./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2059668968

<...>
Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts.
execve("./syz-executor2059668968", ["./syz-executor2059668968"], 0x7fff0467e540 /* 10 vars */) = 0
brk(NULL)                               = 0x5555569ff000
brk(0x5555569ffc40)                     = 0x5555569ffc40
arch_prctl(ARCH_SET_FS, 0x5555569ff300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2059668968", 4096) = 28
brk(0x555556a20c40)                     = 0x555556a20c40
brk(0x555556a21000)                     = 0x555556a21000
mprotect(0x7fd7dcefc000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8100875) = 8100875
mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 3, 0) = 0x20000000
openat(AT_FDCWD, 0x20000040, O_RDONLY|O_NONBLOCK|O_DSYNC|O_DIRECT|O_NOFOLLOW|O_NOATIME|0x8) = 4
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5
sendmsg(-1, 0x20000080, 0)              = -1 EBADF (Bad file descriptor)
syzkaller login: [   76.404104][   T27] audit: type=1804 audit(1686838490.007:2): pid=5005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor205" name="/root/cgroup.controllers" dev="sda1" ino=1927 res=1 errno=0
[   76.428707][ T5005] ------------[ cut here ]------------
[   76.434238][ T5005] refcount_t: decrement hit 0; leaking memory.
[   76.440906][ T5005] WARNING: CPU: 1 PID: 5005 at lib/refcount.c:31 refcount_warn_saturate+0x1d7/0x1f0
[   76.450408][ T5005] Modules linked in:
[   76.454383][ T5005] CPU: 1 PID: 5005 Comm: syz-executor205 Not tainted 6.4.0-rc5-syzkaller-01229-g97c5209b3d37 #0
[   76.464884][ T5005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   76.474991][ T5005] RIP: 0010:refcount_warn_saturate+0x1d7/0x1f0
[   76.481306][ T5005] Code: 05 fb 8e 51 0a 01 e8 98 95 38 fd 0f 0b e9 d3 fe ff ff e8 ac d9 70 fd 48 c7 c7 00 d3 a6 8a c6 05 d8 8e 51 0a 01 e8 79 95 38 fd <0f> 0b e9 b4 fe ff ff 48 89 ef e8 1a d7 c3 fd e9 5c fe ff ff 0f 1f
[   76.501035][ T5005] RSP: 0018:ffffc90003bbeef8 EFLAGS: 00010286
[   76.507166][ T5005] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   76.515240][ T5005] RDX: ffff88801ebf3b80 RSI: ffffffff814c03b7 RDI: 0000000000000001
[   76.523278][ T5005] RBP: ffff8881400905fc R08: 0000000000000001 R09: 0000000000000000
[   76.531291][ T5005] R10: 0000000000000001 R11: 0000000000000001 R12: 1ffff92000777de4
[   76.539325][ T5005] R13: 00000000ffffffef R14: ffff8881400905fc R15: ffff88814ab4e5a8
[   76.547459][ T5005] FS:  00005555569ff300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   76.556496][ T5005] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.563131][ T5005] CR2: 00007fd7dce8fb70 CR3: 000000002096c000 CR4: 00000000003506e0
[   76.571112][ T5005] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   76.579159][ T5005] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   76.587204][ T5005] Call Trace:
[   76.590491][ T5005]  <TASK>
[   76.593469][ T5005]  ? __warn+0xe6/0x390
[   76.597588][ T5005]  ? preempt_schedule_notrace+0x5f/0xd0
[   76.603217][ T5005]  ? refcount_warn_saturate+0x1d7/0x1f0
[   76.608809][ T5005]  ? report_bug+0x2da/0x500
[   76.613388][ T5005]  ? handle_bug+0x3c/0x70
[   76.617751][ T5005]  ? exc_invalid_op+0x18/0x50
[   76.622441][ T5005]  ? asm_exc_invalid_op+0x1a/0x20
[   76.627532][ T5005]  ? __warn_printk+0x187/0x310
[   76.632357][ T5005]  ? refcount_warn_saturate+0x1d7/0x1f0
[   76.638030][ T5005]  ? refcount_warn_saturate+0x1d7/0x1f0
