KASAN: use-after-free Read in ath9k_hif_usb_rx

KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (2)
Status: upstream: reported C repro on 2020/11/16 17:09
Reported-by: syzbot+03110230a11411024147@syzkaller.appspotmail.com
First crash: 215d, last: 1h13m

Cause bisection: introduced by (bisect log) :
commit dcd479e10a0510522a5d88b29b8f79ea3467d501
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri Oct 9 12:17:11 2020 +0000

mac80211: always wind down STA state

Crash: BUG: sleeping function called from invalid context in sta_info_move_state (log)
Repro: C syz .config

duplicates (1):
Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
KASAN: slab-out-of-bounds Read in ath9k_hif_usb_rx_cb (2)	C	error		181	3h23m	324d	0/22	closed as dup on 2021/01/13 11:30

similar bugs (4):
Kernel	Title	Repro	Cause bisect	Count	Last	Reported	Patched	Status
upstream	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb	C		2849	215d	450d	17/22	fixed on 2020/11/16 12:12
upstream	KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3)	C	unreliable	5	13d	165d	0/22	upstream: reported C repro on 2021/01/05 16:03
upstream	KASAN: slab-out-of-bounds Read in ath9k_hif_usb_rx_cb (2)	C	error	181	3h23m	324d	0/22	closed as dup on 2021/01/13 11:30
upstream	general protection fault in ath9k_hif_usb_rx_cb (2)	C	error	765	58m	337d	0/22	upstream: reported C repro on 2020/07/17 18:56

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2021/06/17 21:59	14m	fuzzybritches0@gmail.com	patch	https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git 009c9aa5be652675a06d5211e1640e02bbb1c33d	report log
2021/06/17 17:38	16m	fuzzybritches0@gmail.com	patch	https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git 009c9aa5be652675a06d5211e1640e02bbb1c33d	report log
2021/06/17 12:27	12m	fuzzybritches0@gmail.com	patch	https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git 009c9aa5be652675a06d5211e1640e02bbb1c33d	report log
2021/03/12 08:39	9m	mail@anirudhrb.com		linux-next	report log

Sample crash report:

==================================================================
BUG: KASAN: use-after-free in ath9k_hif_usb_rx_stream drivers/net/wireless/ath/ath9k/hif_usb.c:636 [inline]
BUG: KASAN: use-after-free in ath9k_hif_usb_rx_cb+0x9ff/0x10b0 drivers/net/wireless/ath/ath9k/hif_usb.c:680
Read of size 4 at addr ffff88801f394178 by task kworker/1:7/8551

CPU: 1 PID: 8551 Comm: kworker/1:7 Not tainted 5.13.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events request_firmware_work_func
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x202/0x31e lib/dump_stack.c:120
 print_address_description+0x5f/0x3b0 mm/kasan/report.c:233
 __kasan_report mm/kasan/report.c:419 [inline]
 kasan_report+0x15c/0x200 mm/kasan/report.c:436
 ath9k_hif_usb_rx_stream drivers/net/wireless/ath/ath9k/hif_usb.c:636 [inline]
 ath9k_hif_usb_rx_cb+0x9ff/0x10b0 drivers/net/wireless/ath/ath9k/hif_usb.c:680
 __usb_hcd_giveback_urb+0x375/0x520 drivers/usb/core/hcd.c:1656
 dummy_timer+0x808/0x3100 drivers/usb/gadget/udc/dummy_hcd.c:1978
 call_timer_fn+0xf6/0x210 kernel/time/timer.c:1431
 expire_timers kernel/time/timer.c:1476 [inline]
 __run_timers+0x6ff/0x910 kernel/time/timer.c:1745
 run_timer_softirq+0x63/0xf0 kernel/time/timer.c:1758
 __do_softirq+0x372/0x7a6 kernel/softirq.c:559
 invoke_softirq kernel/softirq.c:433 [inline]
 __irq_exit_rcu+0x245/0x280 kernel/softirq.c:637
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:649
 sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1100
 </IRQ>
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:647
RIP: 0010:console_trylock_spinning+0x31b/0x3a0 kernel/printk/printk.c:1894
Code: 08 4d 85 ed 74 91 e8 14 c5 19 00 fb 31 db eb 41 e8 0a c5 19 00 e8 85 40 5b 08 4d 85 ed 74 d1 e8 fb c4 19 00 fb bb 01 00 00 00 <48> c7 c7 c0 21 df 8c 31 f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00
RSP: 0018:ffffc90001d2f740 EFLAGS: 00000293
RAX: ffffffff81655415 RBX: 0000000000000001 RCX: ffff8880192d3880
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90001d2f810 R08: ffffffff816553d2 R09: fffffbfff204ddc3
R10: fffffbfff204ddc3 R11: 0000000000000000 R12: 1ffff920003a5ee8
R13: 0000000000000200 R14: 0000000000000086 R15: dffffc0000000000
 vprintk_emit+0x201/0x2f0 kernel/printk/printk.c:2173
 vprintk+0x30d/0x370 kernel/printk/printk_safe.c:392
 printk+0xc0/0x108 kernel/printk/printk.c:2216
 ath9k_htc_hw_init+0x64/0x70 drivers/net/wireless/ath/ath9k/htc_hst.c:504
 ath9k_hif_usb_firmware_cb+0x250/0x4e0 drivers/net/wireless/ath/ath9k/hif_usb.c:1239
 request_firmware_work_func+0x175/0x250 drivers/base/firmware_loader/main.c:1081
 process_one_work+0x833/0x10c0 kernel/workqueue.c:2276
 worker_thread+0xac1/0x1300 kernel/workqueue.c:2422
 kthread+0x39a/0x3c0 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

