./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2822635244

<...>
Warning: Permanently added '10.128.1.171' (ECDSA) to the list of known hosts.
execve("./syz-executor2822635244", ["./syz-executor2822635244"], 0x7fff8cea76b0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555bdc000
brk(0x555555bdcc40)                     = 0x555555bdcc40
arch_prctl(ARCH_SET_FS, 0x555555bdc300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2822635244", 4096) = 28
brk(0x555555bfdc40)                     = 0x555555bfdc40
brk(0x555555bfe000)                     = 0x555555bfe000
mprotect(0x7fd08d013000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8100875) = 8100875
mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 3, 0) = 0x20000000
openat(AT_FDCWD, 0x20000040, O_RDONLY|O_NONBLOCK|O_DSYNC|O_DIRECT|O_NOFOLLOW|O_NOATIME|0x8) = 4
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5
sendmsg(-1, 0x20000080, 0)              = -1 EBADF (Bad file descriptor)
[   80.681948][   T27] audit: type=1804 audit(1686853657.469:2): pid=5004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor282" name="/root/cgroup.controllers" dev="sda1" ino=1927 res=1 errno=0
[   80.712685][ T5004] ------------[ cut here ]------------
[   80.718224][ T5004] refcount_t: decrement hit 0; leaking memory.
[   80.724926][ T5004] WARNING: CPU: 1 PID: 5004 at lib/refcount.c:31 refcount_warn_saturate+0x1d7/0x1f0
[   80.734575][ T5004] Modules linked in:
[   80.738544][ T5004] CPU: 1 PID: 5004 Comm: syz-executor282 Not tainted 6.4.0-rc5-syzkaller-01229-g97c5209b3d37 #0
[   80.749068][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   80.759337][ T5004] RIP: 0010:refcount_warn_saturate+0x1d7/0x1f0
[   80.765531][ T5004] Code: 05 fb 8e 51 0a 01 e8 98 95 38 fd 0f 0b e9 d3 fe ff ff e8 ac d9 70 fd 48 c7 c7 00 d3 a6 8a c6 05 d8 8e 51 0a 01 e8 79 95 38 fd <0f> 0b e9 b4 fe ff ff 48 89 ef e8 1a d7 c3 fd e9 5c fe ff ff 0f 1f
[   80.785266][ T5004] RSP: 0018:ffffc9000398eef8 EFLAGS: 00010286
[   80.791804][ T5004] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   80.799849][ T5004] RDX: ffff8880288abb80 RSI: ffffffff814c03b7 RDI: 0000000000000001
[   80.807909][ T5004] RBP: ffff888015ed05fc R08: 0000000000000001 R09: 0000000000000000
[   80.815971][ T5004] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000731de4
[   80.823991][ T5004] R13: 00000000ffffffef R14: ffff888015ed05fc R15: ffff88814a6fe5a8
[   80.832167][ T5004] FS:  0000555555bdc300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   80.841325][ T5004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   80.848005][ T5004] CR2: 00007f45a59f1b10 CR3: 0000000075cd1000 CR4: 00000000003506e0
[   80.856074][ T5004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   80.864082][ T5004] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   80.872129][ T5004] Call Trace:
[   80.875433][ T5004]  <TASK>
[   80.878423][ T5004]  ? __warn+0xe6/0x390
[   80.882547][ T5004]  ? __wake_up_klogd.part.0+0x99/0xf0
[   80.888021][ T5004]  ? refcount_warn_saturate+0x1d7/0x1f0
[   80.893708][ T5004]  ? report_bug+0x2da/0x500
[   80.898488][ T5004]  ? handle_bug+0x3c/0x70
[   80.902866][ T5004]  ? exc_invalid_op+0x18/0x50
[   80.907658][ T5004]  ? asm_exc_invalid_op+0x1a/0x20
[   80.912738][ T5004]  ? __warn_printk+0x187/0x310
[   80.917685][ T5004]  ? refcount_warn_saturate+0x1d7/0x1f0
[   80.923298][ T5004]  ? refcount_warn_saturate+0x1d7/0x1f0
