syzkaller login: [ 275.085285][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 284.325094][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 284.359581][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 303.495886][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:49639' (ECDSA) to the list of known hosts. 1970/01/01 00:06:38 fuzzer started 1970/01/01 00:06:51 dialing manager at localhost:39321 [ 421.366205][ T2031] cgroup: Unknown subsys name 'net' [ 422.388696][ T2031] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:07:02 syscalls: 2918 1970/01/01 00:07:02 code coverage: enabled 1970/01/01 00:07:02 comparison tracing: enabled 1970/01/01 00:07:02 extra coverage: enabled 1970/01/01 00:07:02 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:07:02 setuid sandbox: enabled 1970/01/01 00:07:02 namespace sandbox: enabled 1970/01/01 00:07:02 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:07:02 fault injection: enabled 1970/01/01 00:07:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:07:02 net packet injection: enabled 1970/01/01 00:07:02 net device setup: enabled 1970/01/01 00:07:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:07:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:07:02 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:07:02 USB emulation: enabled 1970/01/01 00:07:02 hci packet injection: /dev/vhci does not exist 1970/01/01 00:07:02 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:07:02 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:07:02 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:07:07 fetching corpus: 50, signal 27347/30892 (executing program) 1970/01/01 00:07:10 fetching corpus: 100, signal 39322/44337 (executing program) 1970/01/01 00:07:13 fetching corpus: 150, signal 52134/58387 (executing program) 1970/01/01 00:07:18 fetching corpus: 200, signal 61806/69243 (executing program) 1970/01/01 00:07:21 fetching corpus: 250, signal 69629/78183 (executing program) 1970/01/01 00:07:26 fetching corpus: 300, signal 74914/84558 (executing program) 1970/01/01 00:07:30 fetching corpus: 350, signal 78457/89273 (executing program) 1970/01/01 00:07:32 fetching corpus: 399, signal 81669/93609 (executing program) 1970/01/01 00:07:35 fetching corpus: 448, signal 84311/97351 (executing program) 1970/01/01 00:07:38 fetching corpus: 498, signal 88141/102135 (executing program) 1970/01/01 00:07:40 fetching corpus: 548, signal 90393/105381 (executing program) 1970/01/01 00:07:45 fetching corpus: 598, signal 93470/109395 (executing program) 1970/01/01 00:07:47 fetching corpus: 648, signal 96142/113001 (executing program) 1970/01/01 00:07:50 fetching corpus: 698, signal 98861/116593 (executing program) 1970/01/01 00:07:53 fetching corpus: 748, signal 101609/120197 (executing program) 1970/01/01 00:07:56 fetching corpus: 798, signal 104061/123462 (executing program) 1970/01/01 00:07:59 fetching corpus: 848, signal 106088/126360 (executing program) 1970/01/01 00:08:06 fetching corpus: 897, signal 110382/131106 (executing program) 1970/01/01 00:08:09 fetching corpus: 947, signal 111977/133541 (executing program) 1970/01/01 00:08:12 fetching corpus: 997, signal 115780/137791 (executing program) 1970/01/01 00:08:16 fetching corpus: 1045, signal 118518/141113 (executing program) 1970/01/01 00:08:19 fetching corpus: 1095, signal 121039/144171 (executing program) 1970/01/01 00:08:21 fetching corpus: 1145, signal 122457/146339 (executing program) 1970/01/01 00:08:24 fetching corpus: 1195, signal 123752/148405 (executing program) 1970/01/01 00:08:26 fetching corpus: 1245, signal 125784/151001 (executing program) 1970/01/01 00:08:29 fetching corpus: 1295, signal 127715/153492 (executing program) 1970/01/01 00:08:31 fetching corpus: 1344, signal 129264/155663 (executing program) 1970/01/01 00:08:33 fetching corpus: 1394, signal 131091/158010 (executing program) 1970/01/01 00:08:36 fetching corpus: 1444, signal 132940/160330 (executing program) 1970/01/01 00:08:39 fetching corpus: 1494, signal 134158/162187 (executing program) 1970/01/01 00:08:41 fetching corpus: 1544, signal 135493/164112 (executing program) 1970/01/01 00:08:44 fetching corpus: 1593, signal 136829/165991 (executing program) 1970/01/01 00:08:47 fetching corpus: 1643, signal 138156/167794 (executing program) 1970/01/01 00:08:49 fetching corpus: 1693, signal 139300/169488 (executing program) 1970/01/01 00:08:52 fetching corpus: 1742, signal 140581/171286 (executing program) 1970/01/01 00:08:54 fetching corpus: 1792, signal 141944/173104 (executing program) 1970/01/01 00:08:56 fetching corpus: 1842, signal 143067/174746 (executing program) 1970/01/01 