WARNING in hif_usb_send/usb_submit

WARNING in hif_usb_send/usb_submit_urb
Status: upstream: reported C repro on 2020/10/05 10:59
Reported-by: syzbot+f5378bcf0f0cab45c1c6@syzkaller.appspotmail.com
First crash: 480d, last: 20h05m

Cause bisection: introduced by (bisect log) [no-op commit]:
commit bb5cce12ac717c7462217cd493ed701d12d6dbce
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed May 13 10:29:58 2020 +0000

arm64: dts: fvp/juno: Fix node address fields

Crash: WARNING in hif_usb_send/usb_submit_urb (log)
Repro: C syz .config

duplicates (1):
Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
WARNING in handle_bug/usb_submit_urb	C			1	480d	480d	0/22	closed as dup on 2020/10/05 14:54

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2020/10/10 01:08	17m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v5.9-rc8	OK
2020/10/10 00:49	5m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v5.9-rc8	error
2020/10/09 18:55	5m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git 6c8cf369	error

Sample crash report:

usb 1-1: Manufacturer: syz
usb 1-1: SerialNumber: syz
usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 1 PID: 2990 at drivers/usb/core/urb.c:494 usb_submit_urb+0xacd/0x1550 drivers/usb/core/urb.c:493
Modules linked in:
CPU: 1 PID: 2990 Comm: kworker/1:2 Not tainted 5.11.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events request_firmware_work_func
RIP: 0010:usb_submit_urb+0xacd/0x1550 drivers/usb/core/urb.c:493
Code: d8 48 c1 e8 03 42 8a 04 28 84 c0 0f 85 bd 07 00 00 44 8b 03 48 c7 c7 00 6b 5b 8a 4c 89 f6 4c 89 fa 89 e9 31 c0 e8 63 95 d5 fb <0f> 0b 4c 8b 74 24 30 45 89 f7 4c 89 ff 48 c7 c6 10 e6 08 8d e8 2a
RSP: 0018:ffffc900097ef858 EFLAGS: 00010246
RAX: 47659aa2ede5d900 RBX: ffffffff8a5b6928 RCX: ffff88801b5e9bc0
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff815fb522 R09: ffffed10173a60b8
R10: ffffed10173a60b8 R11: 0000000000000000 R12: ffff88802137db00
R13: dffffc0000000000 R14: ffffffff8a5c0b60 R15: ffff888012929410
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3699403000 CR3: 000000001295b000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]
 hif_usb_send+0x390/0xc60 drivers/net/wireless/ath/ath9k/hif_usb.c:479
 htc_connec

Fix bisection attempts:
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro
ci-upstream-kasan-gce-smack-root	2021/08/16 03:47	upstream	7c60610d4767	2bd9619f	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2021/07/17 00:20	upstream	0d18c12b288a	2bd9619f	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2021/06/16 22:16	upstream	6b00bc639f1f	2bd9619f	.config	log	report	syz	C

Crashes (218):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-smack-root	2021/02/10 04:42	upstream	e0756cfc7d7c	2bd9619f	.config	log	report	syz	C		WARNING in hif_usb_send/usb_submit_urb
ci-upstream-kasan-gce-root	2021/02/01 11:15	upstream	1048ba83fb1c	fc9fd31e	.config	log	report	syz	C		WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2020/10/09 14:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	6c8cf3695176	fa79ed2a	.config	log	report	syz	C
ci-qemu-upstream	2022/01/25 23:49	upstream	0280e3c58f92	2cbffd88	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2022/01/24 01:03	upstream	dd81e1c7d5fb	214351e1	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2022/01/19 10:05	upstream	99613159ad74	0620189b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2022/01/15 19:31	upstream	a33f5c380c4b	723cfaf0	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2022/01/01 09:49	upstream	800829388818	e1768e9c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2021/12/24 09:55	upstream	7a29b11da965	6caa12e4	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2021/12/20 21:06	upstream	86085fe79e3c	62bd192b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-upstream-kasan-gce-root	2021/12/13 12:33	upstream	2585cf9dfaad	49ca1f59	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2021/12/05 21:38	upstream	944207047ca4	a617004c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2021/11/29 16:12	upstream	d58071a8a76d	d0830353	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream	2021/11/21 10:51	upstream	923dcc5eb0c1	4eb20a4e	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream-386	2022/01/27 21:01	upstream	626b2dda7651	64a8e201	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream-386	2022/01/19 12:38	upstream	1d1df41c5a33	0620189b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream-386	2022/01/04 19:06	upstream	c9e6606c7fe9	0a2584dd	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream-386	2021/12/30 20:01	upstream	9bad743e8d22	2e49f10d	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream-386	2021/12/17 16:24	upstream	6441998e2e37	44068e19	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci-qemu-upstream-386	2021/11/02 13:44	upstream	bfc484fe6abb	098b5d53	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/28 04:43	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	993a44fa85c1	495e00c5	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/27 16:52	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	993a44fa85c1	64a8e201	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/27 03:15	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	993a44fa85c1	2cbffd88	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/26 14:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	75c19f487fcd	2cbffd88	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/17 10:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	455e73a07f6e	731a2d23	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/13 16:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	455e73a07f6e	b8d780ab	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/13 09:52	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	455e73a07f6e	44d1319a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/06 19:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	601a5bc1aeef	6acc789a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2022/01/01 02:49	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	db3e8244bd1c	e1768e9c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/31 00:09	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	db3e8244bd1c	36bd2e48	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/30 12:08	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	510a0bdb2bfc	2e49f10d	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/28 01:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ce1d37cb7697	6b3c5e64	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/27 13:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ce1d37cb7697	5140bd58	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/21 20:48	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ce1d37cb7697	6caa12e4	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/21 07:06	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4daf08a0afa8	62bd192b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/17 23:58	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f2b42379c576	44068e19	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/15 18:01	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	cdf8e2de16c0	572bcb40	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/11 01:58	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	d598c3c46ea6	49ca1f59	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/06 10:25	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	d598c3c46ea6	579a8754	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/05 14:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9899aa5ba525	a617004c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/12/04 00:55	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e1c72d907f4c	a617004c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/25 18:12	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	c4bc515d73b5	63eeac02	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/20 02:46	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4616dddcfaf7	4eb20a4e	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/18 14:32	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4616dddcfaf7	31a30fc0	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/18 03:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4616dddcfaf7	cafff8b6	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/15 10:02	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	8ab774587903	75b04091	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/14 12:53	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	c8c109546a19	75b04091	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/10 01:26	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	048ff8629e11	55fa030c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/09 13:00	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	048ff8629e11	59bcaf9a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/09 00:01	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	048ff8629e11	8ab17e57	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/04 18:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	048ff8629e11	4c1be0be	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/11/03 14:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a0548b26901f	4c1be0be	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/10/29 08:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	79a4479a17b8	2353a3ec	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/10/27 13:37	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	79a4479a17b8	be531bb4	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/10/26 21:27	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	79a4479a17b8	d50eb50a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/09 10:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	841081d89d5a	a6c52263	.config	log	report			info
ci2-upstream-usb	2020/10/05 09:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	168ae5a74b4a	5ef9c291	.config	log	report			info