Warning: Permanently added '10.128.10.27' (ECDSA) to the list of known hosts.
executing program
[   42.456721][ T6794] ==================================================================
[   42.465088][ T6794] BUG: KASAN: slab-out-of-bounds in qrtr_endpoint_post+0xe0e/0x1110
[   42.473042][ T6794] Read of size 2 at addr ffff8880a693a808 by task syz-executor573/6794
[   42.481265][ T6794] 
[   42.483572][ T6794] CPU: 0 PID: 6794 Comm: syz-executor573 Not tainted 5.8.0-rc2-syzkaller #0
[   42.492227][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   42.502281][ T6794] Call Trace:
[   42.505569][ T6794]  dump_stack+0x1f0/0x31e
[   42.509883][ T6794]  print_address_description+0x66/0x5a0
[   42.515800][ T6794]  ? vprintk_emit+0x342/0x3c0
[   42.520470][ T6794]  ? printk+0x62/0x83
[   42.524422][ T6794]  ? vprintk_emit+0x339/0x3c0
[   42.529070][ T6794]  kasan_report+0x132/0x1d0
[   42.533564][ T6794]  ? qrtr_endpoint_post+0xe0e/0x1110
[   42.538822][ T6794]  qrtr_endpoint_post+0xe0e/0x1110
[   42.543909][ T6794]  ? __phys_addr_symbol+0x2b/0x70
[   42.548974][ T6794]  qrtr_tun_write_iter+0xc6/0x120
[   42.554017][ T6794]  do_iter_readv_writev+0x5b7/0x820
[   42.559221][ T6794]  do_iter_write+0x16a/0x540
[   42.563923][ T6794]  ? import_iovec+0x12a/0x2c0
[   42.568590][ T6794]  do_pwritev+0x234/0x430
[   42.573964][ T6794]  ? check_preemption_disabled+0x40/0x240
[   42.579669][ T6794]  ? check_preemption_disabled+0x40/0x240
[   42.585364][ T6794]  ? do_syscall_64+0x1d/0xe0
[   42.589980][ T6794]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   42.596026][ T6794]  do_syscall_64+0x73/0xe0
[   42.600421][ T6794]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   42.606287][ T6794] RIP: 0033:0x4401d9
[   42.610150][ T6794] Code: Bad RIP value.
[   42.614186][ T6794] RSP: 002b:00007ffc081a6348 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[   42.622568][ T6794] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401d9
[   42.631786][ T6794] RDX: 0000000000000001 RSI: 0000000020000440 RDI: 0000000000000003
[   42.639748][ T6794] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   42.648518][ T6794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a60
[   42.656489][ T6794] R13: 0000000000401af0 R14: 0000000000000000 R15: 0000000000000000
[   42.664447][ T6794] 
[   42.666781][ T6794] Allocated by task 6794:
[   42.671087][ T6794]  __kasan_kmalloc+0x103/0x140
[   42.675821][ T6794]  __kmalloc+0x24b/0x330
[   42.680036][ T6794]  kzalloc+0x16/0x30
[   42.683916][ T6794]  qrtr_tun_write_iter+0x76/0x120
[   42.688918][ T6794]  do_iter_readv_writev+0x5b7/0x820
[   42.694088][ T6794]  do_iter_write+0x16a/0x540
[   42.698664][ T6794]  do_pwritev+0x234/0x430
[   42.702966][ T6794]  do_syscall_64+0x73/0xe0
[   42.707395][ T6794]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   42.713256][ T6794] 
[   42.715557][ T6794] Freed by task 4868:
[   42.719526][ T6794]  __kasan_slab_free+0x114/0x170
[   42.724433][ T6794]  kfree+0x10a/0x220
[   42.728298][ T6794]  tomoyo_check_open_permission+0x6e2/0x900
[   42.734173][ T6794]  security_file_open+0x50/0xc0
[   42.739013][ T6794]  do_dentry_open+0x3cd/0x1070
[   42.743758][ T6794]  path_openat+0x278d/0x37f0
[   42.748457][ T6794]  do_filp_open+0x191/0x3a0
[   42.752937][ T6794]  do_sys_openat2+0x463/0x770
[   42.757599][ T6794]  __x64_sys_open+0x1af/0x1e0
[   42.762269][ T6794]  do_syscall_64+0x73/0xe0
[   42.766664][ T6794]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   42.772527][ T6794] 
