syzkaller login: [ 312.430090][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 312.514198][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 312.591149][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 312.622148][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 358.890849][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:15179' (ECDSA) to the list of known hosts. 1970/01/01 00:06:42 fuzzer started 1970/01/01 00:06:57 dialing manager at localhost:41131 [ 424.271711][ T2037] cgroup: Unknown subsys name 'net' [ 425.641151][ T2037] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:07:05 syscalls: 2827 1970/01/01 00:07:05 code coverage: enabled 1970/01/01 00:07:05 comparison tracing: enabled 1970/01/01 00:07:05 extra coverage: enabled 1970/01/01 00:07:05 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:07:05 setuid sandbox: enabled 1970/01/01 00:07:05 namespace sandbox: enabled 1970/01/01 00:07:05 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:07:05 fault injection: enabled 1970/01/01 00:07:05 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:07:05 net packet injection: enabled 1970/01/01 00:07:05 net device setup: enabled 1970/01/01 00:07:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:07:05 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:07:05 USB emulation: enabled 1970/01/01 00:07:05 hci packet injection: /dev/vhci does not exist 1970/01/01 00:07:05 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:07:05 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:07:05 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:07:12 fetching corpus: 50, signal 31900/35121 (executing program) 1970/01/01 00:07:16 fetching corpus: 100, signal 43798/48201 (executing program) 1970/01/01 00:07:20 fetching corpus: 150, signal 52883/58333 (executing program) 1970/01/01 00:07:24 fetching corpus: 200, signal 60095/66516 (executing program) 1970/01/01 00:07:27 fetching corpus: 250, signal 76957/83424 (executing program) 1970/01/01 00:07:31 fetching corpus: 300, signal 82414/89533 (executing program) 1970/01/01 00:07:35 fetching corpus: 350, signal 88894/96387 (executing program) 1970/01/01 00:07:38 fetching corpus: 400, signal 94696/102555 (executing program) 1970/01/01 00:07:44 fetching corpus: 449, signal 99361/107594 (executing program) 1970/01/01 00:07:47 fetching corpus: 498, signal 103293/111790 (executing program) 1970/01/01 00:07:50 fetching corpus: 548, signal 105043/114074 (executing program) 1970/01/01 00:07:56 fetching corpus: 598, signal 111102/119943 (executing program) 1970/01/01 00:07:59 fetching corpus: 647, signal 115263/124099 (executing program) 1970/01/01 00:08:02 fetching corpus: 696, signal 118428/127358 (executing program) 1970/01/01 00:08:05 fetching corpus: 746, signal 120656/129754 (executing program) 1970/01/01 00:08:08 fetching corpus: 796, signal 124272/133191 (executing program) 1970/01/01 00:08:11 fetching corpus: 845, signal 126100/135140 (executing program) 1970/01/01 00:08:16 fetching corpus: 895, signal 128707/137669 (executing program) 1970/01/01 00:08:20 fetching corpus: 944, signal 132275/140869 (executing program) 1970/01/01 00:08:25 fetching corpus: 994, signal 138009/145613 (executing program) 1970/01/01 00:08:28 fetching corpus: 1044, signal 139476/147110 (executing program) 1970/01/01 00:08:31 fetching corpus: 1094, signal 141292/148739 (executing program) 1970/01/01 00:08:34 fetching corpus: 1144, signal 143050/150343 (executing