./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1275155371 <...> Warning: Permanently added '10.128.1.226' (ED25519) to the list of known hosts. execve("./syz-executor1275155371", ["./syz-executor1275155371"], 0x7fffe7aafe80 /* 10 vars */) = 0 brk(NULL) = 0x55556e6cc000 brk(0x55556e6ccd00) = 0x55556e6ccd00 arch_prctl(ARCH_SET_FS, 0x55556e6cc380) = 0 set_tid_address(0x55556e6cc650) = 5090 set_robust_list(0x55556e6cc660, 24) = 0 rseq(0x55556e6ccca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1275155371", 4096) = 28 getrandom("\x5c\xac\x51\xcc\x8a\x11\x67\x30", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556e6ccd00 brk(0x55556e6edd00) = 0x55556e6edd00 brk(0x55556e6ee000) = 0x55556e6ee000 mprotect(0x7fa55695a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached [pid 5091] set_robust_list(0x55556e6cc660, 24 [pid 5090] <... clone resumed>, child_tidptr=0x55556e6cc650) = 5091 [pid 5091] <... set_robust_list resumed>) = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] setpgid(0, 0) = 0 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5091] write(3, "1000", 4) = 4 [pid 5091] close(3) = 0 [pid 5091] write(1, "executing program\n", 18executing program ) = 18 [pid 5091] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 5091] ioctl(4, SIOCGIFINDEX, {ifr_name="lo", ifr_ifindex=1}) = 0 [pid 5091] socket(AF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_SCO) = 5 [pid 5091] setsockopt(-1, SOL_AX25, SO_BINDTODEVICE, "\x62\x70\x71\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16) = -1 EBADF (Bad file descriptor) [pid 5091] ioctl(5, SIOCSIFFLAGS, {ifr_name="bpq0", ifr_flags=IFF_UP}) = 0 [pid 5091] socket(AF_AX25, SOCK_DGRAM, 0x9 /* AX25_P_??? */) = 6 [pid 5091] setsockopt(6, SOL_AX25, SO_BINDTODEVICE, "\x62\x70\x71\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16) = 0 [pid 5091] exit_group(0) = ? [ 76.126515][ T5091] ------------[ cut here ]------------ [ 76.132228][ T5091] refcount_t: decrement hit 0; leaking memory. [ 76.139230][ T5091] WARNING: CPU: 0 PID: 5091 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 [ 76.148676][ T5091] Modules linked in: [ 76.152607][ T5091] CPU: 0 PID: 5091 Comm: syz-executor127 Not tainted 6.10.0-rc4-syzkaller-00875-g568ebdaba637 #0 [ 76.163331][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 76.173665][ T5091] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0 [ 76.180268][ T5091] Code: b2 00 00 00 e8 37 51 e7 fc 5b 5d c3 cc cc cc cc e8 2b 51 e7 fc c6 05 d6 3f e9 0a 01 90 48 c7 c7 a0 97 1f 8c e8 67 81 a9 fc 90 <0f> 0b 90 90 eb d9 e8 0b 51 e7 fc c6 05 b3 3f e9 0a 01 90 48 c7 c7 [ 76.200017][ T5091] RSP: 0018:ffffc900033df9c8 EFLAGS: 00010246 [ 76.206133][ T5091] RAX: 9aea901d1711a200 RBX: ffff88807bf2c664 RCX: ffff8880287d9e00 [ 76.214244][ T5091] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 76.222313][ T5091] RBP: 0000000000000004 R08: ffffffff81585822 R09: fffffbfff1c39994 [ 76.230368][ T5091] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffff88807bf2c620 [ 76.238450][ T5091] R13: 0000000000000000 R14: ffff88807bf2c664 R15: dffffc0000000000 [ 76.246519][ T5091] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 76.255585][ T5091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.262417][ T5091] CR2: 00007fa556961110 CR3: 0000000075faa000 CR4: 00000000003506f0 [ 76.270614][ T5091] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 76.278712][ T5091] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 76.286757][ T5091] Call Trace: [ 76.290083][ T5091] [ 76.293016][ T5091] ? __warn+0x163/0x4e0 [ 76.297391][ T5091] ? refcount_warn_saturate+0xfa/0x1d0 [ 76.303060][ T5091] ? report_bug+0x2b3/0x500 [ 76.307689][ T5091] ? refcount_warn_saturate+0xfa/0x1d0 [ 76.313242][ T5091] ? handle_bug+0x3e/0x70 [ 76.318419][ T5091] ? exc_invalid_op+0x1a/0x50 [ 76.323246][ T5091] ? asm_exc_invalid_op+0x1a/0x20 [ 76.328402][ T5091] ? __warn_printk+0x292/0x360 [ 76.333237][ T5091] ? refcount_warn_saturate+0xfa/0x1d0 [ 76.338837][ T5091] ? refcount_warn_saturate+0xf9/0x1d0 [ 76.344340][ T5091] ref_tracker_free+0x6af/0x7e0 [ 76.349289][ T5091] ? __pfx_ref_tracker_free+0x10/0x10 [ 76.354761][ T5091] ax25_release+0x368/0x950 [ 76.359393][ T5091] sock_close+0xbc/0x240 [ 76.363802][ T5091] ? __pfx_sock_close+0x10/0x10 [ 76.368775][ T5091] __fput+0x406/0x8b0 [ 76.372818][ T5091] task_work_run+0x24f/0x310 [ 76.377535][ T5091] ? __pfx_task_work_run+0x10/0x10 [ 76.382696][ T5091] ? switch_task_namespaces+0xe1/0x110 [ 76.388239][ T5091] do_exit+0xa27/0x27e0 [ 76.392705][ T5091] ? __pfx_do_exit+0x10/0x10 [ 76.397851][ T5091] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 76.404052][ T5091] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 76.410480][ T5091] ? _raw_spin_unlock_irq+0x23/0x50 [ 76.415723][ T5091] ? lockdep_hardirqs_on+0x99/0x150 [ 76.421077][ T5091] do_group_exit+0x207/0x2c0 [ 76.425741][ T5091] __x64_sys_exit_group+0x3f/0x40 [ 76.430876][ T5091] do_syscall_64+0xf3/0x230 [ 76.435424][ T5091] ? clear_bhb_loop+0x35/0x90 [ 76.440323][ T5091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.446272][ T5091] RIP: 0033:0x7fa5568e5c49 [ 76.450888][ T5091] Code: Unable to access opcode bytes at 0x7fa5568e5c1f. [ 76.458007][ T5091] RSP: 002b:00007ffc83eaf9b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.466515][ T5091] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa5568e5c49 [ 76.474555][ T5091] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 76.482654][ T5091] RBP: 00007fa5569602b0 R08: ffffffffffffffb8 R09: 0000000000000006 [ 76.490726][ T5091] R10: 00000000200003c0 R11: 0000000000000246 R12: 00007fa5569602b0 [ 76.498822][ T5091] R13: 0000000000000000 R14: 00007fa556960d00 R15: 00007fa5568b6e90 [ 76.507251][ T5091] [ 76.510396][ T5091] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 76.517852][ T5091] CPU: 0 PID: 5091 Comm: syz-executor127 Not tainted 6.10.0-rc4-syzkaller-00875-g568ebdaba637 #0 [ 76.528448][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 76.538705][ T5091] Call Trace: [ 76.541986][ T5091] [ 76.544914][ T5091] dump_stack_lvl+0x241/0x360 [ 76.549610][ T5091] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.554835][ T5091] ? __pfx__printk+0x10/0x10 [ 76.559556][ T5091] ? vscnprintf+0x5d/0x90 [ 76.563923][ T5091] panic+0x349/0x860 [ 76.567849][ T5091] ? __warn+0x172/0x4e0 [ 76.572039][ T5091] ? __pfx_panic+0x10/0x10 [ 76.576490][ T5091] __warn+0x346/0x4e0 [ 76.580492][ T5091] ? refcount_warn_saturate+0xfa/0x1d0 [ 76.586008][ T5091] report_bug+0x2b3/0x500 [ 76.590367][ T5091] ? refcount_warn_saturate+0xfa/0x1d0 [ 76.595858][ T5091] handle_bug+0x3e/0x70 [ 76.600036][ T5091] exc_invalid_op+0x1a/0x50 [ 76.604548][ T5091] asm_exc_invalid_op+0x1a/0x20 [ 76.609404][ T5091] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0 [ 76.615486][ T5091] Code: b2 00 00 00 e8 37 51 e7 fc 5b 5d c3 cc cc cc cc e8 2b 51 e7 fc c6 05 d6 3f e9 0a 01 90 48 c7 c7 a0 97 1f 8c e8 67 81 a9 fc 90 <0f> 0b 90 90 eb d9 e8 0b 51 e7 fc c6 05 b3 3f e9 0a 01 90 48 c7 c7 [ 76.635101][ T5091] RSP: 0018:ffffc900033df9c8 EFLAGS: 00010246 [ 76.641185][ T5091] RAX: 9aea901d1711a200 RBX: ffff88807bf2c664 RCX: ffff8880287d9e00 [ 76.649185][ T5091] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 76.657167][ T5091] RBP: 0000000000000004 R08: ffffffff81585822 R09: fffffbfff1c39994 [ 76.665146][ T5091] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffff88807bf2c620 [ 76.673133][ T5091] R13: 0000000000000000 R14: ffff88807bf2c664 R15: dffffc0000000000 [ 76.681121][ T5091] ? __warn_printk+0x292/0x360 [ 76.685918][ T5091] ? refcount_warn_saturate+0xf9/0x1d0 [ 76.691525][ T5091] ref_tracker_free+0x6af/0x7e0 [ 76.696439][ T5091] ? __pfx_ref_tracker_free+0x10/0x10 [ 76.701871][ T5091] ax25_release+0x368/0x950 [ 76.706427][ T5091] sock_close+0xbc/0x240 [ 76.710702][ T5091] ? __pfx_sock_close+0x10/0x10 [ 76.715603][ T5091] __fput+0x406/0x8b0 [ 76.719626][ T5091] task_work_run+0x24f/0x310 [ 76.724274][ T5091] ? __pfx_task_work_run+0x10/0x10 [ 76.729496][ T5091] ? switch_task_namespaces+0xe1/0x110 [ 76.734973][ T5091] do_exit+0xa27/0x27e0 [ 76.739157][ T5091] ? __pfx_do_exit+0x10/0x10 [ 76.743762][ T5091] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 76.749770][ T5091] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 76.756115][ T5091] ? _raw_spin_unlock_irq+0x23/0x50 [ 76.761338][ T5091] ? lockdep_hardirqs_on+0x99/0x150 [ 76.766702][ T5091] do_group_exit+0x207/0x2c0 [ 76.771705][ T5091] __x64_sys_exit_group+0x3f/0x40 [ 76.776759][ T5091] do_syscall_64+0xf3/0x230 [ 76.781379][ T5091] ? clear_bhb_loop+0x35/0x90 [ 76.786079][ T5091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.792105][ T5091] RIP: 0033:0x7fa5568e5c49 [ 76.796794][ T5091] Code: Unable to access opcode bytes at 0x7fa5568e5c1f. [ 76.803841][ T5091] RSP: 002b:00007ffc83eaf9b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.812279][ T5091] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa5568e5c49 [ 76.820284][ T5091] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 76.828351][ T5091] RBP: 00007fa5569602b0 R08: ffffffffffffffb8 R09: 0000000000000006 [ 76.836335][ T5091] R10: 00000000200003c0 R11: 0000000000000246 R12: 00007fa5569602b0 [ 76.844319][ T5091] R13: 0000000000000000 R14: 00007fa556960d00 R15: 00007fa5568b6e90 [ 76.852409][ T5091] [ 76.855854][ T5091] Kernel Offset: disabled [ 76.860235][ T5091] Rebooting in 86400 seconds..