The buggy address belongs to the page:
page:ffffea00007ce500 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f394
flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000000000 0000000000000000 ffffea00007ce508 0000000000000000
raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as freed
page last allocated via order 3, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), pid 8551, ts 1764093969333, free_ts 1765108772068
 prep_new_page mm/page_alloc.c:2358 [inline]
 get_page_from_freelist+0x779/0xa20 mm/page_alloc.c:3994
 __alloc_pages+0x26c/0x5f0 mm/page_alloc.c:5200
 kmalloc_order+0x41/0x170 mm/slab_common.c:923
 kmalloc_order_trace+0x15/0x70 mm/slab_common.c:939
 kmalloc_large include/linux/slab.h:485 [inline]
 __kmalloc+0x298/0x390 mm/slub.c:4043
 kmalloc include/linux/slab.h:561 [inline]
 kzalloc include/linux/slab.h:686 [inline]
 wiphy_new_nm+0x60d/0x1760 net/wireless/core.c:449
 ieee80211_alloc_hw_nm+0x2bd/0x1f80 net/mac80211/main.c:579
 ieee80211_alloc_hw include/net/mac80211.h:4261 [inline]
 ath9k_htc_probe_device+0xaa/0x20b0 drivers/net/wireless/ath/ath9k/htc_drv_init.c:939
 ath9k_htc_hw_init+0x30/0x70 drivers/net/wireless/ath/ath9k/htc_hst.c:503
 ath9k_hif_usb_firmware_cb+0x250/0x4e0 drivers/net/wireless/ath/ath9k/hif_usb.c:1239
 request_firmware_work_func+0x175/0x250 drivers/base/firmware_loader/main.c:1081
 process_one_work+0x833/0x10c0 kernel/workqueue.c:2276
 worker_thread+0xac1/0x1300 kernel/workqueue.c:2422
 kthread+0x39a/0x3c0 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1298 [inline]
 __free_pages_ok+0x10a5/0x1180 mm/page_alloc.c:1572
 kfree+0x287/0x2d0 mm/slub.c:4209
 device_release+0x98/0x1c0 drivers/base/core.c:2186
 kobject_cleanup+0x1c9/0x280 lib/kobject.c:705
 ath9k_htc_probe_device+0x1003/0x20b0 drivers/net/wireless/ath/ath9k/htc_drv_init.c:976
 ath9k_htc_hw_init+0x30/0x70 drivers/net/wireless/ath/ath9k/htc_hst.c:503
 ath9k_hif_usb_firmware_cb+0x250/0x4e0 drivers/net/wireless/ath/ath9k/hif_usb.c:1239
 request_firmware_work_func+0x175/0x250 drivers/base/firmware_loader/main.c:1081
 process_one_work+0x833/0x10c0 kernel/workqueue.c:2276
 worker_thread+0xac1/0x1300 kernel/workqueue.c:2422
 kthread+0x39a/0x3c0 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Memory state around the buggy address:
 ffff88801f394000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff88801f394080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
>ffff88801f394100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                                                ^
 ffff88801f394180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff88801f394200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================

