[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.123' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 51.315384][ T4897] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 51.855419][ T4897] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 51.866119][ T4897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.874077][ T4897] usb 1-1: Product: syz [ 51.878850][ T4897] usb 1-1: Manufacturer: syz [ 51.883421][ T4897] usb 1-1: SerialNumber: syz [ 51.925607][ T4897] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 52.595271][ T4897] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 52.796076][ T16] usb 1-1: USB disconnect, device number 2 [ 53.655122][ T4897] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 53.662086][ T4897] ath9k_htc: Failed to initialize the device [ 53.669180][ T16] usb 1-1: ath9k_htc: USB layer deinitialized [ 58.020175][ T8467] kmemleak: 7 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 60.337461][ T8467] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88810d5fbc40 (size 32): comm "syz-executor796", pid 8468, jiffies 4294942370 (age 9.380s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000009b1e0ee6>] gadget_bind+0x223/0x340 [<00000000f8f92190>] udc_bind_to_driver+0x62/0x150 [<000000003090943f>] usb_gadget_probe_driver+0x1c7/0x230 [<0000000036a544aa>] raw_ioctl+0x5da/0xf30 [<000000009b47cd36>] __x64_sys_ioctl+0xfc/0x140 [<00000000e4e6afab>] do_syscall_64+0x2d/0x70 [<00000000a3c621b2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888110fa3160 (size 32): comm "softirq", pid 0, jiffies 4294942425 (age 8.830s) hex dump (first 32 bytes): 02 00 00 00 08 00 00 00 80 06 00 01 00 00 12 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000008eb23936>] gadget_setup+0xf6/0x220 [<00000000c80a919f>] dummy_timer+0xb9f/0x14c0 [<000000004a5abab2>] call_timer_fn+0x38/0x200 [<00000000ab0f6234>] __run_timers.part.0+0x319/0x400 [<00000000a399877f>] run_timer_softirq+0x3d/0x80 [<000000002a965e2f>] __do_softirq+0xcc/0x2c2 [<0000000039c65311>] asm_call_irq_on_stack+0xf/0x20 [<00000000e757f7a2>] do_softirq_own_stack+0x32/0x40 [<0000000093f779a3>] irq_exit_rcu+0x91/0xc0 [<0000000083a59c9f>] sysvec_apic_timer_interrupt+0x36/0x80 [<000000005defd7d1>] asm_sysvec_apic_timer_interrupt+0x12/0x20 [<0000000073b7a6e3>] acpi_idle_do_entry+0xc3/0xd0 [<000000001f5c4e25>] acpi_idle_enter+0x128/0x1f0 [<000000005d62112c>] cpuidle_enter_state+0xc9/0x650 [<000000007ec3b3a0>] cpuidle_enter+0x29/0x40 [<0000000037751021>] do_idle+0x1c8/0x250 BUG: memory leak unreferenced object 0xffff88810a2697c0 (size 32): comm "softirq", pid 0, jiffies 4294942433 (age 8.750s) hex dump (first 32 bytes): 02 00 00 00 08 00 00 00 80 06 00 02 00 00 48 00 ..............H. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000008eb23936>] gadget_setup+0xf6/0x220 [<00000000c80a919f>] dummy_timer+0xb9f/0x14c0 [<000000004a5abab2>] call_timer_fn+0x38/0x200 [<00000000ab0f6234>] __run_timers.part.0+0x319/0x400 [<00000000a399877f>] run_timer_softirq+0x3d/0x80 [<000000002a965e2f>] __do_softirq+0xcc/0x2c2 [<0000000039c65311>] asm_call_irq_on_stack+0xf/0x20 [<00000000e757f7a2>] do_softirq_own_stack+0x32/0x40 [<0000000093f779a3>] irq_exit_rcu+0x91/0xc0 [<0000000083a59c9f>] sysvec_apic_timer_interrupt+0x36/0x80 [<000000005defd7d1>] asm_sysvec_apic_timer_interrupt+0x12/0x20 [<0000000073b7a6e3>] acpi_idle_do_entry+0xc3/0xd0 [<000000001f5c4e25>] acpi_idle_enter+0x128/0x1f0 [<000000005d62112c>] cpuidle_enter_state+0xc9/0x650 [<000000007ec3b3a0>] cpuidle_enter+0x29/0x40 [<0000000037751021>] do_idle+0x1c8/0x250