Warning: Permanently added '10.128.0.5' (ED25519) to the list of known hosts.
executing program
[   58.752175][ T4164] loop0: detected capacity change from 0 to 32768
[   58.866156][ T4164] ==================================================================
[   58.874418][ T4164] BUG: KASAN: slab-out-of-bounds in diWrite+0xddb/0x19b0
[   58.881582][ T4164] Write of size 32 at addr ffff88801f7270c0 by task syz-executor411/4164
[   58.890242][ T4164] 
[   58.892612][ T4164] CPU: 1 PID: 4164 Comm: syz-executor411 Not tainted 5.15.175-syzkaller #0
[   58.901228][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   58.911411][ T4164] Call Trace:
[   58.914767][ T4164]  <TASK>
[   58.917717][ T4164]  dump_stack_lvl+0x1e3/0x2d0
[   58.922426][ T4164]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   58.928062][ T4164]  ? _printk+0xd1/0x120
[   58.932222][ T4164]  ? __wake_up_klogd+0xcc/0x100
[   58.937069][ T4164]  ? panic+0x860/0x860
[   58.941309][ T4164]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   58.946769][ T4164]  print_address_description+0x63/0x3b0
[   58.952322][ T4164]  ? diWrite+0xddb/0x19b0
[   58.956695][ T4164]  kasan_report+0x16b/0x1c0
[   58.961287][ T4164]  ? diWrite+0xddb/0x19b0
[   58.965635][ T4164]  kasan_check_range+0x27e/0x290
[   58.970608][ T4164]  ? diWrite+0xddb/0x19b0
[   58.974954][ T4164]  memcpy+0x3c/0x60
[   58.978763][ T4164]  diWrite+0xddb/0x19b0
[   58.982933][ T4164]  txCommit+0xa13/0x6ba0
[   58.987197][ T4164]  ? dtTruncateEntry+0x8e0/0x8e0
[   58.992139][ T4164]  ? do_raw_spin_lock+0x14a/0x370
[   58.997179][ T4164]  ? do_raw_spin_unlock+0x137/0x8b0
[   59.002377][ T4164]  ? txLinelock+0x160/0x160
[   59.006910][ T4164]  add_missing_indices+0x8af/0xbf0
[   59.012026][ T4164]  ? dtReadFirst+0xc40/0xc40
[   59.016671][ T4164]  ? alloc_pages+0x458/0x570
[   59.021291][ T4164]  jfs_readdir+0x2008/0x3bc0
[   59.025907][ T4164]  ? dtInitRoot+0x690/0x690
[   59.030427][ T4164]  ? end_current_label_crit_section+0x147/0x170
[   59.036664][ T4164]  ? common_file_perm+0x17d/0x1d0
[   59.041686][ T4164]  iterate_dir+0x224/0x570
[   59.046101][ T4164]  __se_sys_getdents64+0x209/0x4f0
[   59.051206][ T4164]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   59.057177][ T4164]  ? __x64_sys_getdents64+0x80/0x80
[   59.062374][ T4164]  ? filldir+0x720/0x720
[   59.066612][ T4164]  ? syscall_enter_from_user_mode+0x2e/0x240
[   59.072584][ T4164]  ? lockdep_hardirqs_on+0x94/0x130
[   59.077772][ T4164]  ? syscall_enter_from_user_mode+0x2e/0x240
[   59.083848][ T4164]  do_syscall_64+0x3b/0xb0
[   59.088255][ T4164]  ? clear_bhb_loop+0x15/0x70
[   59.092937][ T4164]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   59.098907][ T4164] RIP: 0033:0x7f0b357ea159
[   59.103312][ T4164] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 1c 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   59.122995][ T4164] RSP: 002b:00007ffc9ac7a618 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   59.131433][ T4164] RAX: ffffffffffffffda RBX: 00007f0b3582e269 RCX: 00007f0b357ea159
[   59.139416][ T4164] RDX: 000000000000009e RSI: 0000000020000280 RDI: 0000000000000004
[   59.147381][ T4164] RBP: 00007f0b3582e239 R08: 00007ffc9ac7a690 R09: 00007ffc9ac7a690
[   59.155349][ T4164] R10: 00007ffc9ac7a690 R11: 0000000000000246 R12: 00007f0b3582e1d7
[   59.163309][ T4164] R13: 00007f0b3582e0ed R14: 00007f0b3582e05f R15: 00007ffc9ac7a648
[   59.171366][ T4164]  </TASK>
[   59.174389][ T4164] 
[   59.176705][ T4164] Allocated by task 1:
[   59.180750][ T4164]  ____kasan_kmalloc+0xba/0xf0
