         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.23' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   24.021596][   T72] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   24.380695][   T72] usb 1-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[   24.550464][   T72] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   24.560268][   T72] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   24.568386][   T72] usb 1-1: Product: syz
[   24.572701][   T72] usb 1-1: Manufacturer: syz
[   24.577452][   T72] usb 1-1: SerialNumber: syz
[   24.621411][   T72] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   25.199596][   T72] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   25.429694][   T72] ------------[ cut here ]------------
[   25.435322][   T72] usb 1-1: BOGUS urb xfer, pipe 1 != type 3
[   25.441569][   T72] WARNING: CPU: 1 PID: 72 at drivers/usb/core/urb.c:493 usb_submit_urb+0xce2/0x14e0
[   25.451289][   T72] Kernel panic - not syncing: panic_on_warn set ...
[   25.457918][   T72] CPU: 1 PID: 72 Comm: kworker/1:2 Not tainted 5.9.0-rc8-syzkaller #0
[   25.466616][   T72] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.476813][   T72] Workqueue: events request_firmware_work_func
[   25.483085][   T72] Call Trace:
[   25.486567][   T72]  dump_stack+0x107/0x16e
[   25.491195][   T72]  panic+0x2cb/0x702
[   25.495134][   T72]  ? __warn_printk+0xf3/0xf3
[   25.499907][   T72]  ? console_unlock+0x68f/0xcd0
[   25.504892][   T72]  ? __warn.cold+0x5/0x44
[   25.509386][   T72]  ? __warn+0xd6/0x1f2
[   25.513466][   T72]  ? usb_submit_urb+0xce2/0x14e0
[   25.518522][   T72]  __warn.cold+0x20/0x44
[   25.523036][   T72]  ? irq_work_queue+0x44/0x50
[   25.527938][   T72]  ? usb_submit_urb+0xce2/0x14e0
[   25.533153][   T72]  report_bug+0x1bd/0x210
[   25.537495][   T72]  handle_bug+0x41/0x80
[   25.541667][   T72]  exc_invalid_op+0x14/0x40
[   25.546190][   T72]  asm_exc_invalid_op+0x12/0x20
[   25.551468][   T72] RIP: 0010:usb_submit_urb+0xce2/0x14e0
[   25.557773][   T72] Code: 84 04 03 00 00 e8 3e 98 c6 fd 4c 89 ef e8 66 b6 12 ff 41 89 d8 44 89 e1 4c 89 f2 48 89 c6 48 c7 c7 20 b3 5d 86 e8 d0 ba 9a fd <0f> 0b e9 c6 f8 ff ff e8 12 98 c6 fd 48 81 c5 40 06 00 00 e9 f2 f7
[   25.578032][   T72] RSP: 0018:ffff8881d4757808 EFLAGS: 00010286
[   25.584568][   T72] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
[   25.592538][   T72] RDX: ffff8881d4ffe500 RSI: ffffffff8129efa3 RDI: ffffed103a8eaef3
[   25.600526][   T72] RBP: ffff8881cde7d800 R08: 0000000000000001 R09: ffff8881db32f50f
[   25.609415][   T72] R10: 0000000000000000 R11: 0000000000003754 R12: 0000000000000001
[   25.617582][   T72] R13: ffff8881d1edd0a0 R14: ffff8881d9bc9320 R15: ffff8881d9ba8600
[   25.625617][   T72]  ? vprintk_func+0x93/0x133
[   25.630239][   T72]  ? usb_submit_urb+0xce2/0x14e0
[   25.635206][   T72]  ? lockdep_hardirqs_on_prepare+0x282/0x4f0
[   25.641215][   T72]  hif_usb_send+0x4c1/0xcf0
[   25.645747][   T72]  ? __alloc_skb+0x34a/0x550
[   25.650363][   T72]  ? __hif_usb_tx.part.0.isra.0+0x1160/0x1160
[   25.656461][   T72]  htc_connect_service+0x705/0xa00
[   25.661603][   T72]  ath9k_wmi_connect+0xc9/0x190
[   25.666497][   T72]  ? ath9k_fatal_work+0x20/0x20
[   25.671381][   T72]  ? ath9k_hif_usb_disconnect.cold+0x1c/0x1c
[   25.677486][   T72]  ? ath9k_wmi_event_tasklet+0x3f0/0x3f0
[   25.683148][   T72]  ath9k_init_htc_services.constprop.0+0xb3/0x640
[   25.689606][   T72]  ? ath9k_regwrite_flush+0x350/0x350
[   25.695127][   T72]  ? lockdep_init_map_waits+0x26a/0x7c0
[   25.700715][   T72]  ? __raw_spin_lock_init+0x34/0x100
[   25.706041][   T72]  ? tasklet_init+0x69/0x150
[   25.710660][   T72]  ath9k_htc_probe_device+0x25f/0x1e10
[   25.716153][   T72]  ? ath9k_init_htc_services.constprop.0+0x640/0x640
[   25.723320][   T72]  ? usb_submit_urb+0x6ec/0x14e0
[   25.728300][   T72]  ? lockdep_hardirqs_on_prepare+0x283/0x4f0
[   25.734312][   T72]  ? usb_free_urb+0x5c/0x110
[   25.738928][   T72]  ? ath9k_hif_usb_alloc_urbs+0xbc9/0x1010
[   25.744870][   T72]  ath9k_htc_hw_init+0x31/0x60
[   25.750448][   T72]  ath9k_hif_usb_firmware_cb+0x274/0x530
[   25.756202][   T72]  ? ath9k_hif_usb_alloc_urbs+0x1010/0x1010
[   25.762298][   T72]  request_firmware_work_func+0x126/0x250
[   25.768048][   T72]  ? do_raw_spin_lock+0x120/0x260
[   25.773103][   T72]  ? request_firmware_into_buf+0x90/0x90
[   25.778756][   T72]  ? lockdep_hardirqs_on_prepare+0x322/0x4f0
[   25.784766][   T72]  process_one_work+0x94c/0x15f0
[   25.789732][   T72]  ? lock_release+0x800/0x800
[   25.794436][   T72]  ? pwq_dec_nr_in_flight+0x2d0/0x2d0
[   25.799830][   T72]  ? rwlock_bug.part.0+0x90/0x90
[   25.804796][   T72]  worker_thread+0x64c/0x1120
[   25.809501][   T72]  ? __kthread_parkme+0x118/0x1d0
[   25.814553][   T72]  ? process_one_work+0x15f0/0x15f0
[   25.819792][   T72]  kthread+0x392/0x470
[   25.823894][   T72]  ? kthread_create_worker_on_cpu+0xf0/0xf0
[   25.829823][   T72]  ? kthread_create_worker_on_cpu+0xf0/0xf0
[   25.835772][   T72]  ret_from_fork+0x1f/0x30
[   25.841511][   T72] Kernel Offset: disabled
[   25.845987][   T72] Rebooting in 86400 seconds..