[   76.643656][ T5005]  ref_tracker_free+0x539/0x820
[   76.648533][ T5005]  ? ref_tracker_dir_exit+0x6a0/0x6a0
[   76.653995][ T5005]  ? fib6_nh_init+0x121b/0x1bd0
[   76.658902][ T5005]  ? lock_downgrade+0x690/0x690
[   76.663847][ T5005]  ? find_held_lock+0x2d/0x110
[   76.668676][ T5005]  fib6_nh_init+0xb96/0x1bd0
[   76.673397][ T5005]  ? icmp6_dst_alloc+0x670/0x670
[   76.678392][ T5005]  ? ip_fib_metrics_init+0x3ce/0x7f0
[   76.683759][ T5005]  ? gre_gso_segment+0x1750/0x1750
[   76.688910][ T5005]  ? kasan_set_track+0x25/0x30
[   76.693746][ T5005]  ? __kasan_kmalloc+0xa2/0xb0
[   76.698567][ T5005]  ip6_route_info_create+0x10f3/0x1980
[   76.704114][ T5005]  ? fib6_nh_init+0x1bd0/0x1bd0
[   76.709024][ T5005]  ip6_route_add+0x28/0x150
[   76.713605][ T5005]  inet6_rtm_newroute+0x156/0x160
[   76.718694][ T5005]  ? ip6_route_multipath_add+0x2070/0x2070
[   76.724606][ T5005]  ? ip6_route_multipath_add+0x2070/0x2070
[   76.730495][ T5005]  rtnetlink_rcv_msg+0x43d/0xd50
[   76.735517][ T5005]  ? rtnl_getlink+0xb00/0xb00
[   76.740227][ T5005]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   76.746364][ T5005]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   76.752427][ T5005]  netlink_rcv_skb+0x165/0x440
[   76.757318][ T5005]  ? rtnl_getlink+0xb00/0xb00
[   76.762043][ T5005]  ? netlink_ack+0x1360/0x1360
[   76.766910][ T5005]  ? lock_sync+0x190/0x190
[   76.771404][ T5005]  ? netlink_deliver_tap+0x1b1/0xcf0
[   76.776778][ T5005]  netlink_unicast+0x547/0x7f0
[   76.781607][ T5005]  ? netlink_attachskb+0x890/0x890
[   76.786801][ T5005]  ? find_vmap_area+0xf8/0x130
[   76.791627][ T5005]  ? __phys_addr_symbol+0x30/0x70
[   76.796784][ T5005]  ? __check_object_size+0x323/0x730
[   76.802124][ T5005]  netlink_sendmsg+0x925/0xe30
[   76.806961][ T5005]  ? netlink_unicast+0x7f0/0x7f0
[   76.811940][ T5005]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   76.817285][ T5005]  ? netlink_unicast+0x7f0/0x7f0
[   76.822264][ T5005]  sock_sendmsg+0xde/0x190
[   76.826839][ T5005]  splice_to_socket+0x954/0xe30
[   76.831748][ T5005]  ? splice_from_pipe+0x140/0x140
[   76.836897][ T5005]  ? security_file_permission+0xaf/0xd0
[   76.842487][ T5005]  ? splice_from_pipe+0x140/0x140
[   76.847572][ T5005]  direct_splice_actor+0x114/0x180
[   76.852778][ T5005]  splice_direct_to_actor+0x34a/0x9c0
[   76.858185][ T5005]  ? folio_flags.constprop.0+0x150/0x150
[   76.863897][ T5005]  ? direct_splice_actor+0x180/0x180
[   76.869252][ T5005]  ? bpf_lsm_file_permission+0x9/0x10
[   76.874697][ T5005]  ? security_file_permission+0xaf/0xd0
[   76.880302][ T5005]  do_splice_direct+0x1ad/0x280
[   76.885224][ T5005]  ? splice_direct_to_actor+0x9c0/0x9c0
[   76.890826][ T5005]  ? propagate_umount+0x19f0/0x19f0
[   76.896096][ T5005]  ? bpf_lsm_file_permission+0x9/0x10
[   76.901516][ T5005]  ? security_file_permission+0xaf/0xd0
[   76.907186][ T5005]  do_sendfile+0xb19/0x12c0
[   76.911766][ T5005]  ? vfs_iocb_iter_write+0x480/0x480
[   76.917198][ T5005]  ? ptrace_notify+0xfe/0x140
[   76.921913][ T5005]  ? lock_downgrade+0x690/0x690
[   76.926846][ T5005]  __x64_sys_sendfile64+0x1d0/0x210
[   76.932083][ T5005]  ? _raw_spin_unlock_irq+0x23/0x50
[   76.937355][ T5005]  ? __ia32_sys_sendfile+0x220/0x220
[   76.942717][ T5005]  ? lockdep_hardirqs_on+0x7d/0x100
[   76.947957][ T5005]  ? _raw_spin_unlock_irq+0x2e/0x50
[   76.953233][ T5005]  ? ptrace_notify+0xfe/0x140
[   76.957952][ T5005]  do_syscall_64+0x39/0xb0
