syzkaller login: [ 290.191742][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 297.365392][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 297.392440][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 309.771491][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:15794' (ECDSA) to the list of known hosts. 1970/01/01 00:05:56 fuzzer started 1970/01/01 00:06:11 dialing manager at localhost:39821 [ 377.861236][ T2025] cgroup: Unknown subsys name 'net' [ 378.980672][ T2025] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:18 syscalls: 2817 1970/01/01 00:06:18 code coverage: enabled 1970/01/01 00:06:18 comparison tracing: enabled 1970/01/01 00:06:18 extra coverage: enabled 1970/01/01 00:06:18 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:18 setuid sandbox: enabled 1970/01/01 00:06:18 namespace sandbox: enabled 1970/01/01 00:06:18 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:18 fault injection: enabled 1970/01/01 00:06:18 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:18 net packet injection: enabled 1970/01/01 00:06:18 net device setup: enabled 1970/01/01 00:06:18 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:18 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:18 USB emulation: enabled 1970/01/01 00:06:18 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:18 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:18 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:18 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:25 fetching corpus: 50, signal 34864/37200 (executing program) 1970/01/01 00:06:29 fetching corpus: 99, signal 46167/48905 (executing program) 1970/01/01 00:06:34 fetching corpus: 149, signal 55280/58158 (executing program) 1970/01/01 00:06:37 fetching corpus: 197, signal 60300/63306 (executing program) 1970/01/01 00:06:41 fetching corpus: 247, signal 65467/68347 (executing program) 1970/01/01 00:06:44 fetching corpus: 295, signal 69401/72114 (executing program) 1970/01/01 00:06:49 fetching corpus: 345, signal 75323/77318 (executing program) 1970/01/01 00:06:53 fetching corpus: 394, signal 79971/81200 (executing program) 1970/01/01 00:06:56 fetching corpus: 440, signal 83564/84116 (executing program) 1970/01/01 00:06:56 fetching corpus: 440, signal 83564/84170 (executing program) 1970/01/01 00:06:56 fetching corpus: 440, signal 83564/84220 (executing program) 1970/01/01 00:06:56 fetching corpus: 440, signal 83564/84261 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84320 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84385 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84426 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84485 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84537 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84590 (executing program) 1970/01/01 00:06:57 fetching corpus: 440, signal 83564/84640 (executing program) 1970/01/01 00:06:58 fetching corpus: 440, signal 83564/84697 (executing program) 1970/01/01 00:06:58 fetching corpus: 440, signal 83564/84764 (executing program) 1970/01/01 00:06:58 fetching corpus: 440, signal 83573/84821 (executing program) 1970/01/01 00:06:58 fetching corpus: 440, signal 83573/84877 (executing program) 1970/01/01 00:06:59 fetching corpus: 440, signal 83573/84935 (executing program) 1970/01/01 00:06:59 fetching corpus: 440, signal 83573/84986 (executing program) 1970/01/01 00:06:59 fetching corpus: 440, signal 83573/85036 (executing program) 1970/01/01 00:06:59 fetching corpus: 440, signal 83573/85087 (executing program) 1970/01/01 00:06:59 fetching corpus: 440, signal 83573/85149 (executing program) 1970/01/01 00:06:59 fetching corpus: 440, signal 83576/85210 (executing program) 1970/01/01 00:07:00 fetching corpus: 440, signal 83576/85274 (executing program) 1970/01/01 00:07:00 fetching corpus: 440, signal 83576/85330 (executing program) 1970/01/01 00:07:00 fetching corpus: 440, signal 83576/85382 (executing program) 1970/01/01 00:07:00 fetching corpus: 440, signal 83576/85448 (executing program) 1970/01/01 00:07:00 fetching corpus: 440, signal 83576/85485 (executing program) 1970/01/01 00:07:00 fetching corpus: 440, signal 83576/85546 (executing program) 1970/01/01 00:07:01 fetching corpus: 440, signal 83576/85603 (executing program) 1970/01/01 00:07:01 fetching corpus: 440, signal 83576/85656 (executing program) 1970/01/01 00:07:01 fetching corpus: 440, signal 83576/85707 (executing program) 1970/01/01 00:07:01 fetching corpus: 440, signal 83576/85767 (executing program) 1970/01/01 00:07:01 fetching corpus: 440, signal 83576/85819 (executing program) 1970/01/01 00:07:02 fetching corpus: 440, signal 83576/85867 (executing program) 1970/01/01 00:07:02 fetching corpus: 440, signal 83576/85926 (executing program) 1970/01/01 00:07:02 fetching corpus: 440, signal 83576/85926 (executing program) 1970/01/01 00:09:21 starting 2 fuzzer processes 00:09:22 executing program 0: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/time_for_children\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/time\x00') 00:09:22 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]}) [ 597.205879][ T2031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.857861][ T2031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 599.150316][ T2030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 600.423078][ T2030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 617.561590][ T2031] device hsr_slave_0 entered promiscuous mode [ 618.156728][ T2031] device hsr_slave_1 entered promiscuous mode [ 620.988816][ T2030] device hsr_slave_0 entered promiscuous mode [ 621.561796][ T2030] device hsr_slave_1 entered promiscuous mode [ 621.655411][ T2030] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 621.662404][ T2030] Cannot create hsr debugfs directory [ 637.590285][ T2031] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 637.863633][ T2031] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 638.669298][ T2031] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 639.191238][ T2031] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 641.016218][ T2030] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 641.278811][ T2030] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 641.541625][ T2030] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 642.102225][ T2030] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 653.884443][ C0] ================================================================== [ 653.889009][ C0] BUG: KASAN: slab-out-of-bounds in walk_stackframe+0x11c/0x260 [ 653.890766][ C0] Read of size 8 at addr ffffaf800eb0bf80 by task syz-executor.1/2031 [ 653.892232][ C0] [ 653.895160][ C0] CPU: 0 PID: 2031 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 653.897303][ C0] Hardware name: riscv-virtio,qemu (DT) [ 653.898742][ C0] Call Trace: [ 653.899910][ C0] [] dump_backtrace+0x2e/0x3c [ 653.901463][ C0] [] show_stack+0x34/0x40 [ 653.902874][ C0] [] dump_stack_lvl+0xe4/0x150 [ 653.904998][ C0] [] print_address_description.constprop.0+0x2a/0x330 [ 653.906753][ C0] [] kasan_report+0x184/0x1e0 [ 653.908260][ C0] [] __asan_load8+0x6e/0x96 [ 653.909762][ C0] [] walk_stackframe+0x11c/0x260 [ 653.911233][ C0] [] arch_stack_walk+0x2c/0x3c [ 653.912661][ C0] [] stack_trace_save+0xa6/0xd8 [ 653.915694][ C0] [ 653.916783][ C0] Allocated by task 246464144: [ 653.917936][ C0] (stack is not available) [ 653.918854][ C0] [ 653.919691][ C0] Last potentially related work creation: [ 653.920801][ C0] ------------[ cut here ]------------ [ 653.921771][ C0] slab index 477796 out of bounds (316) for stack id 80474a64 [ 653.926947][ C0] WARNING: CPU: 0 PID: 2031 at lib/stackdepot.c:304 stack_depot_print+0x66/0x70 [ 653.929156][ C0] Modules linked in: [ 653.930519][ C0] CPU: 0 PID: 2031 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 653.932176][ C0] Hardware name: riscv-virtio,qemu (DT) [ 653.933277][ C0] epc : stack_depot_print+0x66/0x70 [ 653.935001][ C0] ra : stack_depot_print+0x66/0x70 [ 653.936491][ C0] epc : ffffffff80c00b8a ra : ffffffff80c00b8a sp : ffffaf800eb0be40 [ 653.937880][ C0] gp : ffffffff85863ac0 tp : ffffaf800e00e100 t0 : ffffffff86bcb657 [ 653.939259][ C0] t1 : fffff5ef0b53910c t2 : 0000000000000000 s0 : ffffaf800eb0be50 [ 653.940633][ C0] s1 : ffffaf807aa6aa40 a0 : 000000000000003b a1 : 00000000000f0000 [ 653.942092][ C0] a2 : 0000000000000504 a3 : ffffffff8012252a a4 : 64694a3a90f46200 [ 653.943495][ C0] a5 : 64694a3a90f46200 a6 : 0000000000f00000 a7 : ffffaf805a9c8863 [ 653.946027][ C0] s2 : ffffaf800eb0bf80 s3 : ffffaf8007201c80 s4 : ffffaf800eb0bc00 [ 653.947567][ C0] s5 : ffffaf800eb0be00 s6 : 0000000000003fff s7 : ffffaf800eb0bf20 [ 653.948978][ C0] s8 : 0000000000400000 s9 : ffffffffffffc000 s10: ffffaf800eb0c000 [ 653.950353][ C0] s11: 0000000000000008 t3 : fffffffff3f3f300 t4 : fffff5ef0b53910c [ 653.951785][ C0] t5 : fffff5ef0b53910d t6 : ffffaf800eb0b938 [ 653.953009][ C0] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 653.955551][ C0] [] print_address_description.constprop.0+0x2fc/0x330 [ 653.957397][ C0] [] kasan_report+0x184/0x1e0 [ 653.958907][ C0] [] __asan_load8+0x6e/0x96 [ 653.960322][ C0] [] walk_stackframe+0x11c/0x260 [ 653.961793][ C0] [] arch_stack_walk+0x2c/0x3c [ 653.963260][ C0] [] stack_trace_save+0xa6/0xd8 [ 653.965548][ C0] irq event stamp: 116265 [ 653.966664][ C0] hardirqs last enabled at (116264): [] _raw_spin_unlock_irqrestore+0x68/0x98 [ 653.968505][ C0] hardirqs last disabled at (116265): [] _raw_spin_lock_irqsave+0x60/0x62 [ 653.970294][ C0] softirqs last enabled at (116150): [] __do_softirq+0x618/0x8fc [ 653.972117][ C0] softirqs last disabled at (116175): [] __irq_exit_rcu+0x142/0x1f8 [ 653.973927][ C0] ---[ end trace 0000000000000000 ]--- [ 653.976188][ C0] [ 653.977269][ C0] Second to last potentially related work creation: [ 653.978927][ C0] ------------[ cut here ]------------ [ 653.979965][ C0] slab index 2097151 out of bounds (316) for stack id ffffffff [ 653.984234][ C0] WARNING: CPU: 0 PID: 2031 at lib/stackdepot.c:304 stack_depot_print+0x66/0x70 [ 653.986214][ C0] Modules linked in: [ 653.987562][ C0] CPU: 0 PID: 2031 Comm: syz-executor.1 Tainted: G W 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 653.989313][ C0] Hardware name: riscv-virtio,qemu (DT) [ 653.990387][ C0] epc : stack_depot_print+0x66/0x70 [ 653.991808][ C0] ra : stack_depot_print+0x66/0x70 [ 653.993146][ C0] epc : ffffffff80c00b8a ra : ffffffff80c00b8a sp : ffffaf800eb0be40 [ 653.995307][ C0] gp : ffffffff85863ac0 tp : ffffaf800e00e100 t0 : ffffffff86bcb657 [ 653.997461][ C0] t1 : fffff5ef0b53910c t2 : 0000000000000000 s0 : ffffaf800eb0be50 [ 653.998899][ C0] s1 : ffffaf807aa6aa40 a0 : 000000000000003c a1 : 00000000000f0000 [ 654.000251][ C0] a2 : 0000000000000504 a3 : ffffffff8012252a a4 : 64694a3a90f46200 [ 