T8276] ? hif_usb_sta_drain+0x6c0/0x6c0 [ 152.037578][ T8276] ath9k_wmi_connect+0x178/0x2c0 [ 152.042499][ T8276] ? ath9k_wmi_connect+0x2c0/0x2c0 [ 152.047594][ T8276] ? ath9k_wmi_ctrl_tx+0x50/0x50 [ 152.052520][ T8276] ath9k_init_htc_services+0xf3/0x1190 [ 152.057978][ T8276] ath9k_htc_probe_device+0x4f4/0x3e10 [ 152.063442][ T8276] ? ath9k_hif_usb_alloc_urbs+0x1b54/0x1ec0 [ 152.069331][ T8276] ath9k_htc_hw_init+0xdf/0x190 [ 152.074169][ T8276] ath9k_hif_usb_firmware_cb+0x42e/0xab0 [ 152.079797][ T8276] request_firmware_work_func+0x1b8/0x2e0 [ 152.085506][ T8276] ? ath9k_hif_request_firmware+0x930/0x930 [ 152.091387][ T8276] ? request_firmware_nowait+0x7c0/0x7c0 [ 152.097020][ T8276] process_one_work+0x121c/0x1fc0 [ 152.102041][ T8276] worker_thread+0x10cc/0x2740 [ 152.106814][ T8276] ? kmsan_get_metadata+0x116/0x180 [ 152.111998][ T8276] ? kmsan_get_metadata+0x116/0x180 [ 152.117804][ T8276] kthread+0x51c/0x560 [ 152.121866][ T8276] ? process_one_work+0x1fc0/0x1fc0 [ 152.127053][ T8276] ? kthread_blkcg+0x110/0x110 [ 152.131820][ T8276] ret_from_fork+0x1f/0x30 [ 152.136213][ T8276] [ 152.138552][ T8276] Uninit was created at: [ 152.142785][ T8276] kmsan_internal_poison_shadow+0x5c/0xf0 [ 152.148491][ T8276] kmsan_slab_alloc+0x8d/0xe0 [ 152.153157][ T8276] __kmalloc_node_track_caller+0xc61/0x15f0 [ 152.159036][ T8276] __alloc_skb+0x309/0xae0 [ 152.163483][ T8276] htc_connect_service+0x1057/0x19f0 [ 152.168763][ T8276] ath9k_wmi_connect+0x178/0x2c0 [ 152.173691][ T8276] ath9k_init_htc_services+0xf3/0x1190 [ 152.179154][ T8276] ath9k_htc_probe_device+0x4f4/0x3e10 [ 152.184601][ T8276] ath9k_htc_hw_init+0xdf/0x190 [ 152.189439][ T8276] ath9k_hif_usb_firmware_cb+0x42e/0xab0 [ 152.195078][ T8276] request_firmware_work_func+0x1b8/0x2e0 [ 152.200797][ T8276] process_one_work+0x121c/0x1fc0 [ 152.205821][ T8276] worker_thread+0x10cc/0x2740 [ 152.210566][ T8276] kthread+0x51c/0x560 [ 152.214627][ T8276] ret_from_fork+0x1f/0x30 [ 152.219016][ T8276] [ 152.221340][ T8276] Bytes 4-7 of 18 are uninitialized [ 152.226519][ T8276] Memory access of size 18 starts at ffff88812543b600 [ 152.233269][ T8276] ===================================================== [ 152.240183][ T8276] Disabling lock debugging due to kernel taint [ 152.246316][ T8276] Kernel panic - not syncing: panic_on_warn set ... [ 152.252914][ T8276] CPU: 0 PID: 8276 Comm: kworker/0:3 Tainted: G B 5.10.0-rc4-syzkaller #0 [ 152.262698][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 152.272774][ T8276] Workqueue: events request_firmware_work_func [ 152.278935][ T8276] Call Trace: [ 152.282220][ T8276] dump_stack+0x21c/0x280 [ 152.286535][ T8276] panic+0x4c8/0xea7 [ 152.290431][ T8276] ? add_taint+0x17c/0x210 [ 152.294830][ T8276] kmsan_report+0x1da/0x1e0 [ 152.299326][ T8276] kmsan_internal_check_memory+0x202/0x520 [ 152.305130][ T8276] ? kmsan_get_metadata+0x116/0x180 [ 152.310336][ T8276] kmsan_handle_urb+0x28/0x40 [ 152.315010][ T8276] usb_submit_urb+0x87f/0x2530 [ 152.319804][ T8276] ? usb_anchor_urb+0x396/0x580 [ 152.324680][ T8276] hif_usb_send+0x5f8/0x1710 [ 152.329264][ T8276] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 152.335078][ T8276] htc_connect_service+0x14b4/0x19f0 [ 152.340363][ T8276] ? hif_usb_sta_drain+0x6c0/0x6c0 [ 152.345474][ T8276] ath9k_wmi_connect+0x178/0x2c0 [ 152.350410][ T8276] ? ath9k_wmi_connect+0x2c0/0x2c0 [ 152.355516][ T8276] ? ath9k_wmi_ctrl_tx+0x50/0x50 [ 152.360455][ T8276] ath9k_init_htc_services+0xf3/0x1190 [ 152.365928][ T8276] ath9k_htc_probe_device+0x4f4/0x3e10 [ 152.371402][ T8276] ? ath9k_hif_usb_alloc_urbs+0x1b54/0x1ec0 [ 152.377305][ T8276] ath9k_htc_hw_init+0xdf/0x190 [ 152.382170][ T8276] ath9k_hif_usb_firmware_cb+0x42e/0xab0 [ 152.387816][ T8276] request_firmware_work_func+0x1b8/0x2e0 [ 152.393573][ T8276] ? ath9k_hif_request_firmware+0x930/0x930 [ 152.399460][ T8276] ? request_firmware_nowait+0x7c0/0x7c0 [ 152.405178][ T8276] process_one_work+0x121c/0x1fc0 [ 152.410222][ T8276] worker_thread+0x10cc/0x2740 [ 152.415156][ T8276] ? kmsan_get_metadata+0x116/0x180 [ 152.420347][ T8276] ? kmsan_get_metadata+0x116/0x180 [ 152.425534][ T8276] kthread+0x51c/0x560 [ 152.429589][ T8276] ? process_one_work+0x1fc0/0x1fc0 [ 152.434773][ T8276] ? kthread_blkcg+0x110/0x110 [ 152.439542][ T8276] ret_from_fork+0x1f/0x30 [ 152.444544][ T8276] Kernel Offset: disabled [ 152.448900][ T8276] Rebooting in 86400 seconds..