program) 1970/01/01 00:08:37 fetching corpus: 1194, signal 145066/152005 (executing program) 1970/01/01 00:08:40 fetching corpus: 1244, signal 149121/155139 (executing program) 1970/01/01 00:08:43 fetching corpus: 1294, signal 150530/156299 (executing program) 1970/01/01 00:08:47 fetching corpus: 1344, signal 152866/158051 (executing program) 1970/01/01 00:08:49 fetching corpus: 1394, signal 154361/159210 (executing program) 1970/01/01 00:08:52 fetching corpus: 1444, signal 155952/160393 (executing program) 1970/01/01 00:08:55 fetching corpus: 1493, signal 157705/161655 (executing program) 1970/01/01 00:08:59 fetching corpus: 1543, signal 159243/162769 (executing program) 1970/01/01 00:09:02 fetching corpus: 1593, signal 160932/163929 (executing program) 1970/01/01 00:09:06 fetching corpus: 1643, signal 162732/165138 (executing program) 1970/01/01 00:09:09 fetching corpus: 1693, signal 164993/166553 (executing program) 1970/01/01 00:09:11 fetching corpus: 1713, signal 165518/166912 (executing program) 1970/01/01 00:09:11 fetching corpus: 1713, signal 165518/166949 (executing program) 1970/01/01 00:09:11 fetching corpus: 1713, signal 165518/166987 (executing program) 1970/01/01 00:09:11 fetching corpus: 1713, signal 165518/167013 (executing program) 1970/01/01 00:09:12 fetching corpus: 1713, signal 165518/167056 (executing program) 1970/01/01 00:09:12 fetching corpus: 1713, signal 165518/167091 (executing program) 1970/01/01 00:09:12 fetching corpus: 1713, signal 165518/167133 (executing program) 1970/01/01 00:09:12 fetching corpus: 1713, signal 165518/167171 (executing program) 1970/01/01 00:09:12 fetching corpus: 1713, signal 165518/167205 (executing program) 1970/01/01 00:09:13 fetching corpus: 1713, signal 165518/167231 (executing program) 1970/01/01 00:09:13 fetching corpus: 1713, signal 165518/167266 (executing program) 1970/01/01 00:09:13 fetching corpus: 1713, signal 165518/167310 (executing program) 1970/01/01 00:09:13 fetching corpus: 1713, signal 165518/167340 (executing program) 1970/01/01 00:09:13 fetching corpus: 1713, signal 165518/167383 (executing program) 1970/01/01 00:09:14 fetching corpus: 1713, signal 165518/167425 (executing program) 1970/01/01 00:09:14 fetching corpus: 1713, signal 165518/167458 (executing program) 1970/01/01 00:09:14 fetching corpus: 1713, signal 165518/167500 (executing program) 1970/01/01 00:09:14 fetching corpus: 1713, signal 165518/167532 (executing program) 1970/01/01 00:09:14 fetching corpus: 1713, signal 165518/167566 (executing program) 1970/01/01 00:09:15 fetching corpus: 1713, signal 165518/167600 (executing program) 1970/01/01 00:09:15 fetching corpus: 1713, signal 165518/167637 (executing program) 1970/01/01 00:09:15 fetching corpus: 1713, signal 165518/167679 (executing program) 1970/01/01 00:09:15 fetching corpus: 1713, signal 165518/167715 (executing program) 1970/01/01 00:09:15 fetching corpus: 1713, signal 165518/167754 (executing program) 1970/01/01 00:09:15 fetching corpus: 1713, signal 165518/167801 (executing program) 1970/01/01 00:09:16 fetching corpus: 1713, signal 165518/167840 (executing program) 1970/01/01 00:09:16 fetching corpus: 1713, signal 165518/167886 (executing program) 1970/01/01 00:09:16 fetching corpus: 1713, signal 165518/167914 (executing program) 1970/01/01 00:09:16 fetching corpus: 1713, signal 165518/167944 (executing program) 1970/01/01 00:09:16 fetching corpus: 1713, signal 165518/167967 (executing program) 1970/01/01 00:09:17 