00:08:58 fetching corpus: 1892, signal 144826/176814 (executing program) 1970/01/01 00:09:01 fetching corpus: 1942, signal 145490/178068 (executing program) 1970/01/01 00:09:03 fetching corpus: 1991, signal 146701/179631 (executing program) 1970/01/01 00:09:05 fetching corpus: 2040, signal 147823/181170 (executing program) 1970/01/01 00:09:07 fetching corpus: 2090, signal 148780/182575 (executing program) 1970/01/01 00:09:09 fetching corpus: 2140, signal 150757/184576 (executing program) 1970/01/01 00:09:12 fetching corpus: 2190, signal 151643/185937 (executing program) 1970/01/01 00:09:14 fetching corpus: 2240, signal 152516/187216 (executing program) 1970/01/01 00:09:16 fetching corpus: 2290, signal 153395/188449 (executing program) 1970/01/01 00:09:18 fetching corpus: 2340, signal 154711/189986 (executing program) 1970/01/01 00:09:20 fetching corpus: 2390, signal 155627/191281 (executing program) 1970/01/01 00:09:22 fetching corpus: 2440, signal 156560/192546 (executing program) 1970/01/01 00:09:25 fetching corpus: 2490, signal 157385/193689 (executing program) 1970/01/01 00:09:27 fetching corpus: 2540, signal 158122/194850 (executing program) 1970/01/01 00:09:29 fetching corpus: 2590, signal 158774/195949 (executing program) 1970/01/01 00:09:32 fetching corpus: 2640, signal 159967/197304 (executing program) 1970/01/01 00:09:35 fetching corpus: 2690, signal 161265/198746 (executing program) 1970/01/01 00:09:37 fetching corpus: 2740, signal 162501/200084 (executing program) 1970/01/01 00:09:40 fetching corpus: 2790, signal 163610/201317 (executing program) 1970/01/01 00:09:43 fetching corpus: 2840, signal 164347/202383 (executing program) 1970/01/01 00:09:44 fetching corpus: 2890, signal 164937/203354 (executing program) 1970/01/01 00:09:46 fetching corpus: 2940, signal 165753/204424 (executing program) 1970/01/01 00:09:49 fetching corpus: 2990, signal 166545/205475 (executing program) 1970/01/01 00:09:52 fetching corpus: 3040, signal 167669/206679 (executing program) 1970/01/01 00:09:54 fetching corpus: 3090, signal 168603/207733 (executing program) 1970/01/01 00:09:59 fetching corpus: 3140, signal 169350/208710 (executing program) 1970/01/01 00:10:03 fetching corpus: 3190, signal 170263/209811 (executing program) 1970/01/01 00:10:04 fetching corpus: 3240, signal 171294/210918 (executing program) 1970/01/01 00:10:07 fetching corpus: 3289, signal 172312/212006 (executing program) 1970/01/01 00:10:11 fetching corpus: 3339, signal 173161/212998 (executing program) 1970/01/01 00:10:18 fetching corpus: 3388, signal 173932/213944 (executing program) 1970/01/01 00:10:20 fetching corpus: 3438, signal 174590/214800 (executing program) 1970/01/01 00:10:22 fetching corpus: 3488, signal 175383/215738 (executing program) 1970/01/01 00:10:25 fetching corpus: 3538, signal 176162/216622 (executing program) 1970/01/01 00:10:28 fetching corpus: 3586, signal 176906/217524 (executing program) 1970/01/01 00:10:31 fetching corpus: 3636, signal 177871/218498 (executing program) 1970/01/01 00:10:33 fetching corpus: 3686, signal 179100/219438 (executing program) 1970/01/01 00:10:36 fetching corpus: 3736, signal 179964/220310 (executing program) 1970/01/01 00:10:38 fetching corpus: 3786, signal 181040/221214 (executing program) 1970/01/01 00:10:42 fetching corpus: 3836, signal 181834/222007 (executing program) 1970/01/01 00:10:45 fetching corpus: 3886, signal 182536/222779 (executing program) 1970/01/01 00:10:47 fetching corpus: 3936, signal 183193/223510 (executing program) 1970/01/01 00:10:50 fetching corpus: 3986, signal 184122/224296 (executing program) 1970/01/01 00:10:52 fetching corpus: 4036, signal 184770/224970 (executing program) 1970/01/01 00:10:56 fetching corpus: 4086, signal 185476/225690 (executing program) 1970/01/01 00:10:58 fetching corpus: 4136, signal 186104/226363 (executing program) 1970/01/01 00:11:00 fetching corpus: 4186, signal 186670/227039 (executing program) 1970/01/01 00:11:03 fetching corpus: 4236, signal 187307/227733 (executing program) 1970/01/01 00:11:04 fetching corpus: 4286, signal 187831/228352 (executing program) 1970/01/01 00:11:07 fetching corpus: 4336, signal 188549/228960 (executing program) 1970/01/01 00:11:10 fetching corpus: 4386, signal 189076/229588 (executing program) 1970/01/01 00:11:12 fetching corpus: 4436, signal 189797/230237 (executing program) 1970/01/01 00:11:14 fetching corpus: 4485, signal 190395/230858 (executing program) 1970/01/01 00:11:17 fetching corpus: 4535, signal 190824/231381 (executing program) 1970/01/01 00:11:20 fetching corpus: 4585, signal 191488/231978 (executing program) 1970/01/01 00:11:23 fetching corpus: 4635, signal 