[   76.962379][ T5005]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   76.968356][ T5005] RIP: 0033:0x7fd7dce8fc99
[   76.972842][ T5005] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   76.992623][ T5005] RSP: 002b:00007fffacbacd08 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   77.001076][ T5005] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd7dce8fc99
[   77.009109][ T5005] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   77.017235][ T5005] RBP: 00007fd7dce53e40 R08: 0000000000000000 R09: 0000000000000000
[   77.025283][ T5005] R10: 00000800000017fc R11: 0000000000000246 R12: 00007fd7dce53ed0
[   77.033333][ T5005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   77.041359][ T5005]  </TASK>
[   77.044444][ T5005] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   77.051741][ T5005] CPU: 1 PID: 5005 Comm: syz-executor205 Not tainted 6.4.0-rc5-syzkaller-01229-g97c5209b3d37 #0
[   77.062164][ T5005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   77.072225][ T5005] Call Trace:
[   77.075509][ T5005]  <TASK>
[   77.078442][ T5005]  dump_stack_lvl+0xd9/0x150
[   77.083052][ T5005]  panic+0x686/0x730
[   77.086970][ T5005]  ? panic_smp_self_stop+0xa0/0xa0
[   77.092191][ T5005]  ? show_trace_log_lvl+0x284/0x390
[   77.097426][ T5005]  ? refcount_warn_saturate+0x1d7/0x1f0
[   77.102994][ T5005]  check_panic_on_warn+0xb1/0xc0
[   77.107956][ T5005]  __warn+0xf2/0x390
[   77.111871][ T5005]  ? preempt_schedule_notrace+0x5f/0xd0
[   77.117436][ T5005]  ? refcount_warn_saturate+0x1d7/0x1f0
[   77.123046][ T5005]  report_bug+0x2da/0x500
[   77.127393][ T5005]  handle_bug+0x3c/0x70
[   77.131558][ T5005]  exc_invalid_op+0x18/0x50
[   77.136077][ T5005]  asm_exc_invalid_op+0x1a/0x20
[   77.140936][ T5005] RIP: 0010:refcount_warn_saturate+0x1d7/0x1f0
[   77.147117][ T5005] Code: 05 fb 8e 51 0a 01 e8 98 95 38 fd 0f 0b e9 d3 fe ff ff e8 ac d9 70 fd 48 c7 c7 00 d3 a6 8a c6 05 d8 8e 51 0a 01 e8 79 95 38 fd <0f> 0b e9 b4 fe ff ff 48 89 ef e8 1a d7 c3 fd e9 5c fe ff ff 0f 1f
[   77.166763][ T5005] RSP: 0018:ffffc90003bbeef8 EFLAGS: 00010286
[   77.172857][ T5005] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   77.180843][ T5005] RDX: ffff88801ebf3b80 RSI: ffffffff814c03b7 RDI: 0000000000000001
[   77.188832][ T5005] RBP: ffff8881400905fc R08: 0000000000000001 R09: 0000000000000000
[   77.196835][ T5005] R10: 0000000000000001 R11: 0000000000000001 R12: 1ffff92000777de4
[   77.204906][ T5005] R13: 00000000ffffffef R14: ffff8881400905fc R15: ffff88814ab4e5a8
[   77.212905][ T5005]  ? __warn_printk+0x187/0x310
[   77.217706][ T5005]  ? refcount_warn_saturate+0x1d7/0x1f0
[   77.223284][ T5005]  ref_tracker_free+0x539/0x820
[   77.228167][ T5005]  ? ref_tracker_dir_exit+0x6a0/0x6a0
[   77.233574][ T5005]  ? fib6_nh_init+0x121b/0x1bd0
[   77.238459][ T5005]  ? lock_downgrade+0x690/0x690
[   77.243340][ T5005]  ? find_held_lock+0x2d/0x110
[   77.248135][ T5005]  fib6_nh_init+0xb96/0x1bd0
[   77.252764][ T5005]  ? icmp6_dst_alloc+0x670/0x670
[   77.257747][ T5005]  ? ip_fib_metrics_init+0x3ce/0x7f0
[   77.263059][ T5005]  ? gre_gso_segment+0x1750/0x1750
[   77.268191][ T5005]  ? kasan_set_track+0x25/0x30
[   77.273000][ T5005]  ? __kasan_kmalloc+0xa2/0xb0
[   77.277827][ T5005]  ip6_route_info_create+0x10f3/0x1980
[   77.283354][ T5005]  ? fib6_nh_init+0x1bd0/0x1bd0
[   77.288254][ T5005]  ip6_route_add+0x28/0x150
[   77.292796][ T5005]  inet6_rtm_newroute+0x156/0x160
[   77.297867][ T5005]  ? ip6_route_multipath_add+0x2070/0x2070
