Warning: Permanently added '[localhost]:16642' (ECDSA) to the list of known hosts. 2025/08/29 09:40:17 fuzzer started 2025/08/29 09:40:18 dialing manager at localhost:43077 syzkaller login: [ 50.396925] cgroup: Unknown subsys name 'net' [ 50.455282] cgroup: Unknown subsys name 'cpuset' [ 50.477840] cgroup: Unknown subsys name 'rlimit' 2025/08/29 09:40:27 syscalls: 2214 2025/08/29 09:40:27 code coverage: enabled 2025/08/29 09:40:27 comparison tracing: enabled 2025/08/29 09:40:27 extra coverage: enabled 2025/08/29 09:40:27 setuid sandbox: enabled 2025/08/29 09:40:27 namespace sandbox: enabled 2025/08/29 09:40:27 Android sandbox: enabled 2025/08/29 09:40:27 fault injection: enabled 2025/08/29 09:40:27 leak checking: enabled 2025/08/29 09:40:27 net packet injection: enabled 2025/08/29 09:40:27 net device setup: enabled 2025/08/29 09:40:27 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 09:40:27 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 09:40:27 USB emulation: enabled 2025/08/29 09:40:27 hci packet injection: enabled 2025/08/29 09:40:27 wifi device emulation: enabled 2025/08/29 09:40:27 802.15.4 emulation: enabled 2025/08/29 09:40:27 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 09:40:27 fetching corpus: 50, signal 20137/23602 (executing program) 2025/08/29 09:40:28 fetching corpus: 100, signal 33702/38389 (executing program) 2025/08/29 09:40:28 fetching corpus: 150, signal 42642/48408 (executing program) 2025/08/29 09:40:28 fetching corpus: 200, signal 49485/56276 (executing program) 2025/08/29 09:40:28 fetching corpus: 250, signal 52716/60609 (executing program) 2025/08/29 09:40:28 fetching corpus: 300, signal 59976/68534 (executing program) 2025/08/29 09:40:28 fetching corpus: 350, signal 64605/73909 (executing program) 2025/08/29 09:40:28 fetching corpus: 400, signal 67408/77502 (executing program) 2025/08/29 09:40:28 fetching corpus: 450, signal 72221/82863 (executing program) 2025/08/29 09:40:28 fetching corpus: 500, signal 75805/86987 (executing program) 2025/08/29 09:40:29 fetching corpus: 550, signal 78294/90062 (executing program) 2025/08/29 09:40:29 fetching corpus: 600, signal 80643/93033 (executing program) 2025/08/29 09:40:29 fetching corpus: 650, signal 82382/95391 (executing program) 2025/08/29 09:40:29 fetching corpus: 700, signal 84010/97616 (executing program) 2025/08/29 09:40:29 fetching corpus: 750, signal 85246/99547 (executing program) 2025/08/29 09:40:29 fetching corpus: 800, signal 87807/102429 (executing program) 2025/08/29 09:40:29 fetching corpus: 850, signal 89728/104772 (executing program) 2025/08/29 09:40:29 fetching corpus: 900, signal 92580/107814 (executing program) 2025/08/29 09:40:30 fetching corpus: 950, signal 93585/109379 (executing program) 2025/08/29 09:40:30 fetching corpus: 1000, signal 95958/111891 (executing program) 2025/08/29 09:40:30 fetching corpus: 1050, signal 97024/113459 (executing program) 2025/08/29 09:40:30 fetching corpus: 1100, signal 100307/116416 (executing program) 2025/08/29 09:40:30 fetching corpus: 1150, signal 101811/118177 (executing program) 2025/08/29 09:40:30 fetching corpus: 1200, signal 103071/119728 (executing program) 2025/08/29 09:40:30 fetching corpus: 1250, signal 105505/122033 (executing program) 2025/08/29 09:40:30 fetching corpus: 1300, signal 107137/123759 (executing program) 2025/08/29 09:40:30 fetching corpus: 1350, signal 108221/125034 (executing program) 2025/08/29 09:40:31 fetching corpus: 1400, signal 109686/126556 (executing program) 2025/08/29 09:40:31 fetching corpus: 1450, signal 111512/128241 (executing program) 2025/08/29 09:40:31 fetching corpus: 1500, signal 112871/129653 (executing program) 2025/08/29 09:40:31 fetching corpus: 1550, signal 113663/130706 (executing program) 2025/08/29 09:40:31 fetching corpus: 1600, signal 114481/131730 (executing program) 2025/08/29 09:40:31 fetching corpus: 1650, signal 116652/133650 (executing program) 2025/08/29 09:40:31 fetching corpus: 1700, signal 118419/135280 (executing program) 2025/08/29 09:40:31 fetching corpus: 1750, signal 119410/136296 (executing program) 2025/08/29 09:40:31 fetching corpus: 1800, signal 119970/137030 (executing program) 2025/08/29 09:40:31 fetching corpus: 1850, signal 121237/138193 (executing program) 2025/08/29 09:40:32 fetching corpus: 1900, signal 122013/139052 (executing program) 2025/08/29 09:40:32 fetching corpus: 1950, signal 122563/139789 (executing program) 2025/08/29 09:40:32 fetching corpus: 2000, signal 123889/140890 (executing program) 2025/08/29 09:40:32 fetching corpus: 