[   80.928978][ T5004]  ref_tracker_free+0x539/0x820
[   80.933912][ T5004]  ? ref_tracker_dir_exit+0x6a0/0x6a0
[   80.939417][ T5004]  ? fib6_nh_init+0x121b/0x1bd0
[   80.944322][ T5004]  ? lock_downgrade+0x690/0x690
[   80.949269][ T5004]  ? find_held_lock+0x2d/0x110
[   80.954082][ T5004]  fib6_nh_init+0xb96/0x1bd0
[   80.958772][ T5004]  ? icmp6_dst_alloc+0x670/0x670
[   80.963771][ T5004]  ? ip_fib_metrics_init+0x3ce/0x7f0
[   80.969169][ T5004]  ? gre_gso_segment+0x1750/0x1750
[   80.974329][ T5004]  ? kasan_set_track+0x25/0x30
[   80.979180][ T5004]  ? __kasan_kmalloc+0xa2/0xb0
[   80.984011][ T5004]  ip6_route_info_create+0x10f3/0x1980
[   80.989567][ T5004]  ? fib6_nh_init+0x1bd0/0x1bd0
[   80.994477][ T5004]  ip6_route_add+0x28/0x150
[   80.999084][ T5004]  inet6_rtm_newroute+0x156/0x160
[   81.004250][ T5004]  ? ip6_route_multipath_add+0x2070/0x2070
[   81.010180][ T5004]  ? ip6_route_multipath_add+0x2070/0x2070
[   81.016127][ T5004]  rtnetlink_rcv_msg+0x43d/0xd50
[   81.021092][ T5004]  ? rtnl_getlink+0xb00/0xb00
[   81.025781][ T5004]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.031852][ T5004]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.037941][ T5004]  netlink_rcv_skb+0x165/0x440
[   81.042728][ T5004]  ? rtnl_getlink+0xb00/0xb00
[   81.047479][ T5004]  ? netlink_ack+0x1360/0x1360
[   81.052289][ T5004]  ? lock_sync+0x190/0x190
[   81.056830][ T5004]  ? netlink_deliver_tap+0x1b1/0xcf0
[   81.062179][ T5004]  netlink_unicast+0x547/0x7f0
[   81.067067][ T5004]  ? netlink_attachskb+0x890/0x890
[   81.072224][ T5004]  ? find_vmap_area+0xf8/0x130
[   81.077063][ T5004]  ? __phys_addr_symbol+0x30/0x70
[   81.082136][ T5004]  ? __check_object_size+0x323/0x730
[   81.087527][ T5004]  netlink_sendmsg+0x925/0xe30
[   81.092344][ T5004]  ? netlink_unicast+0x7f0/0x7f0
[   81.097371][ T5004]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   81.102692][ T5004]  ? netlink_unicast+0x7f0/0x7f0
[   81.107722][ T5004]  sock_sendmsg+0xde/0x190
[   81.112184][ T5004]  splice_to_socket+0x954/0xe30
[   81.117169][ T5004]  ? splice_from_pipe+0x140/0x140
[   81.122276][ T5004]  ? security_file_permission+0xaf/0xd0
[   81.127902][ T5004]  ? splice_from_pipe+0x140/0x140
[   81.132967][ T5004]  direct_splice_actor+0x114/0x180
[   81.138177][ T5004]  splice_direct_to_actor+0x34a/0x9c0
[   81.143617][ T5004]  ? folio_flags.constprop.0+0x150/0x150
[   81.149440][ T5004]  ? direct_splice_actor+0x180/0x180
[   81.154783][ T5004]  ? bpf_lsm_file_permission+0x9/0x10
[   81.160247][ T5004]  ? security_file_permission+0xaf/0xd0
[   81.165841][ T5004]  do_splice_direct+0x1ad/0x280
[   81.170990][ T5004]  ? splice_direct_to_actor+0x9c0/0x9c0
[   81.176638][ T5004]  ? propagate_umount+0x19f0/0x19f0
[   81.181894][ T5004]  ? bpf_lsm_file_permission+0x9/0x10
[   81.187370][ T5004]  ? security_file_permission+0xaf/0xd0
[   81.192984][ T5004]  do_sendfile+0xb19/0x12c0
[   81.197624][ T5004]  ? vfs_iocb_iter_write+0x480/0x480
[   81.203231][ T5004]  ? ptrace_notify+0xfe/0x140
[   81.207995][ T5004]  ? lock_downgrade+0x690/0x690
[   81.212901][ T5004]  __x64_sys_sendfile64+0x1d0/0x210
[   81.218243][ T5004]  ? _raw_spin_unlock_irq+0x23/0x50
[   81.223546][ T5004]  ? __ia32_sys_sendfile+0x220/0x220
[   81.228926][ T5004]  ? lockdep_hardirqs_on+0x7d/0x100
[   81.234174][ T5004]  ? _raw_spin_unlock_irq+0x2e/0x50
[   81.239467][ T5004]  ? ptrace_notify+0xfe/0x140
[   81.244229][ T5004]  do_syscall_64+0x39/0xb0
