[ 52.020946][ T38] audit: type=1400 audit(1647163356.620:74): avc: denied { write } for pid=3617 comm="sh" path="pipe:[29739]" dev="pipefs" ino=29739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
Warning: Permanently added '[localhost]:61623' (ECDSA) to the list of known hosts.
[ 55.808214][ T38] audit: type=1400 audit(1647163360.440:75): avc: denied { execute } for pid=3670 comm="sh" name="syz-executor3922588950" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 55.834228][ T38] audit: type=1400 audit(1647163360.440:76): avc: denied { execute_no_trans } for pid=3670 comm="sh" path="/syz-executor3922588950" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 55.885825][ T38] audit: type=1400 audit(1647163360.460:77): avc: denied { execmem } for pid=3670 comm="syz-executor392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 55.907228][ T38] audit: type=1400 audit(1647163360.470:78): avc: denied { setattr } for pid=3670 comm="syz-executor392" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 55.938218][ T38] audit: type=1400 audit(1647163360.470:79): avc: denied { create } for pid=3670 comm="syz-executor392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 55.964213][ T38] audit: type=1400 audit(1647163360.470:80): avc: denied { write } for pid=3670 comm="syz-executor392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 55.990124][ T38] audit: type=1400 audit(1647163360.470:81): avc: denied { read } for pid=3670 comm="syz-executor392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 56.016782][ T38] audit: type=1400 audit(1647163360.490:82): avc: denied { mounton } for pid=3672 comm="syz-executor392" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 56.878933][ T3677] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 56.894990][ T3677] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 56.906301][ T3677] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 56.920798][ T3677] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 56.942215][ T3675] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 56.954926][ T3675] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 56.976428][ T38] kauditd_printk_skb: 5 callbacks suppressed
[ 56.976440][ T38] audit: type=1400 audit(1647163361.610:88): avc: denied { mounton } for pid=3672 comm="syz-executor392" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
executing program
[ 57.058802][ T38] audit: type=1400 audit(1647163361.690:89): avc: denied { mounton } for pid=3672 comm="syz-executor392" path="/dev/binderfs" dev="devtmpfs" ino=2380 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 57.091688][ T38] audit: type=1400 audit(1647163361.690:90): avc: denied { mount } for pid=3672 comm="syz-executor392" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 57.121607][ T38] audit: type=1400 audit(1647163361.700:91): avc: denied { read write } for pid=3672 comm="syz-executor392" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 57.153047][ T38] audit: type=1400 audit(1647163361.700:92): avc: denied { open } for pid=3672 comm="syz-executor392" path="/dev/raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 57.183044][ T38] audit: type=1400 audit(1647163361.700:93): avc: denied { ioctl } for pid=3672 comm="syz-executor392" path="/dev/raw-gadget" dev="devtmpfs" ino=760 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 57.345232][ T5] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 57.609296][ T5] usb 5-1: Using ep0 maxpacket: 32
[ 57.734785][ T5] usb 5-1: config 0 has an invalid interface number: 254 but max is 0
[ 57.747096][ T5] usb 5-1: config 0 has no interface number 0
[ 57.756000][ T5] usb 5-1: config 0 interface 254 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 57.924834][ T5] usb 5-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=29.3d
[ 57.935277][ T5] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 57.943658][ T5] usb 5-1: Product: syz
[ 57.948306][ T5] usb 5-1: Manufacturer: syz
[ 57.952924][ T5] usb 5-1: SerialNumber: syz
[ 57.962362][ T5] usb 5-1: config 0 descriptor??