192145/232585 (executing program) 1970/01/01 00:11:25 fetching corpus: 4685, signal 193054/233218 (executing program) 1970/01/01 00:11:28 fetching corpus: 4735, signal 193794/233842 (executing program) 1970/01/01 00:11:32 fetching corpus: 4785, signal 194356/234380 (executing program) 1970/01/01 00:11:34 fetching corpus: 4835, signal 194902/234914 (executing program) 1970/01/01 00:11:35 fetching corpus: 4884, signal 195682/235475 (executing program) 1970/01/01 00:11:38 fetching corpus: 4934, signal 196402/235968 (executing program) 1970/01/01 00:11:40 fetching corpus: 4984, signal 196956/236447 (executing program) 1970/01/01 00:11:44 fetching corpus: 5034, signal 197606/236967 (executing program) 1970/01/01 00:11:46 fetching corpus: 5083, signal 198034/237428 (executing program) 1970/01/01 00:11:48 fetching corpus: 5133, signal 198806/237937 (executing program) 1970/01/01 00:11:50 fetching corpus: 5183, signal 199551/238400 (executing program) 1970/01/01 00:11:54 fetching corpus: 5233, signal 200090/238825 (executing program) 1970/01/01 00:11:57 fetching corpus: 5283, signal 200742/239245 (executing program) 1970/01/01 00:11:59 fetching corpus: 5333, signal 201256/239671 (executing program) 1970/01/01 00:12:01 fetching corpus: 5383, signal 201699/240084 (executing program) 1970/01/01 00:12:04 fetching corpus: 5433, signal 202268/240483 (executing program) 1970/01/01 00:12:07 fetching corpus: 5482, signal 202868/240884 (executing program) 1970/01/01 00:12:09 fetching corpus: 5532, signal 203406/241249 (executing program) 1970/01/01 00:12:12 fetching corpus: 5582, signal 203903/241634 (executing program) 1970/01/01 00:12:15 fetching corpus: 5631, signal 204529/242020 (executing program) 1970/01/01 00:12:17 fetching corpus: 5681, signal 205139/242404 (executing program) 1970/01/01 00:12:20 fetching corpus: 5731, signal 205731/242759 (executing program) 1970/01/01 00:12:24 fetching corpus: 5781, signal 206276/243102 (executing program) 1970/01/01 00:12:27 fetching corpus: 5831, signal 206673/243441 (executing program) 1970/01/01 00:12:30 fetching corpus: 5881, signal 207458/243792 (executing program) 1970/01/01 00:12:33 fetching corpus: 5931, signal 207991/244101 (executing program) 1970/01/01 00:12:35 fetching corpus: 5981, signal 208532/244409 (executing program) 1970/01/01 00:12:37 fetching corpus: 6031, signal 208981/244732 (executing program) 1970/01/01 00:12:41 fetching corpus: 6081, signal 209579/244851 (executing program) 1970/01/01 00:12:43 fetching corpus: 6131, signal 210042/244881 (executing program) 1970/01/01 00:12:45 fetching corpus: 6181, signal 210465/244881 (executing program) 1970/01/01 00:12:48 fetching corpus: 6231, signal 210885/244881 (executing program) 1970/01/01 00:12:52 fetching corpus: 6280, signal 211457/244881 (executing program) 1970/01/01 00:12:54 fetching corpus: 6330, signal 211942/244889 (executing program) 1970/01/01 00:12:56 fetching corpus: 6380, signal 212385/244889 (executing program) 1970/01/01 00:12:58 fetching corpus: 6430, signal 212988/244889 (executing program) 1970/01/01 00:13:04 fetching corpus: 6480, signal 213522/244896 (executing program) 1970/01/01 00:13:07 fetching corpus: 6530, signal 214045/244896 (executing program) 1970/01/01 00:13:09 fetching corpus: 6580, signal 214431/244896 (executing program) 1970/01/01 00:13:11 fetching corpus: 6628, signal 214910/244897 (executing program) 1970/01/01 00:13:14 fetching corpus: 6676, signal 215253/244897 (executing program) 1970/01/01 00:13:16 fetching corpus: 6726, signal 215663/244897 (executing program) 1970/01/01 00:13:19 fetching corpus: 6776, signal 216050/244902 (executing program) 1970/01/01 00:13:23 fetching corpus: 6826, signal 216638/244931 (executing program) 1970/01/01 00:13:26 fetching corpus: 6876, signal 217118/244931 (executing program) 1970/01/01 00:13:28 fetching corpus: 6925, signal 217635/244932 (executing program) 1970/01/01 00:13:30 fetching corpus: 6975, signal 218115/244946 (executing program) 1970/01/01 00:13:32 fetching corpus: 7025, signal 218613/244946 (executing program) 1970/01/01 00:13:34 fetching corpus: 7075, signal 218959/244946 (executing program) 1970/01/01 00:13:36 fetching corpus: 7125, signal 219471/244953 (executing program) 1970/01/01 00:13:39 fetching corpus: 7175, signal 219974/244953 (executing program) 1970/01/01 00:13:42 fetching corpus: 7225, signal 220440/244953 (executing program) 1970/01/01 00:13:44 fetching corpus: 7273, signal 220784/244953 (executing program) 1970/01/01 00:13:46 fetching corpus: 7322, signal 221099/244987 (executing program) 1970/01/01 00:13:48 fetching corpus: 7372, signal 221430/244993 (executing program) 