syzkaller login: [ 258.787191][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 258.843145][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 269.058597][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:32654' (ECDSA) to the list of known hosts. 1970/01/01 00:05:36 fuzzer started 1970/01/01 00:05:47 dialing manager at localhost:46541 [ 353.593014][ T2025] cgroup: Unknown subsys name 'net' [ 354.635793][ T2025] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:05:54 syscalls: 2918 1970/01/01 00:05:54 code coverage: enabled 1970/01/01 00:05:54 comparison tracing: enabled 1970/01/01 00:05:54 extra coverage: enabled 1970/01/01 00:05:54 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:05:54 setuid sandbox: enabled 1970/01/01 00:05:54 namespace sandbox: enabled 1970/01/01 00:05:54 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:05:54 fault injection: enabled 1970/01/01 00:05:54 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:05:54 net packet injection: enabled 1970/01/01 00:05:54 net device setup: enabled 1970/01/01 00:05:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:05:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:05:54 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:05:54 USB emulation: enabled 1970/01/01 00:05:54 hci packet injection: /dev/vhci does not exist 1970/01/01 00:05:54 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:05:54 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:05:54 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:05:59 fetching corpus: 50, signal 31650/34901 (executing program) 1970/01/01 00:06:02 fetching corpus: 98, signal 42618/47063 (executing program) 1970/01/01 00:06:07 fetching corpus: 147, signal 53436/58878 (executing program) 1970/01/01 00:06:11 fetching corpus: 196, signal 64297/70496 (executing program) 1970/01/01 00:06:13 fetching corpus: 245, signal 69842/76850 (executing program) 1970/01/01 00:06:17 fetching corpus: 295, signal 74585/82333 (executing program) 1970/01/01 00:06:20 fetching corpus: 344, signal 79034/87461 (executing program) 1970/01/01 00:06:23 fetching corpus: 393, signal 82939/91990 (executing program) 1970/01/01 00:06:26 fetching corpus: 443, signal 87135/96615 (executing program) 1970/01/01 00:06:28 fetching corpus: 492, signal 91387/101202 (executing program) 1970/01/01 00:06:30 fetching corpus: 541, signal 94555/104799 (executing program) 1970/01/01 00:06:34 fetching corpus: 591, signal 96495/107301 (executing program) 1970/01/01 00:06:36 fetching corpus: 641, signal 100569/111531 (executing program) 1970/01/01 00:06:38 fetching corpus: 691, signal 102840/114178 (executing program) 1970/01/01 00:06:41 fetching corpus: 741, signal 104338/116150 (executing program) 1970/01/01 00:06:44 fetching corpus: 790, signal 106507/118573 (executing program) 1970/01/01 00:06:49 fetching corpus: 840, signal 109686/121810 (executing program) 1970/01/01 00:06:51 fetching corpus: 889, signal 111798/124107 (executing program) 1970/01/01 00:06:55 fetching corpus: 938, signal 113557/126073 (executing program) 1970/01/01 00:06:58 fetching corpus: 988, signal 115686/128287 (executing program) 1970/01/01 00:07:00 fetching corpus: 1038, signal 117798/130459 (executing program) 1970/01/01 00:07:03 fetching corpus: 1087, signal 120126/132701 (executing program) 1970/01/01 00:07:05 fetching corpus: 1137, signal 122430/134898 (executing program) 1970/01/01 00:07:08 fetching corpus: 1187, signal 124631/136961 (executing program) 1970/01/01 00:07:10 fetching corpus: 1236, signal 