Warning: Permanently added '10.128.0.162' (ED25519) to the list of known hosts.
[   99.813151][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   99.824910][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   99.834209][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   99.843452][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   99.851543][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
executing program
executing program
[  100.001003][ T5832] syz-executor205[5832]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 0 (core 0, socket 0)
[  100.014814][ T5832] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.081861][ T5834] syz-executor205[5834]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 1 (core 0, socket 0)
[  100.106415][ T5834] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.193281][ T5836] syz-executor205[5836]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 1 (core 0, socket 0)
[  100.226272][ T5836] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.310944][ T5838] syz-executor205[5838]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 0 (core 0, socket 0)
[  100.345004][ T5838] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.452476][ T5840] syz-executor205[5840]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 1 (core 0, socket 0)
[  100.476853][ T5840] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.568011][ T5842] syz-executor205[5842]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 1 (core 0, socket 0)
[  100.596301][ T5842] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.667067][ T5844] syz-executor205[5844]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 0 (core 0, socket 0)
[  100.716736][ T5844] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.798108][ T5846] syz-executor205[5846]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 1 (core 0, socket 0)
[  100.828175][ T5846] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  100.940055][ T5848] syz-executor205[5848]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 0 (core 0, socket 0)
[  100.966205][ T5848] Code: Unable to access opcode bytes at 0x400fd6.
executing program
[  101.060234][ T5850] syz-executor205[5850]: segfault at 401000 ip 0000000000401000 sp 000000000000000a error 14 likely on CPU 0 (core 0, socket 0)
[  101.086454][ T5850] Code: Unable to access opcode bytes at 0x400fd6.
executing program
executing program
[  101.298405][ T5140] ==================================================================
[  101.306727][ T5140] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240
[  101.314648][ T5140] Read of size 140 at addr ffffc90000ace000 by task kworker/u9:1/5140
[  101.322858][ T5140] 
[  101.325242][ T5140] CPU: 0 UID: 0 PID: 5140 Comm: kworker/u9:1 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  101.325283][ T5140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  101.325305][ T5140] Workqueue: hci0 hci_devcd_rx
[  101.325348][ T5140] Call Trace:
[  101.325359][ T5140]  <TASK>
[  101.325375][ T5140]  dump_stack_lvl+0x116/0x1f0
[  101.325427][ T5140]  print_report+0xc3/0x670
[  101.325465][ T5140]  ? __virt_addr_valid+0x5e/0x590
[  101.325511][ T5140]  ? hci_devcd_dump+0x142/0x240
[  101.325551][ T5140]  kasan_report+0xe0/0x110
[  101.325590][ T5140]  ? hci_devcd_dump+0x142/0x240
[  101.325637][ T5140]  kasan_check_range+0xef/0x1a0
[  101.325683][ T5140]  __asan_memcpy+0x23/0x60
[  101.325713][ T5140]  hci_devcd_dump+0x142/0x240
[  101.325754][ T5140]  hci_devcd_rx+0xa25/0x1780
[  101.325798][ T5140]  ? __lock_acquire+0xaa4/0x1ba0
[  101.325840][ T5140]  ? __pfx_hci_devcd_rx+0x10/0x10
[  101.325882][ T5140]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  101.325924][ T5140]  ? debug_object_deactivate+0x1ec/0x3a0
[  101.325972][ T5140]  ? rcu_is_watching+0x12/0xc0
[  101.326004][ T5140]  process_one_work+0x9cc/0x1b70
[  101.326064][ T5140]  ? __pfx_process_one_work+0x10/0x10
[  101.326116][ T5140]  ? assign_work+0x1a0/0x250
[  101.326167][ T5140]  worker_thread+0x6c8/0xf10
