Warning: Permanently added '[localhost]:61241' (ECDSA) to the list of known hosts. 2025/09/01 08:04:38 fuzzer started 2025/09/01 08:04:38 dialing manager at localhost:35473 2025/09/01 08:04:38 checking machine... 2025/09/01 08:04:38 checking revisions... syzkaller login: [ 50.753720] kmemleak: Automatic memory scanning thread ended 2025/09/01 08:04:39 testing simple program... [ 50.858781] cgroup: Unknown subsys name 'net' [ 50.941558] cgroup: Unknown subsys name 'cpuset' [ 50.962487] cgroup: Unknown subsys name 'rlimit' executing program executing program executing program [ 61.000353] audit: type=1400 audit(1756713889.384:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 62.085189] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.088687] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.090631] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.097355] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.101820] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 executing program [ 64.176872] Bluetooth: hci0: command tx timeout executing program [ 66.224324] Bluetooth: hci0: command tx timeout [ 68.271210] Bluetooth: hci0: command tx timeout executing program [ 70.319215] Bluetooth: hci0: command tx timeout executing program executing program executing program [ 78.361383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.362678] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.425929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.427309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/09/01 08:05:06 building call list... executing program [ 82.304821] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 83.130609] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list executing program 2025/09/01 08:05:13 syscalls: 2214 2025/09/01 08:05:13 code coverage: enabled 2025/09/01 08:05:13 comparison tracing: enabled 2025/09/01 08:05:13 extra coverage: enabled 2025/09/01 08:05:13 setuid sandbox: enabled 2025/09/01 08:05:13 namespace sandbox: enabled 2025/09/01 08:05:13 Android sandbox: enabled 2025/09/01 08:05:13 fault injection: enabled 2025/09/01 08:05:13 leak checking: enabled 2025/09/01 08:05:13 net packet injection: enabled 2025/09/01 08:05:13 net device setup: enabled 2025/09/01 08:05:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 08:05:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 08:05:13 USB emulation: enabled 2025/09/01 08:05:13 hci packet injection: enabled 2025/09/01 08:05:13 wifi device emulation: enabled 2025/09/01 08:05:13 802.15.4 emulation: enabled 2025/09/01 08:05:13 fetching corpus: 0, signal 0/0 (executing program) 2025/09/01 08:05:13 fetching corpus: 0, signal 0/0 (executing program) 2025/09/01 08:05:14 starting 8 fuzzer processes 08:05:14 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f00000000c0)) 08:05:14 executing program 1: r0 = getpid() r1 = getpid() kcmp$KCMP_EPOLL_TFD(r1, r0, 0x7, 0xffffffffffffffff, 0x0) 08:05:14 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000300)=0xffff7fff, 0x4) 08:05:14 executing program 2: syz_mount_image$vfat(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) lsetxattr$system_posix_acl(&(0x7f0000001100)='./file0\x00', &(0x7f0000001140)='system.posix_acl_default\x00', &(0x7f0000001300), 0x24, 0x0) 08:05:14 executing program 7: rt_sigaction(0x1e, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000180)) 08:05:14 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) 08:05:14 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6}]}, 0x28}}, 0x0) 08:05:14 executing program 5: mknod$loop(&(0x7f0000000580)='./file0\x00', 0x6000, 0x0) quotactl(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) [ 87.547748] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.550558] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.552875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.557271] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.560323] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.619927] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.622547] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.629674] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.639856] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.646855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.691978] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.722158] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.725023] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.731263] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.734546] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.740506] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.750789] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.752195] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.754771] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 