Crashes (3822):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-smack-root	2021/06/19 17:04	upstream	b1edae0d	aba2b2fb	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/06/17 11:49	upstream	6b00bc63	aba2b2fb	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/06/14 08:42	upstream	e4e45343	1ba81399	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/06/04 11:50	upstream	f88cd3fb	0740de69	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/06/03 00:22	upstream	324c92e5	0740de69	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/06/02 02:30	upstream	c2131f7e	032639db	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/06/01 21:48	upstream	c2131f7e	032639db	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/05/31 20:01	upstream	8124c8a6	032639db	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/05/30 11:34	upstream	6799d4f2	325a8dab	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/05/30 09:59	upstream	6799d4f2	325a8dab	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/05/30 07:57	upstream	6799d4f2	325a8dab	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/05/29 12:37	upstream	5ff2756a	858ea628	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/05/27 12:22	upstream	7ac3a1c1	858ea628	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/05/27 10:22	upstream	7ac3a1c1	858ea628	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/04/30 02:57	upstream	d2b6f8a1	77e2b668	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/04/28 20:07	upstream	acd3d285	77e2b668	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/03/24 06:50	upstream	7acac4b3	e613994b	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/03/23 06:25	upstream	84196390	8092f30d	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/03/21 17:31	upstream	812da4d3	17810eae	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/03/05 10:27	upstream	cee407c5	9d751681	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/02/24 13:16	upstream	c03c21ba	fcc6d71b	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/02/20 23:18	upstream	f40ddce8	3e5ed8b4	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/02/20 18:05	upstream	f40ddce8	3e5ed8b4	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/02/20 01:10	upstream	f40ddce8	f689d40a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/02/19 23:55	upstream	f40ddce8	f689d40a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/02/19 00:29	upstream	f40ddce8	14052202	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/02/17 02:51	upstream	f40ddce8	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/02/16 12:05	upstream	f40ddce8	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/02/16 00:02	upstream	f40ddce8	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/02/14 12:31	upstream	ac30d8ce	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce	2021/02/14 07:52	upstream	ac30d8ce	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/02/14 02:58	upstream	ac30d8ce	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce	2021/02/12 03:59	upstream	291009f6	a5f86b15	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-root	2021/02/12 02:25	upstream	291009f6	a5f86b15	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/17 05:57	linux-next	1216f02e	7e2b734b	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/14 08:09	linux-next	dcf1b51d	a184b83e	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/11 23:48	linux-next	e99d8a84	bfeda1b1	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/04/09 01:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e9fcb077	6a81331a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/06 09:32	linux-next	454c576c	6a81331a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/05 06:57	linux-next	454c576c	6a81331a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/04 08:27	linux-next	454c576c	6a81331a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/04/01 10:15	linux-next	93129492	6a81331a	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-linux-next-kasan-gce-root	2021/03/23 05:22	linux-next	e3128d2f	8092f30d	.config	log	report	syz	C		KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-386	2020/11/18 16:30	upstream	0fa8ee0d	09323409	.config	log	report	syz	C
ci2-upstream-usb	2021/01/11 08:35	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	841081d8	2c1f2513	.config	log	report	syz	C
ci2-upstream-usb	2020/11/16 16:45	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	0fb2c41f	1bf9a662	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2021/06/10 06:38	upstream	cd1245d7	1ba81399	.config	log	report	syz			KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-smack-root	2021/05/30 06:19	upstream	6799d4f2	325a8dab	.config	log	report	syz			KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-qemu-upstream	2021/06/03 13:40	upstream	324c92e5	0740de69	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-selinux-root	2021/05/26 08:33	upstream	ad9f25d3	93d3a9f6	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce	2021/05/19 22:06	upstream	8ac91e6c	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci-upstream-kasan-gce-386	2021/05/14 12:18	upstream	315d9931	8bdd5343	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/20 05:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/20 02:47	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/20 01:30	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 23:25	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 20:14	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 19:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 15:37	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 12:05	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 09:12	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/19 05:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 22:59	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 20:50	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	04d72afa	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 15:49	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b31d9d6d	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 06:36	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b31d9d6d	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 03:42	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b31d9d6d	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 02:22	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e5662158	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/18 00:25	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e5662158	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/17 20:51	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	e5662158	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/17 05:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1da8116e	aba2b2fb	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/16 19:49	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1da8116e	c06f97ad	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/16 18:25	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1da8116e	c06f97ad	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/16 06:01	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	5f4dee73	990d3cbe	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/16 02:48	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	5f4dee73	990d3cbe	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 22:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	5f4dee73	990d3cbe	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 15:00	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	8022d7e3	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 13:58	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	8022d7e3	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 11:06	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	8022d7e3	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 06:34	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 05:26	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 03:21	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/15 01:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 23:56	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	1f28f6f0	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 20:26	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	37fdb7c9	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 19:14	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	37fdb7c9	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 17:22	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	37fdb7c9	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 14:22	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	37fdb7c9	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 12:22	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	37fdb7c9	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 10:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	37fdb7c9	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 05:44	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	12f73979	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 04:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	12f73979	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/14 03:11	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	12f73979	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2021/06/13 23:42	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	12f73979	1ba81399	.config	log	report			info	KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb	2020/11/16 16:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	0fb2c41f	1bf9a662	.config	log	report			info