[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.10.52' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   33.184554] ==================================================================
[   33.192034] BUG: KASAN: slab-out-of-bounds in find_first_zero_bit+0xa8/0xb0
[   33.199131] Read of size 8 at addr ffff8880b2a9ab00 by task syz-executor331/8097
[   33.206651] 
[   33.208291] CPU: 0 PID: 8097 Comm: syz-executor331 Not tainted 4.19.211-syzkaller #0
[   33.216165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[   33.225501] Call Trace:
[   33.228073]  dump_stack+0x1fc/0x2ef
[   33.231686]  print_address_description.cold+0x54/0x219
[   33.236943]  kasan_report_error.cold+0x8a/0x1b9
[   33.241593]  ? find_first_zero_bit+0xa8/0xb0
[   33.245984]  __asan_report_load8_noabort+0x88/0x90
[   33.250893]  ? find_first_zero_bit+0xa8/0xb0
[   33.255280]  find_first_zero_bit+0xa8/0xb0
[   33.259501]  bfs_create+0xfb/0x610
[   33.263021]  ? bfs_add_entry.isra.0+0x520/0x520
[   33.267670]  lookup_open+0x893/0x1a20
[   33.271455]  ? vfs_mkdir+0x7a0/0x7a0
[   33.275149]  ? unlazy_walk+0x1a4/0x540
[   33.279020]  ? check_preemption_disabled+0x41/0x280
[   33.284021]  path_openat+0x1094/0x2df0
[   33.287900]  ? path_lookupat+0x8d0/0x8d0
[   33.291942]  ? mark_held_locks+0xf0/0xf0
[   33.295981]  ? __lock_acquire+0x6de/0x3ff0
[   33.300200]  do_filp_open+0x18c/0x3f0
[   33.303981]  ? may_open_dev+0xf0/0xf0
[   33.307768]  ? lock_downgrade+0x720/0x720
[   33.311896]  ? lock_acquire+0x170/0x3c0
[   33.315851]  ? __alloc_fd+0x34/0x570
[   33.319545]  ? do_raw_spin_unlock+0x171/0x230
[   33.324031]  ? _raw_spin_unlock+0x29/0x40
[   33.328166]  ? __alloc_fd+0x28d/0x570
[   33.331951]  do_sys_open+0x3b3/0x520
[   33.335646]  ? filp_open+0x70/0x70
[   33.339166]  ? fput+0x2b/0x190
[   33.342341]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   33.347687]  ? trace_hardirqs_off_caller+0x6e/0x210
[   33.352684]  ? do_syscall_64+0x21/0x620
[   33.356638]  do_syscall_64+0xf9/0x620
[   33.360424]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   33.365602] RIP: 0033:0x7f831f4ba0c9
[   33.369300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   33.388178] RSP: 002b:00007ffcaad50fc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   33.395876] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f831f4ba0c9
[   33.403131] RDX: 00007f831f4783d3 RSI: 0000000000000000 RDI: 0000000020000940
[   33.410382] RBP: 00007f831f4796a0 R08: 0000555556a9e2c0 R09: 0000000000000000
[   33.417631] R10: 00007ffcaad50e90 R11: 0000000000000246 R12: 00007f831f479730
[   33.424879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   33.432136] 
[   33.433743] Allocated by task 8097:
[   33.437354]  __kmalloc+0x15a/0x3c0
[   33.440876]  bfs_fill_super+0x447/0xec0
[   33.444830]  mount_bdev+0x2fc/0x3b0
[   33.448436]  mount_fs+0xa3/0x310
[   33.451783]  vfs_kern_mount.part.0+0x68/0x470
[   33.456272]  do_mount+0x115c/0x2f50
[   33.459878]  ksys_mount+0xcf/0x130
[   33.463398]  __x64_sys_mount+0xba/0x150
[   33.467350]  do_syscall_64+0xf9/0x620
[   33.471129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   33.476293] 
[   33.477899] Freed by task 1:
[   33.480897]  kfree+0xcc/0x210
[   33.483991]  acpi_ut_update_ref_count+0x93d/0xa26
[   33.488819]  acpi_ut_update_object_reference+0x4ae/0x595
[   33.494248]  acpi_ut_remove_reference+0x76/0x7d
[   33.498894]  acpi_ds_clear_implicit_return+0x95/0xc7
[   33.503984]  acpi_ds_do_implicit_return+0xbc/0x116
[   33.508897]  acpi_ds_is_result_used+0x71/0x388
[   33.513457]  acpi_ds_delete_result_if_not_used+0xa0/0x117
[   33.518971]  acpi_ds_exec_end_op+0xd9c/0xe17
[   33.523356]  acpi_ps_parse_loop+0x1672/0x19a8
[   33.527831]  acpi_ps_parse_aml+0x212/0x829
[   33.532046]  acpi_ps_execute_method+0x525/0x59a
[   33.537129]  acpi_ns_evaluate+0x6c1/0x960
[   33.541258]  acpi_evaluate_object+0x4d3/0x8ff
[   33.545735]  map_mat_entry+0x94/0x980
[   33.549524]  acpi_get_phys_id+0x1f/0xf0
[   33.553480]  acpi_processor_add+0x78c/0x1500
[   33.557868]  acpi_bus_attach+0x343/0x970
[   33.561908]  acpi_bus_attach+0x173/0x970
[   33.565949]  acpi_bus_attach+0x173/0x970
[   33.569990]  acpi_bus_scan+0xa3/0x110
[   33.573771]  acpi_scan_init+0x26d/0x705