127530/139475 (executing program) 1970/01/01 00:07:12 fetching corpus: 1285, signal 129019/140981 (executing program) 1970/01/01 00:07:16 fetching corpus: 1335, signal 130310/142258 (executing program) 1970/01/01 00:07:18 fetching corpus: 1385, signal 131590/143514 (executing program) 1970/01/01 00:07:21 fetching corpus: 1435, signal 133640/145223 (executing program) 1970/01/01 00:07:23 fetching corpus: 1485, signal 135006/146482 (executing program) 1970/01/01 00:07:26 fetching corpus: 1535, signal 136605/147819 (executing program) 1970/01/01 00:07:29 fetching corpus: 1584, signal 137716/148875 (executing program) 1970/01/01 00:07:31 fetching corpus: 1633, signal 138881/149860 (executing program) 1970/01/01 00:07:33 fetching corpus: 1683, signal 140924/151371 (executing program) 1970/01/01 00:07:36 fetching corpus: 1733, signal 142062/152298 (executing program) 1970/01/01 00:07:38 fetching corpus: 1782, signal 143277/153259 (executing program) 1970/01/01 00:07:42 fetching corpus: 1832, signal 144838/154354 (executing program) 1970/01/01 00:07:44 fetching corpus: 1880, signal 146248/155332 (executing program) 1970/01/01 00:07:49 fetching corpus: 1928, signal 147544/156218 (executing program) 1970/01/01 00:07:52 fetching corpus: 1978, signal 148589/157006 (executing program) 1970/01/01 00:07:55 fetching corpus: 2028, signal 149698/157744 (executing program) 1970/01/01 00:07:58 fetching corpus: 2078, signal 150840/158484 (executing program) 1970/01/01 00:08:01 fetching corpus: 2126, signal 151659/159005 (executing program) 1970/01/01 00:08:05 fetching corpus: 2175, signal 152767/159698 (executing program) 1970/01/01 00:08:08 fetching corpus: 2224, signal 153961/160387 (executing program) 1970/01/01 00:08:11 fetching corpus: 2273, signal 154988/160975 (executing program) 1970/01/01 00:08:14 fetching corpus: 2323, signal 156150/161586 (executing program) 1970/01/01 00:08:16 fetching corpus: 2373, signal 157078/162075 (executing program) 1970/01/01 00:08:19 fetching corpus: 2423, signal 158023/162546 (executing program) 1970/01/01 00:08:22 fetching corpus: 2472, signal 158646/162883 (executing program) 1970/01/01 00:08:25 fetching corpus: 2522, signal 159713/163362 (executing program) 1970/01/01 00:08:27 fetching corpus: 2572, signal 160470/163723 (executing program) 1970/01/01 00:08:30 fetching corpus: 2621, signal 161169/164048 (executing program) 1970/01/01 00:08:32 fetching corpus: 2670, signal 162345/164517 (executing program) 1970/01/01 00:08:35 fetching corpus: 2720, signal 163197/164843 (executing program) 1970/01/01 00:08:37 fetching corpus: 2751, signal 163585/164982 (executing program) 1970/01/01 00:08:37 fetching corpus: 2751, signal 163585/165011 (executing program) 1970/01/01 00:08:37 fetching corpus: 2751, signal 163585/165039 (executing program) 1970/01/01 00:08:37 fetching corpus: 2751, signal 163585/165063 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165079 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165115 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165136 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165165 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165189 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165208 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165236 (executing program) 1970/01/01 00:08:38 fetching corpus: 2751, signal 163585/165268 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165293 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165311 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165335 