forked to background, child pid 3171
no interfaces have a carri[ 17.455910][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0
er
[ 17.465102][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.233' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 34.419058][ T6] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 34.939094][ T6] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 34.948128][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 34.956125][ T6] usb 1-1: Product: syz
[ 34.960299][ T6] usb 1-1: Manufacturer: syz
[ 34.964869][ T6] usb 1-1: SerialNumber: syz
[ 35.009518][ T6] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 35.579147][ T6] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 36.619032][ T6] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 36.625962][ T6] ath9k_htc: Failed to initialize the device
[ 36.739009][ C0] ==================================================================
[ 36.747074][ C0] BUG: KASAN: slab-out-of-bounds in ath9k_hif_usb_rx_cb+0xea7/0x10d0
[ 36.755118][ C0] Read of size 4 at addr ffff8880161c4348 by task swapper/0/0
[ 36.762552][ C0]
[ 36.764854][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.17.0-syzkaller-12817-gcffb2b72d3ed #0
[ 36.775593][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 36.785621][ C0] Call Trace:
[ 36.788875][ C0]
[ 36.791708][ C0] dump_stack_lvl+0xcd/0x134
[ 36.796290][ C0] print_address_description.constprop.0.cold+0xeb/0x495
[ 36.803291][ C0] ? ath9k_hif_usb_rx_cb+0xea7/0x10d0
[ 36.808638][ C0] kasan_report.cold+0xf4/0x1c6
[ 36.813462][ C0] ? ath9k_hif_usb_rx_cb+0xea7/0x10d0
[ 36.818808][ C0] ath9k_hif_usb_rx_cb+0xea7/0x10d0
[ 36.823980][ C0] ? __lock_acquire+0x290/0x56c0
[ 36.828903][ C0] ? hif_usb_start+0xa0/0xa0
[ 36.833467][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 36.838375][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 36.843198][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 36.848542][ C0] usb_hcd_giveback_urb+0x367/0x410
[ 36.853729][ C0] dummy_timer+0x11f9/0x32b0
[ 36.858299][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 36.863217][ C0] ? dummy_dequeue+0x500/0x500
[ 36.867963][ C0] ? dummy_dequeue+0x500/0x500
[ 36.872702][ C0] call_timer_fn+0x1a5/0x6b0
[ 36.877266][ C0] ? timer_fixup_activate+0x350/0x350
[ 36.882610][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 36.887436][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 36.892350][ C0] ? __next_timer_interrupt+0x244/0x2c0
[ 36.897885][ C0] ? dummy_dequeue+0x500/0x500
[ 36.902622][ C0] ? dummy_dequeue+0x500/0x500
[ 36.907374][ C0] __run_timers.part.0+0x67c/0xa30
[ 36.912466][ C0] ? call_timer_fn+0x6b0/0x6b0
[ 36.917221][ C0] ? kvm_sched_clock_read+0x14/0x40
[ 36.922411][ C0] ? sched_clock_cpu+0x15/0x1f0
[ 36.927254][ C0] ? tick_program_event+0xb4/0x140
[ 36.932350][ C0] run_timer_softirq+0xb3/0x1d0
[ 36.937186][ C0] __do_softirq+0x29b/0x9c2
[ 36.941680][ C0] __irq_exit_rcu+0x123/0x180
[ 36.946350][ C0] irq_exit_rcu+0x5/0x20
[ 36.950580][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 36.956200][ C0]
[ 36.959109][ C0]
[ 36.962019][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 36.968072][ C0] RIP: 0010:acpi_idle_do_entry+0x1c6/0x250
[ 36.973862][ C0] Code: 89 de e8 1d e3 17 f8 84 db 75 ac e8 34 df 17 f8 e8 af 26 1e f8 eb 0c e8 28 df 17 f8 0f 00 2d 11 60 d1 00 e8 1c df 17 f8 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 97 e1 17 f8 48 85 db
[ 36.993459][ C0] RSP: 0018:ffffffff8ba07d60 EFLAGS: 00000293
[ 36.999508][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 37.007460][ C0] RDX: ffffffff8babc700 RSI: ffffffff8960bc54 RDI: ffffffff8960bc41
[ 37.015417][ C0] RBP: ffff888145b8c864 R08: 0000000000000000 R09: 0000000000000000
[ 37.023373][ C0] R10: ffffffff817ee328 R11: 0000000000000000 R12: 0000000000000001
[ 37.031349][ C0] R13: ffff888145b8c800 R14: ffff888145b8c864 R15: ffff888146187804
[ 37.0393