Warning: Permanently added '10.128.0.237' (ECDSA) to the list of known hosts. executing program [ 141.172358][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 141.542389][ T7] usb 1-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x4, skipping [ 141.722616][ T7] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 141.731769][ T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.739969][ T7] usb 1-1: Product: syz [ 141.744414][ T7] usb 1-1: Manufacturer: syz [ 141.749177][ T7] usb 1-1: SerialNumber: syz [ 141.793997][ T7] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 142.462387][ T8263] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 142.682507][ T8263] ===================================================== [ 142.689492][ T8263] BUG: KMSAN: kernel-usb-infoleak in kmsan_handle_urb+0x28/0x40 [ 142.697147][ T8263] CPU: 0 PID: 8263 Comm: kworker/0:3 Not tainted 5.10.0-rc4-syzkaller #0 [ 142.705547][ T8263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.715612][ T8263] Workqueue: events request_firmware_work_func [ 142.721750][ T8263] Call Trace: [ 142.725054][ T8263] dump_stack+0x21c/0x280 [ 142.729558][ T8263] kmsan_report+0xf7/0x1e0 [ 142.733964][ T8263] kmsan_internal_check_memory+0x202/0x520 [ 142.739928][ T8263] ? kmsan_get_metadata+0x116/0x180 [ 142.745143][ T8263] kmsan_handle_urb+0x28/0x40 [ 142.749903][ T8263] usb_submit_urb+0x87f/0x2530 [ 142.754667][ T8263] ? usb_anchor_urb+0x396/0x580 [ 142.759522][ T8263] hif_usb_send+0x5f8/0x1710 [ 142.764118][ T8263] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 142.769923][ T8263] htc_connect_service+0x14b4/0x19f0 [ 142.775286][ T8263] ? hif_usb_sta_drain+0x6c0/0x6c0 [ 142.780405][ T8263] ath9k_wmi_connect+0x178/0x2c0 [ 142.785350][ T8263] ? ath9k_wmi_connect+0x2c0/0x2c0 [ 142.790730][ T8263] ? ath9k_wmi_ctrl_tx+0x50/0x50 [ 142.795682][ T8263] ath9k_init_htc_services+0xf3/0x1190 [ 142.801145][ T8263] ath9k_htc_probe_device+0x4f4/0x3e10 [ 142.806907][ T8263] ? ath9k_hif_usb_alloc_urbs+0x1b54/0x1ec0 [ 142.812814][ T8263] ath9k_htc_hw_init+0xdf/0x190 [ 142.817669][ T8263] ath9k_hif_usb_firmware_cb+0x42e/0xab0 [ 142.823290][ T8263] request_firmware_work_func+0x1b8/0x2e0 [ 142.829015][ T8263] ? ath9k_hif_request_firmware+0x930/0x930 [ 142.834907][ T8263] ? request_firmware_nowait+0x7c0/0x7c0 [ 142.840566][ T8263] process_one_work+0x121c/0x1fc0 [ 142.845622][ T8263] worker_thread+0x10cc/0x2740 [ 142.850588][ T8263] ? kmsan_get_metadata+0x116/0x180 [ 142.855795][ T8263] ? kmsan_get_metadata+0x116/0x180 [ 142.861005][ T8263] kthread+0x51c/0x560 [ 142.865098][ T8263] ? process_one_work+0x1fc0/0x1fc0 [ 142.868124][ T33] usb 1-1: USB disconnect, device number 2 [ 142.870362][ T8263] ? kthread_blkcg+0x110/0x110 [ 142.881120][ T8263] ret_from_fork+0x1f/0x30 [ 142.885532][ T8263] [ 142.887877][ T8263] Uninit was created at: [ 142.892122][ T8263] kmsan_internal_poison_shadow+0x5c/0xf0 [ 142.897835][ T8263] kmsan_slab_alloc+0x8d/0xe0 [ 142.902505][ T8263] __kmalloc_node_track_caller+0xc61/0x15f0 [ 142.908388][ T8263] __alloc_skb+0x309/0xae0 [ 142.912798][ T8263] htc_connect_service+0x1057/0x19f0 [ 142.918073][ T8263] ath9k_wmi_connect+0x178/0x2c0 [ 142.923003][ T8263] ath9k_init_htc_services+0xf3/0x1190 [ 142.928451][ T8263] ath9k_htc_probe_device+0x4f4/0x3e10 [ 142.933900][ T8263] ath9k_htc_hw_init+0xdf/0x190 [ 142.938743][ T8263] ath9k_hif_usb_firmware_cb+0x42e/0xab0 [ 142.944369][ T8263] request_firmware_work_func+0x1b8/0x2e0 [ 142.950076][ T8263] process_one_work+0x121c/0x1fc0 [ 142.955106][ T8263] worker_thread+0x10cc/0x2740 [ 142.959858][ T8263] kthread+0x51c/0x560 [ 142.963920][ T8263] ret_from_fork+0x1f/0x30 [ 142.968315][ T8263] [ 142.970718][ T8263] Bytes 4-7 of 18 are uninitialized [ 142.975931][ T8263] Memory access of size 18 starts at ffff888121bae400 [ 142.982694][ T8263] ===================================================== [ 142.989614][ T8263] Disabling lock debugging due to kernel taint [ 142.995748][ T8263] Kernel panic - not syncing: panic_on_warn set ... [ 143.002504][ T8263] CPU: 0 PID: 8263 Comm: kworker/0:3 Tainted: G B 5.10.0-rc4-syzkaller #0 [ 143.012303][ T8263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.022360][ T8263] Workqueue: events request_firmware_work_func [ 143.028503][ T8263] Call Trace: [ 143.031904][ T8263] dump_stack+0x21c/0x280 [ 143.036314][ T8263] panic+0x4c8/0xea7 [ 143.040379][ T8263] ? add_taint+0x17c/0x210 [ 143.044794][ T8263] kmsan_report+0x1da/0x1e0 [ 143.049297][ T8263] kmsan_internal_check_memory+0x202/0x520 [ 143.055440][ T8263] ? kmsan_get_metadata+0x116/0x180 [ 143.060814][ T8263] kmsan_handle_urb+0x28/0x40 [ 143.065489][ T8263] usb_submit_urb+0x87f/0x2530 [ 143.070246][ T8263] ? usb_anchor_urb+0x396/0x580 [ 143.075091][ T8263] hif_usb_send+0x5f8/0x1710 [ 143.079758][ T8263] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 143.085562][ T8263] htc_connect_service+0x14b4/0x19f0 [ 143.090864][ T8263] ? hif_usb_sta_drain+0x6c0/0x6c0 [ 143.095969][ T8263] ath9k_wmi_connect+0x178/0x2c0 [ 143.100901][ T8263] ? ath9k_wmi_connect+0x2c0/0x2c0 [ 143.106004][ T8263] ? ath9k_wmi_ctrl_tx+0x50/0x50 [ 143.110933][ T8263] ath9k_init_htc_services+0xf3/0x1190 [ 143.116388][ T8263] ath9k_htc_probe_device+0x4f4/0x3e10 [ 143.121880][ T8263] ? ath9k_hif_usb_alloc_urbs+0x1b54/0x1ec0 [ 143.127785][ T8263] ath9k_htc_hw_init+0xdf/0x190 [ 143.132742][ T8263] ath9k_hif_usb_firmware_cb+0x42e/0xab0 [ 143.138479][ T8263] request_firmware_work_func+0x1b8/0x2e0 [ 143.144316][ T8263] ? ath9k_hif_request_firmware+0x930/0x930 [ 143.150224][ T8263] ? request_firmware_nowait+0x7c0/0x7c0 [ 143.155850][ T8263] process_one_work+0x121c/0x1fc0 [ 143.160898][ T8263] worker_thread+0x10cc/0x2740 [ 143.165658][ T8263] ? kmsan_get_metadata+0x116/0x180 [ 143.170852][ T8263] ? kmsan_get_metadata+0x116/0x180 [ 143.176072][ T8263] kthread+0x51c/0x560 [ 143.180135][ T8263] ? process_one_work+0x1fc0/0x1fc0 [ 143.185496][ T8263] ? kthread_blkcg+0x110/0x110 [ 143.190269][ T8263] ret_from_fork+0x1f/0x30 [ 143.195174][ T8263] Kernel Offset: disabled [ 143.199495][ T8263] Rebooting in 86400 seconds..