./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3658918167
<...>
Warning: Permanently added '10.128.0.205' (ED25519) to the list of known hosts.
execve("./syz-executor3658918167", ["./syz-executor3658918167"], 0x7ffe6c4b7cd0 /* 10 vars */) = 0
brk(NULL) = 0x55559232d000
brk(0x55559232dd00) = 0x55559232dd00
arch_prctl(ARCH_SET_FS, 0x55559232d380) = 0
set_tid_address(0x55559232d650) = 5071
set_robust_list(0x55559232d660, 24) = 0
rseq(0x55559232dca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3658918167", 4096) = 28
getrandom("\x30\xd9\x0e\x38\x5c\x1a\xe1\x2b", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55559232dd00
brk(0x55559234ed00) = 0x55559234ed00
brk(0x55559234f000) = 0x55559234f000
mprotect(0x7f55b4a7c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=5, insns=0x20000000, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 144) = -1 EFAULT (Bad address)
socket(AF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_SCO) = 3
setsockopt(-1, SOL_AX25, SO_BINDTODEVICE, "\x62\x70\x71\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16) = -1 EBADF (Bad file descriptor)
ioctl(3, SIOCSIFFLAGS, {ifr_name="bpq0", ifr_flags=IFF_UP|IFF_DEBUG|IFF_NOARP}) = 0
socket(AF_AX25, SOCK_SEQPACKET, 0 /* AX25_P_??? */) = 4
setsockopt(4, SOL_AX25, SO_BINDTODEVICE, "\x62\x70\x71\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16) = 0
exit_group(0) = ?
[ 88.768291][ T5071] ------------[ cut here ]------------
[ 88.776654][ T5071] refcount_t: decrement hit 0; leaking memory.
[ 88.786605][ T5071] WARNING: CPU: 1 PID: 5071 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0
[ 88.798109][ T5071] Modules linked in:
[ 88.802958][ T5071] CPU: 1 PID: 5071 Comm: syz-executor365 Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0
[ 88.815926][ T5071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 88.828173][ T5071] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 88.835363][ T5071] Code: b2 00 00 00 e8 a7 71 f0 fc 5b 5d c3 cc cc cc cc e8 9b 71 f0 fc c6 05 df cf cc 0a 01 90 48 c7 c7 a0 74 fe 8b e8 97 4a b3 fc 90 <0f> 0b 90 90 eb d9 e8 7b 71 f0 fc c6 05 bc cf cc 0a 01 90 48 c7 c7
[ 88.857664][ T5071] RSP: 0018:ffffc900043b79c8 EFLAGS: 00010246
[ 88.864190][ T5071] RAX: f1eb1a7dba888a00 RBX: ffff888029f34664 RCX: ffff88807982bc00
[ 88.874343][ T5071] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 88.883298][ T5071] RBP: 0000000000000004 R08: ffffffff8157cc12 R09: 1ffff92000876e8c
[ 88.892282][ T5071] R10: dffffc0000000000 R11: fffff52000876e8d R12: ffff888029f34620
[ 88.902338][ T5071] R13: 0000000000000000 R14: ffff888029f34664 R15: dffffc0000000000
[ 88.911559][ T5071] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 88.921910][ T5071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 88.929691][ T5071] CR2: 00007f55b4a830f0 CR3: 000000000df32000 CR4: 00000000003506f0
[ 88.939767][ T5071] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 88.950771][ T5071] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 88.959176][ T5071] Call Trace:
[ 88.962801][ T5071]
[ 88.966874][ T5071] ? __warn+0x163/0x4b0
[ 88.971530][ T5071] ? refcount_warn_saturate+0xfa/0x1d0
[ 88.978662][ T5071] ? report_bug+0x2b3/0x500
[ 88.985170][ T5071] ? refcount_warn_saturate+0xfa/0x1d0
[ 88.991412][ T5071] ? handle_bug+0x3e/0x70
[ 88.997386][ T5071] ? exc_invalid_op+0x1a/0x50
[ 89.003648][ T5071] ? asm_exc_invalid_op+0x1a/0x20
[ 89.010099][ T5071] ? __warn_printk+0x292/0x360
[ 89.015209][ T5071] ? refcount_warn_saturate+0xfa/0x1d0
[ 89.021357][ T5071] ? refcount_warn_saturate+0xf9/0x1d0
[ 89.027540][ T5071] ref_tracker_free+0x6af/0x7e0
[ 89.033009][ T5071] ? __pfx_ref_tracker_free+0x10/0x10
[ 89.041434][ T5071] ax25_release+0x368/0x950
[ 89.049980][ T5071] sock_close+0xbc/0x240
[ 89.054815][ T5071] ? __pfx_sock_close+0x10/0x10
[ 89.062672][ T5071] __fput+0x429/0x8a0
[ 89.067694][ T5071] task_work_run+0x24f/0x310
[ 89.073024][ T5071] ? __pfx_task_work_run+0x10/0x10
[ 89.079622][ T5071] ? switch_task_namespaces+0xe1/0x110
[ 89.086144][ T5071] do_exit+0xa1b/0x27e0
[ 89.091696][ T5071] ? __pfx_do_exit+0x10/0x10
[ 89.098787][ T5071] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 89.109395][ T5071] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 89.116898][ T5071] ? _raw_spin_unlock_irq+0x23/0x50
[ 89.124034][ T5071] ? lockdep_hardirqs_on+0x99/0x150
[ 89.131018][ T5071] do_group_exit+0x207/0x2c0
[ 89.137420][ T5071] __x64_sys_exit_group+0x3f/0x40
[ 89.144016][ T5071] do_syscall_64+0xfb/0x240
[ 89.149944][ T5071] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 89.156972][ T5071] RIP: 0033:0x7f55b4a07e39
[ 89.162985][ T5071] Code: Unable to access opcode bytes at 0x7f55b4a07e0f.