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165359 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165387 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165413 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165428 (executing program) 1970/01/01 00:08:39 fetching corpus: 2751, signal 163585/165451 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163585/165478 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163585/165505 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163585/165529 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163586/165548 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163586/165577 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163586/165598 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163586/165618 (executing program) 1970/01/01 00:08:40 fetching corpus: 2751, signal 163586/165618 (executing program) 1970/01/01 00:10:47 starting 2 fuzzer processes 00:10:47 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)) 00:10:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001740)={&(0x7f00000000c0)={0x4c, 0x12, 0x1}, 0x4c}}, 0x0) [ 672.067285][ T2038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 672.186930][ T2038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 674.314142][ T2037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 674.398291][ T2037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 683.649555][ T2038] device hsr_slave_0 entered promiscuous mode [ 683.687631][ T2038] device hsr_slave_1 entered promiscuous mode [ 685.307653][ T2037] device hsr_slave_0 entered promiscuous mode [ 685.354820][ T2037] device hsr_slave_1 entered promiscuous mode [ 685.394746][ T2037] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 685.397673][ T2037] Cannot create hsr debugfs directory [ 691.939775][ T2038] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 692.137788][ T2038] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 692.434510][ T2038] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 692.666035][ T2038] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 693.643956][ C0] ================================================================== [ 693.648742][ C0] BUG: KASAN: user-memory-access in validate_xmit_skb+0x376/0x838 [ 693.650385][ C0] Read of size 1 at addr 00000000000c6012 by task syz-executor.1/2038 [ 693.651960][ C0] [ 693.653871][ C0] CPU: 0 PID: 2038 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 693.655590][ C0] Hardware name: riscv-virtio,qemu (DT) [ 693.656862][ C0] Call Trace: [ 693.657871][ C0] [] dump_backtrace+0x2e/0x3c [ 693.659306][ C0] [] show_stack+0x34/0x40 [ 693.660720][ C0] [] dump_stack_lvl+0xe4/0x150 [ 693.662121][ C0] [] kasan_report+0x1de/0x1e0 [ 693.663494][ C0] [] __asan_load1+0x54/0x6c [ 693.664799][ C0] [] validate_xmit_skb+0x376/0x838 [ 693.666202][ C0] [] validate_xmit_skb_list+0x98/0xca [ 693.668273][ C0] [] sch_direct_xmit+0x3bc/0x464 [ 693.669649][ C0] [] __dev_queue_xmit+0x137a/0x248c [ 693.671066][ C0] [] dev_queue_xmit+0x1c/0x26 [ 693.672330][ C0] [] ip_finish_output2+0x8ac/0x1720 [ 693.673716][ C0] [] __ip_finish_output+0x25a/0x3ee [ 693.675062][ C0] [] ip_finish_output+0x3e/0x176 [ 693.676402][ C0] [] ip_output+0x1d0/0x2d0 [ 693.677669][ C0] [] __ip_queue_xmit+0x4a0/0xeb2 [ 693.679010][ C0] [] ip_queue_xmit+0x36/0x44 [ 693.680313][ C0] [] __tcp_transmit_skb+0xce4/0x1f5e [ 693.681599][ C0] [] __tcp_send_ack.part.0+0x1ce/0x350 [ 693.683095][ C0] [] tcp_send_ack+0x60/0x74 [ 693.684376][ C0] [] __tcp_ack_snd_check+0xc0/0x5e8 [ 693.685689][ C0] [] tcp_rcv_established+0x1442/0x15e6 [ 693.687073][ C0] [] tcp_v4_do_rcv+0x4b4/0x66e [ 693.688319][ C0] [] tcp_v4_rcv+0x1d22/0x1f46 [ 693.689526][ C0] [] ip_protocol_deliver_rcu+0x9c/0x8c0 [ 693.690850][ C0] [] ip_local_deliver_finish+0x12c/0x278 [ 693.692390][ C0] [] ip_local_deliver+0x2fc/0x464 [ 693.694176][ C0] [] ip_sublist_rcv_finish+0x64/0x1b2 [ 693.695501][ C0] [] ip_sublist_rcv+0x420/0x738 [ 693.696762][ C0] [] ip_list_rcv+0x268/0x2c0 [ 693.698004][ C0] [] __netif_receive_skb_list_core+0x3e4/0x520 [ 693.699391][ C0] [] netif_receive_skb_list_internal+0x50c/0x816 [ 693.701254][ C0] [] napi_gro_complete.constprop.0+0x400/0x438 [ 693.703326][ C0] [] dev_gro_receive+0x7fe/0x1238 [ 693.704634][ C0] [] napi_gro_receive+0x17e/0x9ba [ 693.705961][ C0] [] receive_buf+0x7cc/0x3e50 [ 693.707834][ C0] [] virtnet_poll+0x39c/0x986 [ 693.709296][ C0] [] __napi_poll+0x7c/0x358 [ 693.710954][ C0] [] net_rx_action+0x5d0/0x702 [ 693.712657][ C0] [] __do_softirq+0x274/0x8fc [ 693.714074][ C0] [] __irq_exit_rcu+0x142/0x1f8 [ 693.715547][ C0] [] irq_exit+0x10/0x7a [ 693.717318][ C0] [] generic_handle_arch_irq+0x48/0x54 [ 693.718844][ C0] [] ret_from_exception+0x0/0x10 [ 693.720085][ C0] [] walk_stackframe+0x102/0x260 [ 693.722165][ C0] ================================================================== [ 693.723709][ C0] Disabling lock debugging due to kernel taint [ 693.726301][ C0] Unable to handle kernel paging request at virtual address 00000000000c6012 [ 693.728404][ C0] Oops [#1] [ 693.729118][ C0] Modules linked in: [ 693.730095][ C0] CPU: 0 PID: 2038 Comm: syz-executor.1 Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 693.732428][ C0] Hardware name: riscv-virtio,qemu (DT) [ 693.733399][ C0] epc : validate_xmit_skb+0x376/0x838 [ 693.734545][ C0] ra : validate_xmit_skb+0x376/0x838 [ 693.735576][ C0] epc : ffffffff827360dc ra : ffffffff827360dc sp : ffffaf800e5bc1e0 [ 693.736657][ C0] gp : ffffffff85863ac0 tp : ffffaf800e649840 t0 : ffffffff86bcb657 [ 693.737735][ C0] t1 : fffff5ef0b53910c t2 : 0000000000000000 s0 : ffffaf800e5bc250 [ 693.738875][ C0] s1 : ffffaf800e5bb8c0 a0 : 0000000000000001 a1 : 0000000000000003 [ 693.739925][ C0] a2 : 1ffff5f001cc9309 a3 : ffffffff831afd3a a4 : 0000000000000000 [ 693.741780][ C0] a5 : ffffaf800e64a840 a6 : 0000000000f00000 a7 : ffffaf805a9c8863 [ 693.743815][ C0] s2 : 00000000000c6000 s3 : 0000000000004220 s4 : ffffaf800e8cc000 [ 693.744941][ C0] s5 : ffffaf800e5bc2d0 s6 : ffffaf800e5bb942 s7 : ffffffff85889780 [ 693.745999][ C0] s8 : ffffaf800b9fd000 s9 : 0000000000000001 s10: ffffaf7ffff92a00 [ 693.747120][ C0] s11: ffffaf800b9fd240 t3 : 0000000061736944 t4 : fffff5ef0b53910c [ 693.748208][ C0] t5 : fffff5ef0b53910d t6 : ffffaf800e5bbc18 [ 693.749075][ C0] status: 0000000000000120 badaddr: 00000000000c6012 cause: 000000000000000d [ 693.750596][ C0] [] validate_xmit_skb_list+0x98/0xca [ 693.751643][ C0] [] sch_direct_xmit+0x3bc/0x464 [ 693.752753][ C0] [] __dev_queue_xmit+0x137a/0x248c [ 693.753919][ C0] [] dev_queue_xmit+0x1c/0x26 [ 693.754975][ C0] [] ip_finish_output2+0x8ac/0x1720 [ 693.756018][ C0] [] __ip_finish_output+0x25a/0x3ee [ 693.757090][ C0] [] ip_finish_output+0x3e/0x176 [ 693.758162][ C0] [] ip_output+0x1d0/0x2d0 [ 693.759239][ C0] [] __ip_queue_xmit+0x4a0/0xeb2 [ 693.760430][ C0] [] ip_queue_xmit+0x36/0x44 [ 693.761530][ C0] [] __tcp_transmit_skb+0xce4/0x1f5e [ 693.762695][ C0] [] __tcp_send_ack.part.0+0x1ce/0x350 [ 693.763813][ C0] [] tcp_send_ack+0x60/0x74 [ 693.764818][ C0] [] __tcp_ack_snd_check+0xc0/0x5e8 [ 693.766338][ C0] [] tcp_rcv_established+0x1442/0x15e6 [ 693.768368][ C0] [] tcp_v4_do_rcv+0x4b4/0x66e [ 693.769629][ C0] [] tcp_v4_rcv+0x1d22/0x1f46 [ 693.771176][ C0] [] ip_protocol_deliver_rcu+0x9c/0x8c0 [ 693.772490][ C0] [] ip_local_deliver_finish+0x12c/0x278 [ 693.773622][ C0] [] ip_local_deliver+0x2fc/0x464 [ 693.774750][ C0] [] ip_sublist_rcv_finish+0x64/0x1b2 [ 693.775926][ C0] [] ip_sublist_rcv+0x420/0x738 [ 693.776987][ C0] [] ip_list_rcv+0x268/0x2c0 [ 693.778049][ C0] [] __netif_receive_skb_list_core+0x3e4/0x520 [ 693.779312][ C0] [] netif_receive_skb_list_internal+0x50c/0x816 [ 693.780989][ C0] [] napi_gro_complete.constprop.0+0x400/0x438 [ 693.782209][ C0] [] dev_gro_receive+0x7fe/0x1238 [ 693.783370][ C0] [] napi_gro_receive+0x17e/0x9ba [ 693.784463][ C0] [] receive_buf+0x7cc/0x3e50 [ 693.785598][ C0] [] virtnet_poll+0x39c/0x986 [ 693.786784][ C0] [] __napi_poll+0x7c/0x358 [ 693.787949][ C0] [] net_rx_action+0x5d0/0x702 [ 693.789097][ C0] [] __do_softirq+0x274/0x8fc [ 693.790196][ C0] [] __irq_exit_rcu+0x142/0x1f8 [ 693.791373][ C0] [] irq_exit+0x10/0x7a [ 693.792365][ C0] [] generic_handle_arch_irq+0x48/0x54 [ 693.793516][ C0] [] ret_from_exception+0x0/0x10 [ 693.794634][ C0] [] walk_stackframe+0x102/0x260 [ 693.797331][ C0] ---[ end trace 0000000000000000 ]--- [ 693.798632][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 693.799616][ C0] SMP: stopping secondary CPUs [ 693.802128][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:01:35 Registers: info registers vcpu 0 pc ffffffff80c2b612 mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80200f00 sepc ffffffff80201140 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8011c7fa x2/sp ffffaf800e5bbc60 x3/gp ffffffff85863ac0 x4/tp ffffaf800e649840 x5/t0 ffffaf800e5bbd03 x6/t1 fffff5ef01cb77a0 x7/t2 0000000000000000 x8/s0 ffffaf800e5bbc90 x9/s1 ffffffff86bcb640 x10/a0 ffffffff86bcb640 x11/a1 000000000000000a x12/a2 0000000000000000 x13/a3 ffffffff8011c7ec x14/a4 ffffaf800e649840 x15/a5 0000000000000000 x16/a6 ffffaf800e5bbd07 x17/a7 ffffaf800e5bbd05 x18/s2 ffffffff86bcb641 x19/s3 ffffffff86bcb640 x20/s4 000000000000000a x21/s5 0000000000000017 x22/s6 0000000000000000 x23/s7 0000000000000400 x24/s8 ffffaf800e5bbcf0 x25/s9 0000000000000000 x26/s10 00000000000003e7 x27/s11 ffffaf800e5bbf40 x28/t3 0000000000000043 x29/t4 fffff5ef01cb77a0 x30/t5 fffff5ef01cb77a1 x31/t6 ffffaf800e5bbd06 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff800058f0 mhartid 0000000000000001 mstatus 00000000000000a0 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff800058f0 sepc ffffffff800058f4 mcause 8000000000000003 scause 8000000000000001 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff800058ec x2/sp ffffaf800742bf40 x3/gp ffffffff85863ac0 x4/tp ffffaf8007410000 x5/t0 ffffaf800742be00 x6/t1 fffff5ef0b53eb62 x7/t2 ffffffffffffffff x8/s0 ffffaf800742bf50 x9/s1 ffffaf8007410000 x10/a0 0000000000000001 x11/a1 00000000000f0000 x12/a2 0000000000000002 x13/a3 ffffffff800058ec x14/a4 ffffaf8007411000 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffaf805a9f5b13 x18/s2 0000000000000001 x19/s3 0000000000000002 x20/s4 0000000000000007 x21/s5 ffffffff8588b420 x22/s6 ffffaf8007410000 x23/s7 fffffffffffffffd x24/s8 00000000800130f0 x25/s9 0000000000000000 x26/s10 0000000000000000 x27/s11 0000000000000000 x28/t3 fffffffff3f3f300 x29/t4 fffff5ef0b53eb62 x30/t5 fffff5ef0b53eb63 x31/t6 0000000000000004 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000