1970/01/01 00:13:51 fetching corpus: 7422, signal 221863/244993 (executing program) 1970/01/01 00:13:54 fetching corpus: 7471, signal 222419/244993 (executing program) 1970/01/01 00:13:58 fetching corpus: 7521, signal 222946/245001 (executing program) 1970/01/01 00:14:00 fetching corpus: 7570, signal 223443/245001 (executing program) 1970/01/01 00:14:03 fetching corpus: 7620, signal 223906/245001 (executing program) 1970/01/01 00:14:06 fetching corpus: 7670, signal 224414/245013 (executing program) 1970/01/01 00:14:08 fetching corpus: 7719, signal 224832/245013 (executing program) 1970/01/01 00:14:12 fetching corpus: 7769, signal 225384/245013 (executing program) 1970/01/01 00:14:16 fetching corpus: 7818, signal 225805/245013 (executing program) 1970/01/01 00:14:19 fetching corpus: 7868, signal 226223/245013 (executing program) 1970/01/01 00:14:21 fetching corpus: 7918, signal 226615/245013 (executing program) 1970/01/01 00:14:23 fetching corpus: 7968, signal 227028/245046 (executing program) 1970/01/01 00:14:25 fetching corpus: 8018, signal 227368/245046 (executing program) 1970/01/01 00:14:28 fetching corpus: 8068, signal 227712/245046 (executing program) 1970/01/01 00:14:30 fetching corpus: 8118, signal 228294/245046 (executing program) 1970/01/01 00:14:35 fetching corpus: 8168, signal 230071/245046 (executing program) 1970/01/01 00:14:39 fetching corpus: 8218, signal 230408/245046 (executing program) 1970/01/01 00:14:41 fetching corpus: 8268, signal 230900/245051 (executing program) 1970/01/01 00:14:44 fetching corpus: 8318, signal 231325/245059 (executing program) 1970/01/01 00:14:46 fetching corpus: 8368, signal 231779/245059 (executing program) 1970/01/01 00:14:49 fetching corpus: 8418, signal 232136/245059 (executing program) 1970/01/01 00:14:50 fetching corpus: 8468, signal 232537/245059 (executing program) 1970/01/01 00:14:54 fetching corpus: 8517, signal 232906/245060 (executing program) 1970/01/01 00:14:57 fetching corpus: 8566, signal 233258/245060 (executing program) 1970/01/01 00:15:00 fetching corpus: 8614, signal 233746/245066 (executing program) 1970/01/01 00:15:02 fetching corpus: 8664, signal 234214/245066 (executing program) 1970/01/01 00:15:05 fetching corpus: 8714, signal 234678/245066 (executing program) 1970/01/01 00:15:07 fetching corpus: 8764, signal 235091/245077 (executing program) 1970/01/01 00:15:09 fetching corpus: 8814, signal 235364/245085 (executing program) 1970/01/01 00:15:11 fetching corpus: 8864, signal 235764/245085 (executing program) 1970/01/01 00:15:14 fetching corpus: 8914, signal 236097/245085 (executing program) 1970/01/01 00:15:17 fetching corpus: 8963, signal 236572/245085 (executing program) 1970/01/01 00:15:21 fetching corpus: 9013, signal 236887/245085 (executing program) 1970/01/01 00:15:23 fetching corpus: 9063, signal 237144/245088 (executing program) 1970/01/01 00:15:26 fetching corpus: 9113, signal 237469/245095 (executing program) 1970/01/01 00:15:28 fetching corpus: 9162, signal 238026/245099 (executing program) 1970/01/01 00:15:30 fetching corpus: 9212, signal 238472/245099 (executing program) 1970/01/01 00:15:32 fetching corpus: 9262, signal 238822/245099 (executing program) 1970/01/01 00:15:35 fetching corpus: 9312, signal 239437/245099 (executing program) 1970/01/01 00:15:37 fetching corpus: 9362, signal 240245/245099 (executing program) 1970/01/01 00:15:40 fetching corpus: 9412, signal 240570/245110 (executing program) 1970/01/01 00:15:42 fetching corpus: 9462, signal 240955/245110 (executing program) 1970/01/01 00:15:45 fetching corpus: 9512, signal 241291/245159 (executing program) 1970/01/01 00:15:48 fetching corpus: 9562, signal 241824/245159 (executing program) 1970/01/01 00:15:50 fetching corpus: 9612, signal 242112/245159 (executing program) 1970/01/01 00:15:51 fetching corpus: 9662, signal 242478/245159 (executing program) 1970/01/01 00:15:55 fetching corpus: 9712, signal 242825/245160 (executing program) 1970/01/01 00:15:57 fetching corpus: 9762, signal 243177/245212 (executing program) 1970/01/01 00:15:58 fetching corpus: 9774, signal 243239/245212 (executing program) 1970/01/01 00:15:58 fetching corpus: 9774, signal 243239/245307 (executing program) 1970/01/01 00:15:58 fetching corpus: 9774, signal 243239/245307 (executing program) 1970/01/01 00:18:15 starting 2 fuzzer processes 00:18:15 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth1_virt_wifi\x00', &(0x7f0000000000)=@ethtool_cmd={0x17, 0x7}}) 00:18:15 executing program 1: setreuid(0x0, 0xee01) r0 = socket$netlink(0x10, 0x3, 0x15) bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc) [ 1123.756905][ C1] ================================================================== [ 1123.762683][ C1] [ 1123.762890][ C1] ====================================================== [ 1123.763034][ C1] WARNING: possible circular locking dependency detected [ 1123.763313][ C1] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 1123.763717][ C1] ------------------------------------------------------ [ 1123.763838][ C1] sshd/2021 is trying to acquire lock: [ 1123.764119][ C1] ffffffff84a888e0 (console_owner){-...