fetching corpus: 1713, signal 165518/168001 (executing program) 1970/01/01 00:09:17 fetching corpus: 1713, signal 165518/168030 (executing program) 1970/01/01 00:09:17 fetching corpus: 1713, signal 165518/168065 (executing program) 1970/01/01 00:09:17 fetching corpus: 1713, signal 165518/168093 (executing program) 1970/01/01 00:09:17 fetching corpus: 1713, signal 165518/168126 (executing program) 1970/01/01 00:09:18 fetching corpus: 1713, signal 165518/168164 (executing program) 1970/01/01 00:09:18 fetching corpus: 1713, signal 165518/168202 (executing program) 1970/01/01 00:09:18 fetching corpus: 1713, signal 165518/168242 (executing program) 1970/01/01 00:09:18 fetching corpus: 1713, signal 165518/168278 (executing program) 1970/01/01 00:09:18 fetching corpus: 1713, signal 165518/168315 (executing program) 1970/01/01 00:09:18 fetching corpus: 1713, signal 165518/168350 (executing program) 1970/01/01 00:09:19 fetching corpus: 1713, signal 165518/168382 (executing program) 1970/01/01 00:09:19 fetching corpus: 1713, signal 165518/168415 (executing program) 1970/01/01 00:09:19 fetching corpus: 1713, signal 165521/168462 (executing program) 1970/01/01 00:09:19 fetching corpus: 1713, signal 165521/168498 (executing program) 1970/01/01 00:09:19 fetching corpus: 1713, signal 165521/168533 (executing program) 1970/01/01 00:09:20 fetching corpus: 1713, signal 165521/168562 (executing program) 1970/01/01 00:09:20 fetching corpus: 1713, signal 165521/168599 (executing program) 1970/01/01 00:09:20 fetching corpus: 1713, signal 165521/168629 (executing program) 1970/01/01 00:09:20 fetching corpus: 1713, signal 165521/168639 (executing program) 1970/01/01 00:09:20 fetching corpus: 1713, signal 165521/168639 (executing program) 1970/01/01 00:11:43 starting 2 fuzzer processes 00:11:44 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000012c0)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512-generic\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002a80)=[{&(0x7f0000002900)="5ac26c5a74f2b590", 0x8}, {&(0x7f0000002980)="7b3f538a23922eb714737ab659285d279c20eff9bdd89a3bdcedf0eff1c6317635acacdaf54140a78fe02db0ae5ec1996f76a6c70a040f84a52864a79d397d0034fedac8128a81c241e852a2493df02b00383b119993bf657cc0ec1cfee786da1f9fef52341fd569f3602a72a7a06a1cd877da752a4b0ad2e43ec8429fe934fbdcd8cb0fb21524a345ab1f122441a8763ab3dbfb76095f7f099e7447606a8add3be8ca5800c4f1c17b4ba930fcec0c79c7adbf38812af1bae9", 0xb9}, {&(0x7f0000002a40)='=', 0x1}], 0x3}}], 0x1, 0x0) 00:11:44 executing program 1: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @echo_reply={0x5}}}}}, 0x0) [ 742.498295][ T2051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 743.369846][ T2051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 743.514804][ T2050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.220629][ T2050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 750.873356][ C0] ================================================================== [ 750.878316][ C0] BUG: KASAN: slab-out-of-bounds in walk_stackframe+0x11c/0x260 [ 750.880000][ C0] Read of size 8 at addr ffffaf80202abf50 by task syz-executor.1/2051 [ 750.881946][ C0] [ 750.884473][ C0] CPU: 0 PID: 2051 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 750.887389][ C0] Hardware name: riscv-virtio,qemu (DT) [ 750.889301][ C0] Call Trace: [ 750.890385][ C0] [] dump_backtrace+0x2e/0x3c [ 750.891902][ C0] [] show_stack+0x34/0x40 [ 750.893288][ C0] [] dump_stack_lvl+0xe4/0x150 [ 750.895034][ C0] [] print_address_description.constprop.0+0x2a/0x330 [ 750.899913][ C0] [] kasan_report+0x184/0x1e0 [ 750.902119][ C0] [] __asan_load8+0x6e/0x96 [ 750.903573][ C0] [] walk_stackframe+0x11c/0x260 [ 750.905142][ C0] [] arch_stack_walk+0x2c/0x3c [ 750.907199][ C0] [] stack_trace_save+0xa6/0xd8 [ 750.908946][ C0] [ 750.909884][ C0] Allocated by task 0: [ 750.910855][ C0] (stack is not available) [ 750.911817][ C0] [ 750.912620][ C0] Last potentially related work creation: [ 750.913887][ C0] ------------[ cut here ]------------ [ 750.914979][ C0] slab index 700544 out of bounds (292) for stack id 0bcab080 [ 750.920753][ C0] WARNING: CPU: 0 PID: 2051 at lib/stackdepot.c:304 stack_depot_print+0x66/0x70 [ 750.922880][ C0] Modules linked in: [ 750.925304][ C0] CPU: 0 PID: 2051 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 750.928188][ C0] Hardware name: riscv-virtio,qemu (DT) [ 750.929715][ C0] epc : stack_depot_print+0x66/0x70 [ 750.931644][ C0] ra : stack_depot_print+0x66/0x70 [ 750.933061][ C0] epc : ffffffff80c00b8a ra : ffffffff80c00b8a sp : ffffaf80202abe10 [ 750.934492][ C0] gp : ffffffff85863ac0 tp : ffffaf800bcab080 t0 : ffffffff86bcb657 [ 750.936616][ C0] t1 : fffff5ef0b53910c t2 : 0000000000000000 s0 : ffffaf80202abe20 [ 750.938707][ C0] s1 : ffffaf807af54fd0 a0 : 000000000000003b a1 : 00000000000f0000 [ 750.940093][ C0] a2 : 0000000000000504 a3 : ffffffff8012252a a4 : 380ba7de3fe16200 [ 750.941513][ C0] a5 : 380ba7de3fe16200 a6 : 0000000000f00000 a7 : ffffaf805a9c8863 [ 750.942936][ C0] s2 : ffffaf80202abf50 s3 : ffffaf80072ed140 s4 : ffffaf80202abe00 [ 750.944324][ C0] s5 : ffffaf80202abf40 s6 : 0000000000003fff s7 : ffffaf80202abef0 [ 750.946615][ C0] s8 : 0000000000400000 s9 : ffffffffffffc000 s10: ffffaf80202abfc0 [ 750.948869][ C0] s11: 0000000000000008 t3 : fffffffff3f3f300 t4 : fffff5ef0b53910c [ 750.950330][ C0] t5 : fffff5ef0b53910d t6 : ffffaf80202ab918 [ 750.951565][ C0] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 750.953125][ C0] [] print_address_description.constprop.0+0x2fc/0x330 [ 750.954939][ C0] [] kasan_report+0x184/0x1e0 [ 750.957039][ C0] [] __asan_load8+0x6e/0x96 [ 750.958421][ C0] [] walk_stackframe+0x11c/0x260 [ 750.959883][ C0] [] arch_stack_walk+0x2c/0x3c [ 750.961310][ C0] [] stack_trace_save+0xa6/0xd8 [ 750.962939][ C0] irq event stamp: 58697 [ 750.963955][ C0] hardirqs last enabled at (58696): [] _raw_spin_unlock_irqrestore+0x68/0x98 [ 750.966788][ C0] hardirqs last disabled at (58697): [] _raw_spin_lock_irqsave+0x60/0x62 [ 750.969656][ C0] softirqs last enabled at (58620): [] __do_softirq+0x618/0x8fc [ 750.971512][ C0] softirqs last disabled at (58623): [] __irq_exit_rcu+0x142/0x1f8 [ 750.973265][ C0] ---[ end trace 0000000000000000 ]--- [ 750.974880][ C0] [ 750.975909][ C0] Second to last potentially related work creation: [ 750.977338][ C0] ------------[ cut here ]------------ [ 750.978537][ C0] slab index 2076544 out of bounds (292) for stack id ffffaf80 [ 750.982824][ C0] WARNING: CPU: 0 PID: 2051 at lib/stackdepot.c:304 stack_depot_print+0x66/0x70 [ 750.984640][ C0] Modules linked in: [ 750.986437][ C0] CPU: 0 PID: 2051 Comm: syz-executor.1 Tainted: G W 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 750.988209][ C0] Hardware name: riscv-virtio,qemu (DT) [ 750.989278][ C0] epc : stack_depot_print+0x66/0x70 [ 750.990626][ C0] ra : stack_depot_print+0x66/0x70 [ 750.992025][ C0] epc : ffffffff80c00b8a ra : ffffffff80c00b8a sp : ffffaf80202abe10 [ 750.993442][ C0] gp : ffffffff85863ac0 tp : ffffaf800bcab080 t0 : ffffffff86bcb657 [ 750.994780][ C0] t1 : fffff5ef0b53910c t2 : 0000000000000000 s0 : ffffaf80202abe20 [ 750.996865][ C0] s1 : ffffaf807af54fd0 a0 : 000000000000003c a1 : 00000000000f0000 [ 750.999098][ C0] a2 : 0000000000000504 a3 : ffffffff8012252a a4 : 380ba7de3fe16200 [ 751.000418][ C0] a5 : 380ba7de3fe16200 a6 : 0000000000f00000 a7 : ffffaf805a9c8863 [ 751.001817][ C0] s2 : ffffaf80202abf50 s3 : ffffaf80072ed140 s4 : ffffaf80202abe00 [ 751.003178][ C0] s5 : ffffaf80202abf40 s6 : 0000000000003fff s7 : ffffaf80202abef0 [ 751.004509][ C0] s8 : 0000000000400000 s9 : ffffffffffffc000 s10: ffffaf80202abfc0 [ 751.006724][ C0] s11: 0000000000000008 t3 : fffffffff3f3f300 t4 : fffff5ef0b53910c [ 751.008855][ C0] t5 : fffff5ef0b53910d t6 : ffffaf80202ab918 [ 751.010063][ C0] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 751.011397][ C0] [] print_address_description.constprop.0+0x2ae/0x330 [ 751.013213][ C0] [] kasan_report+0x184/0x1e0 [ 751.014736][ C0] [] __asan_load8+0x6e/0x96 [ 751.016821][ C0] [] walk_stackframe+0x11c/0x260 [ 751.018531][ C0] [] arch_stack_walk+0x2c/0x3c [ 751.019965][ C0] [] stack_trace_save+0xa6/0xd8 [ 751.021444][ C0] irq event stamp: 58697 [ 751.022393][ C0] hardirqs last enabled at (58696): [] _raw_spin_unlock_irqrestore+0x68/0x98 [ 751.024805][ C0] hardirqs last disabled at (58697): [] _raw_spin_lock_irqsave+0x60/0x62 [ 751.027687][ C0] softirqs last enabled at (58620): [] __do_softirq+0x618/0x8fc [ 751.029403][ C0] softirqs last disabled at (58623): [] __irq_exit_rcu+0x142/0x1f8 [ 751.031093][ C0] ---[ end trace 0000000000000000 ]--- [ 751.032244][ C0] [ 751.033004][ C0] The buggy address belongs to the object at ffffaf80202abe00 [ 751.033004][ C0] which belongs to the cache mnt_cache of size 320 [ 751.034980][ C0] The buggy address is located 16 bytes to the right of [ 751.034980][ C0] 320-byte region [ffffaf80202abe00, ffffaf80202abf40) [ 751.038244][ C0] The buggy address belongs to the page: [ 751.039967][ C0] page:ffffaf807af54fd0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa04aa [ 751.041890][ C0] head:ffffaf807af54fd0 order:1 compound_mapcount:0 [ 751.043337][ C0] flags: 0xa000010200(slab|head|section=20|node=0|zone=0) [ 751.047180][ C0] raw: 000000a000010200 0000000000000000 0000000000000122 ffffaf80072ed140 [ 751.049472][ C0] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 [ 751.051667][ C0] raw: 00000000000007ff [ 751.052803][ C0] page dumped because: kasan: bad access detected [ 751.054280][ C0] page_owner tracks the page as allocated [ 751.055998][ C0] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2051, ts 711010772500, free_ts 0 [ 751.060119][ C0] __set_page_owner+0x48/0x136 [ 751.061519][ C0] post_alloc_hook+0xd0/0x10a [ 751.062777][ C0] get_page_from_freelist+0x8da/0x12d8 [ 751.064133][ C0] __alloc_pages+0x150/0x3b6 [ 751.065852][ C0] alloc_pages+0x132/0x2a6 [ 751.067148][ C0] alloc_slab_page.constprop.0+0xc2/0xfa [ 751.068532][ C0] new_slab+0x25a/0x2cc [ 751.069761][ C0] ___slab_alloc+0x56e/0x918 [ 751.070992][ C0] __slab_alloc.constprop.0+0x50/0x8c [ 751.072383][ C0] kmem_cache_alloc+0x39c/0x3de [ 751.073761][ C0] alloc_vfsmnt+0x32/0x2ea [ 751.075099][ C0] clone_mnt+0x4a/0x75a [ 751.076335][ C0] copy_tree+0x2bc/0x6c8 [ 751.077668][ C0] copy_mnt_ns+0x174/0x71c [ 751.079272][ C0] create_new_namespaces+0xac/0x6f8 [ 751.080575][ C0] unshare_nsproxy_namespaces+0xa2/0x144 [ 751.082048][ C0] page_owner