Warning: Permanently added '10.128.1.3' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
[   75.612280][ T6794] ==================================================================
[   75.620515][ T6794] BUG: KASAN: slab-out-of-bounds in hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   75.630170][ T6794] Read of size 6 at addr ffff88809f0ec404 by task kworker/u5:2/6794
[   75.638136][ T6794] 
[   75.640473][ T6794] CPU: 0 PID: 6794 Comm: kworker/u5:2 Not tainted 5.8.0-rc3-syzkaller #0
[   75.648874][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.658936][ T6794] Workqueue: hci0 hci_rx_work
[   75.663603][ T6794] Call Trace:
[   75.666896][ T6794]  dump_stack+0x18f/0x20d
[   75.671218][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   75.678131][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   75.685046][ T6794]  print_address_description.constprop.0.cold+0xae/0x436
[   75.692048][ T6794]  ? lockdep_hardirqs_off+0x66/0xa0
[   75.697223][ T6794]  ? vprintk_func+0x97/0x1a6
[   75.701797][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   75.708712][ T6794]  kasan_report.cold+0x1f/0x37
[   75.713456][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   75.720368][ T6794]  check_memory_region+0x13d/0x180
[   75.725462][ T6794]  memcpy+0x20/0x60
[   75.729251][ T6794]  hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   75.736086][ T6794]  ? clear_pending_adv_report+0xf0/0xf0
[   75.741617][ T6794]  hci_event_packet+0x2828/0x86f5
[   75.746628][ T6794]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   75.752614][ T6794]  ? hci_cmd_complete_evt+0xc6e0/0xc6e0
[   75.764310][ T6794]  ? lock_acquire+0x1f1/0xad0
[   75.768984][ T6794]  ? skb_dequeue+0x1c/0x180
[   75.773467][ T6794]  ? find_held_lock+0x2d/0x110
[   75.778211][ T6794]  ? mark_lock+0xbc/0x1710
[   75.782612][ T6794]  ? mark_held_locks+0x9f/0xe0
[   75.787364][ T6794]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[   75.793149][ T6794]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   75.799108][ T6794]  ? trace_hardirqs_on+0x5f/0x220
[   75.804113][ T6794]  ? lockdep_hardirqs_on+0x6a/0xe0
[   75.809207][ T6794]  hci_rx_work+0x22e/0xb10
[   75.813612][ T6794]  process_one_work+0x94c/0x1670
[   75.818536][ T6794]  ? lock_release+0x8d0/0x8d0
[   75.823208][ T6794]  ? pwq_dec_nr_in_flight+0x2d0/0x2d0
[   75.828910][ T6794]  ? rwlock_bug.part.0+0x90/0x90
[   75.833829][ T6794]  ? lockdep_hardirqs_off+0x66/0xa0
[   75.839009][ T6794]  worker_thread+0x64c/0x1120
[   75.843673][ T6794]  ? __kthread_parkme+0x13f/0x1e0
[   75.848691][ T6794]  ? process_one_work+0x1670/0x1670
[   75.853868][ T6794]  kthread+0x3b5/0x4a0
[   75.857930][ T6794]  ? __kthread_bind_mask+0xc0/0xc0
[   75.863018][ T6794]  ? __kthread_bind_mask+0xc0/0xc0
[   75.868198][ T6794]  ret_from_fork+0x1f/0x30
[   75.872601][ T6794] 
[   75.874914][ T6794] Allocated by task 6797:
[   75.879225][ T6794]  save_stack+0x1b/0x40
[   75.883358][ T6794]  __kasan_kmalloc.constprop.0+0xc2/0xd0
[   75.888969][ T6794]  __alloc_skb+0xae/0x550
[   75.893280][ T6794]  vhci_write+0xbd/0x450
[   75.897514][ T6794]  new_sync_write+0x422/0x650
[   75.902166][ T6794]  __vfs_write+0xc9/0x100
[   75.906472][ T6794]  vfs_write+0x268/0x5d0
[   75.910692][ T6794]  ksys_write+0x12d/0x250
[   75.915000][ T6794]  do_syscall_64+0x60/0xe0
[   75.919393][ T6794]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   75.925256][ T6794] 
[   75.927565][ T6794] Freed by task 4786:
[   75.931526][ T6794]  save_stack+0x1b/0x40
[   75.935662][ T6794]  __kasan_slab_free+0xf5/0x140
[   75.940490][ T6794]  kfree+0x103/0x2c0
[   75.944365][ T6794]  skb_release_data+0x6d9/0x910
[   75.949192][ T6794]  __kfree_skb+0x46/0x60
[   75.953934][ T6794]  tcp_ack+0x1bea/0x58f0
[   75.958188][ T6794]  tcp_rcv_established+0x1820/0x1e70
[   75.963449][ T6794]  tcp_v4_do_rcv+0x5d1/0x870
[   75.968028][ T6794]  tcp_v4_rcv+0x2cef/0x3760
[   75.972508][ T6794]  ip_protocol_deliver_rcu+0x5c/0x880
[   75.977857][ T6794]  ip_local_deliver_finish+0x20a/0x370
[   75.983291][ T6794]  ip_local_deliver+0x1b3/0x200
[   75.988119][ T6794]  ip_sublist_rcv_finish+0x9a/0x2c0
[   75.993296][ T6794]  ip_list_rcv_finish.constprop.0+0x514/0x6e0
[   75.999337][ T6794]  ip_list_rcv+0x34e/0x488
[   76.003735][ T6794]  __netif_receive_skb_list_core+0x549/0x8e0
[   76.010822][ T6794]  netif_receive_skb_list_internal+0x777/0xd70
[   76.016951][ T6794]  napi_complete_done+0x1f1/0x860
[   76.021954][ T6794]  virtqueue_napi_complete+0x2c/0xc0
