syzkaller login: [ 288.499373][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 288.569203][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 288.636363][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 299.734814][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:17389' (ECDSA) to the list of known hosts. 1970/01/01 00:05:45 fuzzer started 1970/01/01 00:06:01 dialing manager at localhost:40991 [ 368.406033][ T2025] cgroup: Unknown subsys name 'net' [ 369.777433][ T2025] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:09 syscalls: 2818 1970/01/01 00:06:09 code coverage: enabled 1970/01/01 00:06:09 comparison tracing: ioctl(KCOV_DISABLE) failed: invalid argument 1970/01/01 00:06:09 extra coverage: enabled 1970/01/01 00:06:09 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:09 setuid sandbox: enabled 1970/01/01 00:06:09 namespace sandbox: enabled 1970/01/01 00:06:09 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:09 fault injection: enabled 1970/01/01 00:06:09 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:09 net packet injection: enabled 1970/01/01 00:06:09 net device setup: enabled 1970/01/01 00:06:09 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:09 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:09 USB emulation: enabled 1970/01/01 00:06:09 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:09 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:09 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:10 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:16 fetching corpus: 50, signal 35370/38609 (executing program) 1970/01/01 00:06:21 fetching corpus: 100, signal 49922/54308 (executing program) 1970/01/01 00:06:25 fetching corpus: 150, signal 58000/63428 (executing program) 1970/01/01 00:06:28 fetching corpus: 200, signal 63372/69863 (executing program) 1970/01/01 00:06:31 fetching corpus: 250, signal 68013/75499 (executing program) 1970/01/01 00:06:36 fetching corpus: 300, signal 75785/83931 (executing program) 1970/01/01 00:06:40 fetching corpus: 350, signal 80243/89197 (executing program) 1970/01/01 00:06:43 fetching corpus: 399, signal 83277/93018 (executing program) 1970/01/01 00:06:46 fetching corpus: 449, signal 86217/96752 (executing program) 1970/01/01 00:06:50 fetching corpus: 499, signal 89885/101012 (executing program) 1970/01/01 00:06:53 fetching corpus: 549, signal 93051/104855 (executing program) 1970/01/01 00:06:56 fetching corpus: 599, signal 96296/108662 (executing program) 1970/01/01 00:06:58 fetching corpus: 648, signal 99081/112004 (executing program) 1970/01/01 00:07:01 fetching corpus: 698, signal 101720/115101 (executing program) 1970/01/01 00:07:05 fetching corpus: 748, signal 104455/118260 (executing program) 1970/01/01 00:07:09 fetching corpus: 798, signal 106588/120834 (executing program) 1970/01/01 00:07:12 fetching corpus: 848, signal 108894/123533 (executing program) 1970/01/01 00:07:15 fetching corpus: 898, signal 110961/125990 (executing program) 1970/01/01 00:07:19 fetching corpus: 948, signal 114034/129182 (executing program) 1970/01/01 00:07:21 fetching corpus: 996, signal 115382/130932 (executing program) 1970/01/01 00:07:24 fetching corpus: 1046, signal 116590/132616 (executing program) 1970/01/01 00:07:27 fetching corpus: 1096, signal 118569/134796 (executing program) 1970/01/01 00:07:31 fetching corpus: 1146, signal 120193/136719 (executing program) 1970/01/01 00:07:33 fetching corpus: 1196, signal 123038/139495 (executing program) 1970/01/01 00:07:36 fetching corpus: 1246, signal 124715/141360 (executing program) 1970/01/01 00:07:39 fetching corpus: 1295, signal 126712/143375 (executing program) 1970/01/01 00:07:41 fetching corpus: 1345, signal 128344/145132 (executing program) 1970/01/01 00:07:44 