2050, signal 125110/141905 (executing program) 2025/08/29 09:40:32 fetching corpus: 2100, signal 125942/142721 (executing program) 2025/08/29 09:40:32 fetching corpus: 2150, signal 127040/143549 (executing program) 2025/08/29 09:40:32 fetching corpus: 2200, signal 127716/144243 (executing program) 2025/08/29 09:40:32 fetching corpus: 2250, signal 128705/145017 (executing program) 2025/08/29 09:40:32 fetching corpus: 2300, signal 129511/145715 (executing program) 2025/08/29 09:40:32 fetching corpus: 2350, signal 130135/146313 (executing program) 2025/08/29 09:40:32 fetching corpus: 2400, signal 130651/146854 (executing program) 2025/08/29 09:40:33 fetching corpus: 2450, signal 131347/147472 (executing program) 2025/08/29 09:40:33 fetching corpus: 2500, signal 131951/148026 (executing program) 2025/08/29 09:40:33 fetching corpus: 2550, signal 132549/148540 (executing program) 2025/08/29 09:40:33 fetching corpus: 2600, signal 132970/148990 (executing program) 2025/08/29 09:40:33 fetching corpus: 2650, signal 133988/149593 (executing program) 2025/08/29 09:40:33 fetching corpus: 2700, signal 135345/150279 (executing program) 2025/08/29 09:40:33 fetching corpus: 2750, signal 136426/150834 (executing program) 2025/08/29 09:40:33 fetching corpus: 2800, signal 137282/151319 (executing program) 2025/08/29 09:40:33 fetching corpus: 2850, signal 138232/151875 (executing program) 2025/08/29 09:40:33 fetching corpus: 2900, signal 139071/152361 (executing program) 2025/08/29 09:40:34 fetching corpus: 2950, signal 139495/152708 (executing program) 2025/08/29 09:40:34 fetching corpus: 3000, signal 140138/153055 (executing program) 2025/08/29 09:40:34 fetching corpus: 3050, signal 140642/153370 (executing program) 2025/08/29 09:40:34 fetching corpus: 3100, signal 141598/153731 (executing program) 2025/08/29 09:40:34 fetching corpus: 3150, signal 142136/154027 (executing program) 2025/08/29 09:40:34 fetching corpus: 3200, signal 142759/154335 (executing program) 2025/08/29 09:40:34 fetching corpus: 3250, signal 143309/154594 (executing program) 2025/08/29 09:40:34 fetching corpus: 3300, signal 143942/154830 (executing program) 2025/08/29 09:40:34 fetching corpus: 3350, signal 144333/155031 (executing program) 2025/08/29 09:40:34 fetching corpus: 3400, signal 144818/155251 (executing program) 2025/08/29 09:40:34 fetching corpus: 3450, signal 145598/155507 (executing program) 2025/08/29 09:40:35 fetching corpus: 3500, signal 146060/155657 (executing program) 2025/08/29 09:40:35 fetching corpus: 3550, signal 146744/155851 (executing program) 2025/08/29 09:40:35 fetching corpus: 3600, signal 147227/156064 (executing program) 2025/08/29 09:40:35 fetching corpus: 3650, signal 147805/156223 (executing program) 2025/08/29 09:40:35 fetching corpus: 3700, signal 148351/156347 (executing program) 2025/08/29 09:40:35 fetching corpus: 3750, signal 149179/156538 (executing program) 2025/08/29 09:40:35 fetching corpus: 3800, signal 149875/156540 (executing program) 2025/08/29 09:40:35 fetching corpus: 3850, signal 150470/156555 (executing program) 2025/08/29 09:40:35 fetching corpus: 3900, signal 151028/156555 (executing program) 2025/08/29 09:40:36 fetching corpus: 3950, signal 151503/156572 (executing program) 2025/08/29 09:40:36 fetching corpus: 4000, signal 152016/156579 (executing program) 2025/08/29 09:40:36 fetching corpus: 4050, signal 152462/156594 (executing program) 2025/08/29 09:40:36 fetching corpus: 4100, signal 153021/156607 (executing program) 2025/08/29 09:40:36 fetching corpus: 4150, signal 153542/156623 (executing program) 2025/08/29 09:40:36 fetching corpus: 4200, signal 153943/156634 (executing program) 2025/08/29 09:40:36 fetching corpus: 4250, signal 154357/156669 (executing program) 2025/08/29 09:40:36 fetching corpus: 4263, signal 154505/156687 (executing program) 2025/08/29 09:40:36 fetching corpus: 4263, signal 154505/156687 (executing program) 2025/08/29 09:40:38 starting 8 fuzzer processes 09:40:38 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@empty}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14) close(r0) 09:40:38 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x14, 0x0, 0x0, 0x0, 0x0, {0x25}}, 0x14}}, 0x0) 09:40:38 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 09:40:38 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000240), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x14, &(0x7f0000000300), 0x31) 09:40:38 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}}}, 0x6) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}}}, 0x9) 09:40:38 