WARNING in hif_usb_send/usb_submit

WARNING in hif_usb_send/usb_submit_urb
Status: upstream: reported C repro on 2020/10/05 10:59
Reported-by: syzbot+f5378bcf0f0cab45c1c6@syzkaller.appspotmail.com
First crash: 358d, last: 21h30m

Cause bisection: introduced by (bisect log) [no-op commit]:
commit bb5cce12ac717c7462217cd493ed701d12d6dbce
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed May 13 10:29:58 2020 +0000

arm64: dts: fvp/juno: Fix node address fields

Crash: WARNING in hif_usb_send/usb_submit_urb (log)
Repro: C syz .config

duplicates (1):
Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
WARNING in handle_bug/usb_submit_urb	C			1	358d	358d	0/22	closed as dup on 2020/10/05 14:54

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2020/10/10 01:08	17m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v5.9-rc8	OK
2020/10/10 00:49	5m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v5.9-rc8	error
2020/10/09 18:55	5m	stern@rowland.harvard.edu	patch	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git 6c8cf369	error

Sample crash report:

usb 1-1: Manufacturer: syz
usb 1-1: SerialNumber: syz
usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 1 PID: 2990 at drivers/usb/core/urb.c:494 usb_submit_urb+0xacd/0x1550 drivers/usb/core/urb.c:493
Modules linked in:
CPU: 1 PID: 2990 Comm: kworker/1:2 Not tainted 5.11.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events request_firmware_work_func
RIP: 0010:usb_submit_urb+0xacd/0x1550 drivers/usb/core/urb.c:493
Code: d8 48 c1 e8 03 42 8a 04 28 84 c0 0f 85 bd 07 00 00 44 8b 03 48 c7 c7 00 6b 5b 8a 4c 89 f6 4c 89 fa 89 e9 31 c0 e8 63 95 d5 fb <0f> 0b 4c 8b 74 24 30 45 89 f7 4c 89 ff 48 c7 c6 10 e6 08 8d e8 2a
RSP: 0018:ffffc900097ef858 EFLAGS: 00010246
RAX: 47659aa2ede5d900 RBX: ffffffff8a5b6928 RCX: ffff88801b5e9bc0
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff815fb522 R09: ffffed10173a60b8
R10: ffffed10173a60b8 R11: 0000000000000000 R12: ffff88802137db00
R13: dffffc0000000000 R14: ffffffff8a5c0b60 R15: ffff888012929410
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3699403000 CR3: 000000001295b000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]
 hif_usb_send+0x390/0xc60 drivers/net/wireless/ath/ath9k/hif_usb.c:479
 htc_connec

Fix bisection attempts:
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro
ci-upstream-kasan-gce-smack-root	2021/08/16 03:47	upstream	7c60610d4767	2bd9619f	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2021/07/17 00:20	upstream	0d18c12b288a	2bd9619f	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2021/06/16 22:16	upstream	6b00bc639f1f	2bd9619f	.config	log	report	syz	C

Crashes (130):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-smack-root	2021/02/10 04:42	upstream	e0756cfc7d7c	2bd9619f	.config	log	report	syz	C		WARNING in hif_usb_send/usb_submit_urb
ci-upstream-kasan-gce-root	2021/02/01 11:15	upstream	1048ba83fb1c	fc9fd31e	.config	log	report	syz	C		WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2020/10/09 14:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	6c8cf3695176	fa79ed2a	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2021/05/04 07:35	upstream	d2b6f8a17919	09efdd63	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/27 15:27	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ae9a6149884e	78494d16	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/21 13:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a0f497199090	169724fe	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/21 08:32	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a0f497199090	af796c18	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/20 20:42	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ae8709b296d8	af796c18	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/20 08:25	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ae8709b296d8	3d9c9a2a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/17 02:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ae8709b296d8	5b989942	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/16 14:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ae8709b296d8	aae492f2	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/15 04:58	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	ae8709b296d8	07e953c1	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/14 09:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	44a0f3bb69a3	58d09404	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/10 09:45	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	bf9f243f23e6	5ae8508a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/08 10:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4b93c544e90e	e2776ee4	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/09/02 10:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1b4f3dfb4792	d0f0970b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/08/31 15:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9c1587d99f93	7eb7e152	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/08/27 17:34	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9c1587d99f93	57b01c6e	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/08/26 18:39	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	669bc5a188b4	b318694d	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/17 21:52	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/16 01:46	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/14 03:25	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	8bdd5343	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/13 13:56	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4676be28a46e	ecb594cb	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/11 02:09	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4676be28a46e	ca873091	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/10 12:48	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f91e5d097f12	ca873091	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/08 12:00	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	31a8503589c4	bc5434be	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/07 05:01	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	83a9d2a05296	06585184	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/06 15:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	8404c9fbc84b	06585184	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/05 08:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	d665ea6ea86c	06c27ff5	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/04 14:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4a0225c3d208	06c27ff5	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/05/03 13:53	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4a0225c3d208	ad61f371	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/28 05:49	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4a0225c3d208	77e2b668	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/26 22:08	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	caa93d9bd2d7	8ee2dea6	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/23 00:49	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	3343f376d4ba	590921a5	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/22 11:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	c560e76319a9	2bc8999a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/21 08:32	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4b853c236c7b	95777977	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/20 07:51	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4b853c236c7b	c0ced557	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/14 09:50	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	401411bbc4e6	3134b37f	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/13 11:20	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	401411bbc4e6	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/12 20:52	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9bc46a12c53d	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/10 03:28	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	496960274153	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/09 14:13	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	4050f2683f2c	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/05 08:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f70d436f0001	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/03 04:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	bee1f89aad2a	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/04/02 14:45	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04dd6e76b228	6a81331a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/29 01:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e5242861ec6a	a8529b82	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/26 10:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	049d3db625a6	a8529b82	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/25 08:14	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	049d3db625a6	6a383ecf	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/22 18:31	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f85142af3641	8092f30d	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/22 08:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f85142af3641	bea32f74	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/03/03 17:06	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	5e17812c22bc	06ed56cd	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/23 02:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	31caf8b2a847	fcc6d71b	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/20 10:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546e779	3e5ed8b4	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/19 15:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546e779	f689d40a	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/02/17 19:33	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b5a12546e779	14052202	.config	log	report			info	WARNING in hif_usb_send/usb_submit_urb
ci2-upstream-usb	2021/01/09 10:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	841081d89d5a	a6c52263	.config	log	report			info
ci2-upstream-usb	2020/10/05 09:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	168ae5a74b4a	5ef9c291	.config	log	report			info