[ 51.952627][ T38] audit: type=1400 audit(1647162662.041:73): avc: denied { transition } for pid=3643 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 51.988829][ T38] audit: type=1400 audit(1647162662.041:74): avc: denied { write } for pid=3643 comm="sh" path="pipe:[1796]" dev="pipefs" ino=1796 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
Warning: Permanently added '[localhost]:9445' (ECDSA) to the list of known hosts.
[ 55.166406][ T38] audit: type=1400 audit(1647162665.251:75): avc: denied { execute } for pid=3656 comm="sh" name="syz-executor4180004470" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
executing program
[ 55.193546][ T38] audit: type=1400 audit(1647162665.251:76): avc: denied { execute_no_trans } for pid=3656 comm="sh" path="/syz-executor4180004470" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 55.224151][ T38] audit: type=1400 audit(1647162665.251:77): avc: denied { execmem } for pid=3656 comm="syz-executor418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 55.248886][ T38] audit: type=1400 audit(1647162665.251:78): avc: denied { create } for pid=3656 comm="syz-executor418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 55.275848][ T38] audit: type=1400 audit(1647162665.251:79): avc: denied { write } for pid=3656 comm="syz-executor418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 55.300277][ T38] audit: type=1400 audit(1647162665.251:80): avc: denied { read } for pid=3656 comm="syz-executor418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 55.321566][ T38] audit: type=1400 audit(1647162665.281:81): avc: denied { read write } for pid=3657 comm="syz-executor418" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 55.347433][ T38] audit: type=1400 audit(1647162665.281:82): avc: denied { open } for pid=3657 comm="syz-executor418" path="/dev/raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 55.468059][ T7] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 55.708056][ T7] usb 5-1: Using ep0 maxpacket: 32
[ 55.848150][ T7] usb 5-1: config 0 has an invalid interface number: 254 but max is 0
[ 55.856367][ T7] usb 5-1: config 0 has no interface number 0
[ 55.863290][ T7] usb 5-1: config 0 interface 254 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 56.038379][ T7] usb 5-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=29.3d
[ 56.049005][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 56.057464][ T7] usb 5-1: Product: syz
[ 56.062926][ T7] usb 5-1: Manufacturer: syz
[ 56.069449][ T7] usb 5-1: SerialNumber: syz
[ 56.081037][ T7] usb 5-1: config 0 descriptor??
executing program
[ 56.371388][ T7] em28xx 5-1:0.254: New device syz syz @ 480 Mbps (eb1a:e303, interface 254, class 254)
[ 56.383476][ T7] em28xx 5-1:0.254: Video interface 254 found:
[ 56.518193][ T7] em28xx 5-1:0.254: unknown em28xx chip ID (0)
[ 56.859598][ T7] em28xx 5-1:0.254: reading from i2c device at 0xa0 failed (error=-5)
[ 56.870726][ T7] em28xx 5-1:0.254: board has no eeprom
[ 56.978146][ T7] em28xx 5-1:0.254: Identified as Kaiomy TVnPC U2 (card=63)
[ 56.997046][ T7] em28xx 5-1:0.254: analog set to bulk mode.
[ 57.009260][ T7] usb 5-1: USB disconnect, device number 2
[ 57.016503][ T7] em28xx 5-1:0.254: Disconnecting em28xx
[ 57.022709][ T5] em28xx 5-1:0.254: Registering V4L2 extension
[ 57.086945][ T5] i2c i2c-2: Invalid 7-bit I2C address 0x00
[ 57.122704][ T5] tuner: 2-0061: Tuner -1 found with type(s) Radio TV.
