[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.224' (ECDSA) to the list of known hosts.
syzkaller login: [  176.310510][   T25] audit: type=1400 audit(1593933898.537:8): avc:  denied  { execmem } for  pid=6427 comm="syz-executor090" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  183.644382][ T6486] Bluetooth: hci2: sending frame failed (-49)
[  183.688793][ T2612] Bluetooth: hci9: Frame reassembly failed (-84)
[  185.632883][ T6478] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  185.632885][ T6456] Bluetooth: hci2: Entering manufacturer mode failed (-110)
[  185.632915][ T6449] Bluetooth: hci1: Entering manufacturer mode failed (-110)
[  185.640210][ T6463] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  185.647472][ T3677] Bluetooth: hci0: command 0xfc11 tx timeout
[  185.654733][   T45] Bluetooth: hci1: command 0xfc11 tx timeout
[  185.662207][ T1501] Bluetooth: hci0: Entering manufacturer mode failed (-110)
[  185.712865][ T6487] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  185.712872][ T6514] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  185.727428][ T6522] Bluetooth: hci10: Entering manufacturer mode failed (-110)
[  185.734877][ T6521] Bluetooth: hci9: Entering manufacturer mode failed (-110)
[  185.742165][ T6511] Bluetooth: hci8: Entering manufacturer mode failed (-110)
[  185.749485][ T6486] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  185.759293][ T3677] Bluetooth: hci10: command 0xfc11 tx timeout
[  185.777593][ T3677] Bluetooth: hci8: command tx timeout
executing program
[  204.441510][ T2612] Bluetooth: hci1: Frame reassembly failed (-84)
executing program
executing program
executing program
[  205.060355][ T2612] Bluetooth: hci7: Frame reassembly failed (-84)
executing program
[  205.151874][    T7] Bluetooth: hci9: Frame reassembly failed (-84)
executing program
[  205.216208][    T7] Bluetooth: hci10: Frame reassembly failed (-84)
executing program
executing program
[  206.512277][ T6029] Bluetooth: hci1: command 0xfc11 tx timeout
[  206.512280][ T6522] Bluetooth: hci1: Entering manufacturer mode failed (-110)
[  206.512316][ T6514] Bluetooth: hci0: Entering manufacturer mode failed (-110)
[  206.532818][   T45] Bluetooth: hci0: command 0xfc11 tx timeout
[  206.912282][ T6486] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  206.912285][ T6029] Bluetooth: hci3: command 0xfc11 tx timeout
[  206.912295][ T6029] Bluetooth: hci2: command 0xfc11 tx timeout
[  206.919656][ T6511] Bluetooth: hci2: Entering manufacturer mode failed (-110)
[  207.072354][ T6029] Bluetooth: hci7: command 0xfc11 tx timeout
[  207.072358][ T1501] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  207.072388][ T6521] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  207.078356][ T6029] Bluetooth: hci5: command 0xfc11 tx timeout
[  207.099319][ T6463] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  207.106608][   T45] Bluetooth: hci6: command tx timeout
[  207.111978][ T6487] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  207.123573][   T45] Bluetooth: hci4: command tx timeout
[  207.152272][ T6029] Bluetooth: hci9: command 0xfc11 tx timeout
[  207.158273][ T6449] Bluetooth: hci8: Entering manufacturer mode failed (-110)
[  207.162269][ T6478] Bluetooth: hci9: Entering manufacturer mode failed (-110)
[  207.182297][   T45] Bluetooth: hci8: command tx timeout
[  207.232270][ T6524] Bluetooth: hci11: Entering manufacturer mode failed (-110)
[  207.239676][ T6029] Bluetooth: hci10: command 0xfc11 tx timeout
[  207.242279][ T6456] Bluetooth: hci10: Entering manufacturer mode failed (-110)
[  207.312271][ T6029] Bluetooth: hci13: command 0xfc11 tx timeout
[  207.312279][   T45] Bluetooth: hci12: command 0xfc11 tx timeout
[  207.322671][ T6614] Bluetooth: hci12: Entering manufacturer mode failed (-110)
[  207.324541][ T6523] Bluetooth: hci13: Entering manufacturer mode failed (-110)
[  207.392271][ T6630] Bluetooth: hci15: Entering manufacturer mode failed (-110)
[  207.392273][ T6620] Bluetooth: hci14: Entering manufacturer mode failed (-110)
