Warning: Permanently added '[localhost]:19424' (ECDSA) to the list of known hosts.
2025/08/29 08:54:01 fuzzer started
2025/08/29 08:54:01 dialing manager at localhost:43077
syzkaller login: [ 50.722647] cgroup: Unknown subsys name 'net'
[ 50.781140] cgroup: Unknown subsys name 'cpuset'
[ 50.792472] cgroup: Unknown subsys name 'rlimit'
2025/08/29 08:54:12 syscalls: 2214
2025/08/29 08:54:12 code coverage: enabled
2025/08/29 08:54:12 comparison tracing: enabled
2025/08/29 08:54:12 extra coverage: enabled
2025/08/29 08:54:12 setuid sandbox: enabled
2025/08/29 08:54:12 namespace sandbox: enabled
2025/08/29 08:54:12 Android sandbox: enabled
2025/08/29 08:54:12 fault injection: enabled
2025/08/29 08:54:12 leak checking: enabled
2025/08/29 08:54:12 net packet injection: enabled
2025/08/29 08:54:12 net device setup: enabled
2025/08/29 08:54:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 08:54:12 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 08:54:12 USB emulation: enabled
2025/08/29 08:54:12 hci packet injection: enabled
2025/08/29 08:54:12 wifi device emulation: enabled
2025/08/29 08:54:12 802.15.4 emulation: enabled
2025/08/29 08:54:12 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 08:54:12 fetching corpus: 50, signal 24251/27527 (executing program)
2025/08/29 08:54:12 fetching corpus: 100, signal 37160/41362 (executing program)
2025/08/29 08:54:12 fetching corpus: 150, signal 45594/50573 (executing program)
2025/08/29 08:54:12 fetching corpus: 200, signal 53806/59341 (executing program)
2025/08/29 08:54:12 fetching corpus: 250, signal 59601/65671 (executing program)
2025/08/29 08:54:13 fetching corpus: 300, signal 63925/70526 (executing program)
2025/08/29 08:54:13 fetching corpus: 350, signal 67539/74604 (executing program)
2025/08/29 08:54:13 fetching corpus: 400, signal 70947/78389 (executing program)
2025/08/29 08:54:13 fetching corpus: 450, signal 73816/81617 (executing program)
2025/08/29 08:54:13 fetching corpus: 500, signal 77904/85828 (executing program)
2025/08/29 08:54:13 fetching corpus: 550, signal 81649/89618 (executing program)
2025/08/29 08:54:13 fetching corpus: 600, signal 84903/92840 (executing program)
2025/08/29 08:54:13 fetching corpus: 650, signal 87179/95220 (executing program)
2025/08/29 08:54:14 fetching corpus: 700, signal 89381/97394 (executing program)
2025/08/29 08:54:14 fetching corpus: 750, signal 91334/99344 (executing program)
2025/08/29 08:54:14 fetching corpus: 800, signal 92602/100755 (executing program)
2025/08/29 08:54:14 fetching corpus: 850, signal 94767/102783 (executing program)
2025/08/29 08:54:14 fetching corpus: 900, signal 96224/104218 (executing program)
2025/08/29 08:54:14 fetching corpus: 950, signal 98655/106344 (executing program)
2025/08/29 08:54:14 fetching corpus: 1000, signal 100139/107723 (executing program)
2025/08/29 08:54:15 fetching corpus: 1050, signal 102440/109494 (executing program)
2025/08/29 08:54:15 fetching corpus: 1100, signal 104164/110883 (executing program)
2025/08/29 08:54:15 fetching corpus: 1150, signal 105569/112150 (executing program)
2025/08/29 08:54:15 fetching corpus: 1200, signal 106415/112966 (executing program)
2025/08/29 08:54:15 fetching corpus: 1250, signal 107515/113917 (executing program)
2025/08/29 08:54:15 fetching corpus: 1300, signal 108444/114717 (executing program)
2025/08/29 08:54:15 fetching corpus: 1350, signal 109539/115578 (executing program)
2025/08/29 08:54:15 fetching corpus: 1400, signal 110344/116227 (executing program)
2025/08/29 08:54:15 fetching corpus: 1450, signal 111474/117014 (executing program)
2025/08/29 08:54:16 fetching corpus: 1500, signal 113617/118221 (executing program)
2025/08/29 08:54:16 fetching corpus: 1550, signal 114523/118814 (executing program)
2025/08/29 08:54:16 fetching corpus: 1600, signal 116131/119670 (executing program)
2025/08/29 08:54:16 fetching corpus: 1650, signal 116884/120162 (executing program)
2025/08/29 08:54:16 fetching corpus: 1700, signal 117790/120644 (executing program)
2025/08/29 08:54:16 fetching corpus: 1750, signal 118394/120999 (executing program)
2025/08/29 08:54:16 fetching corpus: 1800, signal 119107/121357 (executing program)
2025/08/29 08:54:16 fetching corpus: 1850, signal 120349/121900 (executing program)
2025/08/29 08:54:16 fetching corpus: 1859, signal 120574/122050 (executing program)
2025/08/29 08:54:16 fetching corpus: 1859, signal 120574/122079 (executing program)
2025/08/29 08:54:16 fetching corpus: 1859, signal 120574/122112 (executing program)