[   81.248777][ T5004]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.254733][ T5004] RIP: 0033:0x7fd08cfa6c99
[   81.259220][ T5004] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   81.278920][ T5004] RSP: 002b:00007ffe42e35998 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   81.287410][ T5004] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd08cfa6c99
[   81.295417][ T5004] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   81.303463][ T5004] RBP: 00007fd08cf6ae40 R08: 0000000000000000 R09: 0000000000000000
[   81.311600][ T5004] R10: 00000800000017fc R11: 0000000000000246 R12: 00007fd08cf6aed0
[   81.319656][ T5004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.327753][ T5004]  </TASK>
[   81.331529][ T5004] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   81.338918][ T5004] CPU: 1 PID: 5004 Comm: syz-executor282 Not tainted 6.4.0-rc5-syzkaller-01229-g97c5209b3d37 #0
[   81.349354][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   81.359421][ T5004] Call Trace:
[   81.362706][ T5004]  <TASK>
[   81.365642][ T5004]  dump_stack_lvl+0xd9/0x150
[   81.370256][ T5004]  panic+0x686/0x730
[   81.374185][ T5004]  ? panic_smp_self_stop+0xa0/0xa0
[   81.379333][ T5004]  ? refcount_warn_saturate+0x1d7/0x1f0
[   81.384901][ T5004]  check_panic_on_warn+0xb1/0xc0
[   81.389968][ T5004]  __warn+0xf2/0x390
[   81.393884][ T5004]  ? __wake_up_klogd.part.0+0x99/0xf0
[   81.399285][ T5004]  ? refcount_warn_saturate+0x1d7/0x1f0
[   81.404854][ T5004]  report_bug+0x2da/0x500
[   81.409211][ T5004]  handle_bug+0x3c/0x70
[   81.413383][ T5004]  exc_invalid_op+0x18/0x50
[   81.418164][ T5004]  asm_exc_invalid_op+0x1a/0x20
[   81.423029][ T5004] RIP: 0010:refcount_warn_saturate+0x1d7/0x1f0
[   81.429210][ T5004] Code: 05 fb 8e 51 0a 01 e8 98 95 38 fd 0f 0b e9 d3 fe ff ff e8 ac d9 70 fd 48 c7 c7 00 d3 a6 8a c6 05 d8 8e 51 0a 01 e8 79 95 38 fd <0f> 0b e9 b4 fe ff ff 48 89 ef e8 1a d7 c3 fd e9 5c fe ff ff 0f 1f
[   81.448844][ T5004] RSP: 0018:ffffc9000398eef8 EFLAGS: 00010286
[   81.455027][ T5004] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   81.463019][ T5004] RDX: ffff8880288abb80 RSI: ffffffff814c03b7 RDI: 0000000000000001
[   81.471018][ T5004] RBP: ffff888015ed05fc R08: 0000000000000001 R09: 0000000000000000
[   81.479004][ T5004] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000731de4
[   81.487000][ T5004] R13: 00000000ffffffef R14: ffff888015ed05fc R15: ffff88814a6fe5a8
[   81.495010][ T5004]  ? __warn_printk+0x187/0x310
[   81.499820][ T5004]  ? refcount_warn_saturate+0x1d7/0x1f0
[   81.505409][ T5004]  ref_tracker_free+0x539/0x820
[   81.510298][ T5004]  ? ref_tracker_dir_exit+0x6a0/0x6a0
[   81.515740][ T5004]  ? fib6_nh_init+0x121b/0x1bd0
[   81.520632][ T5004]  ? lock_downgrade+0x690/0x690
[   81.525526][ T5004]  ? find_held_lock+0x2d/0x110
[   81.530329][ T5004]  fib6_nh_init+0xb96/0x1bd0
[   81.534964][ T5004]  ? icmp6_dst_alloc+0x670/0x670
[   81.539939][ T5004]  ? ip_fib_metrics_init+0x3ce/0x7f0
[   81.545250][ T5004]  ? gre_gso_segment+0x1750/0x1750
[   81.550392][ T5004]  ? kasan_set_track+0x25/0x30
[   81.555196][ T5004]  ? __kasan_kmalloc+0xa2/0xb0
[   81.560004][ T5004]  ip6_route_info_create+0x10f3/0x1980
[   81.565531][ T5004]  ? fib6_nh_init+0x1bd0/0x1bd0
[   81.570537][ T5004]  ip6_route_add+0x28/0x150
[   81.575092][ T5004]  inet6_rtm_newroute+0x156/0x160
[   81.580169][ T5004]  ? ip6_route_multipath_add+0x2070/0x2070