[  207.407042][   T45] Bluetooth: hci15: command 0xfc11 tx timeout
[  207.415124][   T45] Bluetooth: hci14: command tx timeout
[  211.480902][ T6434] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff888115da3f00 (size 224):
  comm "syz-executor090", pid 6606, jiffies 4294957799 (age 22.230s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000060a3760>] __alloc_skb+0x5e/0x250
    [<00000000bba6a27b>] h4_recv_buf+0x279/0x450
    [<0000000028c392be>] ag6xx_recv+0x4d/0xb0
    [<000000005de43911>] hci_uart_tty_receive+0xae/0x230
    [<00000000230de05c>] tty_ioctl+0x7ee/0xa30
    [<000000008e8716e5>] ksys_ioctl+0xa6/0xd0
    [<00000000265cb71c>] __x64_sys_ioctl+0x1a/0x20
    [<00000000ebc350aa>] do_syscall_64+0x4c/0xe0
    [<000000000a5584c6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888115da3f00 (size 224):
  comm "syz-executor090", pid 6606, jiffies 4294957799 (age 23.420s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000060a3760>] __alloc_skb+0x5e/0x250
    [<00000000bba6a27b>] h4_recv_buf+0x279/0x450
    [<0000000028c392be>] ag6xx_recv+0x4d/0xb0
    [<000000005de43911>] hci_uart_tty_receive+0xae/0x230
    [<00000000230de05c>] tty_ioctl+0x7ee/0xa30
    [<000000008e8716e5>] ksys_ioctl+0xa6/0xd0
    [<00000000265cb71c>] __x64_sys_ioctl+0x1a/0x20
    [<00000000ebc350aa>] do_syscall_64+0x4c/0xe0
    [<000000000a5584c6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888115da3f00 (size 224):
  comm "syz-executor090", pid 6606, jiffies 4294957799 (age 26.870s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000060a3760>] __alloc_skb+0x5e/0x250
    [<00000000bba6a27b>] h4_recv_buf+0x279/0x450
    [<0000000028c392be>] ag6xx_recv+0x4d/0xb0
    [<000000005de43911>] hci_uart_tty_receive+0xae/0x230
    [<00000000230de05c>] tty_ioctl+0x7ee/0xa30
    [<000000008e8716e5>] ksys_ioctl+0xa6/0xd0
    [<00000000265cb71c>] __x64_sys_ioctl+0x1a/0x20
    [<00000000ebc350aa>] do_syscall_64+0x4c/0xe0
    [<000000000a5584c6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888115da3f00 (size 224):
  comm "syz-executor090", pid 6606, jiffies 4294957799 (age 28.060s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000060a3760>] __alloc_skb+0x5e/0x250
    [<00000000bba6a27b>] h4_recv_buf+0x279/0x450
    [<0000000028c392be>] ag6xx_recv+0x4d/0xb0
    [<000000005de43911>] hci_uart_tty_receive+0xae/0x230
    [<00000000230de05c>] tty_ioctl+0x7ee/0xa30
    [<000000008e8716e5>] ksys_ioctl+0xa6/0xd0
    [<00000000265cb71c>] __x64_sys_ioctl+0x1a/0x20
    [<00000000ebc350aa>] do_syscall_64+0x4c/0xe0
    [<000000000a5584c6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888115da3f00 (size 224):
  comm "syz-executor090", pid 6606, jiffies 4294957799 (age 29.260s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000060a3760>] __alloc_skb+0x5e/0x250
    [<00000000bba6a27b>] h4_recv_buf+0x279/0x450
    [<0000000028c392be>] ag6xx_recv+0x4d/0xb0
    [<000000005de43911>] hci_uart_tty_receive+0xae/0x230
    [<00000000230de05c>] tty_ioctl+0x7ee/0xa30
    [<000000008e8716e5>] ksys_ioctl+0xa6/0xd0
    [<00000000265cb71c>] __x64_sys_ioctl+0x1a/0x20
    [<00000000ebc350aa>] do_syscall_64+0x4c/0xe0
    [<000000000a5584c6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888115da3f00 (size 224):
  comm "syz-executor090", pid 6606, jiffies 4294957799 (age 30.460s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000060a3760>] __alloc_skb+0x5e/0x250
    [<00000000bba6a27b>] h4_recv_buf+0x279/0x450
    [<0000000028c392be>] ag6xx_recv+0x4d/0xb0
    [<000000005de43911>] hci_uart_tty_receive+0xae/0x230
    [<00000000230de05c>] tty_ioctl+0x7ee/0xa30
    [<000000008e8716e5>] ksys_ioctl+0xa6/0xd0
    [<00000000265cb71c>] __x64_sys_ioctl+0x1a/0x20
    [<00000000ebc350aa>] do_syscall_64+0x4c/0xe0
    [<000000000a5584c6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

executing program
[  235.920463][  T394] Bluetooth: hci0: Frame reassembly failed (-84)
[  235.940242][    T7] Bluetooth: hci1: Frame reassembly failed (-84)
executing program
[  236.088713][   T20] Bluetooth: hci3: Frame reassembly failed (-84)