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r2, 0x1, 0x6, @multicast}, 0x10) 09:40:38 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001580), 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x40045402, 0x0) [ 70.654724] audit: type=1400 audit(1756460438.617:7): avc: denied { execmem } for pid=271 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:40:38 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlockall(0x5) [ 71.909399] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.911525] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.914196] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.915737] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.917701] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.919181] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.926470] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.927796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.930356] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.936039] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.964945] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.975213] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.977184] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.983090] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.985327] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.991159] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.993163] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.994773] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.997272] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.998928] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.000126] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.002174] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.003688] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.006545] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.007368] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.009208] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.011236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.013129] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.013440] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.017426] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.019923] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.021581] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.022742] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.025691] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.028170] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.034303] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.046020] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.048725] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.064963] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.068639] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.001931] Bluetooth: hci1: command tx timeout [ 74.002497] Bluetooth: hci0: command tx timeout [ 74.064177] Bluetooth: hci4: command tx timeout [ 74.064311] Bluetooth: hci2: command tx timeout [ 74.128051] Bluetooth: hci3: command tx timeout [ 74.128100] Bluetooth: hci5: command tx timeout [ 74.129144] Bluetooth: hci7: command tx timeout [ 74.129837] Bluetooth: hci6: command tx timeout [ 76.048086] Bluetooth: hci0: command tx timeout [ 76.048546] Bluetooth: hci1: command tx timeout [ 76.111964] Bluetooth: hci2: command tx timeout [ 76.113370] Bluetooth: hci4: command tx timeout [ 76.176930] Bluetooth: hci5: command tx timeout [ 76.177357] Bluetooth: hci7: command tx timeout [ 76.177733] Bluetooth: hci6: command tx timeout [ 76.178807] Bluetooth: hci3: command tx timeout [ 78.096011] Bluetooth: hci1: command tx timeout [ 78.096483] Bluetooth: hci0: command tx timeout [ 78.160277] Bluetooth: hci4: command tx timeout [ 78.160703] Bluetooth: hci2: command tx timeout [ 78.223972] Bluetooth: hci3: command tx timeout [ 78.224394] Bluetooth: hci6: command tx timeout [ 78.224779] Bluetooth: hci7: command tx timeout [ 78.225197] Bluetooth: hci5: command tx timeout [ 80.145087] Bluetooth: hci0: command tx timeout [ 80.145535] Bluetooth: hci1: command tx timeout [ 80.207935] Bluetooth: hci2: command tx timeout [ 80.207980] Bluetooth: hci4: command tx timeout [ 80.271976] Bluetooth: hci5: command tx timeout [ 80.272403] Bluetooth: hci7: command tx timeout [ 80.272787] Bluetooth: hci6: command tx timeout [ 80.273448] Bluetooth: hci3: command tx timeout [ 