fetching corpus: 1394, signal 129922/146830 (executing program) 1970/01/01 00:07:47 fetching corpus: 1444, signal 131213/148240 (executing program) 1970/01/01 00:07:48 fetching corpus: 1494, signal 132558/149690 (executing program) 1970/01/01 00:07:51 fetching corpus: 1544, signal 133942/151180 (executing program) 1970/01/01 00:07:54 fetching corpus: 1594, signal 135443/152612 (executing program) 1970/01/01 00:07:57 fetching corpus: 1644, signal 136700/153890 (executing program) 1970/01/01 00:08:01 fetching corpus: 1693, signal 138623/155608 (executing program) 1970/01/01 00:08:05 fetching corpus: 1743, signal 139727/156750 (executing program) 1970/01/01 00:08:09 fetching corpus: 1793, signal 140891/157911 (executing program) 1970/01/01 00:08:12 fetching corpus: 1843, signal 142076/159074 (executing program) 1970/01/01 00:08:15 fetching corpus: 1893, signal 143773/160505 (executing program) 1970/01/01 00:08:17 fetching corpus: 1943, signal 144945/161570 (executing program) 1970/01/01 00:08:20 fetching corpus: 1993, signal 146245/162691 (executing program) 1970/01/01 00:08:22 fetching corpus: 2043, signal 147156/163599 (executing program) 1970/01/01 00:08:25 fetching corpus: 2093, signal 148160/164500 (executing program) 1970/01/01 00:08:27 fetching corpus: 2143, signal 149750/165735 (executing program) 1970/01/01 00:08:30 fetching corpus: 2193, signal 150537/166496 (executing program) 1970/01/01 00:08:34 fetching corpus: 2243, signal 151375/167293 (executing program) 1970/01/01 00:08:36 fetching corpus: 2293, signal 152360/168111 (executing program) 1970/01/01 00:08:38 fetching corpus: 2343, signal 153151/168832 (executing program) 1970/01/01 00:08:41 fetching corpus: 2393, signal 154727/169894 (executing program) 1970/01/01 00:08:43 fetching corpus: 2443, signal 155549/170583 (executing program) 1970/01/01 00:08:46 fetching corpus: 2493, signal 157191/171611 (executing program) 1970/01/01 00:08:49 fetching corpus: 2543, signal 158465/172444 (executing program) 1970/01/01 00:08:52 fetching corpus: 2593, signal 159138/172996 (executing program) 1970/01/01 00:08:55 fetching corpus: 2642, signal 160068/173634 (executing program) 1970/01/01 00:08:58 fetching corpus: 2692, signal 161034/174263 (executing program) 1970/01/01 00:09:00 fetching corpus: 2742, signal 161849/174790 (executing program) 1970/01/01 00:09:03 fetching corpus: 2792, signal 162814/175365 (executing program) 1970/01/01 00:09:06 fetching corpus: 2842, signal 163625/175873 (executing program) 1970/01/01 00:09:08 fetching corpus: 2892, signal 164417/176394 (executing program) 1970/01/01 00:09:11 fetching corpus: 2941, signal 165270/176907 (executing program) 1970/01/01 00:09:13 fetching corpus: 2991, signal 166173/177387 (executing program) 1970/01/01 00:09:16 fetching corpus: 3041, signal 166861/177801 (executing program) 1970/01/01 00:09:19 fetching corpus: 3091, signal 167543/178217 (executing program) 1970/01/01 00:09:22 fetching corpus: 3141, signal 168219/178598 (executing program) 1970/01/01 00:09:25 fetching corpus: 3190, signal 168929/178959 (executing program) 1970/01/01 00:09:29 fetching corpus: 3240, signal 169699/179316 (executing program) 1970/01/01 00:09:30 fetching corpus: 3290, signal 170258/179599 (executing program) 1970/01/01 00:09:34 fetching corpus: 3340, signal 171326/180007 (executing program) 1970/01/01 00:09:37 fetching corpus: 3390, signal 172145/180323 (executing program) 1970/01/01 00:09:40 fetching corpus: 3440, signal 172927/180646 (executing program) 1970/01/01 00:09:42 fetching corpus: 3490, signal 173535/180904 (executing program) 1970/01/01 00:09:46 fetching corpus: 3540, signal 174155/181141 (executing program) 1970/01/01 00:09:48 fetching corpus: 3590, signal 174669/181357 (executing program) 1970/01/01 