write to /proc/sys/net/core/bpf_jit_kallsyms failed: No such file or directory
write to /proc/sys/net/core/bpf_jit_harden failed: No such file or directory
write to /proc/sys/net/core/bpf_jit_kallsyms failed: No such file or directory
write to /proc/sys/net/core/bpf_jit_harden failed: No such file or directory
[ 58.323430][ T3672] syz-executor392 (3672) used greatest stack depth: 23088 bytes left
[ 58.368878][ T5] em28xx 5-1:0.254: New device syz syz @ 480 Mbps (eb1a:e303, interface 254, class 254)
[ 58.381816][ T5] em28xx 5-1:0.254: Video interface 254 found:
[ 58.545116][ T5] em28xx 5-1:0.254: unknown em28xx chip ID (0)
[ 58.884603][ T5] em28xx 5-1:0.254: reading from i2c device at 0xa0 failed (error=-5)
[ 58.893748][ T5] em28xx 5-1:0.254: board has no eeprom
[ 59.004427][ T5] em28xx 5-1:0.254: Identified as Kaiomy TVnPC U2 (card=63)
[ 59.012013][ T5] em28xx 5-1:0.254: analog set to bulk mode.
[ 59.028027][ T5] usb 5-1: USB disconnect, device number 2
[ 59.041709][ T3680] em28xx 5-1:0.254: Registering V4L2 extension
[ 59.059315][ T5] em28xx 5-1:0.254: Disconnecting em28xx
[ 59.118741][ T3680] i2c i2c-2: Invalid 7-bit I2C address 0x00
[ 59.157038][ T3680] tuner: 2-0061: Tuner -1 found with type(s) Radio TV.
[ 59.170020][ T3680] xc2028 2-0061: creating new instance
[ 59.178376][ T3680] xc2028 2-0061: type set to XCeive xc2028/xc3028 tuner
[ 59.188188][ T3680] em28xx 5-1:0.254: Config register raw data: 0xffffffed
[ 59.197128][ T3680] em28xx 5-1:0.254: AC97 chip type couldn't be determined
[ 59.206259][ T3680] em28xx 5-1:0.254: No AC97 audio processor
[ 59.222500][ T3680] em28xx 5-1:0.254: Registered radio device as radio32
[ 59.229654][ T3680] usb 5-1: Decoder not found
[ 59.235198][ T3680] em28xx 5-1:0.254: failed to create media graph
[ 59.241485][ T3680] em28xx 5-1:0.254: V4L2 device radio32 deregistered
[ 59.250016][ T3680] em28xx 5-1:0.254: V4L2 device video71 deregistered
[ 59.259399][ T3680] xc2028 2-0061: destroying instance
[ 59.265494][ T3680] em28xx 5-1:0.254: Registering input extension
[ 59.272229][ T5] em28xx 5-1:0.254: Closing input extension
[ 59.286534][ T5] em28xx 5-1:0.254: Freeing device
[ 59.299110][ T3680] usb 5-1:0.254: Direct firmware load for xc3028-v27.fw failed with error -2
[ 59.315901][ T3680] usb 5-1:0.254: Falling back to sysfs fallback for: xc3028-v27.fw
[ 59.326469][ T3680] kobject_add_internal failed for firmware (error: -2 parent: 5-1:0.254)
[ 59.337749][ T3680] firmware xc3028-v27.fw: fw_load_sysfs_fallback: device_register failed
[ 59.349156][ T3680] ==================================================================
[ 59.358965][ T3680] BUG: KASAN: use-after-free in load_firmware_cb+0x269/0x290
[ 59.367773][ T3680] Read of size 8 at addr ffff8880247b7318 by task kworker/0:3/3680
[ 59.377412][ T3680]
[ 59.380422][ T3680] CPU: 0 PID: 3680 Comm: kworker/0:3 Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1 #0
[ 59.391984][ T3680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 59.401149][ T3680] Workqueue: events request_firmware_work_func
[ 59.407496][ T3680] Call Trace:
[ 59.410656][ T3680]
[ 59.413692][ T3680] dump_stack_lvl+0xcd/0x134