107.447038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.447693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.649856] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.650494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:41:16 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x14, 0x0, 0x0, 0x0, 0x0, {0x25}}, 0x14}}, 0x0) 09:41:16 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x14, 0x0, 0x0, 0x0, 0x0, {0x25}}, 0x14}}, 0x0) 09:41:16 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x14, 0x0, 0x0, 0x0, 0x0, {0x25}}, 0x14}}, 0x0) [ 108.887101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.887721] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:41:16 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) [ 108.997429] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.998058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.028955] capability: warning: `syz-executor.7' uses deprecated v2 capabilities in a way that may be insecure [ 109.058724] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.059773] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.106960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.107604] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:41:17 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) [ 109.159212] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.159848] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:41:17 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:17 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) [ 109.359590] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.360706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:41:17 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) [ 109.410114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.410721] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.487457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.488099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.547524] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.548239] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.644671] audit: type=1400 audit(1756460477.605:8): avc: denied { open } for pid=3897 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 109.650280] audit: type=1400 audit(1756460477.606:9): avc: denied { kernel } for pid=3897 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 109.650290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.653481] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.709057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.709669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.737090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.738105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.775134] mac80211_hwsim hwsim12 wlan1: entered promiscuous mode [ 109.776500] mac80211_hwsim hwsim12 wlan1: left promiscuous mode [ 109.814350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.814946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.815173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.815760] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.819117] mac80211_hwsim hwsim12 wlan1: entered promiscuous mode [ 109.820336] mac80211_hwsim hwsim12 wlan1: left promiscuous mode [ 109.993477] sock: sock_set_timeout: `syz-executor.2' (pid 3911) tries to set negative timeout [ 109.999042] sock: sock_set_timeout: `syz-executor.2' (pid 3914) tries to set negative timeout 09:41:18 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}}}, 0x6) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}}}, 0x9) 09:41:18 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@empty}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14) close(r0) 09:41:18 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 09:41:18 executing program 4: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000240), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x14, &(0x7f0000000300), 0x31) 09:41:18 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlockall(0x5) [ 110.181823] sock: sock_set_timeout: `syz-executor.2' (pid 3927) tries to set negative timeout 09:41:18 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@empty}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14) close(r0) 09:41:18 executing program 4: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000240), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x14, &(0x7f0000000300), 0x31) [ 110.286405] sock: sock_set_timeout: `syz-executor.2' (pid 3937) tries to set negative timeout 09:41:18 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}}}, 0x6) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}}}, 