2025/08/29 08:54:16 fetching corpus: 1859, signal 120574/122180 (executing program)
2025/08/29 08:54:16 fetching corpus: 1859, signal 120574/122220 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122263 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122307 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122352 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122389 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122448 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122482 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122514 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122557 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122599 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122631 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122679 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122730 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122775 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122825 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122865 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122905 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122919 (executing program)
2025/08/29 08:54:17 fetching corpus: 1859, signal 120574/122919 (executing program)
2025/08/29 08:54:19 starting 8 fuzzer processes
08:54:19 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="21a34ba2d4212dc711d41f19bd7dc2c8e5aad40b7b72b2b1819725047300000000000000d2a9df628b0658a10bc3a7ba08bf8db56976f8533628b0de8c6c597833370077020ab764748333d8f0e66d1debd758e9d1b39516a92af06fd2bbe3858bb51bd33d2e4b35b2ab21e03e0c1930f476d477fe7917f50d8f932eaa709503bbf716a3e07269025b868529c8f72a4dd82b6c3ee0e5a1e2a2e8b01feb0ecb4569447c366fe69141cd4076c2e4049b67", 0xb0}], 0x1)
08:54:19 executing program 2:
munmap(&(0x7f0000000000/0x2000)=nil, 0x2000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0})
08:54:19 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/224, 0xe0)
08:54:19 executing program 7:
r0 = socket$packet(0x11, 0x3, 0x300)
sendmmsg$sock(r0, &(0x7f0000004b40)=[{{&(0x7f0000000200)=@nfc={0x27, 0x2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)="65479a4a83fc75aa04d98f6e3f1dfd19ea03", 0x5cc}], 0x1}}], 0x1, 0x0)
08:54:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x2})
[ 68.664487] audit: type=1400 audit(1756457659.692:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:54:19 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:54:19 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4a, &(0x7f0000000000), 0x4)
08:54:19 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x6, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x4}}}}}}}, 0x0)
[ 69.808589] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 69.810856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 69.813136] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 69.818388] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 69.820783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 69.938608] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 69.941939] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 69.944047] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 69.947644] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 69.950059] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 70.062611] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 70.069291] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 70.075539] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 70.085907] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 70.093383] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 70.139486] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 70.143533] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 70.145671] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 70.149286] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 70.150825] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 70.152918] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 70.155283] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 70.159614] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 70.161554] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 70.163667] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 70.170405] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 70.171149] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 70.172418] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 70.174713] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 