654.001576][ C0] a5 : 64694a3a90f46200 a6 : 0000000000f00000 a7 : ffffaf805a9c8863 [ 654.002943][ C0] s2 : ffffaf800eb0bf80 s3 : ffffaf8007201c80 s4 : ffffaf800eb0bc00 [ 654.005237][ C0] s5 : ffffaf800eb0be00 s6 : 0000000000003fff s7 : ffffaf800eb0bf20 [ 654.007509][ C0] s8 : 0000000000400000 s9 : ffffffffffffc000 s10: ffffaf800eb0c000 [ 654.008943][ C0] s11: 0000000000000008 t3 : fffffffff3f3f300 t4 : fffff5ef0b53910c [ 654.010243][ C0] t5 : fffff5ef0b53910d t6 : ffffaf800eb0b938 [ 654.011501][ C0] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 654.012956][ C0] [] print_address_description.constprop.0+0x2ae/0x330 [ 654.015776][ C0] [] kasan_report+0x184/0x1e0 [ 654.017403][ C0] [] __asan_load8+0x6e/0x96 [ 654.018788][ C0] [] walk_stackframe+0x11c/0x260 [ 654.020311][ C0] [] arch_stack_walk+0x2c/0x3c [ 654.021763][ C0] [] stack_trace_save+0xa6/0xd8 [ 654.023280][ C0] irq event stamp: 116265 [ 654.024824][ C0] hardirqs last enabled at (116264): [] _raw_spin_unlock_irqrestore+0x68/0x98 [ 654.028096][ C0] hardirqs last disabled at (116265): [] _raw_spin_lock_irqsave+0x60/0x62 [ 654.030098][ C0] softirqs last enabled at (116150): [] __do_softirq+0x618/0x8fc [ 654.031919][ C0] softirqs last disabled at (116175): [] __irq_exit_rcu+0x142/0x1f8 [ 654.033684][ C0] ---[ end trace 0000000000000000 ]--- [ 654.035440][ C0] [ 654.036398][ C0] The buggy address belongs to the object at ffffaf800eb0bc00 [ 654.036398][ C0] which belongs to the cache kmalloc-512 of size 512 [ 654.038312][ C0] The buggy address is located 384 bytes to the right of [ 654.038312][ C0] 512-byte region [ffffaf800eb0bc00, ffffaf800eb0be00) [ 654.040294][ C0] The buggy address belongs to the page: [ 654.041945][ C0] page:ffffaf807aa6aa40 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffffaf800eb0a400 pfn:0x8ed08 [ 654.044080][ C0] head:ffffaf807aa6aa40 order:2 compound_mapcount:0 compound_pincount:0 [ 654.046861][ C0] flags: 0x8800010200(slab|head|section=17|node=0|zone=0) [ 654.050186][ C0] raw: 0000008800010200 ffffaf807a9e4468 ffffaf807aa77828 ffffaf8007201c80 [ 654.051856][ C0] raw: ffffaf800eb0a400 0000000000100004 00000001ffffffff 0000000000000000 [ 654.053201][ C0] raw: 00000000000007ff [ 654.054731][ C0] page dumped because: kasan: bad access detected [ 654.056671][ C0] page_owner tracks the page as allocated [ 654.057847][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 71460701900, free_ts 71427846400 [ 654.060485][ C0] __set_page_owner+0x48/0x136 [ 654.061890][ C0] post_alloc_hook+0xd0/0x10a [ 654.063175][ C0] get_page_from_freelist+0x8da/0x12d8 [ 654.065008][ C0] __alloc_pages+0x150/0x3b6 [ 654.066382][ C0] alloc_page_interleave+0x2a/0x1cc [ 654.067733][ C0] alloc_pages+0x210/0x2a6 [ 654.069029][ C0] alloc_slab_page.constprop.0+0xc2/0xfa [ 654.070421][ C0] new_slab+0x76/0x2cc [ 654.071634][ C0] ___slab_alloc+0x56e/0x918 [ 654.072881][ C0] __slab_alloc.constprop.0+0x50/0x8c [ 654.074717][ C0] __kmalloc_node_track_caller+0x26c/0x362 [ 654.076617][ C0] __alloc_skb+0xee/0x2e4 [ 654.077899][ C0] new_skb+0x2c/0xcc [ 654.079111][ C0] aoecmd_cfg+0x258/0x582 [ 654.080401][ C0] discover_timer+0x4a/0x54 [ 654.081546][ C0] aoe_init+0x16c/0x1d4 [ 654.082902][ C0] page last free stack trace: [ 654.083953][ C0] __reset_page_owner+0x4a/0xea [ 654.085713][ C0] free_pcp_prepare+0x29c/0x45e [ 654.086967][ C0] free_unref_page+0x6a/0x31e [ 654.088204][ C0] __free_pages+0xe2/0x112 [ 654.089434][ C0] put_task_stack+0x1d0/0x2b0 [ 654.090692][ C0] finish_task_switch.isra.0+0x3ce/0x420 [ 654.092038][ C0] __schedule+0x58e/0x118e [ 654.093312][ C0] schedule_idle+0x22/0x42 [ 654.094921][ C0] do_idle+0xca/0x144 [ 654.096262][ C0] cpu_startup_entry+0x1a/0x1c [ 654.097468][ C0] rest_init+0x236/0x3f2 [ 654.098674][ C0] arch_call_rest_init+0x18/0x20 [ 654.099941][ C0] start_kernel+0x66a/0x698 [ 654.101442][ C0] [ 654.102282][ C0] Memory state around the buggy address: [ 654.103898][ C0] ffffaf800eb0be80: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 [ 654.106036][ C0] ffffaf800eb0bf00: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 [ 654.107441][ C0] >ffffaf800eb0bf80: fc fc fc fc 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 654.108737][ C0] ^ [ 654.109836][ C0] ffffaf800eb0c000: 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 [ 654.111136][ C0] ffffaf800eb0c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 654.112531][ C0] ================================================================== [ 654.113852][ C0] Disabling lock debugging due to kernel taint [ 654.120333][ T2031] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 654.121893][ T2031] CPU: 0 PID: 2031 Comm: syz-executor.1 Tainted: G B W 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 654.124328][ T2031] Hardware name: riscv-virtio,qemu (DT) [ 654.125689][ T2031] Call Trace: [ 654.126378][ T2031] [] dump_backtrace+0x2e/0x3c [ 654.127613][ T2031] [] show_stack+0x34/0x40 [ 654.128703][ T2031] [] dump_stack_lvl+0xe4/0x150 [ 654.130012][ T2031] [] dump_stack+0x1c/0x24 [ 654.131247][ T2031] [] panic+0x24a/0x634 [ 654.132301][ T2031] [] schedule+0x0/0x14c [ 654.133445][ T2031] [] preempt_schedule_irq+0x4a/0x13e [ 654.135294][ T2031] [] resume_kernel+0x16/0x18 [ 654.136946][ T2031] SMP: stopping secondary CPUs [ 654.139416][ T2031] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:20:27 Registers: info registers vcpu 0 pc ffffffff8010b22c mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80200f34 sepc ffffffff80201288 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff831a18d8 x2/sp ffffaf800eb0b940 x3/gp ffffffff85863ac0 x4/tp ffffaf800e00e100 x5/t0 ffffffff86bcb657 x6/t1 64694a3a90f46200 x7/t2 0000000000000000 x8/s0 ffffaf800eb0b950 x9/s1 0000000000001000 x10/a0 0000000000000020 x11/a1 ffffffffffffffff x12/a2 1ffff5f001c01c21 x13/a3 ffffffff80146d84 x14/a4 0000000000000507 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffffff8011efb0 x18/s2 ffffaf800eb0ba80 x19/s3 ffffffff84b73ec0 x20/s4 0000000000000000 x21/s5 ffffffff8343c840 x22/s6 ffffffffffffffff x23/s7 ffffffff8588c3e0 x24/s8 ffffffff86c1a620 x25/s9 1ffff5f001d61740 x26/s10 ffffffff84a88898 x27/s11 ffffffff8011efd0 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001d6170c x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff8010b250 mhartid 0000000000000001 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80475996 sepc ffffffff80475996 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff831a197a x2/sp ffffaf800a153320 x3/gp ffffffff85863ac0 x4/tp ffffaf800d6cc8c0 x5/t0 0000000000046000 x6/t1 64694a3a90f46200 x7/t2 ffffffffffffffff x8/s0 ffffaf800a153330 x9/s1 ffffaf800d6cd308 x10/a0 0000000000000120 x11/a1 00000000000f0000 x12/a2 0000000000010202 x13/a3 0000000000000000 x14/a4 0000000000000001 x15/a5 ffffaf805a9e4840 x16/a6 0000000000f00000 x17/a7 ffffffff80b08bfe x18/s2 0000000000000000 x19/s3 ffffffff84b73ec0 x20/s4 ffffaf800d6cd8c0 x21/s5 ffffffff8343c840 x22/s6 ffffffffffffffff x23/s7 0000000000000120 x24/s8 ffffffff86c1a620 x25/s9 0000000000000002 x26/s10 ffffaf805a9e7400 x27/s11 ffffffff8018e412 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f00142a5fc x31/t6 0000000001c724e9 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000