0x9) 09:41:18 executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000001b00)) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 09:41:18 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@empty}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14) close(r0) 09:41:18 executing program 4: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)=ANY=[@ANYBLOB="010059900100000018000000", @ANYRES32=r0, @ANYBLOB="0000100000000000f29c0000"]) r1 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) r2 = gettid() capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f0000000000)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001) dup2(r4, r3) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) lseek(r5, 0x331d, 0x0) 09:41:18 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000240), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x14, &(0x7f0000000300), 0x31) 09:41:18 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlockall(0x5) 09:41:18 executing program 7: r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0) [ 110.386735] sock: sock_set_timeout: `syz-executor.2' (pid 3950) tries to set negative timeout [ 110.405497] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 110.406405] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 110.407095] CPU: 1 UID: 0 PID: 3954 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 110.408548] Tainted: [W]=WARN [ 110.409236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 110.411150] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.412201] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.416506] RSP: 0018:ffff888046e87800 EFLAGS: 00010212 [ 110.417711] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000b43b000 [ 110.418272] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 110.418834] RBP: ffff888046e87a70 R08: ffff88806cf31340 R09: ffffe8ffffd166f8 [ 110.419394] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 110.419953] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 110.420518] FS: 00007f227007f700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 110.421151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.421624] CR2: 00007fce819c6f64 CR3: 0000000016b22000 CR4: 0000000000350ef0 [ 110.422190] Call Trace: [ 110.422400] [ 110.422582] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150 [ 110.423072] ? perf_trace_lock_acquire+0xc9/0x700 [ 110.423470] ? __pfx_perf_tp_event+0x10/0x10 [ 110.423832] ? ctx_sched_in+0x134/0x9b0 [ 110.424154] ? perf_trace_lock_acquire+0xc9/0x700 [ 110.424544] ? __lock_acquire+0xc65/0x1b70 [ 110.424890] ? lock_acquire+0x15e/0x2f0 [ 110.425211] ? find_held_lock+0x2b/0x80 [ 110.425542] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.425951] ? finish_task_switch.isra.0+0x206/0x840 [ 110.426361] perf_trace_run_bpf_submit+0xef/0x180 [ 110.426757] perf_trace_lock_acquire+0x3c2/0x700 [ 110.427146] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 110.427575] ? futex_ref_get+0x48/0x300 [ 110.427898] ? find_held_lock+0x2b/0x80 [ 110.428229] lock_acquire+0xc5/0x2f0 [ 110.428532] ? futex_wake+0x228/0x540 [ 110.428847] _raw_spin_lock+0x2b/0x40 [ 110.429158] ? futex_wake+0x228/0x540 [ 110.429468] futex_wake+0x228/0x540 [ 110.429776] ? __pfx_futex_wake+0x10/0x10 [ 110.430117] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 110.430523] ? lock_release+0xc8/0x290 [ 110.430842] do_futex+0x26d/0x370 [ 110.431130] ? __pfx_do_futex+0x10/0x10 [ 110.431455] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 110.431879] ? __pfx___schedule+0x10/0x10 [ 110.432216] __x64_sys_futex+0x1c9/0x4d0 [ 110.432546] ? __pfx___x64_sys_futex+0x10/0x10 [ 110.432917] ? lock_mm_and_find_vma+0xaa/0x6f0 [ 110.433285] ? xfd_validate_state+0x55/0x180 [ 110.433659] do_syscall_64+0xbf/0x360 [ 110.433968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.434379] RIP: 0033:0x7f2272b09b19 [ 110.434675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.436102] RSP: 002b:00007f227007f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 110.436700] RAX: ffffffffffffffda RBX: 00007f2272c1cf68 RCX: 00007f2272b09b19 [ 110.437261] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2272c1cf6c [ 110.437826] RBP: 00007f2272c1cf60 R08: 000000000000000e R09: 0000000000000000 [ 110.438387] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f2272c1cf6c [ 110.438945] R13: 00007ffe9d3d577f R14: 00007f227007f300 R15: 0000000000022000 [ 110.439517] [ 110.439707] Modules linked in: [ 110.439998] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 