[   48.177718] audit: type=1800 audit(1555093780.185:27): pid=5551 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0
[   48.197512] audit: type=1800 audit(1555093780.185:28): pid=5551 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   48.946538] audit: type=1800 audit(1555093780.995:29): pid=5551 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
[   48.966026] audit: type=1800 audit(1555093780.995:30): pid=5551 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.18' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   58.327324] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   58.567236] usb 1-1: Using ep0 maxpacket: 8
[   58.687320] usb 1-1: config 0 has an invalid interface number: 47 but max is 0
[   58.694815] usb 1-1: config 0 has an invalid descriptor of length 7, skipping remainder of the config
[   58.704449] usb 1-1: config 0 has no interface number 0
[   58.709922] usb 1-1: config 0 interface 47 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[   58.719904] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=a3.f9
[   58.728348] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.738093] usb 1-1: config 0 descriptor??
[   58.786849] kasan: CONFIG_KASAN_INLINE enabled
[   58.791485] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   58.798836] general protection fault: 0000 [#1] SMP KASAN PTI
[   58.804754] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.1.0-rc4-319354-g9a33b36 #3
[   58.812716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.822100] Workqueue: usb_hub_wq hub_event
[   58.826438] RIP: 0010:__lock_acquire+0xadc/0x37c0
[   58.831290] Code: 00 0f 85 c1 1d 00 00 48 81 c4 10 01 00 00 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 35 1e 00 00 49 81 7d 00 40 39 01 96 0f 84 e8 f5
[   58.850205] RSP: 0018:ffff8880a84b6f78 EFLAGS: 00010006
[   58.855593] RAX: dffffc0000000000 RBX: ffff8880a84a6200 RCX: 0000000000000000
[   58.862876] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000001
[   58.870140] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[   58.877399] R10: 0000000000000000 R11: ffff8880a84a6200 R12: 0000000000000000
[   58.884661] R13: 0000000000000018 R14: 0000000000000001 R15: 0000000000000001
[   58.891934] FS:  0000000000000000(0000) GS:ffff8880ad000000(0000) knlGS:0000000000000000
[   58.900154] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   58.906120] CR2: 00007ffd4c5f6b6c CR3: 000000001167a000 CR4: 00000000001406f0
[   58.913495] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.922007] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.929780] Call Trace:
[   58.932377]  ? save_stack+0x89/0xa0
[   58.936011]  ? __kasan_kmalloc.constprop.0+0xbf/0xd0
[   58.941292]  ? ath6kl_bmi_init+0x8b/0x100
[   58.945431]  ? ath6kl_core_init+0x14e/0x1060
[   58.949865]  ? ath6kl_usb_probe+0xc7f/0x1180
[   58.954274]  ? usb_probe_interface+0x31d/0x820
[   58.958860]  ? really_probe+0x2da/0xb10
[   58.962822]  ? driver_probe_device+0x21d/0x350
[   58.967394]  ? __device_attach_driver+0x1d8/0x290
[   58.972229]  ? bus_for_each_drv+0x163/0x1e0
[   58.976536]  ? __device_attach+0x223/0x3a0
[   58.980779]  ? bus_probe_device+0x1f1/0x2a0
[   58.985089]  ? device_add+0xad2/0x16e0
[   58.989050]  ? usb_set_configuration+0xdf7/0x1740
[   58.993900]  ? mark_held_locks+0xe0/0xe0
[   58.997967]  ? driver_probe_device+0x21d/0x350
[   59.002554]  ? __device_attach_driver+0x1d8/0x290
[   59.007475]  ? bus_for_each_drv+0x163/0x1e0
[   59.011823]  ? __device_attach+0x223/0x3a0
[   59.016072]  ? bus_probe_device+0x1f1/0x2a0
[   59.020411]  ? device_add+0xad2/0x16e0
[   59.024310]  ? usb_new_device.cold+0x537/0xccf
[   59.028896]  ? hub_event+0x138e/0x3b00
[   59.032774]  ? process_one_work+0x90f/0x1580
[   59.037174]  ? worker_thread+0x9b/0xe20
[   59.041143]  ? kthread+0x313/0x420
[   59.044693]  ? ret_from_fork+0x3a/0x50
[   59.048573]  lock_acquire+0x10d/0x2f0
[   59.052367]  ? ath6kl_usb_alloc_urb_from_pipe+0x49/0x2b0
[   59.057838]  _raw_spin_lock_irqsave+0x44/0x60
[   59.062361]  ? ath6kl_usb_alloc_urb_from_pipe+0x49/0x2b0