[   77.303741][ T5005]  ? ip6_route_multipath_add+0x2070/0x2070
[   77.309584][ T5005]  rtnetlink_rcv_msg+0x43d/0xd50
[   77.314552][ T5005]  ? rtnl_getlink+0xb00/0xb00
[   77.319268][ T5005]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.325280][ T5005]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.331300][ T5005]  netlink_rcv_skb+0x165/0x440
[   77.336092][ T5005]  ? rtnl_getlink+0xb00/0xb00
[   77.340804][ T5005]  ? netlink_ack+0x1360/0x1360
[   77.345585][ T5005]  ? lock_sync+0x190/0x190
[   77.350045][ T5005]  ? netlink_deliver_tap+0x1b1/0xcf0
[   77.355359][ T5005]  netlink_unicast+0x547/0x7f0
[   77.360152][ T5005]  ? netlink_attachskb+0x890/0x890
[   77.365295][ T5005]  ? find_vmap_area+0xf8/0x130
[   77.370086][ T5005]  ? __phys_addr_symbol+0x30/0x70
[   77.375141][ T5005]  ? __check_object_size+0x323/0x730
[   77.380470][ T5005]  netlink_sendmsg+0x925/0xe30
[   77.385261][ T5005]  ? netlink_unicast+0x7f0/0x7f0
[   77.390230][ T5005]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   77.395539][ T5005]  ? netlink_unicast+0x7f0/0x7f0
[   77.400502][ T5005]  sock_sendmsg+0xde/0x190
[   77.404948][ T5005]  splice_to_socket+0x954/0xe30
[   77.409834][ T5005]  ? splice_from_pipe+0x140/0x140
[   77.414919][ T5005]  ? security_file_permission+0xaf/0xd0
[   77.420493][ T5005]  ? splice_from_pipe+0x140/0x140
[   77.425547][ T5005]  direct_splice_actor+0x114/0x180
[   77.430700][ T5005]  splice_direct_to_actor+0x34a/0x9c0
[   77.436115][ T5005]  ? folio_flags.constprop.0+0x150/0x150
[   77.441799][ T5005]  ? direct_splice_actor+0x180/0x180
[   77.447132][ T5005]  ? bpf_lsm_file_permission+0x9/0x10
[   77.452541][ T5005]  ? security_file_permission+0xaf/0xd0
[   77.458125][ T5005]  do_splice_direct+0x1ad/0x280
[   77.463127][ T5005]  ? splice_direct_to_actor+0x9c0/0x9c0
[   77.468746][ T5005]  ? propagate_umount+0x19f0/0x19f0
[   77.473998][ T5005]  ? bpf_lsm_file_permission+0x9/0x10
[   77.479409][ T5005]  ? security_file_permission+0xaf/0xd0
[   77.485076][ T5005]  do_sendfile+0xb19/0x12c0
[   77.489627][ T5005]  ? vfs_iocb_iter_write+0x480/0x480
[   77.494962][ T5005]  ? ptrace_notify+0xfe/0x140
[   77.499663][ T5005]  ? lock_downgrade+0x690/0x690
[   77.504551][ T5005]  __x64_sys_sendfile64+0x1d0/0x210
[   77.509770][ T5005]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.515002][ T5005]  ? __ia32_sys_sendfile+0x220/0x220
[   77.520305][ T5005]  ? lockdep_hardirqs_on+0x7d/0x100
[   77.525530][ T5005]  ? _raw_spin_unlock_irq+0x2e/0x50
[   77.530763][ T5005]  ? ptrace_notify+0xfe/0x140
[   77.535476][ T5005]  do_syscall_64+0x39/0xb0
[   77.539915][ T5005]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   77.545848][ T5005] RIP: 0033:0x7fd7dce8fc99
[   77.550285][ T5005] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   77.569913][ T5005] RSP: 002b:00007fffacbacd08 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   77.578347][ T5005] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd7dce8fc99
[   77.586336][ T5005] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   77.594322][ T5005] RBP: 00007fd7dce53e40 R08: 0000000000000000 R09: 0000000000000000
[   77.602308][ T5005] R10: 00000800000017fc R11: 0000000000000246 R12: 00007fd7dce53ed0
[   77.610293][ T5005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   77.618385][ T5005]  </TASK>
[   77.621693][ T5005] Kernel Offset: disabled
[   77.626133][ T5005] Rebooting in 86400 seconds..