110.440865] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 110.441542] CPU: 1 UID: 0 PID: 3954 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 110.442483] Tainted: [D]=DIE, [W]=WARN [ 110.442788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 110.443431] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.443807] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.445225] RSP: 0018:ffff88806cf08a40 EFLAGS: 00010012 [ 110.445652] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 110.446209] RDX: ffff888018349b80 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 110.446764] RBP: ffff88806cf08cb0 R08: ffff88806cf31490 R09: ffffe8ffffd166f8 [ 110.447319] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 110.447876] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000 [ 110.448433] FS: 00007f227007f700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 110.449063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.449521] CR2: 00007fce819c6f64 CR3: 0000000016b22000 CR4: 0000000000350ef0 [ 110.450090] Call Trace: [ 110.450297] [ 110.450473] ? __kernel_text_address+0xd/0x40 [ 110.450843] ? __pfx_perf_tp_event+0x10/0x10 [ 110.451203] ? stack_trace_save+0x8e/0xc0 [ 110.451536] ? stack_depot_save_flags+0x2c/0xa20 [ 110.451915] ? stack_depot_save_flags+0x2c/0xa20 [ 110.452293] ? kasan_save_stack+0x34/0x50 [ 110.452627] ? kasan_save_stack+0x24/0x50 [ 110.452959] ? kasan_save_track+0x14/0x30 [ 110.453289] ? __kasan_save_free_info+0x3a/0x60 [ 110.453666] ? __kasan_slab_free+0x3f/0x50 [ 110.454002] ? kmem_cache_free+0x2a1/0x540 [ 110.454340] ? rcu_core+0x7c8/0x1800 [ 110.454639] ? handle_softirqs+0x1b1/0x770 [ 110.454982] ? __irq_exit_rcu+0xc4/0x100 [ 110.455310] ? irq_exit_rcu+0x9/0x20 [ 110.455606] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 110.456015] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 110.456440] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 110.456818] ? __tlb_remove_folio_pages_size.constprop.0+0x5a/0x560 [ 110.457323] ? unmap_page_range+0xe86/0x36d0 [ 110.457686] ? unmap_single_vma.constprop.0+0x153/0x230 [ 110.458111] ? unmap_vmas+0x1d6/0x430 [ 110.458416] ? exit_mmap+0x181/0xaa0 [ 110.458717] ? mmput+0xd5/0x390 [ 110.458993] ? do_exit+0x79d/0x2970 [ 110.459289] ? do_group_exit+0xd3/0x2a0 [ 110.459608] ? __x64_sys_exit_group+0x3e/0x50 [ 110.459971] ? x64_sys_call+0x18c5/0x18d0 [ 110.460302] ? do_syscall_64+0xbf/0x360 [ 110.460617] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.461045] ? x64_sys_call+0x18c5/0x18d0 [ 110.461381] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.461786] perf_trace_run_bpf_submit+0xef/0x180 [ 110.462181] perf_trace_lock_acquire+0x3c2/0x700 [ 110.462545] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 110.462937] ? __resched_curr+0x2a2/0x330 [ 110.463257] lock_acquire+0xc5/0x2f0 [ 110.463543] ? sched_ttwu_pending+0xa1/0x4a0 [ 110.463879] ? sched_ttwu_pending+0x2e0/0x4a0 [ 110.464219] ? lock_release+0xc8/0x290 [ 110.464518] _raw_spin_lock_nested+0x29/0x40 [ 110.464851] ? sched_ttwu_pending+0xa1/0x4a0 [ 110.465186] sched_ttwu_pending+0xa1/0x4a0 [ 110.465508] ? __pfx_sched_ttwu_pending+0x10/0x10 [ 110.465881] ? __pfx_native_flush_tlb_global+0x10/0x10 [ 110.466272] ? mark_held_locks+0x49/0x80 [ 110.466580] __flush_smp_call_function_queue+0x434/0x740 [ 110.466992] __sysvec_call_function_single+0x6d/0x370 [ 110.467383] sysvec_call_function_single+0xa1/0xc0 [ 110.467752] [ 110.467924] [ 110.468097] asm_sysvec_call_function_single+0x1a/0x20 [ 110.468484] RIP: 0010:oops_exit+0x0/0x50 [ 110.468791] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27 [ 110.470122] RSP: 0018:ffff888046e87690 EFLAGS: 00000202 [ 110.470513] RAX: 000000000002a2db RBX: 0000000000000216 RCX: ffffc9000b43b000 [ 110.471034] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007 [ 110.471553] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90 [ 110.472075] R10: 0000000000000000 R11: 000000000000002c R12: ffff888046e87758 [ 110.472599] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 110.473125] ? oops_end+0x4a/0xe0 [ 110.473396] oops_end+0x65/0xe0 [ 110.473660] exc_general_protection+0x1a2/0x330 [ 110.474015] asm_exc_general_protection+0x26/0x30 [ 110.474372] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.474720] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.476038] RSP: 0018:ffff888046e87800 EFLAGS: 00010212 [ 110.476428] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000b43b000 [ 110.476949] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 110.477467] RBP: ffff888046e87a70 R08: ffff88806cf31340 