[   76.027215][ T6794]  virtnet_poll+0xae0/0xd76
[   76.031696][ T6794]  net_rx_action+0x4a1/0xe60
[   76.036267][ T6794]  __do_softirq+0x34c/0xa60
[   76.040740][ T6794] 
[   76.043049][ T6794] The buggy address belongs to the object at ffff88809f0ec000
[   76.043049][ T6794]  which belongs to the cache kmalloc-1k of size 1024
[   76.057184][ T6794] The buggy address is located 4 bytes to the right of
[   76.057184][ T6794]  1024-byte region [ffff88809f0ec000, ffff88809f0ec400)
[   76.070864][ T6794] The buggy address belongs to the page:
[   76.076475][ T6794] page:ffffea00027c3b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0
[   76.085554][ T6794] flags: 0xfffe0000000200(slab)
[   76.090401][ T6794] raw: 00fffe0000000200 ffffea0002587dc8 ffffea00027c8e08 ffff8880aa000c40
[   76.098990][ T6794] raw: 0000000000000000 ffff88809f0ec000 0000000100000002 0000000000000000
[   76.107547][ T6794] page dumped because: kasan: bad access detected
[   76.113931][ T6794] 
[   76.116256][ T6794] Memory state around the buggy address:
[   76.121878][ T6794]  ffff88809f0ec300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   76.129918][ T6794]  ffff88809f0ec380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   76.138058][ T6794] >ffff88809f0ec400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   76.146092][ T6794]                    ^
[   76.150151][ T6794]  ffff88809f0ec480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   76.158191][ T6794]  ffff88809f0ec500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   76.166224][ T6794] ==================================================================
[   76.174263][ T6794] Disabling lock debugging due to kernel taint
[   76.181571][ T6794] Kernel panic - not syncing: panic_on_warn set ...
[   76.188191][ T6794] CPU: 0 PID: 6794 Comm: kworker/u5:2 Tainted: G    B             5.8.0-rc3-syzkaller #0
[   76.197978][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   76.208036][ T6794] Workqueue: hci0 hci_rx_work
[   76.212700][ T6794] Call Trace:
[   76.215989][ T6794]  dump_stack+0x18f/0x20d
[   76.220320][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x130/0x5e0
[   76.227422][ T6794]  panic+0x2e3/0x75c
[   76.231314][ T6794]  ? __warn_printk+0xf3/0xf3
[   76.235899][ T6794]  ? preempt_schedule_common+0x59/0xc0
[   76.241362][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   76.248303][ T6794]  ? preempt_schedule_thunk+0x16/0x18
[   76.254367][ T6794]  ? trace_hardirqs_on+0x55/0x220
[   76.259389][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   76.266328][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   76.273259][ T6794]  end_report+0x4d/0x53
[   76.277438][ T6794]  kasan_report.cold+0xd/0x37
[   76.282115][ T6794]  ? hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   76.289309][ T6794]  check_memory_region+0x13d/0x180
[   76.294418][ T6794]  memcpy+0x20/0x60
[   76.298233][ T6794]  hci_extended_inquiry_result_evt.isra.0+0x1be/0x5e0
[   76.305030][ T6794]  ? clear_pending_adv_report+0xf0/0xf0
[   76.310552][ T6794]  hci_event_packet+0x2828/0x86f5
[   76.315552][ T6794]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   76.321514][ T6794]  ? hci_cmd_complete_evt+0xc6e0/0xc6e0
[   76.327036][ T6794]  ? lock_acquire+0x1f1/0xad0
[   76.331704][ T6794]  ? skb_dequeue+0x1c/0x180
[   76.336181][ T6794]  ? find_held_lock+0x2d/0x110
[   76.340928][ T6794]  ? mark_lock+0xbc/0x1710
[   76.345327][ T6794]  ? mark_held_locks+0x9f/0xe0
[   76.350068][ T6794]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[   76.355906][ T6794]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   76.361862][ T6794]  ? trace_hardirqs_on+0x5f/0x220
[   76.366904][ T6794]  ? lockdep_hardirqs_on+0x6a/0xe0
[   76.371994][ T6794]  hci_rx_work+0x22e/0xb10
[   76.376394][ T6794]  process_one_work+0x94c/0x1670
[   76.381309][ T6794]  ? lock_release+0x8d0/0x8d0
[   76.385960][ T6794]  ? pwq_dec_nr_in_flight+0x2d0/0x2d0
[   76.391303][ T6794]  ? rwlock_bug.part.0+0x90/0x90
[   76.396219][ T6794]  ? lockdep_hardirqs_off+0x66/0xa0
[   76.401408][ T6794]  worker_thread+0x64c/0x1120
[   76.406070][ T6794]  ? __kthread_parkme+0x13f/0x1e0
[   76.411071][ T6794]  ? process_one_work+0x1670/0x1670
[   76.416250][ T6794]  kthread+0x3b5/0x4a0
[   76.420293][ T6794]  ? __kthread_bind_mask+0xc0/0xc0
[   76.425389][ T6794]  ? __kthread_bind_mask+0xc0/0xc0
[   76.430481][ T6794]  ret_from_fork+0x1f/0x30
[   76.435532][ T6794] Kernel Offset: disabled
[   76.439846][ T6794] Rebooting in 86400 seconds..