[ 89.170711][ T5071] RSP: 002b:00007fffaefc8498 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 89.181222][ T5071] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f55b4a07e39
[ 89.190203][ T5071] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 89.199269][ T5071] RBP: 00007f55b4a82290 R08: ffffffffffffffb8 R09: 00007fffaefc86b8
[ 89.209553][ T5071] R10: 00000000200002c0 R11: 0000000000000246 R12: 00007f55b4a82290
[ 89.218570][ T5071] R13: 0000000000000000 R14: 00007f55b4a82ce0 R15: 00007f55b49d9c00
[ 89.229549][ T5071]
[ 89.234398][ T5071] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 89.245617][ T5071] CPU: 1 PID: 5071 Comm: syz-executor365 Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0
[ 89.261287][ T5071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 89.276226][ T5071] Call Trace:
[ 89.281463][ T5071]
[ 89.286053][ T5071] dump_stack_lvl+0x1e7/0x2e0
[ 89.293095][ T5071] ? __pfx_dump_stack_lvl+0x10/0x10
[ 89.301733][ T5071] ? __pfx__printk+0x10/0x10
[ 89.309065][ T5071] ? vscnprintf+0x5d/0x90
[ 89.315261][ T5071] panic+0x349/0x860
[ 89.324609][ T5071] ? __warn+0x172/0x4b0
[ 89.330075][ T5071] ? __pfx_panic+0x10/0x10
[ 89.337085][ T5071] __warn+0x31e/0x4b0
[ 89.346267][ T5071] ? refcount_warn_saturate+0xfa/0x1d0
[ 89.352490][ T5071] report_bug+0x2b3/0x500
[ 89.358370][ T5071] ? refcount_warn_saturate+0xfa/0x1d0
[ 89.366106][ T5071] handle_bug+0x3e/0x70
[ 89.371240][ T5071] exc_invalid_op+0x1a/0x50
[ 89.379137][ T5071] asm_exc_invalid_op+0x1a/0x20
[ 89.386402][ T5071] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 89.393161][ T5071] Code: b2 00 00 00 e8 a7 71 f0 fc 5b 5d c3 cc cc cc cc e8 9b 71 f0 fc c6 05 df cf cc 0a 01 90 48 c7 c7 a0 74 fe 8b e8 97 4a b3 fc 90 <0f> 0b 90 90 eb d9 e8 7b 71 f0 fc c6 05 bc cf cc 0a 01 90 48 c7 c7
[ 89.418861][ T5071] RSP: 0018:ffffc900043b79c8 EFLAGS: 00010246
[ 89.426914][ T5071] RAX: f1eb1a7dba888a00 RBX: ffff888029f34664 RCX: ffff88807982bc00
[ 89.437832][ T5071] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 89.449884][ T5071] RBP: 0000000000000004 R08: ffffffff8157cc12 R09: 1ffff92000876e8c
[ 89.461409][ T5071] R10: dffffc0000000000 R11: fffff52000876e8d R12: ffff888029f34620
[ 89.473959][ T5071] R13: 0000000000000000 R14: ffff888029f34664 R15: dffffc0000000000
[ 89.487463][ T5071] ? __warn_printk+0x292/0x360
[ 89.492505][ T5071] ? refcount_warn_saturate+0xf9/0x1d0
[ 89.499337][ T5071] ref_tracker_free+0x6af/0x7e0
[ 89.504894][ T5071] ? __pfx_ref_tracker_free+0x10/0x10
[ 89.510962][ T5071] ax25_release+0x368/0x950
[ 89.516937][ T5071] sock_close+0xbc/0x240
[ 89.522741][ T5071] ? __pfx_sock_close+0x10/0x10
[ 89.527961][ T5071] __fput+0x429/0x8a0
[ 89.532020][ T5071] task_work_run+0x24f/0x310
[ 89.536970][ T5071] ? __pfx_task_work_run+0x10/0x10
[ 89.542664][ T5071] ? switch_task_namespaces+0xe1/0x110
[ 89.548830][ T5071] do_exit+0xa1b/0x27e0
[ 89.553252][ T5071] ? __pfx_do_exit+0x10/0x10
[ 89.558269][ T5071] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 89.564561][ T5071] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 89.571994][ T5071] ? _raw_spin_unlock_irq+0x23/0x50
[ 89.577680][ T5071] ? lockdep_hardirqs_on+0x99/0x150
[ 89.585044][ T5071] do_group_exit+0x207/0x2c0
[ 89.591624][ T5071] __x64_sys_exit_group+0x3f/0x40
[ 89.603007][ T5071] do_syscall_64+0xfb/0x240
[ 89.611485][ T5071] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 89.622304][ T5071] RIP: 0033:0x7f55b4a07e39
[ 89.629001][ T5071] Code: Unable to access opcode bytes at 0x7f55b4a07e0f.
[ 89.636989][ T5071] RSP: 002b:00007fffaefc8498 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 89.646713][ T5071] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f55b4a07e39
[ 89.655288][ T5071] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 89.663920][ T5071] RBP: 00007f55b4a82290 R08: ffffffffffffffb8 R09: 00007fffaefc86b8
[ 89.672329][ T5071] R10: 00000000200002c0 R11: 0000000000000246 R12: 00007f55b4a82290
[ 89.680907][ T5071] R13: 0000000000000000 R14: 00007f55b4a82ce0 R15: 00007f55b49d9c00
[ 89.689378][ T5071]
[ 89.692830][ T5071] Kernel Offset: disabled
[ 89.698783][ T5071] Rebooting in 86400 seconds..