00:09:50 fetching corpus: 3640, signal 175160/181553 (executing program) 1970/01/01 00:09:53 fetching corpus: 3690, signal 175828/181783 (executing program) 1970/01/01 00:09:57 fetching corpus: 3739, signal 176614/181997 (executing program) 1970/01/01 00:09:59 fetching corpus: 3789, signal 177216/182154 (executing program) 1970/01/01 00:10:01 fetching corpus: 3839, signal 178025/182320 (executing program) 1970/01/01 00:10:05 fetching corpus: 3888, signal 178743/182456 (executing program) 1970/01/01 00:10:07 fetching corpus: 3937, signal 179580/182600 (executing program) 1970/01/01 00:10:09 fetching corpus: 3987, signal 180303/182707 (executing program) 1970/01/01 00:10:10 fetching corpus: 4011, signal 180564/182763 (executing program) 1970/01/01 00:10:10 fetching corpus: 4011, signal 180564/182790 (executing program) 1970/01/01 00:10:10 fetching corpus: 4011, signal 180564/182819 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182840 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182872 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182897 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182915 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182944 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182969 (executing program) 1970/01/01 00:10:11 fetching corpus: 4011, signal 180564/182984 (executing program) 1970/01/01 00:10:12 fetching corpus: 4011, signal 180566/182994 (executing program) 1970/01/01 00:10:12 fetching corpus: 4011, signal 180566/182994 (executing program) 1970/01/01 00:12:19 starting 2 fuzzer processes 00:12:19 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/devices.allow\x00', 0x0, 0x0) fchmod(r0, 0x0) 00:12:20 executing program 1: set_mempolicy(0x2, &(0x7f0000000140)=0x9, 0x4) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) write(r0, &(0x7f0000000000)="fa", 0x1) [ 782.648926][ T2032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 783.216750][ T2032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 783.298563][ T2033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 783.924560][ T2033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 797.354416][ T2032] device hsr_slave_0 entered promiscuous mode [ 797.414469][ T2032] device hsr_slave_1 entered promiscuous mode [ 799.388788][ T2033] device hsr_slave_0 entered promiscuous mode [ 799.429078][ T2033] device hsr_slave_1 entered promiscuous mode [ 799.457436][ T2033] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 799.464204][ T2033] Cannot create hsr debugfs directory [ 804.547354][ C0] ================================================================== [ 804.548730][ C0] BUG: KASAN: slab-out-of-bounds in __bfs+0x154/0x394 [ 804.550635][ C0] Read of size 8 at addr ffffaf8009bdbdd0 by task syz-executor.1/2032 [ 804.552334][ C0] [ 804.554487][ C0] CPU: 0 PID: 2032 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 804.556678][ C0] Hardware name: riscv-virtio,qemu (DT) [ 804.557805][ C0] Call Trace: [ 804.558642][ C0] [] dump_backtrace+0x2e/0x3c [ 804.560199][ C0] [] show_stack+0x34/0x40 [ 804.561743][ C0] [] dump_stack_lvl+0xe4/0x150 [ 804.562959][ C0] [] print_address_description.constprop.0+0x2a/0x330 [ 804.564352][ C0] [] kasan_report+0x184/0x1e0 [ 804.565507][ C0] [] __asan_load8+0x6e/0x96 [ 804.566624][ C0] [] __bfs+0x154/0x394 [ 804.567654][ C0] [] check_path.constprop.0+0x24/0x46 [ 804.568850][ C0] [] check_noncircular+0x11a/0x1fe [ 804.570332][ C0] [] __lock_acquire+0x19a4/0x333e [ 804.572237][ C0] [ 804.572894][ C0] Allocated by task 2516: [ 804.573574][ C0] stack_trace_save+0xa6/0xd8 [ 804.574451][ C0] kasan_save_stack+0x2c/0x58 [ 804.575274][ C0] __kasan_slab_alloc+0x8e/0x98 [ 804.576072][ C0] kmem_cache_alloc+0x338/0x3de [ 804.576895][ C0] __pte_alloc+0xe0/0x394 [ 