[   59.067808]  ath6kl_usb_alloc_urb_from_pipe+0x49/0x2b0
[   59.073888]  ath6kl_usb_post_recv_transfers.constprop.0+0x233/0x400
[   59.080308]  ? __kasan_kmalloc.constprop.0+0xbf/0xd0
[   59.085407]  ath6kl_usb_power_on+0x8d/0x120
[   59.089723]  ath6kl_core_init+0x1b8/0x1060
[   59.093953]  ? ath6kl_core_destroy+0x20/0x20
[   59.098351]  ? memcpy+0x35/0x50
[   59.101652]  ? ath6kl_core_create+0x7aa/0x960
[   59.106159]  ath6kl_usb_probe+0xc7f/0x1180
[   59.110408]  usb_probe_interface+0x31d/0x820
[   59.114829]  ? usb_probe_device+0x150/0x150
[   59.119173]  really_probe+0x2da/0xb10
[   59.122970]  driver_probe_device+0x21d/0x350
[   59.127380]  __device_attach_driver+0x1d8/0x290
[   59.132042]  ? driver_allows_async_probing+0x160/0x160
[   59.137332]  bus_for_each_drv+0x163/0x1e0
[   59.147221]  ? bus_rescan_devices+0x30/0x30
[   59.151639]  ? _raw_spin_unlock_irqrestore+0x4b/0x60
[   59.156739]  ? lockdep_hardirqs_on+0x37e/0x580
[   59.161315]  __device_attach+0x223/0x3a0
[   59.165453]  ? device_bind_driver+0xe0/0xe0
[   59.169767]  ? kobject_uevent_env+0x295/0x13d0
[   59.174358]  bus_probe_device+0x1f1/0x2a0
[   59.178500]  ? blocking_notifier_call_chain+0x59/0xb0
[   59.183721]  device_add+0xad2/0x16e0
[   59.187707]  ? get_device_parent.isra.0+0x560/0x560
[   59.192714]  ? _raw_spin_unlock_irqrestore+0x4b/0x60
[   59.197818]  usb_set_configuration+0xdf7/0x1740
[   59.202484]  generic_probe+0xa2/0xda
[   59.206490]  usb_probe_device+0xc0/0x150
[   59.221444]  ? usb_suspend+0x5f0/0x5f0
[   59.225329]  really_probe+0x2da/0xb10
[   59.229112]  driver_probe_device+0x21d/0x350
[   59.233540]  __device_attach_driver+0x1d8/0x290
[   59.238208]  ? driver_allows_async_probing+0x160/0x160
[   59.243473]  bus_for_each_drv+0x163/0x1e0
[   59.247615]  ? bus_rescan_devices+0x30/0x30
[   59.251950]  ? _raw_spin_unlock_irqrestore+0x4b/0x60
[   59.257332]  ? lockdep_hardirqs_on+0x37e/0x580
[   59.261929]  __device_attach+0x223/0x3a0
[   59.266068]  ? device_bind_driver+0xe0/0xe0
[   59.270380]  ? kobject_uevent_env+0x295/0x13d0
[   59.274955]  bus_probe_device+0x1f1/0x2a0
[   59.279091]  ? blocking_notifier_call_chain+0x59/0xb0
[   59.284793]  device_add+0xad2/0x16e0
[   59.288494]  ? get_device_parent.isra.0+0x560/0x560
[   59.293502]  usb_new_device.cold+0x537/0xccf
[   59.297901]  hub_event+0x138e/0x3b00
[   59.301616]  ? hub_port_debounce+0x350/0x350
[   59.306078]  ? _raw_spin_unlock_irq+0x29/0x40
[   59.310564]  process_one_work+0x90f/0x1580
[   59.314810]  ? wq_pool_ids_show+0x300/0x300
[   59.319116]  ? do_raw_spin_lock+0x11f/0x290
[   59.323431]  worker_thread+0x9b/0xe20
[   59.327335]  ? process_one_work+0x1580/0x1580
[   59.331831]  kthread+0x313/0x420
[   59.335184]  ? kthread_park+0x1a0/0x1a0
[   59.339154]  ret_from_fork+0x3a/0x50
[   59.342850] Modules linked in:
[   59.346039] ---[ end trace 3cb231f6b402ed3f ]---
[   59.350798] RIP: 0010:__lock_acquire+0xadc/0x37c0
[   59.355641] Code: 00 0f 85 c1 1d 00 00 48 81 c4 10 01 00 00 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 35 1e 00 00 49 81 7d 00 40 39 01 96 0f 84 e8 f5
[   59.374550] RSP: 0018:ffff8880a84b6f78 EFLAGS: 00010006
[   59.379905] RAX: dffffc0000000000 RBX: ffff8880a84a6200 RCX: 0000000000000000
[   59.387164] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000001
[   59.394428] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[   59.401729] R10: 0000000000000000 R11: ffff8880a84a6200 R12: 0000000000000000
[   59.408988] R13: 0000000000000018 R14: 0000000000000001 R15: 0000000000000001
[   59.416337] FS:  0000000000000000(0000) GS:ffff8880ad000000(0000) knlGS:0000000000000000
[   59.424653] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.430650] CR2: 00007ffd4c5f6b6c CR3: 000000001167a000 CR4: 00000000001406f0
[   59.438048] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.445306] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.452562] Kernel panic - not syncing: Fatal exception
[   59.458947] Kernel Offset: disabled
[   59.462572] Rebooting in 86400 seconds..