[ 57.134540][ T5] xc2028 2-0061: creating new instance
[ 57.142366][ T5] xc2028 2-0061: type set to XCeive xc2028/xc3028 tuner
[ 57.155253][ T5] em28xx 5-1:0.254: Config register raw data: 0xffffffed
[ 57.164202][ T5] em28xx 5-1:0.254: AC97 chip type couldn't be determined
[ 57.174821][ T5] em28xx 5-1:0.254: No AC97 audio processor
[ 57.186376][ T5] em28xx 5-1:0.254: Registered radio device as radio32
[ 57.195396][ T5] usb 5-1: Decoder not found
[ 57.201084][ T5] em28xx 5-1:0.254: failed to create media graph
[ 57.209166][ T5] em28xx 5-1:0.254: V4L2 device radio32 deregistered
[ 57.219337][ T5] em28xx 5-1:0.254: V4L2 device video71 deregistered
[ 57.229068][ T5] xc2028 2-0061: destroying instance
[ 57.235426][ T5] em28xx 5-1:0.254: Registering input extension
[ 57.242544][ T7] em28xx 5-1:0.254: Closing input extension
[ 57.255163][ T7] em28xx 5-1:0.254: Freeing device
[ 57.265199][ T5] usb 5-1:0.254: Direct firmware load for xc3028-v27.fw failed with error -2
[ 57.275702][ T5] usb 5-1:0.254: Falling back to sysfs fallback for: xc3028-v27.fw
[ 57.287669][ T5] kobject_add_internal failed for firmware (error: -2 parent: 5-1:0.254)
[ 57.303365][ T5] firmware xc3028-v27.fw: fw_load_sysfs_fallback: device_register failed
[ 57.314722][ T5] ==================================================================
[ 57.325693][ T5] BUG: KASAN: use-after-free in load_firmware_cb+0x269/0x290
[ 57.334499][ T5] Read of size 8 at addr ffff88801c96d318 by task kworker/0:0/5
[ 57.348030][ T5]
[ 57.350581][ T5] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1 #0
[ 57.363231][ T5] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 57.372468][ T5] Workqueue: events request_firmware_work_func
[ 57.378981][ T5] Call Trace:
[ 57.382291][ T5]
[ 57.385722][ T5] dump_stack_lvl+0xcd/0x134
[ 57.391063][ T5] print_address_description.constprop.0.cold+0x8d/0x303
[ 57.398298][ T5] ? load_firmware_cb+0x269/0x290
[ 57.403424][ T5] ? load_firmware_cb+0x269/0x290
[ 57.408133][ T5] kasan_report.cold+0x83/0xdf
[ 57.412601][ T5] ? load_firmware_cb+0x269/0x290
[ 57.418650][ T5] ? seek_firmware.isra.0+0x610/0x610
[ 57.424088][ T5] load_firmware_cb+0x269/0x290
[ 57.429344][ T5] ? do_raw_spin_unlock+0x171/0x230
[ 57.435555][ T5] ? mark_held_locks+0x9f/0xe0
[ 57.441090][ T5] ? seek_firmware.isra.0+0x610/0x610
[ 57.447055][ T5] ? _request_firmware+0x9cf/0xfe0
[ 57.452576][ T5] ? lockdep_hardirqs_on+0x79/0x100
[ 57.459139][ T5] ? _request_firmware+0xae/0xfe0
[ 57.464285][ T5] ? seek_firmware.isra.0+0x610/0x610
[ 57.469766][ T5] request_firmware_work_func+0x12c/0x230
[ 57.475822][ T5] ? request_partial_firmware_into_buf+0xa0/0xa0
[ 57.482726][ T5] process_one_work+0x9ac/0x1650
[ 57.487925][ T5] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 57.493267][ T5] ? rwlock_bug.part.0+0x90/0x90
[ 57.499107][ T5] ? _raw_spin_lock_irq+0x41/0x50
[ 57.504409][ T5] worker_thread+0x657/0x1110
[ 57.509297][ T5] ? process_one_work+0x1650/0x1650
[ 57.515334][ T5] kthread+0x2e9/0x3a0
[ 57.520298][ T5] ? kthread_complete_and_exit+0x40/0x40
[ 57.526625][ T5] ret_from_fork+0x1f/0x30
[ 57.531351][ T5]
[ 57.534501][ T5]
[ 57.537130][ T5] Allocated by task 5:
[ 57.541076][ T5] kasan_save_stack+0x1e/0x40
[ 57.546431][ T5] __kasan_kmalloc+0xa6/0xd0
[ 57.551644][ T5] kmem_cache_alloc_trace+0x1ea/0x4a0
[ 57.557761][ T5] tuner_probe+0xa4/0x1180
[ 57.562338][ T5] i2c_device_probe+0xa0c/0xb90
[ 57.567200][ T5] really_probe+0x245/0xcc0
[ 57.571878][ T5] __driver_probe_device+0x338/0x4d0
[ 57.577260][ T5] driver_probe_device+0x4c/0x1a0
[ 57.582534][ T5] __device_attach_driver+0x20b/0x2f0
[ 57.588033][ T5] bus_for_each_drv+0x15f/0x1e0