[ 59.418487][ T3680] print_address_description.constprop.0.cold+0x8d/0x303
[ 59.425530][ T3680] ? load_firmware_cb+0x269/0x290
[ 59.430489][ T3680] ? load_firmware_cb+0x269/0x290
[ 59.435619][ T3680] kasan_report.cold+0x83/0xdf
[ 59.440301][ T3680] ? load_firmware_cb+0x269/0x290
[ 59.445551][ T3680] ? seek_firmware.isra.0+0x610/0x610
[ 59.451205][ T3680] load_firmware_cb+0x269/0x290
[ 59.456084][ T3680] ? do_raw_spin_unlock+0x171/0x230
[ 59.461390][ T3680] ? mark_held_locks+0x9f/0xe0
[ 59.466247][ T3680] ? seek_firmware.isra.0+0x610/0x610
[ 59.471559][ T3680] ? _request_firmware+0x9cf/0xfe0
[ 59.476647][ T3680] ? lockdep_hardirqs_on+0x79/0x100
[ 59.481976][ T3680] ? _request_firmware+0xae/0xfe0
[ 59.487003][ T3680] ? seek_firmware.isra.0+0x610/0x610
[ 59.492230][ T3680] request_firmware_work_func+0x12c/0x230
[ 59.498821][ T3680] ? request_partial_firmware_into_buf+0xa0/0xa0
[ 59.505398][ T3680] process_one_work+0x9ac/0x1650
[ 59.511399][ T3680] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 59.517422][ T3680] ? rwlock_bug.part.0+0x90/0x90
[ 59.522432][ T3680] ? _raw_spin_lock_irq+0x41/0x50
[ 59.527385][ T3680] worker_thread+0x657/0x1110
[ 59.532010][ T3680] ? process_one_work+0x1650/0x1650
[ 59.537253][ T3680] kthread+0x2e9/0x3a0
[ 59.541340][ T3680] ? kthread_complete_and_exit+0x40/0x40
[ 59.547127][ T3680] ret_from_fork+0x1f/0x30
[ 59.551545][ T3680]
[ 59.554608][ T3680]
[ 59.556994][ T3680] Allocated by task 3680:
[ 59.561286][ T3680] kasan_save_stack+0x1e/0x40
[ 59.566095][ T3680] __kasan_kmalloc+0xa6/0xd0
[ 59.570604][ T3680] kmem_cache_alloc_trace+0x1ea/0x4a0
[ 59.575715][ T3680] tuner_probe+0xa4/0x1180
[ 59.580166][ T3680] i2c_device_probe+0xa0c/0xb90
[ 59.585007][ T3680] really_probe+0x245/0xcc0
[ 59.589419][ T3680] __driver_probe_device+0x338/0x4d0
[ 59.594685][ T3680] driver_probe_device+0x4c/0x1a0
[ 59.599797][ T3680] __device_attach_driver+0x20b/0x2f0
[ 59.605387][ T3680] bus_for_each_drv+0x15f/0x1e0
[ 59.610710][ T3680] __device_attach+0x228/0x4a0
[ 59.616157][ T3680] bus_probe_device+0x1e4/0x290
[ 59.620976][ T3680] device_add+0xb83/0x1e20
[ 59.625403][ T3680] i2c_new_client_device+0x67b/0xb60
[ 59.630699][ T3680] v4l2_i2c_new_subdev_board+0xaf/0x2c0
[ 59.636534][ T3680] v4l2_i2c_new_subdev+0x102/0x170
[ 59.642620][ T3680] em28xx_v4l2_init.cold+0x9cb/0x32a7
[ 59.648120][ T3680] em28xx_init_extension+0x12f/0x1f0
[ 59.653311][ T3680] request_module_async+0x5d/0x70
[ 59.658263][ T3680] process_one_work+0x9ac/0x1650
[ 59.663074][ T3680] worker_thread+0x657/0x1110
[ 59.667697][ T3680] kthread+0x2e9/0x3a0
[ 59.671656][ T3680] ret_from_fork+0x1f/0x30
[ 59.676249][ T3680]
[ 59.678676][ T3680] Freed by task 3680:
[ 59.682576][ T3680] kasan_save_stack+0x1e/0x40
[ 59.687246][ T3680] kasan_set_track+0x21/0x30
[ 59.691814][ T3680] kasan_set_free_info+0x20/0x30
[ 59.696743][ T3680] ____kasan_slab_free+0xff/0x140
[ 59.701632][ T3680] kfree+0xf8/0x2b0
[ 59.705412][ T3680] tuner_remove+0x198/0x200
[ 59.709792][ T3680] i2c_device_remove+0x7b/0x240
[ 59.714445][ T3680] __device_release_driver+0x3bd/0x760
[ 59.719776][ T3680] device_release_driver+0x26/0x40