}-{0:0}, at: console_unlock+0x2b2/0x97a [ 1123.765727][ C1] [ 1123.765727][ C1] but task is already holding lock: [ 1123.765839][ C1] ffffffff84c3a588 (report_lock){-...}-{2:2}, at: kasan_report+0x84/0x1e0 [ 1123.766798][ C1] [ 1123.766798][ C1] which lock already depends on the new lock. [ 1123.766798][ C1] [ 1123.766901][ C1] [ 1123.766901][ C1] the existing dependency chain (in reverse order) is: [ 1123.767047][ C1] [ 1123.767047][ C1] -> #7 (report_lock){-...}-{2:2}: [ 1123.767615][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.768117][ C1] lock_acquire+0x54/0x6a [ 1123.768549][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1123.768906][ C1] kasan_report+0x84/0x1e0 [ 1123.769299][ C1] __asan_load8+0x6e/0x96 [ 1123.769682][ C1] rb_insert_color+0x48/0x246 [ 1123.770019][ C1] timerqueue_add+0x144/0x1d0 [ 1123.770546][ C1] __hrtimer_run_queues+0x8b4/0xa16 [ 1123.770912][ C1] hrtimer_interrupt+0x1d4/0x3ea [ 1123.771273][ C1] riscv_timer_interrupt+0x5c/0x6a [ 1123.771596][ C1] handle_percpu_devid_irq+0x17e/0x2ae [ 1123.771997][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1123.772438][ C1] riscv_intc_irq+0x7e/0xc8 [ 1123.772855][ C1] generic_handle_arch_irq+0x36/0x54 [ 1123.773258][ C1] ret_from_exception+0x0/0x10 [ 1123.773577][ C1] finish_task_switch.isra.0+0x152/0x420 [ 1123.774172][ C1] [ 1123.774172][ C1] -> #6 (hrtimer_bases.lock){-.-.}-{2:2}: [ 1123.774714][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.775088][ C1] lock_acquire+0x54/0x6a [ 1123.775474][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1123.775826][ C1] hrtimer_start_range_ns+0x9e/0x6dc [ 1123.776179][ C1] enqueue_task_rt+0x520/0x568 [ 1123.776513][ C1] enqueue_task+0x66/0x136 [ 1123.776883][ C1] __sched_setscheduler.constprop.0+0x704/0xdd4 [ 1123.777399][ C1] sched_set_fifo+0xc8/0x108 [ 1123.777786][ C1] drm_vblank_worker_init+0xea/0x10c [ 1123.778163][ C1] drm_vblank_init+0xec/0x24e [ 1123.778570][ C1] vkms_init+0x272/0x45c [ 1123.778949][ C1] do_one_initcall+0x13a/0x7ea [ 1123.779292][ C1] kernel_init_freeable+0x510/0x5b4 [ 1123.779662][ C1] kernel_init+0x28/0x21c [ 1123.780024][ C1] ret_from_exception+0x0/0x10 [ 1123.780430][ C1] [ 1123.780430][ C1] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}: [ 1123.780957][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.781416][ C1] lock_acquire+0x54/0x6a [ 1123.781768][ C1] _raw_spin_lock+0x32/0x48 [ 1123.782101][ C1] rq_online_rt+0x78/0x1b8 [ 1123.782391][ C1] set_rq_online.part.0+0xaa/0xc2 [ 1123.782755][ C1] sched_cpu_activate+0x1c0/0x250 [ 1123.783091][ C1] cpuhp_invoke_callback+0x282/0x504 [ 1123.783426][ C1] cpuhp_thread_fun+0x2f6/0x4b0 [ 1123.783801][ C1] smpboot_thread_fn+0x448/0x6cc [ 1123.784202][ C1] kthread+0x19e/0x1fa [ 1123.784591][ C1] ret_from_exception+0x0/0x10 [ 1123.784957][ C1] [ 1123.784957][ C1] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 1123.785454][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.785830][ C1] lock_acquire+0x54/0x6a [ 1123.786184][ C1] _raw_spin_lock_nested+0x36/0x4e [ 1123.786582][ C1] raw_spin_rq_lock_nested+0x22/0x34 [ 1123.786972][ C1] task_fork_fair+0xa8/0x218 [ 1123.787356][ C1] sched_post_fork+0x16e/0x196 [ 1123.787811][ C1] copy_process+0x3378/0x3c34 [ 1123.788190][ C1] kernel_clone+0xee/0x920 [ 1123.788581][ C1] kernel_thread+0xf8/0x130 [ 1123.788961][ C1] rest_init+0x34/0x3f2 [ 1123.789337][ C1] arch_call_rest_init+0x18/0x20 [ 1123.789708][ C1] start_kernel+0x66a/0x698 [ 1123.790057][ C1] [ 1123.790057][ C1] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 1123.790563][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.790948][ C1] lock_acquire+0x54/0x6a [ 1123.791300][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1123.791653][ C1] try_to_wake_up+0xa4/0x748 [ 1123.792057][ C1] default_wake_function+0x28/0x36 [ 1123.792506][ C1] woken_wake_function+0x38/0x48 [ 1123.792860][ C1] __wake_up_common+0xb6/0x236 [ 1123.793221][ C1] __wake_up_common_lock+0xd6/0x136 [ 1123.793582][ C1] __wake_up+0x10/0x18 [ 1123.793895][ C1] tty_wakeup+0x58/0xbe [ 1123.794269][ C1] tty_port_default_wakeup+0x2c/0x44 [ 1123.794628][ C1] tty_port_tty_wakeup+0x3a/0x46 [ 1123.794974][ C1] uart_write_wakeup+0x34/0x48 [ 1123.795301][ C1] serial8250_tx_chars+0x322/0x592 [ 1123.795692][ C1] serial8250_handle_irq.part.0+0x284/0x286 [ 1123.796133][ C1] serial8250_default_handle_irq+0xac/0x142 [ 1123.796601][ C1] serial8250_interrupt+0xbe/0x1a6 [ 1123.796954][ C1] __handle_irq_event_percpu+0x16e/0x6ec [ 1123.797349][ C1] handle_irq_event+0x6a/0xfa [ 1123.797674][ C1] handle_fasteoi_irq+0x1c0/0x4d6 [ 1123.798070][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1123.798422][ C1] plic_handle_irq+0x122/0x242 [ 1123.798854][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1123.799252][ C1] riscv_intc_irq+0x7e/0xc8 [ 1123.799668][ C1] generic_handle_arch_irq+0x36/0x54 [ 1123.800087][ C1] ret_from_exception+0x0/0x10 [ 1123.800443][ C1] folio_memcg_lock+0x254/0x2c4 [ 1123.800775][ C1] [ 1123.800775][ C1] -> #2 (&tty->write_wait){-.-.}-{2:2}: [ 1123.801309][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.801685][ C1] lock_acquire+0x54/0x6a [ 1123.802051][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1123.802411][ C1] __wake_up_common_lock+0xc4/0x136 [ 1123.802814][ C1] __wake_up+0x10/0x18 [ 1123.803162][ C1] tty_wakeup+0x58/0xbe [ 1123.803545][ C1] tty_port_default_wakeup+0x2c/0x44 [ 1123.803911][ C1] tty_port_tty_wakeup+0x3a/0x46 [ 1123.804282][ C1] uart_write_wakeup+0x34/0x48 [ 1123.804750][ C1] serial8250_tx_chars+0x322/0x592 [ 1123.805140][ C1] serial8250_handle_irq.part.0+0x284/0x286 [ 1123.805550][ C1] serial8250_default_handle_irq+0xac/0x142 [ 1123.805972][ C1] serial8250_interrupt+0xbe/0x1a6 [ 1123.806331][ C1] __handle_irq_event_percpu+0x16e/0x6ec [ 1123.806694][ C1] handle_irq_event+0x6a/0xfa [ 1123.807032][ C1] handle_fasteoi_irq+0x1c0/0x4d6 [ 1123.807420][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1123.807776][ C1] plic_handle_irq+0x122/0x242 [ 1123.808046][ T2053] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 1123.808310][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1123.808658][ C1] riscv_intc_irq+0x7e/0xc8 [ 1123.809064][ C1] generic_handle_arch_irq+0x36/0x54 [ 1123.809451][ C1] ret_from_exception+0x0/0x10 [ 1123.809778][ C1] arch_cpu_idle+0x10/0x20 [ 1123.810128][ C1] [ 1123.810128][ C1] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 1123.810679][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.811387][ C1] lock_acquire+0x54/0x6a [ 1123.811745][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1123.812119][ C1] serial8250_console_write+0x848/0x8e6 [ 1123.812604][ C1] univ8250_console_write+0x46/0x54 [ 1123.813013][ C1] console_unlock+0x666/0x97a [ 1123.813428][ C1] register_console+0x250/0x534 [ 1123.813824][ C1] uart_add_one_port+0xbf2/0xc14 [ 1123.814163][ C1] serial8250_register_8250_port+0x8ce/0xc6e [ 1123.814540][ C1] of_platform_serial_probe+0x7ae/0xa9c [ 1123.814871][ C1] platform_probe+0xc8/0x172 [ 1123.815217][ C1] really_probe+0x1a6/0x89e [ 1123.815515][ C1] __driver_probe_device+0x24a/0x2d4 [ 1123.815835][ C1] driver_probe_device+0x60/0x1a4 [ 1123.816166][ C1] __driver_attach+0x178/0x33e [ 1123.816507][ C1] bus_for_each_dev+0x122/0x194 [ 1123.816901][ C1] driver_attach+0x32/0x3c [ 1123.817206][ C1] bus_add_driver+0x2c6/0x41a [ 1123.817499][ C1] driver_register+0x144/0x286 [ 1123.817814][ C1] __platform_driver_register+0x46/0x52 [ 1123.818188][ C1] of_platform_serial_driver_init+0x22/0x2a [ 1123.818622][ C1] do_one_initcall+0x13a/0x7ea [ 1123.818935][ C1] kernel_init_freeable+0x510/0x5b4 [ 1123.819349][ C1] kernel_init+0x28/0x21c [ 1123.819718][ C1] ret_from_exception+0x0/0x10 [ 1123.820057][ C1] [ 1123.820057][ C1] -> #0 (console_owner){-...}-{0:0}: [ 1123.820622][ C1] check_noncircular+0x1de/0x1fe [ 1123.820990][ C1] __lock_acquire+0x19a4/0x333e [ 1123.821348][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1123.821724][ C1] lock_acquire+0x54/0x6a [ 1123.822086][ C1] console_unlock+0x304/0x97a [ 1123.822506][ C1] vprintk_emit+0xd2/0x416 [ 1123.822932][ C1] vprintk_default+0x22/0x2e [ 1123.823369][ C1] vprintk+0x108/0x13e [ 1123.823669][ C1] _printk+0xa0/0xc8 [ 1123.823979][ C1] kasan_report+0x9a/0x1e0 [ 1123.824400][ C1] __asan_load8+0x6e/0x96 [ 1123.824687][ C1] rb_insert_color+0x48/0x246 [ 1123.824997][ C1] timerqueue_add+0x144/0x1d0 [ 1123.825345][ C1] __hrtimer_run_queues+0x8b4/0xa16 [ 1123.825712][ C1] hrtimer_interrupt+0x1d4/0x3ea [ 1123.826097][ C1] riscv_timer_interrupt+0x5c/0x6a [ 1123.826419][ C1] handle_percpu_devid_irq+0x17e/0x2ae [ 1123.826808][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1123.827164][ C1] riscv_intc_irq+0x7e/0xc8 [ 1123.827554][ C1] generic_handle_arch_irq+0x36/0x54 [ 1123.827947][ C1] ret_from_exception+0x0/0x10 [ 1123.828298][ C1] finish_task_switch.isra.0+0x152/0x420 [ 1123.828734][ C1] [ 1123.828734][ C1] other info that might help us debug this: [ 1123.828734][ C1] [ 1123.828863][ C1] Chain exists of: [ 1123.828863][ C1] console_owner --> hrtimer_bases.lock --> report_lock [ 1123.828863][ C1] [ 1123.829553][ C1] Possible unsafe locking scenario: [ 1123.829553][ C1] [ 1123.829650][ C1] CPU0 CPU1 [ 1123.829737][ C1] ---- ---- [ 1123.829823][ C1] lock(report_lock); [ 1123.830097][ C1] lock(hrtimer_bases.lock); [ 1123.830382][ C1] lock(report_lock); [ 1123.830659][ C1] lock(console_owner); [ 1123.830891][ C1] [ 1123.830891][ C1] *** DEADLOCK *** [ 1123.830891][ C1] [ 1123.831046][ C1] 3 locks held by sshd/2021: [ 1123.831302][ C1] #0: ffffaf805a9e7418 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x262/0xa16 [ 1123.832380][ C1] #1: ffffffff84c3a588 (report_lock){-...}-{2:2}, at: kasan_report+0x84/0x1e0 [ 1123.833336][ C1] #2: ffffffff84a88600 (console_lock){+.+.}-{0:0}, at: vprintk_default+0x22/0x2e [ 1123.834357][ C1] [ 1123.834357][ C1] stack backtrace: [ 1123.834752][ C1] CPU: 1 PID: 2021 Comm: sshd Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1123.835167][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1123.835566][ C1] Call Trace: [ 1123.835745][ C1] [] dump_backtrace+0x2e/0x3c [ 1123.836199][ C1] [] show_stack+0x34/0x40 [ 1123.836597][ C1] [] dump_stack_lvl+0xe4/0x150 [ 1123.837080][ C1] [] dump_stack+0x1c/0x24 [ 1123.837531][ C1] [] print_circular_bug+0x34e/0x3d8 [ 1123.837986][ C1] [] check_noncircular+0x1de/0x1fe [ 1123.838435][ C1] [] __lock_acquire+0x19a4/0x333e [ 1123.838859][ C1] [] lock_acquire.part.0+0x1d0/0x424 [ 1123.839338][ C1] [] lock_acquire+0x54/0x6a [ 1123.839755][ C1] [] console_unlock+0x304/0x97a [ 1123.840225][ C1] [] vprintk_emit+0xd2/0x416 [ 1123.840738][ C1] [] vprintk_default+0x22/0x2e [ 1123.841230][ C1] [] vprintk+0x108/0x13e [ 1123.841580][ C1] [] _printk+0xa0/0xc8 [ 1123.841973][ C1] [] kasan_report+0x9a/0x1e0 [ 1123.842446][ C1] [] __asan_load8+0x6e/0x96 [ 1123.842815][ C1] [] rb_insert_color+0x48/0x246 [ 1123.843228][ C1] [] timerqueue_add+0x144/0x1d0 [ 1123.843641][ C1] [] __hrtimer_run_queues+0x8b4/0xa16 [ 1123.844057][ C1] [] hrtimer_interrupt+0x1d4/0x3ea [ 1123.844487][ C1] [] riscv_timer_interrupt+0x5c/0x6a [ 1123.844861][ C1] [] handle_percpu_devid_irq+0x17e/0x2ae [ 1123.845320][ C1] [] generic_handle_domain_irq+0x7c/0x9c [ 1123.845736][ C1] [] riscv_intc_irq+0x7e/0xc8 [ 1123.846212][ C1] [] generic_handle_arch_irq+0x36/0x54 [ 1123.846665][ C1] [] ret_from_exception+0x0/0x10 [ 1123.847066][ C1] [] finish_task_switch.isra.0+0x152/0x420 [ 1123.849523][ C1] BUG: KASAN: global-out-of-bounds in rb_insert_color+0x48/0x246 [ 1123.850485][ C1] Read of size 8 at addr ffffffff838a0628 by task sshd/2021 [ 1123.852986][ T2053] CPU: 0 PID: 2053 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1123.855917][ T2053] Hardware name: riscv-virtio,qemu (DT) [ 1123.856924][ T2053] Call Trace: [ 1123.858300][ T2053] [] dump_backtrace+0x2e/0x3c [ 1123.861309][ T2053] [] show_stack+0x34/0x40 [ 1123.865435][ C1] [ 1123.866388][ T2053] [] dump_stack_lvl+0xe4/0x150 [ 1123.868345][ T2053] [] dump_stack+0x1c/0x24 [ 1123.872898][ T2053] [] panic+0x24a/0x634 [ 1124.078154][ T2053] [] schedule+0x0/0x14c [ 1124.079652][ T2053] [] preempt_schedule_irq+0x4a/0x13e [ 1124.081539][ T2053] [] resume_kernel+0x16/0x18 [ 1124.083498][ T2053] SMP: stopping secondary CPUs [ 1124.083496][ C1] CPU: 1 PID: 2021 Comm: sshd Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1124.085611][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1124.086189][ C1] Call Trace: [ 1124.086651][ C1] [] dump_backtrace+0x2e/0x3c [ 1124.087476][ C1] [] show_stack+0x34/0x40 [ 1124.088258][ C1] [] dump_stack_lvl+0xe4/0x150 [ 1124.089080][ C1] [] print_address_description.constprop.0+0x2a/0x330 [ 1124.096224][ C1] [] kasan_report+0x184/0x1e0 [ 1124.098015][ C1] [] __asan_load8+0x6e/0x96 [ 1124.099607][ C1] [] rb_insert_color+0x48/0x246 [ 1124.101131][ C1] [] timerqueue_add+0x144/0x1d0 [ 1124.102879][ C1] [] __hrtimer_run_queues+0x8b4/0xa16 [ 1124.104604][ C1] [] hrtimer_interrupt+0x1d4/0x3ea [ 1124.106285][ C1] [] riscv_timer_interrupt+0x5c/0x6a [ 1124.108139][ C1] [] handle_percpu_devid_irq+0x17e/0x2ae [ 1124.110049][ C1] [] generic_handle_domain_irq+0x7c/0x9c [ 1124.111874][ C1] [] riscv_intc_irq+0x7e/0xc8 [ 1124.113592][ C1] [] generic_handle_arch_irq+0x36/0x54 [ 1124.115050][ C1] [] ret_from_exception+0x0/0x10 [ 1124.116604][ C1] [] finish_task_switch.isra.0+0x152/0x420 [ 1124.118438][ C1] [ 1124.119112][ C1] The buggy address belongs to the variable: [ 1124.120260][ C1] __func__.0+0x168/0x500 [ 1124.121765][ C1] [ 