70.175702] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 70.180534] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 70.180564] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 70.183489] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 70.183812] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 70.191051] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 70.197463] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 70.204223] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 70.208789] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 70.209544] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 70.213502] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 71.839390] Bluetooth: hci0: command tx timeout
[ 72.031290] Bluetooth: hci1: command tx timeout
[ 72.162022] Bluetooth: hci2: command tx timeout
[ 72.224167] Bluetooth: hci4: command tx timeout
[ 72.287761] Bluetooth: hci3: command tx timeout
[ 72.288488] Bluetooth: hci5: command tx timeout
[ 72.288943] Bluetooth: hci7: command tx timeout
[ 72.351037] Bluetooth: hci6: command tx timeout
[ 73.887440] Bluetooth: hci0: command tx timeout
[ 74.079062] Bluetooth: hci1: command tx timeout
[ 74.207047] Bluetooth: hci2: command tx timeout
[ 74.271196] Bluetooth: hci4: command tx timeout
[ 74.335038] Bluetooth: hci7: command tx timeout
[ 74.335513] Bluetooth: hci5: command tx timeout
[ 74.335919] Bluetooth: hci3: command tx timeout
[ 74.400019] Bluetooth: hci6: command tx timeout
[ 75.936065] Bluetooth: hci0: command tx timeout
[ 76.127341] Bluetooth: hci1: command tx timeout
[ 76.255993] Bluetooth: hci2: command tx timeout
[ 76.319383] Bluetooth: hci4: command tx timeout
[ 76.383103] Bluetooth: hci7: command tx timeout
[ 76.383187] Bluetooth: hci3: command tx timeout
[ 76.383539] Bluetooth: hci5: command tx timeout
[ 76.448046] Bluetooth: hci6: command tx timeout
[ 77.985038] Bluetooth: hci0: command tx timeout
[ 78.176048] Bluetooth: hci1: command tx timeout
[ 78.303106] Bluetooth: hci2: command tx timeout
[ 78.367203] Bluetooth: hci4: command tx timeout
[ 78.431148] Bluetooth: hci3: command tx timeout
[ 78.431854] Bluetooth: hci5: command tx timeout
[ 78.432621] Bluetooth: hci7: command tx timeout
[ 78.497063] Bluetooth: hci6: command tx timeout
[ 109.358562] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.359548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.542312] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.542920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:01 executing program 7:
r0 = socket$packet(0x11, 0x3, 0x300)
sendmmsg$sock(r0, &(0x7f0000004b40)=[{{&(0x7f0000000200)=@nfc={0x27, 0x2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)="65479a4a83fc75aa04d98f6e3f1dfd19ea03", 0x5cc}], 0x1}}], 0x1, 0x0)
08:55:01 executing program 7:
r0 = socket$packet(0x11, 0x3, 0x300)
sendmmsg$sock(r0, &(0x7f0000004b40)=[{{&(0x7f0000000200)=@nfc={0x27, 0x2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)="65479a4a83fc75aa04d98f6e3f1dfd19ea03", 0x5cc}], 0x1}}], 0x1, 0x0)
08:55:01 executing program 7:
r0 = socket$packet(0x11, 0x3, 0x300)
sendmmsg$sock(r0, &(0x7f0000004b40)=[{{&(0x7f0000000200)=@nfc={0x27, 0x2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)="65479a4a83fc75aa04d98f6e3f1dfd19ea03", 0x5cc}], 0x1}}], 0x1, 0x0)
[ 110.327514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.328237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.424607] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.425511] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:01 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
pread64(r0, &(0x7f0000000180)=""/151, 0x97, 0x8)
[ 110.482364] audit: type=1400 audit(1756457701.509:8): avc: denied { open } for pid=3839 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 110.484465] audit: type=1400 audit(1756457701.510:9): avc: denied { kernel } for pid=3839 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 110.544935] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.545570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:01 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
pread64(r0, &(0x7f0000000180)=""/151, 0x97, 0x8)
[ 110.703336] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.704360] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:01 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
pread64(r0, &(0x7f0000000180)=""/151, 0x97, 0x8)
[ 110.841012] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.841590] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:01 executing program 7:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