[ 59.724866][ T3680] bus_remove_device+0x2eb/0x5a0
[ 59.729752][ T3680] device_del+0x4f3/0xc80
[ 59.734110][ T3680] device_unregister+0x1f/0xc0
[ 59.738810][ T3680] i2c_unregister_device+0x38/0x40
[ 59.743664][ T3680] v4l2_i2c_subdev_unregister+0xa2/0xc0
[ 59.749131][ T3680] v4l2_device_unregister+0x20d/0x2e0
[ 59.754751][ T3680] em28xx_v4l2_init.cold+0xd26/0x32a7
[ 59.760918][ T3680] em28xx_init_extension+0x12f/0x1f0
[ 59.767123][ T3680] request_module_async+0x5d/0x70
[ 59.773225][ T3680] process_one_work+0x9ac/0x1650
[ 59.779276][ T3680] worker_thread+0x657/0x1110
[ 59.785054][ T3680] kthread+0x2e9/0x3a0
[ 59.790094][ T3680] ret_from_fork+0x1f/0x30
[ 59.795504][ T3680]
[ 59.798176][ T3680] The buggy address belongs to the object at ffff8880247b7000
[ 59.798176][ T3680] which belongs to the cache kmalloc-2k of size 2048
[ 59.812134][ T3680] The buggy address is located 792 bytes inside of
[ 59.812134][ T3680] 2048-byte region [ffff8880247b7000, ffff8880247b7800)
[ 59.825604][ T3680] The buggy address belongs to the page:
[ 59.831150][ T3680] page:ffffea000091edc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x247b7
[ 59.841396][ T3680] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 59.848690][ T3680] raw: 00fff00000000200 ffffea000098d148 ffffea000060fa88 ffff888010c40800
[ 59.857201][ T3680] raw: 0000000000000000 ffff8880247b7000 0000000100000001 0000000000000000
[ 59.866105][ T3680] page dumped because: kasan: bad access detected
[ 59.872287][ T3680] page_owner tracks the page as allocated
[ 59.877631][ T3680] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2420c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_COMP|__GFP_THISNODE), pid 3680, ts 59156936101, free_ts 59136567746
[ 59.895148][ T3680] get_page_from_freelist+0xa72/0x2f50
[ 59.900781][ T3680] __alloc_pages+0x1b2/0x500
[ 59.905360][ T3680] cache_grow_begin+0x75/0x390
[ 59.909894][ T3680] cache_alloc_refill+0x27f/0x380
[ 59.914809][ T3680] kmem_cache_alloc_trace+0x380/0x4a0
[ 59.920513][ T3680] tuner_probe+0xa4/0x1180
[ 59.924924][ T3680] i2c_device_probe+0xa0c/0xb90
[ 59.929945][ T3680] really_probe+0x245/0xcc0
[ 59.934425][ T3680] __driver_probe_device+0x338/0x4d0
[ 59.939704][ T3680] driver_probe_device+0x4c/0x1a0
[ 59.944779][ T3680] __device_attach_driver+0x20b/0x2f0
[ 59.950171][ T3680] bus_for_each_drv+0x15f/0x1e0
[ 59.954926][ T3680] __device_attach+0x228/0x4a0
[ 59.959750][ T3680] bus_probe_device+0x1e4/0x290
[ 59.964551][ T3680] device_add+0xb83/0x1e20
[ 59.968958][ T3680] i2c_new_client_device+0x67b/0xb60
[ 59.974117][ T3680] page last free stack trace:
[ 59.978775][ T3680] free_pcp_prepare+0x374/0x870
[ 59.983506][ T3680] free_unref_page+0x19/0x690
[ 59.988461][ T3680] slabs_destroy+0x89/0xc0
[ 59.993898][ T3680] ___cache_free+0x303/0x600
[ 59.999613][ T3680] qlist_free_all+0x50/0x1a0
[ 60.004990][ T3680] kasan_quarantine_reduce+0x180/0x200
[ 60.010538][ T3680] __kasan_slab_alloc+0x97/0xb0
[ 60.015605][ T3680] kmem_cache_alloc+0x265/0x560
[ 60.020465][ T3680] getname_flags.part.0+0x50/0x4f0
[ 60.025660][ T3680] getname_flags+0x9a/0xe0
[ 60.030226][ T3680] user_path_at_empty+0x2b/0x60