[   81.586052][ T5004]  ? ip6_route_multipath_add+0x2070/0x2070
[   81.591908][ T5004]  rtnetlink_rcv_msg+0x43d/0xd50
[   81.596901][ T5004]  ? rtnl_getlink+0xb00/0xb00
[   81.601620][ T5004]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.607640][ T5004]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.613663][ T5004]  netlink_rcv_skb+0x165/0x440
[   81.618455][ T5004]  ? rtnl_getlink+0xb00/0xb00
[   81.623158][ T5004]  ? netlink_ack+0x1360/0x1360
[   81.627948][ T5004]  ? lock_sync+0x190/0x190
[   81.632682][ T5004]  ? netlink_deliver_tap+0x1b1/0xcf0
[   81.638002][ T5004]  netlink_unicast+0x547/0x7f0
[   81.642800][ T5004]  ? netlink_attachskb+0x890/0x890
[   81.647935][ T5004]  ? find_vmap_area+0xf8/0x130
[   81.652729][ T5004]  ? __phys_addr_symbol+0x30/0x70
[   81.657793][ T5004]  ? __check_object_size+0x323/0x730
[   81.663114][ T5004]  netlink_sendmsg+0x925/0xe30
[   81.667913][ T5004]  ? netlink_unicast+0x7f0/0x7f0
[   81.672898][ T5004]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   81.678208][ T5004]  ? netlink_unicast+0x7f0/0x7f0
[   81.683608][ T5004]  sock_sendmsg+0xde/0x190
[   81.688071][ T5004]  splice_to_socket+0x954/0xe30
[   81.692996][ T5004]  ? splice_from_pipe+0x140/0x140
[   81.698117][ T5004]  ? security_file_permission+0xaf/0xd0
[   81.703705][ T5004]  ? splice_from_pipe+0x140/0x140
[   81.708760][ T5004]  direct_splice_actor+0x114/0x180
[   81.713925][ T5004]  splice_direct_to_actor+0x34a/0x9c0
[   81.719338][ T5004]  ? folio_flags.constprop.0+0x150/0x150
[   81.725034][ T5004]  ? direct_splice_actor+0x180/0x180
[   81.730366][ T5004]  ? bpf_lsm_file_permission+0x9/0x10
[   81.735789][ T5004]  ? security_file_permission+0xaf/0xd0
[   81.741391][ T5004]  do_splice_direct+0x1ad/0x280
[   81.746298][ T5004]  ? splice_direct_to_actor+0x9c0/0x9c0
[   81.751917][ T5004]  ? propagate_umount+0x19f0/0x19f0
[   81.757185][ T5004]  ? bpf_lsm_file_permission+0x9/0x10
[   81.762611][ T5004]  ? security_file_permission+0xaf/0xd0
[   81.768199][ T5004]  do_sendfile+0xb19/0x12c0
[   81.772761][ T5004]  ? vfs_iocb_iter_write+0x480/0x480
[   81.778102][ T5004]  ? ptrace_notify+0xfe/0x140
[   81.782814][ T5004]  ? lock_downgrade+0x690/0x690
[   81.787706][ T5004]  __x64_sys_sendfile64+0x1d0/0x210
[   81.792929][ T5004]  ? _raw_spin_unlock_irq+0x23/0x50
[   81.798172][ T5004]  ? __ia32_sys_sendfile+0x220/0x220
[   81.803482][ T5004]  ? lockdep_hardirqs_on+0x7d/0x100
[   81.808720][ T5004]  ? _raw_spin_unlock_irq+0x2e/0x50
[   81.813975][ T5004]  ? ptrace_notify+0xfe/0x140
[   81.818692][ T5004]  do_syscall_64+0x39/0xb0
[   81.823135][ T5004]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.829159][ T5004] RIP: 0033:0x7fd08cfa6c99
[   81.833595][ T5004] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   81.853330][ T5004] RSP: 002b:00007ffe42e35998 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   81.861778][ T5004] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd08cfa6c99
[   81.869951][ T5004] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   81.878038][ T5004] RBP: 00007fd08cf6ae40 R08: 0000000000000000 R09: 0000000000000000
[   81.886150][ T5004] R10: 00000800000017fc R11: 0000000000000246 R12: 00007fd08cf6aed0
[   81.894168][ T5004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.902180][ T5004]  </TASK>
[   81.905419][ T5004] Kernel Offset: disabled
[   81.909852][ T5004] Rebooting in 86400 seconds..