pread64(r0, &(0x7f0000000180)=""/151, 0x97, 0x8)
[ 111.015991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.016783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:02 executing program 7:
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000002d00)=[{{&(0x7f0000000080)=@l2tp={0x2, 0x0, @multicast1}, 0x80, 0x0}}, {{&(0x7f0000001740)=@pptp={0x18, 0x2, {0x0, @multicast2}}, 0x80, &(0x7f0000002800)=[{&(0x7f00000017c0)="499e57dd7572b34de9f1f0493ac6910d0fe148c2241005350510976c655320202b69f107cec847717682154ce9f894dd1e544998faca42f96b18d4d74dd15ff19d24e0da09c7a06d4eef3e74923d38a9d579b3e1c42e213f15a9a31f557df5519317777f70d5db224181d95818e89cec874b91a9dc2ca04da4e4aea17a25d7a6", 0x80}], 0x1}}], 0x2, 0x0)
[ 111.189279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.189895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.284037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.284076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.360298] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.360907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.398870] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.399674] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.425371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.426146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.472395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.473646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.529543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.530257] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.566377] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.567217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:55:02 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="21a34ba2d4212dc711d41f19bd7dc2c8e5aad40b7b72b2b1819725047300000000000000d2a9df628b0658a10bc3a7ba08bf8db56976f8533628b0de8c6c597833370077020ab764748333d8f0e66d1debd758e9d1b39516a92af06fd2bbe3858bb51bd33d2e4b35b2ab21e03e0c1930f476d477fe7917f50d8f932eaa709503bbf716a3e07269025b868529c8f72a4dd82b6c3ee0e5a1e2a2e8b01feb0ecb4569447c366fe69141cd4076c2e4049b67", 0xb0}], 0x1)
08:55:02 executing program 7:
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000002d00)=[{{&(0x7f0000000080)=@l2tp={0x2, 0x0, @multicast1}, 0x80, 0x0}}, {{&(0x7f0000001740)=@pptp={0x18, 0x2, {0x0, @multicast2}}, 0x80, &(0x7f0000002800)=[{&(0x7f00000017c0)="499e57dd7572b34de9f1f0493ac6910d0fe148c2241005350510976c655320202b69f107cec847717682154ce9f894dd1e544998faca42f96b18d4d74dd15ff19d24e0da09c7a06d4eef3e74923d38a9d579b3e1c42e213f15a9a31f557df5519317777f70d5db224181d95818e89cec874b91a9dc2ca04da4e4aea17a25d7a6", 0x80}], 0x1}}], 0x2, 0x0)
08:55:02 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x6, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x4}}}}}}}, 0x0)
08:55:02 executing program 2:
munmap(&(0x7f0000000000/0x2000)=nil, 0x2000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0})
08:55:02 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x2})
08:55:02 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4a, &(0x7f0000000000), 0x4)
08:55:02 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:55:02 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/224, 0xe0)
08:55:02 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x6, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x4}}}}}}}, 0x0)
08:55:02 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/224, 0xe0)
08:55:03 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="21a34ba2d4212dc711d41f19bd7dc2c8e5aad40b7b72b2b1819725047300000000000000d2a9df628b0658a10bc3a7ba08bf8db56976f8533628b0de8c6c597833370077020ab764748333d8f0e66d1debd758e9d1b39516a92af06fd2bbe3858bb51bd33d2e4b35b2ab21e03e0c1930f476d477fe7917f50d8f932eaa709503bbf716a3e07269025b868529c8f72a4dd82b6c3ee0e5a1e2a2e8b01feb0ecb4569447c366fe69141cd4076c2e4049b67", 0xb0}], 0x1)
08:55:03 executing program 7:
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000002d00)=[{{&(0x7f0000000080)=@l2tp={0x2, 0x0, @multicast1}, 0x80, 0x0}}, {{&(0x7f0000001740)=@pptp={0x18, 0x2, {0x0, @multicast2}}, 0x80, &(0x7f0000002800)=[{&(0x7f00000017c0)="499e57dd7572b34de9f1f0493ac6910d0fe148c2241005350510976c655320202b69f107cec847717682154ce9f894dd1e544998faca42f96b18d4d74dd15ff19d24e0da09c7a06d4eef3e74923d38a9d579b3e1c42e213f15a9a31f557df5519317777f70d5db224181d95818e89cec874b91a9dc2ca04da4e4aea17a25d7a6", 0x80}], 0x1}}], 0x2, 0x0)
