dhcpcd-9.4.0 starting
dev: loaded udev
DUID 00:04:28:fc:25:ea:d7:72:11:85:ec:f5:a4:60:37:c9:76:43
forked to background, child pid 1204
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.14' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 27.555743][ T69] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 27.915743][ T69] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 28.085850][ T69] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 28.094886][ T69] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 28.102902][ T69] usb 1-1: Product: syz
[ 28.107073][ T69] usb 1-1: Manufacturer: syz
[ 28.111650][ T69] usb 1-1: SerialNumber: syz
[ 28.166956][ T69] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 28.735768][ T69] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 28.744997][ T69] ------------[ cut here ]------------
[ 28.750531][ T69] usb 1-1: BOGUS urb xfer, pipe 3 != type 1
[ 28.756650][ T69] WARNING: CPU: 1 PID: 69 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0
[ 28.766072][ T69] Modules linked in:
[ 28.769968][ T69] CPU: 1 PID: 69 Comm: kworker/1:2 Not tainted 5.16.0-rc8-syzkaller #0
[ 28.778238][ T69] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 28.788326][ T69] Workqueue: events request_firmware_work_func
[ 28.794477][ T69] RIP: 0010:usb_submit_urb+0xed2/0x18a0
[ 28.800086][ T69] Code: 7c 24 18 e8 60 f1 a6 fd 48 8b 7c 24 18 e8 d6 0a 1a ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 60 35 86 86 e8 6b 10 04 02 <0f> 0b e9 58 f8 ff ff e8 32 f1 a6 fd 48 81 c5 80 06 00 00 e9 84 f7
[ 28.819727][ T69] RSP: 0018:ffffc90000ebfb40 EFLAGS: 00010282
[ 28.825848][ T69] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[ 28.833816][ T69] RDX: ffff88810a2eb800 RSI: ffffffff812bacf8 RDI: fffff520001d7f5a
[ 28.841824][ T69] RBP: ffff888116098c50 R08: 0000000000000000 R09: 0000000000000000
[ 28.849915][ T69] R10: ffffffff812b4a9e R11: 0000000000000000 R12: 0000000000000003
[ 28.857921][ T69] R13: ffff88810bb15370 R14: 0000000000000003 R15: ffff8881087b9e00
[ 28.865918][ T69] FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000
[ 28.874841][ T69] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.881477][ T69] CR2: 00007ffe65c20c18 CR3: 00000001199b3000 CR4: 00000000003506e0
[ 28.889478][ T69] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 28.897479][ T69] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 28.905454][ T69] Call Trace:
[ 28.908766][ T69]
[ 28.911704][ T69] ath9k_hif_usb_alloc_urbs+0x7d8/0x1040
[ 28.917403][ T69] ath9k_hif_usb_firmware_cb+0x148/0x530
[ 28.923048][ T69] ? ath9k_hif_usb_alloc_urbs+0x1040/0x1040
[ 28.928971][ T69] request_firmware_work_func+0x12c/0x230
executing program
[ 28.934696][ T69] ? request_partial_firmware_into_buf+0xa0/0xa0
[ 28.941088][ T69] process_one_work+0x9b2/0x1660
[ 28.946079][ T69] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 28.950025][ T7] usb 1-1: USB disconnect, device number 2
[ 28.951465][ T69] ? rwlock_bug.part.0+0x90/0x90
[ 28.962243][ T69] ? _raw_spin_lock_irq+0x41/0x50
[ 28.968570][ T69] worker_thread+0x65d/0x1130
[ 28.973271][ T69] ? process_one_work+0x1660/0x1660
[ 28.978514][ T69] kthread+0x40b/0x500
[ 28.982588][ T69] ? set_kthread_struct+0x130/0x130
[ 28.987822][ T69] ret_from_fork+0x1f/0x30
[ 28.992247][ T69]
[ 28.995253][ T69] Kernel panic - not syncing: panic_on_warn set ...
[ 29.001815][ T69] CPU: 1 PID: 69 Comm: kworker/1:2 Not tainted 5.16.0-rc8-syzkaller #0
[ 29.010030][ T69] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 29.020078][ T69] Workqueue: events request_firmware_work_func
[ 29.026219][ T69] Call Trace:
[ 29.029481][ T69]
[ 29.032418][ T69] dump_stack_lvl+0xcd/0x134
[ 29.036999][ T69] panic+0x2b0/0x6dd
[ 29.040880][ T69] ? __warn_printk+0xf3/0xf3
[ 29.045458][ T69] ? __warn.cold+0x1a/0x44
[ 29.049886][ T69] ? usb_submit_urb+0xed2/0x18a0
[ 29.054805][ T69] __warn.cold+0x35/0x44
[ 29.059054][ T69] ? wake_up_klogd.part.0+0x9e/0xd0
[ 29.064236][ T69] ? usb_submit_urb+0xed2/0x18a0
[ 29.069155][ T69] report_bug+0x1bd/0x210
[ 29.073471][ T69] handle_bug+0x3c/0x60
[ 29.077610][ T69] exc_invalid_op+0x14/0x40
[ 29.082103][ T69] asm_exc_invalid_op+0x12/0x20
[ 29.086939][ T69] RIP: 0010:usb_submit_urb+0xed2/0x18a0
[ 29.092466][ T69] Code: 7c 24 18 e8 60 f1 a6 fd 48 8b 7c 24 18 e8 d6 0a 1a ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 60 35 86 86 e8 6b 10 04 02 <0f> 0b e9 58 f8 ff ff e8 32 f1 a6 fd 48 81 c5 80 06 00 00 e9 84 f7
[ 29.112052][ T69] RSP: 0018:ffffc90000ebfb40 EFLAGS: 00010282
[ 29.118103][ T69] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[ 29.126058][ T69] RDX: ffff88810a2eb800 RSI: ffffffff812bacf8 RDI: fffff520001d7f5a
[ 29.134011][ T69] RBP: ffff888116098c50 R08: 0000000000000000 R09: 0000000000000000
[ 29.142020][ T69] R10: ffffffff812b4a9e R11: 0000000000000000 R12: 0000000000000003
[ 29.149994][ T69] R13: ffff88810bb15370 R14: 0000000000000003 R15: ffff8881087b9e00
[ 29.157964][ T69] ? wake_up_klogd.part.0+0x8e/0xd0
[ 29.163175][ T69] ? vprintk+0x88/0x90
[ 29.167232][ T69] ath9k_hif_usb_alloc_urbs+0x7d8/0x1040
[ 29.172852][ T69] ath9k_hif_usb_firmware_cb+0x148/0x530
[ 29.178470][ T69] ? ath9k_hif_usb_alloc_urbs+0x1040/0x1040
[ 29.184350][ T69] request_firmware_work_func+0x12c/0x230
[ 29.190061][ T69] ? request_partial_firmware_into_buf+0xa0/0xa0
[ 29.196382][ T69] process_one_work+0x9b2/0x1660
[ 29.201307][ T69] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 29.206761][ T69] ? rwlock_bug.part.0+0x90/0x90
[ 29.211686][ T69] ? _raw_spin_lock_irq+0x41/0x50
[ 29.216702][ T69] worker_thread+0x65d/0x1130
[ 29.221459][ T69] ? process_one_work+0x1660/0x1660
[ 29.226642][ T69] kthread+0x40b/0x500
[ 29.230696][ T69] ? set_kthread_struct+0x130/0x130
[ 29.235877][ T69] ret_from_fork+0x1f/0x30
[ 29.240278][ T69]
[ 29.244154][ T69] Kernel Offset: disabled
[ 29.248607][ T69] Rebooting in 86400 seconds..