[   33.577723]  acpi_init+0x6a5/0x74d
[   33.581243]  do_one_initcall+0xf1/0x740
[   33.585196]  kernel_init_freeable+0x9c5/0xab7
[   33.589670]  kernel_init+0xd/0x1ba
[   33.593190]  ret_from_fork+0x24/0x30
[   33.596877] 
[   33.598484] The buggy address belongs to the object at ffff8880b2a9ab00
[   33.598484]  which belongs to the cache kmalloc-32 of size 32
[   33.611297] The buggy address is located 0 bytes inside of
[   33.611297]  32-byte region [ffff8880b2a9ab00, ffff8880b2a9ab20)
[   33.622889] The buggy address belongs to the page:
[   33.627799] page:ffffea0002caa680 count:1 mapcount:0 mapping:ffff88813bff01c0 index:0xffff8880b2a9afc1
[   33.637222] flags: 0xfff00000000100(slab)
[   33.641354] raw: 00fff00000000100 ffffea0002cbb688 ffffea0002c4e248 ffff88813bff01c0
[   33.649220] raw: ffff8880b2a9afc1 ffff8880b2a9a000 000000010000003f 0000000000000000
[   33.657083] page dumped because: kasan: bad access detected
[   33.662766] 
[   33.664373] Memory state around the buggy address:
[   33.669281]  ffff8880b2a9aa00: 00 04 fc fc fc fc fc fc 00 06 fc fc fc fc fc fc
[   33.676617]  ffff8880b2a9aa80: 00 03 fc fc fc fc fc fc 00 03 fc fc fc fc fc fc
[   33.683956] >ffff8880b2a9ab00: 07 fc fc fc fc fc fc fc 00 00 fc fc fc fc fc fc
[   33.691293]                    ^
[   33.694636]  ffff8880b2a9ab80: fb fb fb fb fc fc fc fc 00 00 fc fc fc fc fc fc
[   33.701974]  ffff8880b2a9ac00: 00 00 fc fc fc fc fc fc 00 00 fc fc fc fc fc fc
[   33.709309] ==================================================================
[   33.716642] Disabling lock debugging due to kernel taint
[   33.725881] Kernel panic - not syncing: panic_on_warn set ...
[   33.725881] 
[   33.733270] CPU: 0 PID: 8097 Comm: syz-executor331 Tainted: G    B             4.19.211-syzkaller #0
[   33.742535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[   33.751970] Call Trace:
[   33.754559]  dump_stack+0x1fc/0x2ef
[   33.758193]  panic+0x26a/0x50e
[   33.761386]  ? __warn_printk+0xf3/0xf3
[   33.765267]  ? preempt_schedule_common+0x45/0xc0
[   33.770004]  ? ___preempt_schedule+0x16/0x18
[   33.774397]  ? trace_hardirqs_on+0x55/0x210
[   33.778703]  kasan_end_report+0x43/0x49
[   33.782657]  kasan_report_error.cold+0xa7/0x1b9
[   33.787306]  ? find_first_zero_bit+0xa8/0xb0
[   33.791696]  __asan_report_load8_noabort+0x88/0x90
[   33.796606]  ? find_first_zero_bit+0xa8/0xb0
[   33.801040]  find_first_zero_bit+0xa8/0xb0
[   33.805258]  bfs_create+0xfb/0x610
[   33.808781]  ? bfs_add_entry.isra.0+0x520/0x520
[   33.813606]  lookup_open+0x893/0x1a20
[   33.817386]  ? vfs_mkdir+0x7a0/0x7a0
[   33.821080]  ? unlazy_walk+0x1a4/0x540
[   33.824951]  ? check_preemption_disabled+0x41/0x280
[   33.829949]  path_openat+0x1094/0x2df0
[   33.833829]  ? path_lookupat+0x8d0/0x8d0
[   33.837874]  ? mark_held_locks+0xf0/0xf0
[   33.841915]  ? __lock_acquire+0x6de/0x3ff0
[   33.846129]  do_filp_open+0x18c/0x3f0
[   33.849906]  ? may_open_dev+0xf0/0xf0
[   33.853689]  ? lock_downgrade+0x720/0x720
[   33.857815]  ? lock_acquire+0x170/0x3c0
[   33.861783]  ? __alloc_fd+0x34/0x570
[   33.865477]  ? do_raw_spin_unlock+0x171/0x230
[   33.869952]  ? _raw_spin_unlock+0x29/0x40
[   33.874078]  ? __alloc_fd+0x28d/0x570
[   33.877860]  do_sys_open+0x3b3/0x520
[   33.881555]  ? filp_open+0x70/0x70
[   33.885073]  ? fput+0x2b/0x190
[   33.888247]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   33.893594]  ? trace_hardirqs_off_caller+0x6e/0x210
[   33.898589]  ? do_syscall_64+0x21/0x620
[   33.903725]  do_syscall_64+0xf9/0x620
[   33.908662]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   33.913832] RIP: 0033:0x7f831f4ba0c9
[   33.917525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   33.936405] RSP: 002b:00007ffcaad50fc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   33.944090] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f831f4ba0c9
[   33.951339] RDX: 00007f831f4783d3 RSI: 0000000000000000 RDI: 0000000020000940
[   33.958588] RBP: 00007f831f4796a0 R08: 0000555556a9e2c0 R09: 0000000000000000
[   33.965835] R10: 00007ffcaad50e90 R11: 0000000000000246 R12: 00007f831f479730
[   33.973083] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   33.980507] Kernel Offset: disabled
[   33.984115] Rebooting in 86400 seconds..