08:55:03 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4a, &(0x7f0000000000), 0x4)
08:55:03 executing program 2:
munmap(&(0x7f0000000000/0x2000)=nil, 0x2000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0})
08:55:03 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/224, 0xe0)
08:55:03 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:55:03 executing program 5:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x14, 0x6, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x4}}}}}}}, 0x0)
08:55:03 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x2})
08:55:03 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4a, &(0x7f0000000000), 0x4)
08:55:03 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:55:03 executing program 2:
munmap(&(0x7f0000000000/0x2000)=nil, 0x2000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0})
08:55:03 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:55:03 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="21a34ba2d4212dc711d41f19bd7dc2c8e5aad40b7b72b2b1819725047300000000000000d2a9df628b0658a10bc3a7ba08bf8db56976f8533628b0de8c6c597833370077020ab764748333d8f0e66d1debd758e9d1b39516a92af06fd2bbe3858bb51bd33d2e4b35b2ab21e03e0c1930f476d477fe7917f50d8f932eaa709503bbf716a3e07269025b868529c8f72a4dd82b6c3ee0e5a1e2a2e8b01feb0ecb4569447c366fe69141cd4076c2e4049b67", 0xb0}], 0x1)
08:55:03 executing program 4:
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='\x00', &(0x7f0000000140), 0x1000)
08:55:03 executing program 7:
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000005, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000002d00)=[{{&(0x7f0000000080)=@l2tp={0x2, 0x0, @multicast1}, 0x80, 0x0}}, {{&(0x7f0000001740)=@pptp={0x18, 0x2, {0x0, @multicast2}}, 0x80, &(0x7f0000002800)=[{&(0x7f00000017c0)="499e57dd7572b34de9f1f0493ac6910d0fe148c2241005350510976c655320202b69f107cec847717682154ce9f894dd1e544998faca42f96b18d4d74dd15ff19d24e0da09c7a06d4eef3e74923d38a9d579b3e1c42e213f15a9a31f557df5519317777f70d5db224181d95818e89cec874b91a9dc2ca04da4e4aea17a25d7a6", 0x80}], 0x1}}], 0x2, 0x0)
08:55:03 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:55:03 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x2})
08:55:03 executing program 2:
ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x3})
08:55:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000100)=[@timestamp={0x3}, @window, @mss, @sack_perm], 0x4)
08:55:03 executing program 5:
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81000080}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
[ 112.416677] kmemleak: Found object by alias at 0x607f1a639c5c
[ 112.416700] CPU: 0 UID: 0 PID: 3966 Comm: syz-executor.1 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 112.416718] Tainted: [W]=WARN
[ 112.416722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.416729] Call Trace:
[ 112.416733]
[ 112.416738] dump_stack_lvl+0xca/0x120
[ 112.416765] __lookup_object+0x94/0xb0
[ 112.416782] delete_object_full+0x27/0x70
[ 112.416798] free_percpu+0x30/0x1160
[ 112.416814] ? arch_uprobe_clear_state+0x16/0x140
[ 112.416834] futex_hash_free+0x38/0xc0
[ 112.416848] mmput+0x2d3/0x390
[ 112.416866] do_exit+0x79d/0x2970
[ 112.416884] ? __pfx_do_exit+0x10/0x10
[ 112.416897] ? find_held_lock+0x2b/0x80
[ 112.416915] ? get_signal+0x835/0x2340
[ 112.416937] do_group_exit+0xd3/0x2a0
[ 112.416958] get_signal+0x2315/0x2340
[ 112.416975] ? put_task_stack+0xd2/0x240
[ 112.416989] ? __pfx_get_signal+0x10/0x10
[ 112.417005] ? __schedule+0xe91/0x3590
[ 112.417025] arch_do_signal_or_restart+0x80/0x790
[ 112.417042] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 112.417058] ? __x64_sys_futex+0x1c9/0x4d0
[ 112.417070] ? __x64_sys_futex+0x1d2/0x4d0
[ 112.417084] ? fput+0x6a/0x100
[ 112.417098] ? __pfx___x64_sys_futex+0x10/0x10
[ 112.417110] ? ksys_write+0x1a3/0x240
[ 112.417127] exit_to_user_mode_loop+0x8b/0x110
[ 112.417139] do_syscall_64+0x2f7/0x360
[ 112.417151] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.417163] RIP: 0033:0x7f3e7c22bb19
[ 112.417172] Code: Unable to access opcode bytes at 0x7f3e7c22baef.
[ 112.417177] RSP: 002b:00007f3e797a1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 112.417189] RAX: 0000000000000001 RBX: 00007f3e7c33ef68 RCX: 00007f3e7c22bb19
[ 112.417196] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3e7c33ef6c
[ 112.417204] RBP: 00007f3e7c33ef60 R08: 000000000000000e R09: 0000000000000000
[ 112.417211] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f3e7c33ef6c
[ 112.417218] R13: 00007ffecb40c38f R14: 00007f3e797a1300 R15: 0000000000022000
