[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.55' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   32.617922] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[   32.624820] UDF-fs: Scanning with blocksize 512 failed
[   32.630886] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[   32.637693] UDF-fs: Scanning with blocksize 1024 failed
[   32.643541] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[   32.650321] UDF-fs: Scanning with blocksize 2048 failed
[   32.658043] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/09/12 12:00 (1000)
[   32.668460] ==================================================================
[   32.675893] BUG: KASAN: slab-out-of-bounds in udf_write_aext+0x7b3/0x7d0
[   32.682717] Write of size 4 at addr ffff8880b3018938 by task syz-executor202/7975
[   32.690324] 
[   32.691942] CPU: 1 PID: 7975 Comm: syz-executor202 Not tainted 4.14.294-syzkaller #0
[   32.699800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   32.709131] Call Trace:
[   32.711697]  dump_stack+0x1b2/0x281
[   32.715317]  print_address_description.cold+0x54/0x1d3
[   32.720568]  kasan_report_error.cold+0x8a/0x191
[   32.725215]  ? udf_write_aext+0x7b3/0x7d0
[   32.729339]  __asan_report_store_n_noabort+0x6b/0x80
[   32.734428]  ? udf_write_aext+0x7b3/0x7d0
[   32.738552]  udf_write_aext+0x7b3/0x7d0
[   32.742505]  udf_add_entry+0xc54/0x2710
[   32.746456]  ? udf_write_fi+0xe80/0xe80
[   32.750404]  ? udf_new_inode+0x891/0xce0
[   32.754441]  ? lock_acquire+0x170/0x3f0
[   32.758389]  udf_mkdir+0x122/0x620
[   32.761904]  ? putname+0xcd/0x110
[   32.765330]  ? udf_create+0x160/0x160
[   32.769105]  ? map_id_up+0xe9/0x180
[   32.772711]  ? security_inode_permission+0xb5/0xf0
[   32.777623]  ? security_inode_mkdir+0xca/0x100
[   32.782189]  vfs_mkdir+0x463/0x6e0
[   32.785728]  SyS_mkdirat+0x1fd/0x270
[   32.789420]  ? SyS_mknod+0x30/0x30
[   32.792932]  ? __close_fd+0x159/0x230
[   32.796707]  ? do_syscall_64+0x4c/0x640
[   32.800666]  ? SyS_mkdirat+0x270/0x270
[   32.804530]  do_syscall_64+0x1d5/0x640
[   32.808395]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   32.813569] RIP: 0033:0x7f7826698249
[   32.817252] RSP: 002b:00007ffc67cd0e08 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   32.824943] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7826698249
[   32.832187] RDX: 00007f78266567e3 RSI: 0000000000000000 RDI: 0000000020000580
[   32.839432] RBP: 00007f7826657ab0 R08: 0000000000000000 R09: 0000000000000000
[   32.846675] R10: 00007ffc67cd0cd0 R11: 0000000000000246 R12: 00007f7826657b40
[   32.853924] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   32.861171] 
[   32.862785] Allocated by task 7975:
[   32.866393]  kasan_kmalloc+0xeb/0x160
[   32.870165]  __kmalloc+0x15a/0x400
[   32.873677]  udf_new_inode+0x98d/0xce0
[   32.877537]  udf_mkdir+0x95/0x620
[   32.880963]  vfs_mkdir+0x463/0x6e0
[   32.884476]  SyS_mkdirat+0x1fd/0x270
[   32.888160]  do_syscall_64+0x1d5/0x640
[   32.892027]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   32.897187] 
[   32.898787] Freed by task 6227:
[   32.902042]  kasan_slab_free+0xc3/0x1a0
[   32.905987]  kfree+0xc9/0x250
[   32.909068]  uevent_show+0x27e/0x330
[   32.912757]  dev_attr_show+0x4f/0xc0
[   32.916447]  sysfs_kf_seq_show+0x1dd/0x420
[   32.920668]  seq_read+0x4e4/0x1180
[   32.924195]  kernfs_fop_read+0xd7/0x500
[   32.928168]  __vfs_read+0xe4/0x620
[   32.931686]  vfs_read+0x139/0x340
[   32.935115]  SyS_read+0xf2/0x210
[   32.938461]  do_syscall_64+0x1d5/0x640