[ 57.592834][ T5] __device_attach+0x228/0x4a0
[ 57.597722][ T5] bus_probe_device+0x1e4/0x290
[ 57.602716][ T5] device_add+0xb83/0x1e20
[ 57.607213][ T5] i2c_new_client_device+0x67b/0xb60
[ 57.612444][ T5] v4l2_i2c_new_subdev_board+0xaf/0x2c0
[ 57.618014][ T5] v4l2_i2c_new_subdev+0x102/0x170
[ 57.623380][ T5] em28xx_v4l2_init.cold+0x9cb/0x32a7
[ 57.628801][ T5] em28xx_init_extension+0x12f/0x1f0
[ 57.634082][ T5] request_module_async+0x5d/0x70
[ 57.639063][ T5] process_one_work+0x9ac/0x1650
[ 57.643896][ T5] worker_thread+0x7e2/0x1110
[ 57.648664][ T5] kthread+0x2e9/0x3a0
[ 57.652627][ T5] ret_from_fork+0x1f/0x30
[ 57.657032][ T5]
[ 57.659236][ T5] Freed by task 5:
[ 57.662874][ T5] kasan_save_stack+0x1e/0x40
[ 57.667614][ T5] kasan_set_track+0x21/0x30
[ 57.672128][ T5] kasan_set_free_info+0x20/0x30
[ 57.677192][ T5] ____kasan_slab_free+0xff/0x140
[ 57.683273][ T5] kfree+0xf8/0x2b0
[ 57.687990][ T5] tuner_remove+0x198/0x200
[ 57.692658][ T5] i2c_device_remove+0x7b/0x240
[ 57.697323][ T5] __device_release_driver+0x3bd/0x760
[ 57.702745][ T5] device_release_driver+0x26/0x40
[ 57.707633][ T5] bus_remove_device+0x2eb/0x5a0
[ 57.712557][ T5] device_del+0x4f3/0xc80
[ 57.717008][ T5] device_unregister+0x1f/0xc0
[ 57.721574][ T5] i2c_unregister_device+0x38/0x40
[ 57.726387][ T5] v4l2_i2c_subdev_unregister+0xa2/0xc0
[ 57.731876][ T5] v4l2_device_unregister+0x20d/0x2e0
[ 57.737065][ T5] em28xx_v4l2_init.cold+0xd26/0x32a7
[ 57.742180][ T5] em28xx_init_extension+0x12f/0x1f0
[ 57.747269][ T5] request_module_async+0x5d/0x70
[ 57.753199][ T5] process_one_work+0x9ac/0x1650
[ 57.759122][ T5] worker_thread+0x7e2/0x1110
[ 57.764958][ T5] kthread+0x2e9/0x3a0
[ 57.770049][ T5] ret_from_fork+0x1f/0x30
[ 57.775444][ T5]
[ 57.778416][ T5] Last potentially related work creation:
[ 57.785394][ T5] kasan_save_stack+0x1e/0x40
[ 57.791230][ T5] __kasan_record_aux_stack+0x7e/0x90
[ 57.798079][ T5] call_rcu+0xb1/0x740
[ 57.803096][ T5] netlink_release+0xf08/0x1db0
[ 57.809179][ T5] __sock_release+0xcd/0x280
[ 57.814795][ T5] sock_close+0x18/0x20
[ 57.819845][ T5] __fput+0x286/0x9f0
[ 57.824745][ T5] task_work_run+0xdd/0x1a0
[ 57.830169][ T5] exit_to_user_mode_prepare+0x27e/0x290
[ 57.837135][ T5] syscall_exit_to_user_mode+0x19/0x60
[ 57.843784][ T5] do_syscall_64+0x42/0xb0
[ 57.849096][ T5] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 57.855666][ T5]
[ 57.857984][ T5] The buggy address belongs to the object at ffff88801c96d000
[ 57.857984][ T5] which belongs to the cache kmalloc-2k of size 2048
[ 57.871808][ T5] The buggy address is located 792 bytes inside of
[ 57.871808][ T5] 2048-byte region [ffff88801c96d000, ffff88801c96d800)
[ 57.884687][ T5] The buggy address belongs to the page:
[ 57.890237][ T5] page:ffffea0000725b40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c96d
[ 57.899903][ T5] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 57.907259][ T5] raw: 00fff00000000200 ffffea00004ee108 ffffea0000714a08 ffff888010c40800
[ 57.915634][ T5] raw: 0000000000000000 ffff88801c96d000 0000000100000001 0000000000000000
[ 57.924070][ T5] page dumped because: kasan: bad access detected
[ 57.930358][ T5] page_owner tracks the page as allocated
[ 57.935946][ T5] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_THISNODE), pid 968, ts 36293287433, free_ts 36268103858
[ 57.956664][ T5] get_page_from_freelist+0xa72/0x2f50
[ 57.962185][ T5] __alloc_pages+0x1b2/0x500
[ 57.966677][ T5] cache_grow_begin+0x75/0x390
[ 57.971422][ T5] cache_alloc_refill+0x27f/0x380
[ 57.976613][ T5] kmem_cache_alloc_node_trace+0x49c/0x5b0
[ 57.982359][ T5] __kmalloc_node_track_caller+0x38/0x60