[ 112.417233]
[ 112.417237] kmemleak: Object (percpu) 0x607f1a639c58 (size 8):
[ 112.417244] kmemleak: comm "syz-executor.0", pid 3968, jiffies 4294779315
[ 112.417251] kmemleak: min_count = 1
[ 112.417255] kmemleak: count = 0
[ 112.417259] kmemleak: flags = 0x21
[ 112.417262] kmemleak: checksum = 0
[ 112.417266] kmemleak: backtrace:
[ 112.417270] pcpu_alloc_noprof+0x87a/0x1170
[ 112.417284] perf_trace_event_init+0x366/0xa10
[ 112.417298] perf_trace_init+0x1a4/0x2f0
[ 112.417309] perf_tp_event_init+0xa6/0x120
[ 112.417324] perf_try_init_event+0x140/0x9f0
[ 112.417337] perf_event_alloc.part.0+0x118e/0x45f0
[ 112.417353] __do_sys_perf_event_open+0x719/0x2c20
[ 112.417366] do_syscall_64+0xbf/0x360
[ 112.417374] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:55:03 executing program 4:
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='\x00', &(0x7f0000000140), 0x1000)
08:55:03 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x145802, 0x0)
ioctl$DVD_AUTH(r0, 0x5390, &(0x7f0000000000)=@hrpcs={0xb, 0x3})
08:55:03 executing program 5:
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81000080}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
08:55:03 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0xa0840, 0x0)
ioctl$CDROM_SEND_PACKET(r0, 0x5306, &(0x7f0000000140)={"80eaffffffffffff030000ba", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
08:55:03 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100), 0x2)
write$bt_hci(r0, &(0x7f0000000040)={0x1, @read_link_policy={{0x80c, 0x2}}}, 0x6)
08:55:03 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sync()
[ 112.547950] Oops: general protection fault, probably for non-canonical address 0xeafffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 112.548858] KASAN: maybe wild-memory-access in range [0x5800000000000190-0x5800000000000197]
[ 112.549550] CPU: 0 UID: 0 PID: 3978 Comm: syz-executor.6 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 112.550812] Tainted: [W]=WARN
[ 112.551505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.553295] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.554303] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.558366] RSP: 0018:ffff8880452df800 EFLAGS: 00010212
[ 112.559332] RAX: 0b00000000000032 RBX: 57ffffffffffffa0 RCX: ffffc900086cd000
[ 112.559884] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 5800000000000190
[ 112.560435] RBP: ffff8880452dfa70 R08: ffff88806ce31340 R09: ffffe8ffffc16c58
[ 112.560987] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 112.561562] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 112.562116] FS: 00007f8d08100700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 112.562748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 112.563205] CR2: 00007f8d0ac9e018 CR3: 0000000043b63000 CR4: 0000000000350ef0
[ 112.563762] Call Trace:
[ 112.563969]
[ 112.564151] ? perf_swevent_event+0x63/0x3f0
[ 112.564509] ? __pfx_perf_tp_event+0x10/0x10
[ 112.564864] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 112.565260] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 112.565668] ? perf_swevent_event+0x63/0x3f0
[ 112.566024] ? perf_tp_event+0x807/0xe70
[ 112.566355] ? __pfx_perf_tp_event+0x10/0x10
[ 112.566710] ? __perf_install_in_context+0x503/0xb90
[ 112.567113] ? do_raw_spin_unlock+0x53/0x220
[ 112.567469] ? perf_trace_run_bpf_submit+0xef/0x180
[ 112.567866] perf_trace_run_bpf_submit+0xef/0x180
[ 112.568254] perf_trace_lock+0x337/0x5d0
[ 112.568581] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.568949] ? lock_acquire+0x15e/0x2f0
[ 112.569264] ? futex_ref_get+0x48/0x300
[ 112.569596] ? futex_ref_get+0x114/0x300
[ 112.569917] ? futex_hash+0x15c/0x390
[ 112.570220] lock_release+0x1ab/0x290
[ 112.570525] ? futex_hash+0x15c/0x390
[ 112.570827] futex_ref_get+0x119/0x300
[ 112.571133] ? futex_hash+0x15c/0x390
[ 112.571434] futex_hash+0x70/0x390
[ 112.571720] futex_wake+0x143/0x540
[ 112.572014] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.572379] ? __pfx_futex_wake+0x10/0x10
[ 112.572709] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 112.573110] ? lock_release+0xc8/0x290
[ 112.573420] do_futex+0x26d/0x370
[ 112.573728] ? __pfx_do_futex+0x10/0x10
[ 112.574046] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 112.574460] ? find_held_lock+0x2b/0x80
[ 112.574782] __x64_sys_futex+0x1c9/0x4d0
[ 112.575107] ? __pfx___x64_sys_futex+0x10/0x10
[ 112.575468] ? xfd_validate_state+0x55/0x180
[ 112.575833] do_syscall_64+0xbf/0x360