87.759656] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.761753] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.763828] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.765310] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.766746] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.767852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 87.772252] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 87.776966] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 87.779647] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 87.790638] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 87.792109] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 87.800441] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 87.801862] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 87.808098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.811315] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 87.815304] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 87.823634] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.825158] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 87.856322] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 87.857549] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 87.863173] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 89.585107] Bluetooth: hci0: command tx timeout [ 89.711127] Bluetooth: hci1: command tx timeout [ 89.840136] Bluetooth: hci3: command tx timeout [ 89.840835] Bluetooth: hci2: command tx timeout [ 89.903219] Bluetooth: hci4: command tx timeout [ 89.903783] Bluetooth: hci6: command tx timeout [ 89.905126] Bluetooth: hci7: command tx timeout [ 89.905638] Bluetooth: hci5: command tx timeout [ 91.633107] Bluetooth: hci0: command tx timeout [ 91.760168] Bluetooth: hci1: command tx timeout [ 91.887349] Bluetooth: hci2: command tx timeout [ 91.887837] Bluetooth: hci3: command tx timeout [ 91.951301] Bluetooth: hci6: command tx timeout [ 91.951779] Bluetooth: hci5: command tx timeout [ 91.953133] Bluetooth: hci7: command tx timeout [ 91.953574] Bluetooth: hci4: command tx timeout [ 93.681111] Bluetooth: hci0: command tx timeout [ 93.807193] Bluetooth: hci1: command tx timeout [ 93.936127] Bluetooth: hci2: command tx timeout [ 93.936625] Bluetooth: hci3: command tx timeout [ 94.000114] Bluetooth: hci5: command tx timeout [ 94.000588] Bluetooth: hci4: command tx timeout [ 94.001078] Bluetooth: hci7: command tx timeout [ 94.001518] Bluetooth: hci6: command tx timeout [ 95.728084] Bluetooth: hci0: command tx timeout [ 95.855198] Bluetooth: hci1: command tx timeout [ 95.984098] Bluetooth: hci2: command tx timeout [ 95.984608] Bluetooth: hci3: command tx timeout [ 96.047142] Bluetooth: hci6: command tx timeout [ 96.047611] Bluetooth: hci7: command tx timeout [ 96.048041] Bluetooth: hci4: command tx timeout [ 96.048721] Bluetooth: hci5: command tx timeout [ 121.940842] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.941589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.157814] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.159186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.674219] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.674795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.812610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.813858] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.873135] audit: type=1400 audit(1756713951.253:8): avc: denied { open } for pid=4407 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.881849] audit: type=1400 audit(1756713951.254:9): avc: denied { kernel } for pid=4407 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 08:05:51 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) 08:05:51 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) [ 