[ 57.988918][ T5] pskb_expand_head+0x15e/0x1060
[ 57.994264][ T5] netlink_trim+0x1ea/0x240
[ 57.998808][ T5] netlink_broadcast+0x5b/0xd50
[ 58.003484][ T5] nlmsg_notify+0x8f/0x280
[ 58.009184][ T5] rtmsg_ifinfo+0xf0/0x120
[ 58.014470][ T5] netdev_state_change+0x114/0x130
[ 58.019549][ T5] linkwatch_do_dev+0x10e/0x150
[ 58.024822][ T5] __linkwatch_run_queue+0x243/0x6b0
[ 58.030170][ T5] linkwatch_event+0x4a/0x60
[ 58.035562][ T5] process_one_work+0x9ac/0x1650
[ 58.040918][ T5] page last free stack trace:
[ 58.045601][ T5] free_pcp_prepare+0x374/0x870
[ 58.050481][ T5] free_unref_page+0x19/0x690
[ 58.055210][ T5] __put_page+0x13d/0x1e0
[ 58.060404][ T5] free_page_and_swap_cache+0x1f2/0x270
[ 58.067586][ T5] tlb_remove_table_rcu+0x85/0xe0
[ 58.074420][ T5] rcu_core+0x7b1/0x1820
[ 58.079678][ T5] __do_softirq+0x29b/0x9c2
[ 58.085390][ T5]
[ 58.088557][ T5] Memory state around the buggy address:
[ 58.096117][ T5] ffff88801c96d200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.106350][ T5] ffff88801c96d280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.116637][ T5] >ffff88801c96d300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.126893][ T5] ^
[ 58.133055][ T5] ffff88801c96d380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.143193][ T5] ffff88801c96d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.154043][ T5] ==================================================================
[ 58.164524][ T5] Disabling lock debugging due to kernel taint
[ 58.174662][ T5] Kernel panic - not syncing: panic_on_warn set ...
[ 58.185205][ T5] CPU: 0 PID: 5 Comm: kworker/0:0 Tainted: G B 5.17.0-rc7-syzkaller-00235-gaad611a868d1 #0
[ 58.204958][ T5] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 58.216872][ T5] Workqueue: events request_firmware_work_func
[ 58.222973][ T5] Call Trace:
[ 58.226858][ T5]
[ 58.230015][ T5] dump_stack_lvl+0xcd/0x134
[ 58.234628][ T5] panic+0x2b0/0x6dd
[ 58.238957][ T5] ? __warn_printk+0xf3/0xf3
[ 58.243606][ T5] ? preempt_schedule_common+0x59/0xc0
[ 58.249590][ T5] ? load_firmware_cb+0x269/0x290
[ 58.254656][ T5] ? preempt_schedule_thunk+0x16/0x18
[ 58.260120][ T5] ? trace_hardirqs_on+0x38/0x1c0
[ 58.265081][ T5] ? trace_hardirqs_on+0x51/0x1c0
[ 58.270228][ T5] ? load_firmware_cb+0x269/0x290
[ 58.275169][ T5] ? load_firmware_cb+0x269/0x290
[ 58.280279][ T5] end_report.cold+0x63/0x6f
[ 58.284864][ T5] kasan_report.cold+0x71/0xdf
[ 58.289520][ T5] ? load_firmware_cb+0x269/0x290
[ 58.294484][ T5] ? seek_firmware.isra.0+0x610/0x610
[ 58.299804][ T5] load_firmware_cb+0x269/0x290
[ 58.304578][ T5] ? do_raw_spin_unlock+0x171/0x230
[ 58.309656][ T5] ? mark_held_locks+0x9f/0xe0
[ 58.314338][ T5] ? seek_firmware.isra.0+0x610/0x610
[ 58.320711][ T5] ? _request_firmware+0x9cf/0xfe0
[ 58.327429][ T5] ? lockdep_hardirqs_on+0x79/0x100
[ 58.333683][ T5] ? _request_firmware+0xae/0xfe0
[ 58.339658][ T5] ? seek_firmware.isra.0+0x610/0x610
[ 58.346479][ T5] request_firmware_work_func+0x12c/0x230
[ 58.353877][ T5] ? request_partial_firmware_into_buf+0xa0/0xa0
[ 58.361734][ T5] process_one_work+0x9ac/0x1650
[ 58.368011][ T5] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 58.374583][ T5] ? rwlock_bug.part.0+0x90/0x90
[ 58.380582][ T5] ? _raw_spin_lock_irq+0x41/0x50
[ 58.386895][ T5] worker_thread+0x657/0x1110
[ 58.392603][ T5] ? process_one_work+0x1650/0x1650
[ 58.398404][ T5] kthread+0x2e9/0x3a0
[ 58.402930][ T5] ? kthread_complete_and_exit+0x40/0x40
[ 58.408569][ T5] ret_from_fork+0x1f/0x30
[ 58.413118][ T5]
[ 58.416790][ T5] Kernel Offset: disabled
[ 58.421909][ T5] Rebooting in 86400 seconds..