1124.122576][ C1] Memory state around the buggy address: [ 1124.124733][ C1] ffffffff838a0500: 00 00 00 00 00 00 07 f9 f9 f9 f9 f9 00 07 f9 f9 [ 1124.126485][ C1] ffffffff838a0580: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 01 f9 [ 1124.128285][ C1] >ffffffff838a0600: f9 f9 f9 f9 00 04 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 1124.129779][ C1] ^ [ 1124.131084][ C1] ffffffff838a0680: 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 00 00 01 f9 [ 1124.133021][ C1] ffffffff838a0700: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 02 f9 [ 1124.134493][ C1] ================================================================== [ 1124.137041][ C1] Unable to handle kernel paging request at virtual address 00000000005f7570 [ 1124.139677][ C1] Oops [#1] [ 1124.140623][ C1] Modules linked in: [ 1124.141974][ C1] CPU: 1 PID: 2021 Comm: sshd Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1124.144037][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1124.144954][ C1] epc : rb_insert_color+0x5e/0x246 [ 1124.146350][ C1] ra : rb_insert_color+0x5e/0x246 [ 1124.147773][ C1] epc : ffffffff80c2631a ra : ffffffff80c2631a sp : ffffaf800b812e40 [ 1124.149821][ C1] gp : ffffffff85863ac0 tp : ffffaf800e0b3080 t0 : ffffffff86bcb657 [ 1124.151774][ C1] t1 : fffffffef0b0dfa4 t2 : 0000000000000000 s0 : ffffaf800b812e80 [ 1124.153545][ C1] s1 : ffffaf800ecb3ab0 a0 : 0000000000000000 a1 : 0000000000000008 [ 1124.155172][ C1] a2 : 0000000000000000 a3 : ffffffff80c2631a a4 : ffffffff85892ec8 [ 1124.156882][ C1] a5 : 0000000000000001 a6 : 0000000000f00000 a7 : ffffffff8586fd23 [ 1124.157919][ C1] s2 : ffffffff838a0620 s3 : ffffaf805a9e7d18 s4 : 00000000005f7570 [ 1124.159427][ C1] s5 : ffffaf805a9e74d0 s6 : 0000000000000000 s7 : ffffaf805a9e74d0 [ 1124.161207][ C1] s8 : ffffaf805a9e7490 s9 : ffffaf805a9e7d50 s10: ffffaf805a9e7400 [ 1124.162537][ C1] s11: 0000000000010001 t3 : 000000000000003d t4 : fffffffef0b0dfa4 [ 1124.164189][ C1] t5 : fffffffef0b0dfa5 t6 : ffffaf800b812898 [ 1124.165553][ C1] status: 0000000000000100 badaddr: 00000000005f7570 cause: 000000000000000d [ 1124.167038][ C1] [] timerqueue_add+0x144/0x1d0 [ 1124.168656][ C1] [] __hrtimer_run_queues+0x8b4/0xa16 [ 1124.170276][ C1] [] hrtimer_interrupt+0x1d4/0x3ea [ 1124.171969][ C1] [] riscv_timer_interrupt+0x5c/0x6a [ 1124.173629][ C1] [] handle_percpu_devid_irq+0x17e/0x2ae [ 1124.175300][ C1] [] generic_handle_domain_irq+0x7c/0x9c [ 1124.176993][ C1] [] riscv_intc_irq+0x7e/0xc8 [ 1124.178540][ C1] [] generic_handle_arch_irq+0x36/0x54 [ 1124.180176][ C1] [] ret_from_exception+0x0/0x10 [ 1124.181922][ C1] [] finish_task_switch.isra.0+0x152/0x420 [ 1124.185725][ T2053] Rebooting in 86400 seconds.. VM DIAGNOSIS: 01:40:49 Registers: info registers vcpu 0 pc ffffffff80c2c306 mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80121a06 sepc ffffffff80200fec mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80c38b50 x2/sp ffffaf800ecb5830 x3/gp ffffffff85863ac0 x4/tp ffffaf8009d2e100 x5/t0 ffffffff84a9c8d0 x6/t1 fffff5ef01d96b14 x7/t2 0000000000000000 x8/s0 ffffaf800ecb5950 x9/s1 ffffffff86bdbac5 x10/a0 ffffffff86bdbac5 x11/a1 ffffffff86bdbb1f x12/a2 0000000000000000 x13/a3 ffff0a01ffffff10 x14/a4 ffffaf8009d2f100 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffaf800ecb58a7 x18/s2 ffffaf800ecb5cf8 x19/s3 ffffaf800ecb58e0 x20/s4 0000000000000000 x21/s5 ffffffff838d2e69 x22/s6 ffffaf800ecb5cf0 x23/s7 ffffffff86bdbb1f x24/s8 ffffffff838d67a0 x25/s9 0000000000000010 x26/s10 0000000000ffffff x27/s11 ffffaf800ecb58a0 x28/t3 1ffff5f001d96b88 x29/t4 fffff5ef01d96b14 x30/t5 fffff5ef01d96b15 x31/t6 ffffffff86bdbac5 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff802010c8 mhartid 0000000000000001 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80200f48 sepc ffffffff800bdb3e mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80c2d996 x2/sp ffffaf800b8124e0 x3/gp ffffffff85863ac0 x4/tp ffffaf800e0b3080 x5/t0 ffffffff86bcb657 x6/t1 fffff5ef017024cc x7/t2 0000000000000000 x8/s0 ffffaf800b812600 x9/s1 ffffffff8362ff82 x10/a0 0000000000000009 x11/a1 0000000000000005 x12/a2 0000000000010004 x13/a3 ffffffff80c2d974 x14/a4 ffffaf800e0b3080 x15/a5 ffffffffffffffff x16/a6 0000000000f00000 x17/a7 ffffaf800b812667 x18/s2 ffffffff8362ff81 x19/s3 ffffaf800b812660 x20/s4 ffffaf800b812580 x21/s5 ffffffff8362ff81 x22/s6 ffffffff8362ff81 x23/s7 1ffff5f0017024a4 x24/s8 ffffffff85889780 x25/s9 0000000000000035 x26/s10 0000000000000005 x27/s11 ffffffff838d6d80 x28/t3 1ffff5f0017024e8 x29/t4 fffff5ef017024cc x30/t5 fffff5ef017024cd x31/t6 ffffaf800b812951 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000