[   32.942324]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   32.947483] 
[   32.949121] The buggy address belongs to the object at ffff8880b3018940
[   32.949121]  which belongs to the cache kmalloc-4096 of size 4096
[   32.961925] The buggy address is located 8 bytes to the left of
[   32.961925]  4096-byte region [ffff8880b3018940, ffff8880b3019940)
[   32.974117] The buggy address belongs to the page:
[   32.979020] page:ffffea0002cc0600 count:1 mapcount:0 mapping:ffff8880b3018940 index:0x0 compound_mapcount: 0
[   32.988976] flags: 0xfff00000008100(slab|head)
[   32.993535] raw: 00fff00000008100 ffff8880b3018940 0000000000000000 0000000100000001
[   33.001407] raw: ffffea0002cc2920 ffffea00025507a0 ffff88813fe74dc0 0000000000000000
[   33.009264] page dumped because: kasan: bad access detected
[   33.014947] 
[   33.016552] Memory state around the buggy address:
[   33.021454]  ffff8880b3018800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.028786]  ffff8880b3018880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.036127] >ffff8880b3018900: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   33.043460]                                         ^
[   33.048624]  ffff8880b3018980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.055960]  ffff8880b3018a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.063307] ==================================================================
[   33.070644] Disabling lock debugging due to kernel taint
[   33.076797] Kernel panic - not syncing: panic_on_warn set ...
[   33.076797] 
[   33.084181] CPU: 1 PID: 7975 Comm: syz-executor202 Tainted: G    B           4.14.294-syzkaller #0
[   33.093259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   33.102600] Call Trace:
[   33.105168]  dump_stack+0x1b2/0x281
[   33.108770]  panic+0x1f9/0x42d
[   33.111937]  ? add_taint.cold+0x16/0x16
[   33.115885]  ? ___preempt_schedule+0x16/0x18
[   33.120265]  kasan_end_report+0x43/0x49
[   33.124227]  kasan_report_error.cold+0xa7/0x191
[   33.128866]  ? udf_write_aext+0x7b3/0x7d0
[   33.132994]  __asan_report_store_n_noabort+0x6b/0x80
[   33.138083]  ? udf_write_aext+0x7b3/0x7d0
[   33.142212]  udf_write_aext+0x7b3/0x7d0
[   33.146162]  udf_add_entry+0xc54/0x2710
[   33.150115]  ? udf_write_fi+0xe80/0xe80
[   33.154061]  ? udf_new_inode+0x891/0xce0
[   33.158101]  ? lock_acquire+0x170/0x3f0
[   33.162048]  udf_mkdir+0x122/0x620
[   33.165561]  ? putname+0xcd/0x110
[   33.168985]  ? udf_create+0x160/0x160
[   33.172759]  ? map_id_up+0xe9/0x180
[   33.176375]  ? security_inode_permission+0xb5/0xf0
[   33.181288]  ? security_inode_mkdir+0xca/0x100
[   33.185842]  vfs_mkdir+0x463/0x6e0
[   33.189360]  SyS_mkdirat+0x1fd/0x270
[   33.193048]  ? SyS_mknod+0x30/0x30
[   33.196561]  ? __close_fd+0x159/0x230
[   33.200336]  ? do_syscall_64+0x4c/0x640
[   33.204293]  ? SyS_mkdirat+0x270/0x270
[   33.208153]  do_syscall_64+0x1d5/0x640
[   33.212018]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   33.217182] RIP: 0033:0x7f7826698249
[   33.220880] RSP: 002b:00007ffc67cd0e08 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   33.228559] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7826698249
[   33.235808] RDX: 00007f78266567e3 RSI: 0000000000000000 RDI: 0000000020000580
[   33.243053] RBP: 00007f7826657ab0 R08: 0000000000000000 R09: 0000000000000000
[   33.250298] R10: 00007ffc67cd0cd0 R11: 0000000000000246 R12: 00007f7826657b40
[   33.257541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   33.264968] Kernel Offset: disabled
[   33.268571] Rebooting in 86400 seconds..