[   59.185500][ T4164]  kmem_cache_alloc_trace+0x143/0x290
[   59.190884][ T4164]  drm_property_add_enum+0x1b2/0x3c0
[   59.196160][ T4164]  drm_property_create_enum+0xb0/0x140
[   59.201609][ T4164]  drm_connector_create_standard_properties+0x14b/0x240
[   59.208538][ T4164]  drmm_mode_config_init+0x566/0x1460
[   59.213899][ T4164]  vkms_init+0x35d/0x6d0
[   59.218135][ T4164]  do_one_initcall+0x22b/0x7a0
[   59.222885][ T4164]  do_initcall_level+0x157/0x210
[   59.227813][ T4164]  do_initcalls+0x49/0x90
[   59.232131][ T4164]  kernel_init_freeable+0x425/0x5c0
[   59.237316][ T4164]  kernel_init+0x19/0x290
[   59.241662][ T4164]  ret_from_fork+0x1f/0x30
[   59.246186][ T4164] 
[   59.248511][ T4164] The buggy address belongs to the object at ffff88801f727080
[   59.248511][ T4164]  which belongs to the cache kmalloc-64 of size 64
[   59.262400][ T4164] The buggy address is located 0 bytes to the right of
[   59.262400][ T4164]  64-byte region [ffff88801f727080, ffff88801f7270c0)
[   59.275923][ T4164] The buggy address belongs to the page:
[   59.281551][ T4164] page:ffffea00007dc9c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f727
[   59.291688][ T4164] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[   59.299238][ T4164] raw: 00fff00000000200 0000000000000000 0000000400000001 ffff888017441640
[   59.307838][ T4164] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[   59.316445][ T4164] page dumped because: kasan: bad access detected
[   59.322935][ T4164] page_owner tracks the page as allocated
[   59.328634][ T4164] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 8012677507, free_ts 8010666038
[   59.344277][ T4164]  get_page_from_freelist+0x3b78/0x3d40
[   59.349829][ T4164]  __alloc_pages+0x272/0x700
[   59.354413][ T4164]  alloc_page_interleave+0x22/0x1c0
[   59.359601][ T4164]  new_slab+0xbb/0x4b0
[   59.363660][ T4164]  ___slab_alloc+0x6f6/0xe10
[   59.368341][ T4164]  kmem_cache_alloc_trace+0x1a0/0x290
[   59.373708][ T4164]  drm_property_add_enum+0x1b2/0x3c0
[   59.378996][ T4164]  drm_property_create_enum+0xb0/0x140
[   59.384443][ T4164]  drm_connector_create_standard_properties+0x7a/0x240
[   59.391282][ T4164]  drmm_mode_config_init+0x566/0x1460
[   59.396645][ T4164]  vkms_init+0x35d/0x6d0
[   59.400876][ T4164]  do_one_initcall+0x22b/0x7a0
[   59.405628][ T4164]  do_initcall_level+0x157/0x210
[   59.410555][ T4164]  do_initcalls+0x49/0x90
[   59.414872][ T4164]  kernel_init_freeable+0x425/0x5c0
[   59.420057][ T4164]  kernel_init+0x19/0x290
[   59.424382][ T4164] page last free stack trace:
[   59.429112][ T4164]  free_unref_page_prepare+0xc34/0xcf0
[   59.434562][ T4164]  free_unref_page+0x95/0x2d0
[   59.439226][ T4164]  __vunmap+0x8d4/0xa20
[   59.443373][ T4164]  free_work+0x57/0x80
[   59.447431][ T4164]  process_one_work+0x8a1/0x10c0
[   59.452364][ T4164]  worker_thread+0xaca/0x1280
[   59.457032][ T4164]  kthread+0x3f6/0x4f0
[   59.461088][ T4164]  ret_from_fork+0x1f/0x30
[   59.465496][ T4164] 
[   59.467809][ T4164] Memory state around the buggy address:
[   59.473422][ T4164]  ffff88801f726f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   59.481471][ T4164]  ffff88801f727000: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   59.489517][ T4164] >ffff88801f727080: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   59.497560][ T4164]                                            ^
[   59.503702][ T4164]  ffff88801f727100: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   59.511771][ T4164]  ffff88801f727180: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   59.519815][ T4164] ==================================================================