123.075712] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.076470] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:05:51 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) [ 123.141828] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.143131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.174288] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.174856] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.199636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.200271] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.211676] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.212253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.262905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.263498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.309830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.310441] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.381540] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.382187] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.449829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.450455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.501889] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.502946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.547314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.547943] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.591640] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.592249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.649341] No source specified [ 123.654286] No source specified 08:05:52 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f00000000c0)) 08:05:52 executing program 1: r0 = getpid() r1 = getpid() kcmp$KCMP_EPOLL_TFD(r1, r0, 0x7, 0xffffffffffffffff, 0x0) 08:05:52 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) 08:05:52 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000300)=0xffff7fff, 0x4) 08:05:52 executing program 2: syz_mount_image$vfat(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) lsetxattr$system_posix_acl(&(0x7f0000001100)='./file0\x00', &(0x7f0000001140)='system.posix_acl_default\x00', &(0x7f0000001300), 0x24, 0x0) 08:05:52 executing program 5: mknod$loop(&(0x7f0000000580)='./file0\x00', 0x6000, 0x0) quotactl(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) 08:05:52 executing program 7: rt_sigaction(0x1e, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000180)) 08:05:52 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6}]}, 0x28}}, 0x0) [ 123.790194] No source specified 08:05:52 executing program 1: r0 = getpid() r1 = getpid() kcmp$KCMP_EPOLL_TFD(r1, r0, 0x7, 0xffffffffffffffff, 0x0) 08:05:52 executing program 1: r0 = getpid() r1 = getpid() kcmp$KCMP_EPOLL_TFD(r1, r0, 0x7, 0xffffffffffffffff, 0x0) 08:05:52 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) 08:05:52 executing program 2: syz_mount_image$vfat(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) lsetxattr$system_posix_acl(&(0x7f0000001100)='./file0\x00', &(0x7f0000001140)='system.posix_acl_default\x00', &(0x7f0000001300), 0x24, 0x0) 08:05:52 executing program 7: rt_sigaction(0x1e, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000180)) 08:05:52 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000300)=0xffff7fff, 0x4) 08:05:52 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f00000000c0)) 08:05:52 executing program 5: mknod$loop(&(0x7f0000000580)='./file0\x00', 0x6000, 0x0) quotactl(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) 08:05:52 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6}]}, 0x28}}, 0x0) [ 123.944358] No source specified 08:05:52 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000300)=0xffff7fff, 0x4) [ 123.974837] kmemleak: Found object by alias at 0x607f1a63e8a0 [ 123.974854] CPU: 1 UID: 0 PID: 4475 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 123.974873] Tainted: [W]=WARN [ 123.974877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 123.974885] Call Trace: [ 123.974889] [ 123.974894] dump_stack_lvl+0xca/0x120 [ 123.974924] __lookup_object+0x94/0xb0 [ 123.974943] delete_object_full+0x27/0x70 [ 123.974960] free_percpu+0x30/0x1160 [ 123.974977] ? arch_uprobe_clear_state+0x16/0x140 [ 123.974998] futex_hash_free+0x38/0xc0 [ 123.975013] mmput+0x2d3/0x390 [ 123.975032] do_exit+0x79d/0x2970 [ 123.975051] ? signal_wake_up_state+0x85/0x120 [ 