[ 112.576138] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.576543] RIP: 0033:0x7f8d0ab8ab19
[ 112.576837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 112.578264] RSP: 002b:00007f8d08100218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 112.578864] RAX: ffffffffffffffda RBX: 00007f8d0ac9df68 RCX: 00007f8d0ab8ab19
[ 112.579425] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d0ac9df6c
[ 112.579987] RBP: 00007f8d0ac9df60 R08: 000000000000000e R09: 0000000000000000
[ 112.580548] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8d0ac9df6c
[ 112.581106] R13: 00007ffc8d2ee7bf R14: 00007f8d08100300 R15: 0000000000022000
[ 112.581690]
[ 112.581879] Modules linked in:
[ 112.582194] Oops: general protection fault, probably for non-canonical address 0xeafffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 112.583072] KASAN: maybe wild-memory-access in range [0x5800000000000190-0x5800000000000197]
[ 112.583730] CPU: 0 UID: 0 PID: 3978 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 112.584671] Tainted: [D]=DIE, [W]=WARN
[ 112.584973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.585636] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.586011] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.587445] RSP: 0018:ffff88806ce08a80 EFLAGS: 00010012
[ 112.587863] RAX: 0b00000000000032 RBX: 57ffffffffffffa0 RCX: ffffffff81898973
[ 112.588423] RDX: ffff888018091b80 RSI: ffffffff818995b7 RDI: 5800000000000190
[ 112.588984] RBP: ffff88806ce08cf0 R08: ffff88806ce31490 R09: ffffe8ffffc16c58
[ 112.589563] R10: 0000000000000000 R11: ffff88806ce37018 R12: dffffc0000000000
[ 112.590126] R13: 0000000000000000 R14: ffff88806ce31490 R15: dffffc0000000000
[ 112.590687] FS: 00007f8d08100700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 112.591319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 112.591777] CR2: 00007f8d0ac9e018 CR3: 0000000043b63000 CR4: 0000000000350ef0
[ 112.592333] Call Trace:
[ 112.592540]
[ 112.592723] ? __pfx_perf_tp_event+0x10/0x10
[ 112.593081] ? sched_clock_cpu+0x6c/0x4e0
[ 112.593421] ? trace_pelt_se_tp+0xdf/0x130
[ 112.593779] ? __update_load_avg_se+0x428/0xa40
[ 112.594156] ? lock_is_held_type+0x9e/0x120
[ 112.594506] ? perf_trace_lock+0xb5/0x5d0
[ 112.594837] ? perf_trace_lock+0xb5/0x5d0
[ 112.595169] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.595534] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.595901] ? check_preempt_wakeup_fair+0x406/0x950
[ 112.596309] ? perf_trace_run_bpf_submit+0xef/0x180
[ 112.596708] perf_trace_run_bpf_submit+0xef/0x180
[ 112.597095] perf_trace_lock+0x337/0x5d0
[ 112.597421] ? place_entity+0x1c/0x410
[ 112.597749] ? kvm_sched_clock_read+0x16/0x30
[ 112.598114] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.598482] ? check_preempt_wakeup_fair+0x6e/0x950
[ 112.598879] ? sched_ttwu_pending+0x2e0/0x4a0
[ 112.599244] lock_release+0x1ab/0x290
[ 112.599550] ? ttwu_do_activate+0x1a4/0x8a0
[ 112.599898] _raw_spin_unlock+0x16/0x40
[ 112.600221] sched_ttwu_pending+0x2e0/0x4a0
[ 112.600574] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 112.600961] ? hrtimer_interrupt+0x652/0x830
[ 112.601316] __flush_smp_call_function_queue+0x434/0x740
[ 112.601770] __sysvec_call_function_single+0x6d/0x370
[ 112.602185] sysvec_call_function_single+0xa1/0xc0
[ 112.602577]
[ 112.602759]
[ 112.602941] asm_sysvec_call_function_single+0x1a/0x20
[ 112.603355] RIP: 0010:oops_exit+0x0/0x50
[ 112.603683] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[ 112.605103] RSP: 0018:ffff8880452df690 EFLAGS: 00000202
[ 112.605548] RAX: 000000000002ba0c RBX: 0000000000000212 RCX: ffffc900086cd000
[ 112.606106] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 112.606665] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[ 112.607220] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880452df758
[ 112.607780] R13: 0000000000000000 R14: eafffc0000000032 R15: 0000000000000000
[ 112.608340] ? oops_end+0x4a/0xe0
[ 112.608630] oops_end+0x65/0xe0
[ 112.608903] exc_general_protection+0x1a2/0x330
[ 112.609283] asm_exc_general_protection+0x26/0x30
[ 112.609689] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.610065] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.611480] RSP: 0018:ffff8880452df800 EFLAGS: 00010212
[ 112.611898] RAX: 0b00000000000032 RBX: 57ffffffffffffa0 RCX: ffffc900086cd000
[ 112.612463] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 5800000000000190
[ 112.613026] RBP: ffff8880452dfa70 R08: ffff88806ce31340 R09: ffffe8ffffc16c58