804.577591][ C0] __handle_mm_fault+0x1bc8/0x23a4 [ 804.578361][ C0] handle_mm_fault+0x296/0x674 [ 804.579077][ C0] __get_user_pages+0x444/0x7b4 [ 804.580679][ C0] __get_user_pages_remote+0x156/0x63a [ 804.582212][ C0] get_user_pages_remote+0x5e/0x86 [ 804.583083][ C0] get_arg_page+0xf4/0x282 [ 804.583863][ C0] copy_string_kernel+0x13c/0x3ea [ 804.584693][ C0] kernel_execve+0x16c/0x288 [ 804.585481][ C0] call_usermodehelper_exec_async+0x1c0/0x2dc [ 804.586357][ C0] ret_from_exception+0x0/0x10 [ 804.587180][ C0] [ 804.587656][ C0] The buggy address belongs to the object at ffffaf8009bdbd80 [ 804.587656][ C0] which belongs to the cache page->ptl of size 64 [ 804.588924][ C0] The buggy address is located 16 bytes to the right of [ 804.588924][ C0] 64-byte region [ffffaf8009bdbd80, ffffaf8009bdbdc0) [ 804.591098][ C0] The buggy address belongs to the page: [ 804.592996][ C0] page:ffffaf807a906598 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x89ddb [ 804.597869][ C0] flags: 0x8800000200(slab|section=17|node=0|zone=0) [ 804.601956][ C0] raw: 0000008800000200 0000000000000000 0000000000000122 ffffaf800720d640 [ 804.603256][ C0] raw: 0000000000000000 00000000002a002a 00000001ffffffff 0000000000000000 [ 804.604396][ C0] raw: 00000000000007ff [ 804.605198][ C0] page dumped because: kasan: bad access detected [ 804.606366][ C0] page_owner tracks the page as allocated [ 804.607213][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 2479, ts 797178038100, free_ts 796963729500 [ 804.609251][ C0] __set_page_owner+0x48/0x136 [ 804.610703][ C0] post_alloc_hook+0xd0/0x10a [ 804.611769][ C0] get_page_from_freelist+0x8da/0x12d8 [ 804.612906][ C0] __alloc_pages+0x150/0x3b6 [ 804.613921][ C0] alloc_pages+0x132/0x2a6 [ 804.614947][ C0] alloc_slab_page.constprop.0+0xc2/0xfa [ 804.616050][ C0] new_slab+0x76/0x2cc [ 804.617050][ C0] ___slab_alloc+0x56e/0x918 [ 804.618065][ C0] __slab_alloc.constprop.0+0x50/0x8c [ 804.619179][ C0] kmem_cache_alloc+0x39c/0x3de [ 804.620923][ C0] __pte_alloc+0xe0/0x394 [ 804.621906][ C0] __handle_mm_fault+0x1bc8/0x23a4 [ 804.622913][ C0] handle_mm_fault+0x296/0x674 [ 804.623883][ C0] __get_user_pages+0x444/0x7b4 [ 804.624990][ C0] __get_user_pages_remote+0x156/0x63a [ 804.626136][ C0] get_user_pages_remote+0x5e/0x86 [ 804.627298][ C0] page last free stack trace: [ 804.628022][ C0] __reset_page_owner+0x4a/0xea [ 804.629078][ C0] free_pcp_prepare+0x29c/0x45e [ 804.630609][ C0] free_unref_page+0x6a/0x31e [ 804.631640][ C0] __free_pages+0xe2/0x112 [ 804.632653][ C0] free_pages.part.0+0xe0/0xf6 [ 804.633671][ C0] free_pages+0xe/0x18 [ 804.634610][ C0] free_pgd_range+0x8b0/0xc54 [ 804.635564][ C0] free_pgtables+0xf2/0x1c8 [ 804.636541][ C0] exit_mmap+0x168/0x412 [ 804.637528][ C0] mmput+0xee/0x2c2 [ 804.638456][ C0] free_bprm+0xbc/0x1de [ 804.639513][ C0] kernel_execve+0x214/0x288 [ 804.641020][ C0] call_usermodehelper_exec_async+0x1c0/0x2dc [ 804.642219][ C0] ret_from_exception+0x0/0x10 [ 804.643388][ C0] [ 804.643984][ C0] Memory state around the buggy address: [ 804.645241][ C0] ffffaf8009bdbc80: f1 f1 f1 f1 00 f3 f3 f3 fa fb fb fb fb fb fb fb [ 804.646415][ C0] ffffaf8009bdbd00: fc fc fc fc fa fb fb fb fb fb fb fb 00 00 00 00 [ 804.647509][ C0] >ffffaf8009bdbd80: f1 f1 f1 f1 00 f2 f2 f2 fc fc fc fc 00 00 00 f3 [ 804.648509][ C0] ^ [ 804.649563][ C0] ffffaf8009bdbe00: f3 f3 f3 f3 fc fc fc fc fa fb fb fb fb fb fb fb [ 804.651381][ C0] ffffaf8009bdbe80: fc fc fc fc fa fb fb fb fb fb fb fb fc fc fc fc [ 804.652571][ C0] ================================================================== [ 804.653575][ C0] Disabling lock debugging due to kernel taint [ 804.657783][ T2032] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 804.659113][ T2032] CPU: 0 PID: 2032 Comm: syz-executor.1 Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 804.661863][ T2032] Hardware name: riscv-virtio,qemu (DT) [ 804.662721][ T2032] Call Trace: [ 804.663351][ T2032] [] dump_backtrace+0x2e/0x3c [ 804.664740][ T2032] [] show_stack+0x34/0x40 [ 804.665798][ T2032] [] dump_stack_lvl+0xe4/0x150 [ 804.667016][ T2032] [] dump_stack+0x1c/0x24 [ 804.668288][ T2032] [] panic+0x24a/0x634 [ 804.669379][ T2032] [] schedule+0x0/0x14c [ 804.670529][ T2032] [] preempt_schedule_common+0x4e/0xde [ 804.671776][ T2032] [] preempt_schedule+0x34/0x36 [ 804.672968][ T2032] [] _raw_spin_unlock_irqrestore+0x8c/0x98 [ 804.674204][ T2032] [] debug_check_no_obj_freed+0x14c/0x24a [ 804.675430][ T2032] [] slab_free_freelist_hook+0xe4/0x1cc [ 804.676694][ T2032] [] kmem_cache_free+0xca/0x482 [ 804.677894][ T2032] [] kernfs_put.part.0+0x21c/0x3b2 [ 804.679130][ T2032] [] kernfs_put+0x68/0x7c [ 804.681079][ T2032] [] sysfs_remove_group+0x8e/0xee [ 804.682233][ T2032] [] netdev_queue_update_kobjects+0x29e/0x3ba [ 804.683511][ T2032] [] netif_set_real_num_tx_queues+0x12a/0x530 [ 804.684814][ T2032] [] veth_init_queues+0xde/0xf4 [ 804.685993][ T2032] [] veth_newlink+0x4a0/0x7dc [ 804.687116][ T2032] [] __rtnl_newlink+0xc16/0xfa0 [ 804.688355][ T2032] [] rtnl_newlink+0x60/0x8c [ 804.690060][ T2032] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 804.691241][ T2032] [] netlink_rcv_skb+0xf8/0x2be [ 804.692360][ T2032] [] rtnetlink_rcv+0x26/0x30 [ 804.693452][ T2032] [] netlink_unicast+0x40e/0x5fe [ 804.694552][ T2032] [] netlink_sendmsg+0x4e0/0x994 [ 804.695616][ T2032] [] sock_sendmsg+0xa0/0xc4 [ 804.696794][ T2032] [] __sys_sendto+0x1f2/0x2e0 [ 804.697842][ T2032] [] sys_sendto+0x3e/0x52 [ 804.698875][ T2032] [] ret_from_syscall+0x0/0x2 [ 804.700932][ T2032] SMP: stopping secondary CPUs [ 804.703084][ T2032] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:07:54 Registers: info registers vcpu 0 pc ffffffff80c2b612 mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80119ba4 sepc ffffffff802009d2 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8011c7fa x2/sp ffffaf8009bdb6b0 x3/gp ffffffff85863ac0 x4/tp ffffaf800e616100 x5/t0 ffffaf8009bdb763 x6/t1 fffff5ef0137b6ec x7/t2 0000000000000000 x8/s0 ffffaf8009bdb6e0 x9/s1 ffffffff86bcb640 x10/a0 ffffffff86bcb640 x11/a1 000000000000000a x12/a2 0000000000000000 x13/a3 ffffffff8011c7ec x14/a4 ffffaf800e616100 x15/a5 0000000000000000 x16/a6 ffffaf8009bdb767 x17/a7 ffffaf8009bdb765 x18/s2 ffffffff86bcb641 x19/s3 ffffffff86bcb640 x20/s4 000000000000000a x21/s5 0000000000000017 x22/s6 0000000000000000 x23/s7 0000000000000400 x24/s8 ffffaf8009bdb750 x25/s9 0000000000000000 x26/s10 00000000000003e7 x27/s11 ffffaf8009bdb9a0 x28/t3 0000000000000043 x29/t4 fffff5ef0137b6ec x30/t5 fffff5ef0137b6ed x31/t6 ffffaf8009bdb766 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff80119b52 mhartid 0000000000000001 mstatus 00000000000000a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff80475986 mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80119b52 x2/sp ffffaf800efb77e0 x3/gp ffffffff85863ac0 x4/tp ffffaf800badb080 x5/t0 00000000000001f8 x6/t1 cc62d78e20f74c00 x7/t2 ffffffffffffffff x8/s0 ffffaf800efb7820 x9/s1 ffffaf800b970c98 x10/a0 ffffaf800b970c98 x11/a1 0000000000000003 x12/a2 1ffff5f00172e193 x13/a3 ffffffff80119b52 x14/a4 0000000000000000 x15/a5 ffffaf800b970c98 x16/a6 0000000000f00000 x17/a7 ffffffff826e6226 x18/s2 0000000000000001 x19/s3 ffffaf800badb080 x20/s4 ffffaf800b970ca8 x21/s5 ffffaf800b970ca0 x22/s6 ffffaf800efb7960 x23/s7 ffffaf800efb7b00 x24/s8 0000000000000000 x25/s9 0000000000004000 x26/s10 0000000000000040 x27/s11 0000000000000001 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001df6eb4 x31/t6 000000000224ccc2 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000