[   42.774832][ T6794] The buggy address belongs to the object at ffff8880a693a800
[   42.774832][ T6794]  which belongs to the cache kmalloc-32 of size 32
[   42.788683][ T6794] The buggy address is located 8 bytes inside of
[   42.788683][ T6794]  32-byte region [ffff8880a693a800, ffff8880a693a820)
[   42.801664][ T6794] The buggy address belongs to the page:
[   42.807273][ T6794] page:ffffea00029a4e80 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880a693afc1
[   42.817671][ T6794] flags: 0xfffe0000000200(slab)
[   42.822502][ T6794] raw: 00fffe0000000200 ffffea0002864c48 ffffea000286bc48 ffff8880aa4001c0
[   42.831059][ T6794] raw: ffff8880a693afc1 ffff8880a693a000 000000010000003f 0000000000000000
[   42.839649][ T6794] page dumped because: kasan: bad access detected
[   42.846050][ T6794] 
[   42.848357][ T6794] Memory state around the buggy address:
[   42.853961][ T6794]  ffff8880a693a700: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   42.862009][ T6794]  ffff8880a693a780: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   42.870042][ T6794] >ffff8880a693a800: 04 fc fc fc fc fc fc fc fb fb fb fb fc fc fc fc
[   42.878072][ T6794]                       ^
[   42.882371][ T6794]  ffff8880a693a880: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   42.890403][ T6794]  ffff8880a693a900: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   42.898437][ T6794] ==================================================================
[   42.906473][ T6794] Disabling lock debugging due to kernel taint
[   42.920295][ T6794] Kernel panic - not syncing: panic_on_warn set ...
[   42.926897][ T6794] CPU: 0 PID: 6794 Comm: syz-executor573 Tainted: G    B             5.8.0-rc2-syzkaller #0
[   42.936942][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   42.946989][ T6794] Call Trace:
[   42.950275][ T6794]  dump_stack+0x1f0/0x31e
[   42.954581][ T6794]  panic+0x264/0x7a0
[   42.958453][ T6794]  ? trace_hardirqs_on+0x30/0x80
[   42.963379][ T6794]  kasan_report+0x1c9/0x1d0
[   42.967887][ T6794]  ? qrtr_endpoint_post+0xe0e/0x1110
[   42.973142][ T6794]  qrtr_endpoint_post+0xe0e/0x1110
[   42.978225][ T6794]  ? __phys_addr_symbol+0x2b/0x70
[   42.983219][ T6794]  qrtr_tun_write_iter+0xc6/0x120
[   42.988220][ T6794]  do_iter_readv_writev+0x5b7/0x820
[   42.993390][ T6794]  do_iter_write+0x16a/0x540
[   42.997955][ T6794]  ? import_iovec+0x12a/0x2c0
[   43.002611][ T6794]  do_pwritev+0x234/0x430
[   43.006928][ T6794]  ? check_preemption_disabled+0x40/0x240
[   43.012620][ T6794]  ? check_preemption_disabled+0x40/0x240
[   43.018307][ T6794]  ? do_syscall_64+0x1d/0xe0
[   43.023392][ T6794]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   43.029553][ T6794]  do_syscall_64+0x73/0xe0
[   43.033945][ T6794]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   43.039921][ T6794] RIP: 0033:0x4401d9
[   43.043787][ T6794] Code: Bad RIP value.
[   43.047929][ T6794] RSP: 002b:00007ffc081a6348 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[   43.056408][ T6794] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401d9
[   43.065924][ T6794] RDX: 0000000000000001 RSI: 0000000020000440 RDI: 0000000000000003
[   43.073971][ T6794] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   43.081942][ T6794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a60
[   43.089884][ T6794] R13: 0000000000401af0 R14: 0000000000000000 R15: 0000000000000000
[   43.099477][ T6794] Kernel Offset: disabled
[   43.103865][ T6794] Rebooting in 86400 seconds..