123.975068] ? zap_other_threads+0x2b9/0x3a0 [ 123.975084] ? __pfx_do_exit+0x10/0x10 [ 123.975098] ? do_group_exit+0x1c3/0x2a0 [ 123.975112] ? lock_release+0xc8/0x290 [ 123.975129] do_group_exit+0xd3/0x2a0 [ 123.975144] __x64_sys_exit_group+0x3e/0x50 [ 123.975159] x64_sys_call+0x18c5/0x18d0 [ 123.975175] do_syscall_64+0xbf/0x360 [ 123.975188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.975200] RIP: 0033:0x7fe8a2525b19 [ 123.975209] Code: Unable to access opcode bytes at 0x7fe8a2525aef. [ 123.975215] RSP: 002b:00007fff99aa21c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.975226] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe8a2525b19 [ 123.975234] RDX: 00007fe8a24d872b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 123.975242] RBP: 0000000000000000 R08: 0000001b2ff23a58 R09: 0000000000000000 [ 123.975249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.975256] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff99aa22b0 [ 123.975272] [ 123.975276] kmemleak: Object (percpu) 0x607f1a63e898 (size 16): [ 123.975283] kmemleak: comm "syz-executor.4", pid 842, jiffies 4294790798 [ 123.975290] kmemleak: min_count = 1 [ 123.975294] kmemleak: count = 0 [ 123.975298] kmemleak: flags = 0x21 [ 123.975302] kmemleak: checksum = 0 [ 123.975306] kmemleak: backtrace: [ 123.975310] pcpu_alloc_noprof+0x87a/0x1170 [ 123.975326] mm_init+0x99b/0x1170 [ 123.975334] copy_process+0x3ab7/0x73c0 [ 123.975345] kernel_clone+0xea/0x7f0 [ 123.975355] __do_sys_clone+0xce/0x120 [ 123.975366] do_syscall_64+0xbf/0x360 [ 123.975375] entry_SYSCALL_64_after_hwframe+0x77/0x7f 08:05:52 executing program 7: rt_sigaction(0x1e, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000180)) [ 124.012520] kmemleak: Found object by alias at 0x607f1a63e89c [ 124.012532] CPU: 1 UID: 0 PID: 4478 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.012550] Tainted: [W]=WARN [ 124.012554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.012560] Call Trace: [ 124.012564] [ 124.012568] dump_stack_lvl+0xca/0x120 [ 124.012588] __lookup_object+0x94/0xb0 [ 124.012604] delete_object_full+0x27/0x70 [ 124.012621] free_percpu+0x30/0x1160 [ 124.012636] ? arch_uprobe_clear_state+0x16/0x140 [ 124.012655] futex_hash_free+0x38/0xc0 [ 124.012668] mmput+0x2d3/0x390 [ 124.012687] do_exit+0x79d/0x2970 [ 124.012701] ? lock_release+0xc8/0x290 [ 124.012717] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.012733] ? __pfx_do_exit+0x10/0x10 [ 124.012747] ? find_held_lock+0x2b/0x80 [ 124.012765] ? get_signal+0x835/0x2340 [ 124.012784] do_group_exit+0xd3/0x2a0 [ 124.012799] get_signal+0x2315/0x2340 [ 124.012816] ? __call_rcu_common.constprop.0+0x4c1/0x960 [ 124.012833] ? __call_rcu_common.constprop.0+0x4c1/0x960 [ 124.012849] ? __pfx_get_signal+0x10/0x10 [ 124.012865] ? do_futex+0x135/0x370 [ 124.012879] ? __pfx_do_futex+0x10/0x10 [ 124.012894] arch_do_signal_or_restart+0x80/0x790 [ 124.012912] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 124.012929] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.012942] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.012954] ? fput_close_sync+0x114/0x240 [ 124.012971] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.012984] ? __pfx_fput_close_sync+0x10/0x10 [ 124.012999] ? dnotify_flush+0x79/0x4c0 [ 124.013011] ? xfd_validate_state+0x55/0x180 [ 124.013032] exit_to_user_mode_loop+0x8b/0x110 [ 124.013050] do_syscall_64+0x2f7/0x360 [ 124.013062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.013074] RIP: 0033:0x7f99cc754b19 [ 124.013082] Code: Unable to access opcode bytes at 0x7f99cc754aef. [ 124.013088] RSP: 002b:00007f99c9cca218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.013099] RAX: fffffffffffffe00 RBX: 00007f99cc867f68 RCX: 00007f99cc754b19 [ 124.013107] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f99cc867f68 [ 124.013114] RBP: 00007f99cc867f60 R08: 0000000000000000 R09: 0000000000000000 [ 124.013122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99cc867f6c [ 124.013129] R13: 00007ffee404e1ff R14: 00007f99c9cca300 R15: 0000000000022000 [ 124.013144] [ 124.013148] kmemleak: Object (percpu) 0x607f1a63e898 (size 16): [ 124.013155] kmemleak: comm "syz-executor.3", pid 837, jiffies 4294790903 [ 124.013162] kmemleak: min_count = 1 [ 124.013165] kmemleak: count = 0 [ 124.013169] kmemleak: flags = 0x21 [ 124.013173] kmemleak: checksum = 0 [ 124.013177] kmemleak: backtrace: [ 124.013179] pcpu_alloc_noprof+0x87a/0x1170 [ 124.013195] mm_init+0x99b/0x1170 [ 124.013203] copy_process+0x3ab7/0x73c0 [ 124.013213] kernel_clone+0xea/0x7f0 [ 124.013223] __do_sys_clone+0xce/0x120 [ 124.013233] do_syscall_64+0xbf/0x360 [ 124.013242] entry_SYSCALL_64_after_hwframe+0x77/0x7f 08:05:52 executing program 2: syz_mount_image$vfat(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) lsetxattr$system_posix_acl(&(0x7f0000001100)='./file0\x00', &(0x7f0000001140)='system.posix_acl_default\x00', &(0x7f0000001300), 0x24, 0x0) 08:05:52 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f00000000c0)) 08:05:52 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6}]}, 0x28}}, 0x0) 08:05:52 executing program 5: mknod$loop(&(0x7f0000000580)='./file0\x00', 0x6000, 0x0) quotactl(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) 08:05:52 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10) close(r0) 08:05:52 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f00000000c0)) 08:05:52 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f00000000c0)) [ 124.165946] kmemleak: Found object by alias at 0x607f1a63e8a4 [ 124.165967] CPU: 1 UID: 0 PID: 4489 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.165985] Tainted: [W]=WARN [ 124.165999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.166006] Call Trace: [ 124.166010] [ 124.166015] dump_stack_lvl+0xca/0x120 [ 124.166050] __lookup_object+0x94/0xb0 [ 124.166068] delete_object_full+0x27/0x70 [ 124.166085] free_percpu+0x30/0x1160 [ 124.166103] ? arch_uprobe_clear_state+0x16/0x140 [ 124.166124] futex_hash_free+0x38/0xc0 [ 124.166139] mmput+0x2d3/0x390 [ 124.166158] do_exit+0x79d/0x2970 [ 124.166173] ? signal_wake_up_state+0x85/0x120 [ 124.166189] ? zap_other_threads+0x2b9/0x3a0 [ 124.166205] ? __pfx_do_exit+0x10/0x10 [ 124.166219] ? do_group_exit+0x1c3/0x2a0 [ 124.166233] ? lock_release+0xc8/0x290 [ 124.166250] do_group_exit+0xd3/0x2a0 [ 124.166266] __x64_sys_exit_group+0x3e/0x50 [ 124.166280] x64_sys_call+0x18c5/0x18d0 [ 124.166296] do_syscall_64+0xbf/0x360 [ 124.166310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.166322] RIP: 0033:0x7f2fdc657b19 [ 124.166331] Code: Unable to access opcode bytes at 0x7f2fdc657aef. [ 124.166336] RSP: 002b:00007fffb7c7d588 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.166348] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f2fdc657b19 [ 124.166356] RDX: 00007f2fdc60a72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 124.166363] RBP: 0000000000000000 R08: 0000001b3022564c R09: 0000000000000000 [ 124.166371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.166377] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffb7c7d670 [ 124.166393] [ 124.166397] kmemleak: Object (percpu) 0x607f1a63e898 (size 16): [ 124.166404] kmemleak: comm "syz-executor.6", pid 841, jiffies 4294790985 [ 124.166412] kmemleak: min_count = 1 [ 124.166416] kmemleak: count = 0 [ 124.166420] kmemleak: flags = 0x21 [ 124.166424] kmemleak: checksum = 0 [ 124.166427] kmemleak: backtrace: [ 124.166431] pcpu_alloc_noprof+0x87a/0x1170 [ 124.166447] mm_init+0x99b/0x1170 [ 124.166456] copy_process+0x3ab7/0x73c0 [ 124.166466] kernel_clone+0xea/0x7f0 [ 124.166476] __do_sys_clone+0xce/0x120 [ 124.166486] do_syscall_64+0xbf/0x360 [ 124.166496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.186006] No source specified [ 124.209951] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#1] SMP KASAN NOPTI [ 124.211931] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 124.213334] CPU: 0 UID: 0 PID: 66 Comm: kworker/u8:1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.220913] Tainted: [W]=WARN [ 124.221419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.221447] kmemleak: Found object by alias at 0x607f1a63e89c [ 124.221463] CPU: 1 UID: 0 PID: 4496 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.221482] Tainted: [W]=WARN [ 124.221486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.221493] Call Trace: [ 124.221496] [ 124.221501] dump_stack_lvl+0xca/0x120 [ 124.221524] __lookup_object+0x94/0xb0 [ 124.221540] delete_object_full+0x27/0x70 [ 124.221555] free_percpu+0x30/0x1160 [ 124.221571] ? arch_uprobe_clear_state+0x16/0x140 [ 124.221589] futex_hash_free+0x38/0xc0 [ 124.221603] mmput+0x2d3/0x390 [ 124.221621] do_exit+0x79d/0x2970 [ 124.221635] ? lock_release+0xc8/0x290 [ 124.221650] ? __pfx_do_exit+0x10/0x10 [ 124.221663] ? find_held_lock+0x2b/0x80 [ 124.221681] ? get_signal+0x835/0x2340 [ 124.221699] do_group_exit+0xd3/0x2a0 [ 124.221713] get_signal+0x2315/0x2340 [ 124.221731] ? __call_rcu_common.constprop.0+0x4c1/0x960 [ 124.221748] ? __pfx_get_signal+0x10/0x10 [ 124.221764] ? do_futex+0x135/0x370 [ 124.221777] ? __pfx_do_futex+0x10/0x10 [ 124.221790] arch_do_signal_or_restart+0x80/0x790 [ 124.221808] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 124.221824] ? __x64_sys_futex+0x1c9/0x4d0 [ 124.221837] ? __x64_sys_futex+0x1d2/0x4d0 [ 124.221850] ? fput_close_sync+0x114/0x240 [ 124.221867] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.221880] ? __pfx_fput_close_sync+0x10/0x10 [ 124.221896] ? dnotify_flush+0x79/0x4c0 [ 124.221907] ? xfd_validate_state+0x55/0x180 [ 124.221926] exit_to_user_mode_loop+0x8b/0x110 [ 124.221938] do_syscall_64+0x2f7/0x360 [ 124.221950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.221962] RIP: 0033:0x7f99cc754b19 [ 124.221971] Code: Unable to access opcode bytes at 0x7f99cc754aef. [ 124.221976] RSP: 002b:00007f99c9cca218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.221995] RAX: fffffffffffffe00 RBX: 00007f99cc867f68 RCX: 00007f99cc754b19 [ 124.222003] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f99cc867f68 [ 124.222010] RBP: 00007f99cc867f60 R08: 0000000000000000 R09: 0000000000000000 [ 124.222017] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99cc867f6c [ 124.222024] R13: 00007ffee404e1ff R14: 00007f99c9cca300 R15: 0000000000022000 [ 124.222035] [ 124.222039] kmemleak: Object (percpu) 0x607f1a63e898 (size 8): [ 124.222049] kmemleak: comm "syz-executor.3", pid 4500, jiffies 4294791101 [ 124.222056] kmemleak: min_count = 1 [ 124.222060] kmemleak: count = 0 [ 124.222064] kmemleak: flags = 0x21 [ 124.222068] kmemleak: checksum = 0 [ 124.222071] kmemleak: backtrace: [ 124.222075] pcpu_alloc_noprof+0x87a/0x1170 [ 124.222090] perf_trace_event_init+0x366/0xa10 [ 124.222104] perf_trace_init+0x1a4/0x2f0 [ 124.222117] perf_tp_event_init+0xa6/0x120 [ 124.222133] perf_try_init_event+0x140/0x9f0 [ 124.222148] perf_event_alloc.part.0+0x118e/0x45f0 [ 124.222165] __do_sys_perf_event_open+0x719/0x2c20 [ 124.222178] do_syscall_64+0xbf/0x360 [ 124.222188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.267728] Workqueue: ipv6_addrconf addrconf_dad_work [ 124.268583] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.269350] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.272197] RSP: 0018:ffff88800a3ef440 EFLAGS: 00010012 [ 124.273023] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 124.274127] RDX: ffff88800a49d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.275237] RBP: ffff88800a3ef6b0 R08: ffff88806ce31340 R09: ffffe8ffffc16898 [ 124.276344] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.277447] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 124.278575] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.279852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.280778] CR2: 00007fec52a1d000 CR3: 000000003dc4f000 CR4: 0000000000350ef0 [ 124.281915] Call Trace: [ 124.282345] [ 124.282717] ? __lock_acquire+0x694/0x1b70 [ 124.283407] ? __pfx_perf_tp_event+0x10/0x10 [ 124.284131] ? lock_acquire+0x15e/0x2f0 [ 124.284777] ? unwind_next_frame+0xb9/0x2540 [ 124.285504] ? lock_acquire+0x15e/0x2f0 [ 124.286163] ? unwind_next_frame+0xb9/0x2540 [ 124.286887] ? find_held_lock+0x2b/0x80 [ 124.287542] ? unwind_next_frame+0x3b2/0x2540 [ 124.288286] ? lock_release+0xc8/0x290 [ 124.288921] ? unwind_next_frame+0x3bc/0x2540 [ 124.289660] ? ret_from_fork_asm+0x1a/0x30 [ 124.290371] ? ret_from_fork_asm+0x1a/0x30 [ 124.291061] ? kernel_text_address+0x11/0xc0 [ 124.291782] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 124.292658] ? arch_stack_walk+0x86/0xf0 [ 124.293319] ? perf_trace_run_bpf_submit+0xef/0x180 [ 124.294139] perf_trace_run_bpf_submit+0xef/0x180 [ 124.294930] perf_trace_preemptirq_template+0x259/0x430 [ 124.295787] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.296722] ? find_held_lock+0x2b/0x80 [ 124.297377] ? __create_object+0x59/0x80 [ 124.298054] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 124.298878] trace_irq_enable.constprop.0+0xa6/0x100 [ 124.299692] trace_hardirqs_on+0x26/0x40 [ 124.300345] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 124.301159] __create_object+0x59/0x80 [ 124.301798] __kmalloc_cache_noprof+0x42a/0x690 [ 124.302566] ? __pfx_percpu_counter_add_batch+0x10/0x10 [ 124.303413] ? kmem_cache_alloc_noprof+0x264/0x690 [ 124.304202] ? dst_cow_metrics_generic+0x4c/0x1e0 [ 124.304974] ? dst_alloc+0x44f/0x620 [ 124.305575] dst_cow_metrics_generic+0x4c/0x1e0 [ 124.306338] icmp6_dst_alloc+0x4a7/0x650 [ 124.307008] ? icmpv6_flow_init+0x3d/0x280 [ 124.307718] ? selinux_sk_getsecid+0x7c/0xd0 [ 124.308440] ndisc_send_skb+0x1296/0x1db0 [ 124.309119] ? __pfx_ndisc_send_skb+0x10/0x10 [ 124.309857] ? lock_release+0xc8/0x290 [ 124.310511] ? lock_is_held_type+0x9e/0x120 [ 124.311228] ? __asan_memcpy+0x3d/0x60 [ 124.311859] ? mark_held_locks+0x49/0x80 [ 124.312518] ndisc_send_ns+0xa9/0x130 [ 124.313150] ? __pfx_ndisc_send_ns+0x10/0x10 [ 124.313872] ? mark_held_locks+0x49/0x80 [ 124.314542] addrconf_dad_work+0xae2/0x11a0 [ 124.315257] ? __pfx_addrconf_dad_work+0x10/0x10 [ 124.316028] process_one_work+0x8e1/0x19c0 [ 124.316725] ? __pfx_process_one_work+0x10/0x10 [ 124.317472] ? move_linked_works+0x172/0x270 [ 124.318203] ? assign_work+0x196/0x240 [ 124.318842] worker_thread+0x67e/0xe90 [ 124.319492] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 124.320338] ? __pfx_worker_thread+0x10/0x10 [ 124.321054] kthread+0x3c8/0x740 [ 124.321617] ? __pfx_kthread+0x10/0x10 [ 124.322254] ? ret_from_fork+0x23/0x430 [ 124.322913] ? lock_release+0xc8/0x290 [ 124.323531] ? __pfx_kthread+0x10/0x10 [ 124.324149] ret_from_fork+0x34b/0x430 [ 124.324781] ? __pfx_kthread+0x10/0x10 [ 124.325401] ret_from_fork_asm+0x1a/0x30 [ 124.326076] [ 124.326449] Modules linked in: [ 124.326964] ---[ end trace 0000000000000000 ]--- [ 124.327695] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.328438] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.331264] RSP: 0018:ffff88800a3ef440 EFLAGS: 00010012 [ 124.332095] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 124.333198] RDX: ffff88800a49d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.334321] RBP: ffff88800a3ef6b0 R08: ffff88806ce31340 R09: ffffe8ffffc16898 [ 124.335454] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.336589] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 124.337707] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.338977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.339915] CR2: 00007fec52a1d000 CR3: 000000003dc4f000 CR4: 0000000000350ef0 [ 124.341046] note: kworker/u8:1[66] exited with irqs disabled [ 124.342102] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#2] SMP KASAN NOPTI [ 124.343840] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197] [ 124.345177] CPU: 0 UID: 0 PID: 66 Comm: kworker/u8:1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 124.346983] Tainted: [D]=DIE, [W]=WARN [ 124.347577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 124.348879] Workqueue: ipv6_addrconf addrconf_dad_work [ 124.349740] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.350513] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.353375] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012 [ 124.354217] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 124.355325] RDX: ffff88800a49d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.356437] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16898 [ 124.357528] R10: 0000000000000000 R11: 0000000000021ac1 R12: dffffc0000000000 [ 124.358630] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000 [ 124.359736] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.360981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.361884] CR2: 00007fec52a1d000 CR3: 000000003dc4f000 CR4: 0000000000350ef0 [ 124.362995] Call Trace: [ 124.363398] [ 124.363749] ? trace_softirq_raise+0xbe/0x100 [ 124.364477] ? __pfx_perf_tp_event+0x10/0x10 [ 124.365174] ? kvm_sched_clock_read+0x16/0x30 [ 124.365883] ? sched_clock+0x37/0x60 [ 124.366490] ? lock_acquire+0x18c/0x2f0 [ 124.367113] ? update_curr+0x2b0/0x500 [ 124.367720] ? lock_release+0x1c7/0x290 [ 124.368341] ? trace_softirq_raise+0xbe/0x100 [ 124.369054] ? run_posix_cpu_timers+0x160/0x7d0 [ 124.369784] ? __raise_softirq_irqoff+0x5f/0x90 [ 124.370517] ? __pfx_run_posix_cpu_timers+0x10/0x10 [ 124.371288] ? sched_balance_trigger+0x1ac/0xcb0 [ 124.372040] ? sched_tick+0x27c/0x6c0 [ 124.372645] ? do_raw_spin_lock+0x123/0x260 [ 124.373321] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 124.374063] ? perf_trace_run_bpf_submit+0xef/0x180 [ 124.374845] perf_trace_run_bpf_submit+0xef/0x180 [ 124.375608] perf_trace_preemptirq_template+0x259/0x430 [ 124.376430] ? read_tsc+0x9/0x20 [ 124.376970] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 124.377874] ? clockevents_program_event+0x135/0x360 [ 124.378680] ? tick_program_event+0xac/0x140 [ 124.379373] ? handle_softirqs+0x16e/0x770 [ 124.380043] trace_irq_enable.constprop.0+0xa6/0x100 [ 124.380832] trace_hardirqs_on+0x26/0x40 [ 124.381457] handle_softirqs+0x16e/0x770 [ 124.382114] __irq_exit_rcu+0xc4/0x100 [ 124.382722] irq_exit_rcu+0x9/0x20 [ 124.383271] sysvec_apic_timer_interrupt+0x70/0x80 [ 124.384039] [ 124.384392] [ 124.384749] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 124.385564] RIP: 0010:make_task_dead+0xa2/0x3b0 [ 124.386290] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de [ 124.389015] RSP: 0018:ffff88800a3eff28 EFLAGS: 00000246 [ 124.389817] RAX: 0000000000000001 RBX: ffff88800a49d280 RCX: ffffffff817c3ab6 [ 124.390923] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234 [ 124.391998] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 124.393087] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff88800a49d280 [ 124.394180] R13: 0000000000000000 R14: dffffc0020000032 R15: 0000000000000000 [ 124.395258] ? trace_irq_enable.constprop.0+0x26/0x100 [ 124.396054] ? make_task_dead+0x214/0x3b0 [ 124.396699] ? make_task_dead+0x214/0x3b0 [ 124.397351] ? ret_from_fork+0x34b/0x430 [ 124.397989] rewind_stack_and_make_dead+0x16/0x20 [ 124.398756] RIP: 0000:0x0 [ 124.399195] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 124.400175] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 124.401324] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.402397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 124.403456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 124.404510] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 124.405588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 124.406663] [ 124.407026] Modules linked in: [ 124.407531] ---[ end trace 0000000000000000 ]--- [ 124.408240] RIP: 0010:perf_tp_event+0x175/0xe70 [ 124.408978] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 124.411749] RSP: 0018:ffff88800a3ef440 EFLAGS: 00010012 [ 124.412574] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002 [ 124.413661] RDX: ffff88800a49d280 RSI: ffffffff8189a4e7 RDI: 0000000100000190 [ 124.414754] RBP: ffff88800a3ef6b0 R08: ffff88806ce31340 R09: ffffe8ffffc16898 [ 124.415849] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 124.416939] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 124.418045] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 124.419230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.420100] CR2: ffffffffffffffd6 CR3: 000000003dc4f000 CR4: 0000000000350ef0 [ 124.421169] Kernel panic - not syncing: Fatal exception in interrupt [ 124.422247] Kernel Offset: disabled [ 124.422797] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- VM DIAGNOSIS: 08:05:52 Registers: info registers vcpu 0 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88800a3eeda0 R8 =0000000000000000 R9 =ffffed1001712046 R10=0000000000000074 R11=552030203a555043 R12=0000000000000074 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe4300000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fec52a1d000 CR3=000000003dc4f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000ff00000000000000000000 XMM01=616e65706f007366636f72702474616e XMM02=00000000000000000000000000000000 XMM03=00007fec529f47c800007fec529f47c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffffea0000bdfe00 RCX=ffffffff81a297df RDX=ffff8880221cb700 RSI=ffffffff81a297ed RDI=0000000000000007 RBP=0000000000000001 RSP=ffff88803f39f830 R8 =0000000000000000 R9 =fffff9400017bfc0 R10=0000000000000000 R11=1ffff1100d9e6f7b R12=ffffea0000bdfe00 R13=0000000000000000 R14=ffff88803dbcb3c0 R15=ffffea0000bdfe30 RIP=ffffffff8173f6b8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe5100000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2fb29000 CR3=000000003321b000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000