free stack trace missing [ 751.083217][ C0] [ 751.084067][ C0] Memory state around the buggy address: [ 751.085897][ C0] ffffaf80202abe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 751.087312][ C0] ffffaf80202abe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 751.088668][ C0] >ffffaf80202abf00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 751.089991][ C0] ^ [ 751.091257][ C0] ffffaf80202abf80: fc fc fc fc f1 f1 f1 f1 00 00 00 f3 f3 f3 f3 f3 [ 751.092662][ C0] ffffaf80202ac000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 751.094112][ C0] ================================================================== [ 751.096033][ C0] Disabling lock debugging due to kernel taint [ 751.099848][ T2051] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 751.101347][ T2051] CPU: 0 PID: 2051 Comm: syz-executor.1 Tainted: G B W 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 751.102859][ T2051] Hardware name: riscv-virtio,qemu (DT) [ 751.104320][ T2051] Call Trace: [ 751.105216][ T2051] [] dump_backtrace+0x2e/0x3c [ 751.106449][ T2051] [] show_stack+0x34/0x40 [ 751.107521][ T2051] [] dump_stack_lvl+0xe4/0x150 [ 751.108786][ T2051] [] dump_stack+0x1c/0x24 [ 751.110020][ T2051] [] panic+0x24a/0x634 [ 751.111153][ T2051] [] schedule+0x0/0x14c [ 751.112335][ T2051] [] preempt_schedule_irq+0x4a/0x13e [ 751.113681][ T2051] [] resume_kernel+0x16/0x18 [ 751.115071][ T2051] SMP: stopping secondary CPUs [ 751.117869][ T2051] Rebooting in 86400 seconds.. VM DIAGNOSIS: 05:16:24 Registers: info registers vcpu 0 pc ffffffff80c2b612 mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80200a06 sepc ffffffff831a2498 mcause 8000000000000007 scause 8000000000000001 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8011c7fa x2/sp ffffaf80202ab960 x3/gp ffffffff85863ac0 x4/tp ffffaf800bcab080 x5/t0 ffffaf80202aba03 x6/t1 fffff5ef04055740 x7/t2 0000000000000000 x8/s0 ffffaf80202ab990 x9/s1 ffffffff86bcb640 x10/a0 ffffffff86bcb640 x11/a1 000000000000000a x12/a2 0000000000000000 x13/a3 ffffffff8011c7ec x14/a4 ffffaf800bcab080 x15/a5 0000000000000000 x16/a6 ffffaf80202aba07 x17/a7 ffffaf80202aba05 x18/s2 ffffffff86bcb641 x19/s3 ffffffff86bcb640 x20/s4 000000000000000a x21/s5 0000000000000017 x22/s6 0000000000000000 x23/s7 0000000000000400 x24/s8 ffffaf80202ab9f0 x25/s9 0000000000000000 x26/s10 00000000000003e7 x27/s11 ffffaf80202abc40 x28/t3 0000000000000043 x29/t4 fffff5ef04055740 x30/t5 fffff5ef04055741 x31/t6 ffffaf80202aba06 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff80475986 mhartid 0000000000000001 mstatus 00000000000000a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff80119b48 mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80119b52 x2/sp ffffaf80114677d0 x3/gp ffffffff85863ac0 x4/tp ffffaf800e213080 x5/t0 00000000000001f8 x6/t1 380ba7de3fe16200 x7/t2 ffffffffffffffff x8/s0 ffffaf8011467820 x9/s1 ffffaf800b771898 x10/a0 ffffaf800b771898 x11/a1 0000000000000003 x12/a2 1ffff5f0016ee313 x13/a3 ffffffff80119b52 x14/a4 0000000000000000 x15/a5 0000000000000001 x16/a6 0000000000f00000 x17/a7 ffffffff826e6226 x18/s2 0000000000000001 x19/s3 ffffaf800e213080 x20/s4 ffffaf800b7718a8 x21/s5 ffffaf800b7718a0 x22/s6 ffffaf8011467960 x23/s7 ffffaf8011467b00 x24/s8 0000000000000000 x25/s9 0000000000004000 x26/s10 0000000000000040 x27/s11 0000000000000001 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f00228ceb4 x31/t6 00000000006a1751 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000