[ 501.758385] syz-executor.2 (7694) used greatest stack depth: 24224 bytes left [ 502.593347] device bridge_slave_1 left promiscuous mode [ 502.599508] bridge0: port 2(bridge_slave_1) entered disabled state [ 502.646882] device bridge_slave_0 left promiscuous mode [ 502.653202] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.820704] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 502.871942] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 502.952869] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.10.50' (ECDSA) to the list of known hosts. [ 506.430733] af_rxrpc: Assertion failed [ 506.435014] ------------[ cut here ]------------ [ 506.439845] kernel BUG at net/rxrpc/af_rxrpc.c:236! [ 506.445015] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 506.450896] Modules linked in: [ 506.454206] CPU: 1 PID: 16543 Comm: syz-executor468 Not tainted 4.7.0-rc1+ #0 [ 506.462160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 506.471588] task: ffff8800a8280280 ti: ffff8800ad8c0000 task.ti: ffff8800ad8c0000 [ 506.479207] RIP: 0010:[] [] rxrpc_name_to_transport+0x1a5/0x220 [ 506.488690] RSP: 0018:ffff8800ad8c7978 EFLAGS: 00010282 [ 506.494122] RAX: 000000000000001a RBX: ffff8800a8287740 RCX: 0000000000000000 [ 506.501377] RDX: 000000000000001a RSI: ffffffff85abed60 RDI: ffffed0015b18f25 [ 506.508670] RBP: ffff8800ad8c79a0 R08: 0000000000000001 R09: 0000000000000000 [ 506.515919] R10: ffff8800a8287740 R11: 0000000000000001 R12: ffff8800a8287c40 [ 506.523166] R13: ffff8800a8287b80 R14: 0000000000000018 R15: ffff8800ad8c7b30 [ 506.530415] FS: 0000000000c56880(0000) GS:ffff88012c100000(0000) knlGS:0000000000000000 [ 506.538791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 506.544655] CR2: 00000000200000c0 CR3: 00000000ba1b7000 CR4: 00000000001406e0 [ 506.552104] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 506.559356] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 506.566604] Stack: [ 506.568732] ffffffff8514631d ffff8800ad8c7b48 0000000000000018 ffff8800a8287c40 [ 506.576770] 0000000000000018 ffff8800ad8c7a20 ffffffff8515e988 ffffffff845deec6 [ 506.584802] ffff8800ad8c79c8 ffffffff8143e21d ffff8800ad8c79e8 ffff8800ad8c7dd0 [ 506.592800] Call Trace: [ 506.595369] [] ? rxrpc_find_call_by_user_ID+0x9d/0x120 [ 506.602271] [] rxrpc_do_sendmsg+0x498/0x930 [ 506.608303] [] ? lock_sock_nested+0x86/0x100 [ 506.614746] [] ? trace_hardirqs_on+0xd/0x10 [ 506.621416] [] rxrpc_sendmsg+0x212/0x2c0 [ 506.627202] [] ? rxrpc_poll+0x1a0/0x1a0 [ 506.633065] [] sock_sendmsg+0xb5/0xf0 [ 506.638515] [] ___sys_sendmsg+0x258/0x830 [ 506.644294] [] ? sock_create_kern+0x20/0x20 [ 506.650835] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 506.657998] [] ? __lock_acquire+0x1673/0x3cf0 [ 506.664141] [] ? __lock_acquire+0x218c/0x3cf0 [ 506.670439] [] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 506.677430] [] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 506.684630] [] ? save_stack_trace+0x26/0x50 [ 506.690784] [] ? save_trace+0xe0/0x2c0 [ 506.696305] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 506.703214] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 506.709959] [] ? __fget_light+0x134/0x200 [ 506.715735] [] ? __fdget+0xe/0x10 [ 506.720824] [] ? sockfd_lookup_light+0x1c/0x150 [ 506.727134] [] __sys_sendmmsg+0x11f/0x300 [ 506.733001] [] ? SyS_sendmsg+0x20/0x20 [ 506.738571] [] ? _raw_spin_unlock_bh+0x30/0x40 [ 506.746252] [] ? release_sock+0x11f/0x180 [ 506.752148] [] ? rxrpc_connect+0x8b/0x260 [ 506.758051] [] ? SYSC_connect+0x202/0x2a0 [ 506.764000] [] ? __do_page_fault+0x39e/0x9e0 [ 506.770175] [] ? handle_mm_fault+0x8d/0x12d0 [ 506.776509] [] ? up_read+0x1a/0x40 [ 506.781899] [] ? entry_SYSCALL_64_fastpath+0x5/0xc1 [ 506.788631] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 506.796563] [] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 506.803579] [] SyS_sendmmsg+0xd/0x20 [ 506.808926] [] entry_SYSCALL_64_fastpath+0x23/0xc1 [ 506.816540] Code: 00 44 89 c2 4c 89 e6 e8 ba 65 02 00 4c 89 e7 48 89 c3 e8 9f 36 02 00 48 89 d8 e9 1a ff ff ff 48 c7 c7 40 db 2b 86 e8 c4 70 4e fc <0f> 0b 44 89 45 dc e8 20 b4 60 fc 44 8b 45 dc e9 b4 fe ff ff 44 [ 506.846381] RIP [] rxrpc_name_to_transport+0x1a5/0x220 [ 506.856393] RSP [ 506.860830] ---[ end trace 1e708869d2b64e20 ]--- [ 506.865962] Kernel panic - not syncing: Fatal exception [ 506.873539] Kernel Offset: disabled