[ 60.035138][ T3680] vfs_statx+0x142/0x390
[ 60.039299][ T3680] __do_sys_newfstatat+0x96/0x120
[ 60.044214][ T3680] do_syscall_64+0x35/0xb0
[ 60.049190][ T3680] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 60.055097][ T3680]
[ 60.057438][ T3680] Memory state around the buggy address:
[ 60.064396][ T3680] ffff8880247b7200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.074695][ T3680] ffff8880247b7280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.083608][ T3680] >ffff8880247b7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.092085][ T3680] ^
[ 60.097511][ T3680] ffff8880247b7380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.105976][ T3680] ffff8880247b7400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.114425][ T3680] ==================================================================
[ 60.122623][ T3680] Disabling lock debugging due to kernel taint
[ 60.134230][ T3680] Kernel panic - not syncing: panic_on_warn set ...
[ 60.141147][ T3680] CPU: 0 PID: 3680 Comm: kworker/0:3 Tainted: G B 5.17.0-rc7-syzkaller-00235-gaad611a868d1 #0
[ 60.153114][ T3680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 60.162147][ T3680] Workqueue: events request_firmware_work_func
[ 60.168605][ T3680] Call Trace:
[ 60.171896][ T3680]
[ 60.175281][ T3680] dump_stack_lvl+0xcd/0x134
[ 60.180197][ T3680] panic+0x2b0/0x6dd
[ 60.184102][ T3680] ? __warn_printk+0xf3/0xf3
[ 60.188510][ T3680] ? preempt_schedule_common+0x59/0xc0
[ 60.193642][ T3680] ? load_firmware_cb+0x269/0x290
[ 60.198311][ T3680] ? preempt_schedule_thunk+0x16/0x18
[ 60.203828][ T3680] ? trace_hardirqs_on+0x38/0x1c0
[ 60.208905][ T3680] ? trace_hardirqs_on+0x51/0x1c0
[ 60.214213][ T3680] ? load_firmware_cb+0x269/0x290
[ 60.220689][ T3680] ? load_firmware_cb+0x269/0x290
[ 60.227181][ T3680] end_report.cold+0x63/0x6f
[ 60.233138][ T3680] kasan_report.cold+0x71/0xdf
[ 60.239248][ T3680] ? load_firmware_cb+0x269/0x290
[ 60.247114][ T3680] ? seek_firmware.isra.0+0x610/0x610
[ 60.253962][ T3680] load_firmware_cb+0x269/0x290
[ 60.260123][ T3680] ? do_raw_spin_unlock+0x171/0x230
[ 60.266841][ T3680] ? mark_held_locks+0x9f/0xe0
[ 60.273324][ T3680] ? seek_firmware.isra.0+0x610/0x610
[ 60.280518][ T3680] ? _request_firmware+0x9cf/0xfe0
[ 60.287450][ T3680] ? lockdep_hardirqs_on+0x79/0x100
[ 60.293958][ T3680] ? _request_firmware+0xae/0xfe0
[ 60.300307][ T3680] ? seek_firmware.isra.0+0x610/0x610
[ 60.307116][ T3680] request_firmware_work_func+0x12c/0x230
[ 60.314302][ T3680] ? request_partial_firmware_into_buf+0xa0/0xa0
[ 60.322174][ T3680] process_one_work+0x9ac/0x1650
[ 60.328212][ T3680] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 60.336350][ T3680] ? rwlock_bug.part.0+0x90/0x90
[ 60.343122][ T3680] ? _raw_spin_lock_irq+0x41/0x50
[ 60.349318][ T3680] worker_thread+0x657/0x1110
[ 60.355179][ T3680] ? process_one_work+0x1650/0x1650
[ 60.361861][ T3680] kthread+0x2e9/0x3a0
[ 60.366683][ T3680] ? kthread_complete_and_exit+0x40/0x40
[ 60.373629][ T3680] ret_from_fork+0x1f/0x30
[ 60.378862][ T3680]
[ 60.383147][ T3680] Kernel Offset: disabled
[ 60.387512][ T3680] Rebooting in 86400 seconds..
