WARNING in hif_usb_send/usb_submit

WARNING in hif_usb_send/usb_submit_urb
Status: upstream: reported C repro on 2020/10/05 10:59
Reported-by: syzbot+f5378bcf0f0cab45c1c6@syzkaller.appspotmail.com
First crash: 191d, last: 21h22m

Cause bisection: introduced by (bisect log) [no-op commit]:
commit bb5cce12ac717c7462217cd493ed701d12d6dbce
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed May 13 10:29:58 2020 +0000

arm64: dts: fvp/juno: Fix node address fields

Crash: WARNING in hif_usb_send/usb_submit_urb (log)
Repro: C syz .config

duplicates (1):
Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
WARNING in handle_bug/usb_submit_urb	C			1	191d	191d	0/22	closed as dup on 2020/10/05 14:54

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2020/10/10 01:08	17m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v5.9-rc8	OK
2020/10/10 00:49	5m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v5.9-rc8	error
2020/10/09 18:55	5m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git 6c8cf369	error

Sample crash report:

usb 1-1: Manufacturer: syz
usb 1-1: SerialNumber: syz
usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 1 PID: 2990 at drivers/usb/core/urb.c:494 usb_submit_urb+0xacd/0x1550 drivers/usb/core/urb.c:493
Modules linked in:
CPU: 1 PID: 2990 Comm: kworker/1:2 Not tainted 5.11.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events request_firmware_work_func
RIP: 0010:usb_submit_urb+0xacd/0x1550 drivers/usb/core/urb.c:493
Code: d8 48 c1 e8 03 42 8a 04 28 84 c0 0f 85 bd 07 00 00 44 8b 03 48 c7 c7 00 6b 5b 8a 4c 89 f6 4c 89 fa 89 e9 31 c0 e8 63 95 d5 fb <0f> 0b 4c 8b 74 24 30 45 89 f7 4c 89 ff 48 c7 c6 10 e6 08 8d e8 2a
RSP: 0018:ffffc900097ef858 EFLAGS: 00010246
RAX: 47659aa2ede5d900 RBX: ffffffff8a5b6928 RCX: ffff88801b5e9bc0
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff815fb522 R09: ffffed10173a60b8
R10: ffffed10173a60b8 R11: 0000000000000000 R12: ffff88802137db00
R13: dffffc0000000000 R14: ffffffff8a5c0b60 R15: ffff888012929410
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3699403000 CR3: 000000001295b000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]
 hif_usb_send+0x390/0xc60 drivers/net/wireless/ath/ath9k/hif_usb.c:479
 htc_connec

Crashes (95):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-smack-root	2021/02/10 04:42	upstream	e0756cfc	2bd9619f	.config	log	report	syz	C		WARNING in hif_usb_send/usb_submit_urb
ci-upstream-kasan-gce-root	2021/02/01 11:15	upstream	1048ba83	fc9fd31e	.config	log	report	syz	C		WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2020/10/09 14:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	6c8cf369	fa79ed2a	.config	log	report	syz	C
ci2-upstream-usb	2021/04/14 09:50	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	401411bb	3134b37f	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/13 11:20	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	401411bb	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/12 20:52	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9bc46a12	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/10 03:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	49696027	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/09 14:13	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4050f268	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/05 08:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f70d436f	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/03 04:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	bee1f89a	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/02 14:45	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04dd6e76	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/29 01:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e5242861	a8529b82	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/26 10:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	049d3db6	a8529b82	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/25 08:14	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	049d3db6	6a383ecf	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/22 18:31	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f85142af	8092f30d	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/22 08:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f85142af	bea32f74	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/03 17:06	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	5e17812c	06ed56cd	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/23 02:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	31caf8b2	fcc6d71b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/20 10:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546	3e5ed8b4	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/19 15:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546	f689d40a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/17 19:33	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546	14052202	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/17 07:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546	052f8d9f	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/12 07:13	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	7a1e838d	a5f86b15	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/11 18:01	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	7a1e838d	a5f86b15	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/10 22:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1ebe718b	a52ee10a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/10 12:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	43861d29	9c8b8541	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/07 07:37	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	8cf9045b	2ce644fc	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/06 12:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	23e32a59	0655e081	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/05 12:43	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	23e32a59	23a562df	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/04 12:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	2a1673f0	42b90a7c	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/02 22:52	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	64eaa0fa	624dad51	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/01 15:20	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	29b01295	e6b95f32	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/01 13:35	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	3c648d3d	e6b95f32	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/30 08:22	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	3c648d3d	fc9fd31e	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/30 08:21	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	3c648d3d	fc9fd31e	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/29 07:58	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1a9e38ca	6593fd32	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/26 18:16	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	7a35a5ca	55a7d4df	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/26 17:08	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	7cbcd008	55a7d4df	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/25 11:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f75a1025	52e37319	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/09 10:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	841081d8	a6c52263	.config	log	report			info
ci2-upstream-usb	2021/01/07 14:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	841081d8	c104d4a3	.config	log	report			info
ci2-upstream-usb	2021/01/06 10:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ed054e4e	fff20c29	.config	log	report			info
ci2-upstream-usb	2021/01/04 16:29	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	8280de6a	79264ae3	.config	log	report			info
ci2-upstream-usb	2020/12/31 02:15	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	cb4d9b52	5cc121d6	.config	log	report			info
ci2-upstream-usb	2020/12/30 02:08	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	cb4d9b52	0fa352f2	.config	log	report			info
ci2-upstream-usb	2020/12/29 13:36	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	cb4d9b52	80910769	.config	log	report			info
ci2-upstream-usb	2020/12/29 03:58	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	32510cf5	8259d56c	.config	log	report			info
ci2-upstream-usb	2020/12/23 11:57	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	3644e2d2	c2c1d1dd	.config	log	report			info
ci2-upstream-usb	2020/12/13 18:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a256e240	8f160dd5	.config	log	report			info
ci2-upstream-usb	2020/12/12 00:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a256e240	bca53db9	.config	log	report			info
ci2-upstream-usb	2020/10/05 09:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	168ae5a7	5ef9c291	.config	log	report			info