[  101.326217][ T5140]  ? __kthread_parkme+0x19e/0x250
[  101.326254][ T5140]  ? __pfx_worker_thread+0x10/0x10
[  101.326299][ T5140]  kthread+0x3c2/0x780
[  101.326338][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.326374][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.326411][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.326447][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.326485][ T5140]  ? rcu_is_watching+0x12/0xc0
[  101.326509][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.326548][ T5140]  ret_from_fork+0x45/0x80
[  101.326589][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.326627][ T5140]  ret_from_fork_asm+0x1a/0x30
[  101.326675][ T5140]  </TASK>
[  101.326684][ T5140] 
[  101.513759][ T5140] The buggy address ffffc90000ace000 belongs to a vmalloc virtual mapping
[  101.522303][ T5140] Memory state around the buggy address:
[  101.527979][ T5140]  ffffc90000acdf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  101.536086][ T5140]  ffffc90000acdf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  101.544199][ T5140] >ffffc90000ace000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  101.552300][ T5140]                    ^
[  101.556402][ T5140]  ffffc90000ace080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  101.564501][ T5140]  ffffc90000ace100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  101.572618][ T5140] ==================================================================
[  101.582678][ T5140] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  101.589933][ T5140] CPU: 0 UID: 0 PID: 5140 Comm: kworker/u9:1 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  101.602146][ T5140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  101.612259][ T5140] Workqueue: hci0 hci_devcd_rx
[  101.617094][ T5140] Call Trace:
[  101.620394][ T5140]  <TASK>
[  101.623345][ T5140]  dump_stack_lvl+0x3d/0x1f0
[  101.627975][ T5140]  panic+0x71c/0x800
[  101.631914][ T5140]  ? __pfx_panic+0x10/0x10
[  101.636362][ T5140]  ? mark_held_locks+0x49/0x80
[  101.641166][ T5140]  ? preempt_schedule_thunk+0x16/0x30
[  101.646583][ T5140]  ? hci_devcd_dump+0x142/0x240
[  101.651464][ T5140]  ? preempt_schedule_common+0x44/0xc0
[  101.656954][ T5140]  ? check_panic_on_warn+0x1f/0xb0
[  101.662103][ T5140]  ? hci_devcd_dump+0x142/0x240
[  101.666989][ T5140]  check_panic_on_warn+0xab/0xb0
[  101.671967][ T5140]  end_report+0x107/0x170
[  101.676337][ T5140]  kasan_report+0xee/0x110
[  101.680782][ T5140]  ? hci_devcd_dump+0x142/0x240
[  101.685670][ T5140]  kasan_check_range+0xef/0x1a0
[  101.690579][ T5140]  __asan_memcpy+0x23/0x60
[  101.695036][ T5140]  hci_devcd_dump+0x142/0x240
[  101.699764][ T5140]  hci_devcd_rx+0xa25/0x1780
[  101.704399][ T5140]  ? __lock_acquire+0xaa4/0x1ba0
[  101.709374][ T5140]  ? __pfx_hci_devcd_rx+0x10/0x10
[  101.714436][ T5140]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  101.720281][ T5140]  ? debug_object_deactivate+0x1ec/0x3a0
[  101.725948][ T5140]  ? rcu_is_watching+0x12/0xc0
[  101.730739][ T5140]  process_one_work+0x9cc/0x1b70
[  101.735726][ T5140]  ? __pfx_process_one_work+0x10/0x10
[  101.741141][ T5140]  ? assign_work+0x1a0/0x250
[  101.745768][ T5140]  worker_thread+0x6c8/0xf10
[  101.750410][ T5140]  ? __kthread_parkme+0x19e/0x250
[  101.755472][ T5140]  ? __pfx_worker_thread+0x10/0x10
[  101.760626][ T5140]  kthread+0x3c2/0x780
[  101.764772][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.769409][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.774034][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.778661][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.783301][ T5140]  ? rcu_is_watching+0x12/0xc0
[  101.788107][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.792747][ T5140]  ret_from_fork+0x45/0x80
[  101.797207][ T5140]  ? __pfx_kthread+0x10/0x10
[  101.801861][ T5140]  ret_from_fork_asm+0x1a/0x30
[  101.806669][ T5140]  </TASK>
[  101.810067][ T5140] Kernel Offset: disabled
[  101.814405][ T5140] Rebooting in 86400 seconds..