[ 112.613599] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 112.614154] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 112.614717] ? perf_tp_event+0x167/0xe70
[ 112.615045] ? perf_swevent_event+0x63/0x3f0
[ 112.615410] ? __pfx_perf_tp_event+0x10/0x10
[ 112.615769] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 112.616165] ? tracing_gen_ctx_irq_test+0x167/0x1f0
[ 112.616566] ? perf_swevent_event+0x63/0x3f0
[ 112.616920] ? perf_tp_event+0x807/0xe70
[ 112.617250] ? __pfx_perf_tp_event+0x10/0x10
[ 112.617624] ? __perf_install_in_context+0x503/0xb90
[ 112.618030] ? do_raw_spin_unlock+0x53/0x220
[ 112.618387] ? perf_trace_run_bpf_submit+0xef/0x180
[ 112.618783] perf_trace_run_bpf_submit+0xef/0x180
[ 112.619173] perf_trace_lock+0x337/0x5d0
[ 112.619502] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.619870] ? lock_acquire+0x15e/0x2f0
[ 112.620187] ? futex_ref_get+0x48/0x300
[ 112.620504] ? futex_ref_get+0x114/0x300
[ 112.620826] ? futex_hash+0x15c/0x390
[ 112.621132] lock_release+0x1ab/0x290
[ 112.621447] ? futex_hash+0x15c/0x390
[ 112.621766] futex_ref_get+0x119/0x300
[ 112.622079] ? futex_hash+0x15c/0x390
[ 112.622383] futex_hash+0x70/0x390
[ 112.622670] futex_wake+0x143/0x540
[ 112.622964] ? __pfx_perf_trace_lock+0x10/0x10
[ 112.623333] ? __pfx_futex_wake+0x10/0x10
[ 112.623670] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 112.624077] ? lock_release+0xc8/0x290
[ 112.624390] do_futex+0x26d/0x370
[ 112.624671] ? __pfx_do_futex+0x10/0x10
[ 112.624994] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 112.625416] ? find_held_lock+0x2b/0x80
[ 112.625755] __x64_sys_futex+0x1c9/0x4d0
[ 112.626083] ? __pfx___x64_sys_futex+0x10/0x10
[ 112.626445] ? xfd_validate_state+0x55/0x180
[ 112.626804] do_syscall_64+0xbf/0x360
[ 112.627109] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.627514] RIP: 0033:0x7f8d0ab8ab19
[ 112.627810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 112.629230] RSP: 002b:00007f8d08100218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 112.629845] RAX: ffffffffffffffda RBX: 00007f8d0ac9df68 RCX: 00007f8d0ab8ab19
[ 112.630400] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d0ac9df6c
[ 112.630956] RBP: 00007f8d0ac9df60 R08: 000000000000000e R09: 0000000000000000
[ 112.631510] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8d0ac9df6c
[ 112.632065] R13: 00007ffc8d2ee7bf R14: 00007f8d08100300 R15: 0000000000022000
[ 112.632629]
[ 112.632818] Modules linked in:
[ 112.633076] ---[ end trace 0000000000000000 ]---
[ 112.633453] RIP: 0010:perf_tp_event+0x175/0xe70
[ 112.633838] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 112.635261] RSP: 0018:ffff8880452df800 EFLAGS: 00010212
[ 112.635682] RAX: 0b00000000000032 RBX: 57ffffffffffffa0 RCX: ffffc900086cd000
[ 112.636241] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 5800000000000190
[ 112.636804] RBP: ffff8880452dfa70 R08: ffff88806ce31340 R09: ffffe8ffffc16c58
[ 112.637362] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 112.637939] R13: 0000000000000000 R14: ffff88806ce31340 R15: dffffc0000000000
[ 112.638498] FS: 00007f8d08100700(0000) GS:ffff8880e55dd000(0000) knlGS:0000000000000000
[ 112.639128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 112.639591] CR2: 00007f8d0ac9e018 CR3: 0000000043b63000 CR4: 0000000000350ef0
[ 112.640156] Kernel panic - not syncing: Fatal exception in interrupt
[ 112.640784] Kernel Offset: disabled
[ 112.641084] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:55:03 Registers:
info registers vcpu 0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff8880452df0f0
R8 =0000000000000000 R9 =ffffed100180f046 R10=0000000000000020 R11=0000000065646f43
R12=0000000000000020 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8d08100700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe6000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8d0ac9e018 CR3=0000000043b63000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f8d0ac717c000007f8d0ac717c8
XMM02=00007f8d0ac717e000007f8d0ac717c0 XMM03=00007f8d0ac717c800007f8d0ac717c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3de00 RCX=ffffffff816880fc RDX=ffff88800a3fd280
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88800a4bf8a8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9e6bb1
R12=ffffed100d9c7bc1 R13=ffff88806ce3de08 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe5800000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe08d6613a4 CR3=0000000030c11000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000