[   59.527866][ T4164] Disabling lock debugging due to kernel taint
[   59.534093][ T4164] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   59.541291][ T4164] CPU: 1 PID: 4164 Comm: syz-executor411 Tainted: G    B             5.15.175-syzkaller #0
[   59.551280][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.561324][ T4164] Call Trace:
[   59.564596][ T4164]  <TASK>
[   59.567515][ T4164]  dump_stack_lvl+0x1e3/0x2d0
[   59.572178][ T4164]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   59.577794][ T4164]  ? panic+0x860/0x860
[   59.581850][ T4164]  ? preempt_schedule_common+0xa6/0xd0
[   59.587293][ T4164]  ? preempt_schedule+0xd9/0xe0
[   59.592132][ T4164]  panic+0x318/0x860
[   59.596209][ T4164]  ? check_panic_on_warn+0x1d/0xa0
[   59.601317][ T4164]  ? fb_is_primary_device+0xd0/0xd0
[   59.606509][ T4164]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   59.612515][ T4164]  ? _raw_spin_unlock+0x40/0x40
[   59.617362][ T4164]  check_panic_on_warn+0x7e/0xa0
[   59.622292][ T4164]  ? diWrite+0xddb/0x19b0
[   59.626809][ T4164]  end_report+0x6d/0xf0
[   59.630950][ T4164]  kasan_report+0x18e/0x1c0
[   59.635463][ T4164]  ? diWrite+0xddb/0x19b0
[   59.639797][ T4164]  kasan_check_range+0x27e/0x290
[   59.644731][ T4164]  ? diWrite+0xddb/0x19b0
[   59.649167][ T4164]  memcpy+0x3c/0x60
[   59.652975][ T4164]  diWrite+0xddb/0x19b0
[   59.657138][ T4164]  txCommit+0xa13/0x6ba0
[   59.661389][ T4164]  ? dtTruncateEntry+0x8e0/0x8e0
[   59.666342][ T4164]  ? do_raw_spin_lock+0x14a/0x370
[   59.671431][ T4164]  ? do_raw_spin_unlock+0x137/0x8b0
[   59.676634][ T4164]  ? txLinelock+0x160/0x160
[   59.681140][ T4164]  add_missing_indices+0x8af/0xbf0
[   59.686247][ T4164]  ? dtReadFirst+0xc40/0xc40
[   59.690829][ T4164]  ? alloc_pages+0x458/0x570
[   59.695428][ T4164]  jfs_readdir+0x2008/0x3bc0
[   59.700021][ T4164]  ? dtInitRoot+0x690/0x690
[   59.704521][ T4164]  ? end_current_label_crit_section+0x147/0x170
[   59.710750][ T4164]  ? common_file_perm+0x17d/0x1d0
[   59.715788][ T4164]  iterate_dir+0x224/0x570
[   59.720196][ T4164]  __se_sys_getdents64+0x209/0x4f0
[   59.725297][ T4164]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   59.731271][ T4164]  ? __x64_sys_getdents64+0x80/0x80
[   59.736459][ T4164]  ? filldir+0x720/0x720
[   59.740692][ T4164]  ? syscall_enter_from_user_mode+0x2e/0x240
[   59.746681][ T4164]  ? lockdep_hardirqs_on+0x94/0x130
[   59.751870][ T4164]  ? syscall_enter_from_user_mode+0x2e/0x240
[   59.757857][ T4164]  do_syscall_64+0x3b/0xb0
[   59.762262][ T4164]  ? clear_bhb_loop+0x15/0x70
[   59.766932][ T4164]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   59.772815][ T4164] RIP: 0033:0x7f0b357ea159
[   59.777216][ T4164] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 1c 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   59.796911][ T4164] RSP: 002b:00007ffc9ac7a618 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   59.805322][ T4164] RAX: ffffffffffffffda RBX: 00007f0b3582e269 RCX: 00007f0b357ea159
[   59.813287][ T4164] RDX: 000000000000009e RSI: 0000000020000280 RDI: 0000000000000004
[   59.821247][ T4164] RBP: 00007f0b3582e239 R08: 00007ffc9ac7a690 R09: 00007ffc9ac7a690
[   59.829209][ T4164] R10: 00007ffc9ac7a690 R11: 0000000000000246 R12: 00007f0b3582e1d7
[   59.837165][ T4164] R13: 00007f0b3582e0ed R14: 00007f0b3582e05f R15: 00007ffc9ac7a648
[   59.845130][ T4164]  </TASK>
[   59.848574][ T4164] Kernel Offset: disabled
[   59.852908][ T4164] Rebooting in 86400 seconds..