VM DIAGNOSIS:
09:11:07 Registers:
info registers vcpu 0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff84420b6c RDI=ffffffff907ef2e0 RBP=ffffffff907ef2a0 RSP=ffffc9000058f658
R8 =0000000000000055 R9 =0000000000000000 R10=ffffffff84420b5d R11=000000000000001f
R12=0000000000000000 R13=fffffbfff20fdea7 R14=fffffbfff20fde5e R15=dffffc0000000000
RIP=ffffffff84420b92 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802ca00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f76190e1138 CR3=000000001924a000 CR4=00150ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000a60ce07b00000000cec3662e XMM01=0000000000000000619557bd88179936
XMM02=00000000000000000000000000000000 XMM03=ffff000000000000ffff000000000000
XMM04=ffffffffffffff00ffffff0000000000 XMM05=0000000000000000000000000000ff00
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=00005605ac1f4480 RCX=0000000000000000 RDX=0000000000000000
RSI=00007fff1c6b1ca8 RDI=0000000000000001 RBP=00007fff1c6b1ca8 RSP=00007fff1c6b1c98
R8 =00005605ac1c69e8 R9 =00005605ac1b82c0 R10=00005605ac1c6a60 R11=0000000000000000
R12=00005605ac1c69a0 R13=00007fff1c6b1d28 R14=0000000000000001 R15=00005605ac1b82c0
RIP=00007f293a275210 RFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 000fffff 00000000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
DS =0000 0000000000000000 000fffff 00000000
FS =0000 00007f293a145840 000fffff 00000000
GS =0000 0000000000000000 000fffff 00000000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00005605ac1c7998 CR3=0000000023e63000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffff000000000000ffffffffffffff00
XMM02=000000000000000000000000000000ff XMM03=0000000000ff000000ff00000000ff00
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000ffffffffffffff00ffffff00
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=20202020203a657a697320656c696600 XMM09=00000000000000000000000000000000
XMM10=20202000002020202020202020202020 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=0000000080080783 RBX=ffff88801bbf4000 RCX=0000000000000100 RDX=ffffc90005b80000
RSI=ffffffff84ef1a8b RDI=0000000000000003 RBP=0000000000000000 RSP=ffffc90000780eb8
R8 =0000000000000000 R9 =ffff88801bbf5577 R10=ffffffff84ef1a7e R11=0000000000000000
R12=0000000000000000 R13=ffff88801bbf5570 R14=ffff88801bbf5188 R15=0000000000000000
RIP=ffffffff84ef1ac2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff85245f4e CR3=0000000021988000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=25252525252525252525252525252525 XMM01=00000000000000000000000000ff0000
XMM02=00000000000000000000000000ff0000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=48474953206465766965636552007370 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=0000000000000000 RBX=ffff888020116be0 RCX=ffffc90000d97dc8 RDX=1ffff11004022d7b
RSI=0000000000000000 RDI=ffff888020116c02 RBP=1ffff920001b2fb1 RSP=ffffc90000d97d78
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=0000000000000001 R14=ffff888020116bd8 R15=ffff888020116180
RIP=ffffffff815cbe79 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f11a3db8800 ffffffff 00c00000
GS =0000 ffff88802cd00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f11a3e5b7f0 CR3=000000001897f000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000fffffffe7ffbfeff XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=5245004c415441460054454955510029 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000