VM DIAGNOSIS:
09:22:53 Registers:
info registers vcpu 0
RAX=0000000000000002 RBX=000000265a5fa154 RCX=1ffffffff20a2f20 RDX=0000000000000001
RSI=ffffffff8a05ca60 RDI=ffffffff8a05caa0 RBP=000000265a55df8c RSP=ffffc90000df7988
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8907eeab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8a05ca60 R14=0000000000000057 R15=0000000000000057
RIP=ffffffff894c20ca RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802ca00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fd631c62300 CR3=000000001896a000 CR4=00150ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=000000ff000000000000000000000000
XMM02=00ff000000000000000000000000ff00 XMM03=5d3738323237382e39352020205b203a
XMM04=746e6f6373203030353578303d646d63 XMM05=00000000000000ff0000000000000000
XMM06=666e6d63732030223535653020226d63 XMM07=303635372e37352020205b203a6c656e
XMM08=2500656c6f736e6f632f7665642f000a XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=00000000ac000400 RBX=ffff88802cb218c0 RCX=ffffffff812b9f88 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff8d93ea88 RBP=0000000000000001 RSP=ffffc90000728f68
R8 =0000000000000000 R9 =ffffffff8d93ea8f R10=fffffbfff1b27d51 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812b9fbd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cb00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000558ecfb27f60 CR3=000000001896a000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00ff000000000000000000000000ff00 XMM03=4b205d3038363354205b5d3033323433
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=36333120352070202c2945444f202c31 XMM07=30206b73616d5f706667202c656c6261
XMM08=2500656c6f736e6f632f7665642f000a XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=00000000ac000400 RBX=ffff88802cc218c0 RCX=ffffffff812b9f88 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff8d93ea88 RBP=0000000000000002 RSP=ffffc90000780f68
R8 =0000000000000000 R9 =ffffffff8d93ea8f R10=fffffbfff1b27d51 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812b9fbd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000558ecfaf69e0 CR3=000000000b88e000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffff00000000000000000000
XMM02=0000000000000000000000000000ff00 XMM03=00000000000000000000ff0000000000
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=ffffff00ffffffffffffffffff00ff00
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=75252f73252f7665642f7379732f002f XMM09=00000000000000000000000000000000
XMM10=2f2f7aa1e081af3f2f2f7aa4b877cedd XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=00000000ac000400 RBX=ffff88802cd218c0 RCX=ffffffff812b9f88 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff8d93ea88 RBP=0000000000000003 RSP=ffffc900007d8f68
R8 =0000000000000000 R9 =ffffffff8d93ea8f R10=fffffbfff1b27d51 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812b9fbd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802cd00000 ffffffff 00000000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4500796300 CR3=00000000214f3000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000020100000555e04f99f60
XMM02=00007f8f0d9a9a0000007f8f0d878892 XMM03=0000000000000016ffffffffffffff88
XMM04=00000000000000100000000000000000 XMM05=00007ffdb44303d800007ffdb4430410
XMM06=00000000000000010000000000000014 XMM07=00007ffdb443053800007ffdb4430410
XMM08=2f6e69622f006e776f64747568730000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000