R09: ffffe8ffffd166f8 [ 110.477994] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 110.478513] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 110.479039] ? perf_tp_event+0x167/0xe70 [ 110.479348] ? visit_groups_merge.constprop.0.isra.0+0x6e7/0x1150 [ 110.479803] ? perf_trace_lock_acquire+0xc9/0x700 [ 110.480167] ? __pfx_perf_tp_event+0x10/0x10 [ 110.480503] ? ctx_sched_in+0x134/0x9b0 [ 110.480804] ? perf_trace_lock_acquire+0xc9/0x700 [ 110.481172] ? __lock_acquire+0xc65/0x1b70 [ 110.481494] ? lock_acquire+0x15e/0x2f0 [ 110.481800] ? find_held_lock+0x2b/0x80 [ 110.482109] ? perf_trace_run_bpf_submit+0xef/0x180 [ 110.482483] ? finish_task_switch.isra.0+0x206/0x840 [ 110.482864] perf_trace_run_bpf_submit+0xef/0x180 [ 110.483231] perf_trace_lock_acquire+0x3c2/0x700 [ 110.483593] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 110.483986] ? futex_ref_get+0x48/0x300 [ 110.484283] ? find_held_lock+0x2b/0x80 [ 110.484587] lock_acquire+0xc5/0x2f0 [ 110.484870] ? futex_wake+0x228/0x540 [ 110.485164] _raw_spin_lock+0x2b/0x40 [ 110.485452] ? futex_wake+0x228/0x540 [ 110.485751] futex_wake+0x228/0x540 [ 110.486031] ? __pfx_futex_wake+0x10/0x10 [ 110.486346] ? __do_sys_perf_event_open+0x44d/0x2c20 [ 110.486723] ? lock_release+0xc8/0x290 [ 110.487019] do_futex+0x26d/0x370 [ 110.487284] ? __pfx_do_futex+0x10/0x10 [ 110.487583] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 110.487979] ? __pfx___schedule+0x10/0x10 [ 110.488296] __x64_sys_futex+0x1c9/0x4d0 [ 110.488606] ? __pfx___x64_sys_futex+0x10/0x10 [ 110.488948] ? lock_mm_and_find_vma+0xaa/0x6f0 [ 110.489289] ? xfd_validate_state+0x55/0x180 [ 110.489634] do_syscall_64+0xbf/0x360 [ 110.489925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.490310] RIP: 0033:0x7f2272b09b19 [ 110.490587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.491909] RSP: 002b:00007f227007f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 110.492466] RAX: ffffffffffffffda RBX: 00007f2272c1cf68 RCX: 00007f2272b09b19 [ 110.492986] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2272c1cf6c [ 110.493504] RBP: 00007f2272c1cf60 R08: 000000000000000e R09: 0000000000000000 [ 110.494034] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f2272c1cf6c [ 110.494553] R13: 00007ffe9d3d577f R14: 00007f227007f300 R15: 0000000000022000 [ 110.495081] [ 110.495257] Modules linked in: [ 110.495500] ---[ end trace 0000000000000000 ]--- [ 110.495845] RIP: 0010:perf_tp_event+0x175/0xe70 [ 110.496201] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 110.497516] RSP: 0018:ffff888046e87800 EFLAGS: 00010212 [ 110.497956] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: ffffc9000b43b000 [ 110.498475] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000100000190 [ 110.498994] RBP: ffff888046e87a70 R08: ffff88806cf31340 R09: ffffe8ffffd166f8 [ 110.499512] R10: 0000000000000000 R11: 0000000000000024 R12: dffffc0000000000 [ 110.500032] R13: 0000000000000024 R14: ffff88806cf31340 R15: dffffc0000000000 [ 110.500557] FS: 00007f227007f700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 110.501144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.501570] CR2: 00007fce819c6f64 CR3: 0000000016b22000 CR4: 0000000000350ef0 [ 110.502101] Kernel panic - not syncing: Fatal exception in interrupt [ 110.502647] Kernel Offset: disabled [ 110.502917] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 09:41:18 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806cf3c300 RCX=ffffffff816880fc RDX=ffff8880095d9b80 RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff8880095ef8a8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1 R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe5800000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2d426000 CR3=0000000009cb4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffff812c7c6affffffff812bfd37 XMM01=ffffffff812c7c6affffffff812bfd37 XMM02=00000000000000000000000000000000 XMM03=ffffffff812c835effffffff812c82b4 XMM04=ffffffff8175383cffffffff81753820 XMM05=ffffffff8175380affffffff817537e2 XMM06=ffffffff817537a3ffffffff81751c9b XMM07=ffffffff81751b43ffffffff81751a04 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888046e87170 R8 =0000000000000000 R9 =ffffed100175e046 R10=000000000000003a R11=000000000000002c R12=000000000000003a R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f227007f700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe4400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fce819c6f64 CR3=0000000016b22000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000