NetBSD-Syzbot archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

ASan: Unauthorized Access in callout_hardclock



Hello,

syzbot found the following issue on:

HEAD commit:    abe4f82692e7 Looks like this debug library disappeared wit..
git tree:       netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1207afa7280000
kernel config:  https://syzkaller.appspot.com/x/.config?x=fab579639ba4bf0a
dashboard link: https://syzkaller.appspot.com/bug?extid=a9e3a375f2ffee1cc42a
compiler:       g++ (Debian 10.2.1-6) 10.2.1 20210110

Unfortunately, I don't have any reproducer for this issue yet.

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/1e5cadbb580a/disk-abe4f826.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/756f2fa58097/netbsd-abe4f826.gdb.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a9e3a375f2ffee1cc42a%syzkaller.appspotmail.com@localhost

[ 770.0175621] panic: ASan: Unauthorized Access In 0xffffffff81b9f833: Addr 0xffffb880128da2f8 [8 bytes, write, PoolUseAfterFree]

[ 770.0175621] cpu0: Begin traceback...
[ 770.0175621] vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:292
[ 770.0175621] panic() at netbsd:panic+0x9e sys/kern/subr_prf.c:1060
[ 770.0175621] kasan_report() at netbsd:kasan_report+0x8f kasan_code_name sys/kern/subr_asan.c:169 [inline]
[ 770.0175621] kasan_report() at netbsd:kasan_report+0x8f sys/kern/subr_asan.c:201
[ 770.0175621] __asan_store8() at netbsd:__asan_store8+0xaf kasan_shadow_8byte_isvalid sys/kern/subr_asan.c:371 [inline]
[ 770.0175621] __asan_store8() at netbsd:__asan_store8+0xaf kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 770.0175621] __asan_store8() at netbsd:__asan_store8+0xaf sys/kern/subr_asan.c:1208
[ 770.0175621] callout_hardclock() at netbsd:callout_hardclock+0xf7 sys/kern/kern_timeout.c:789
[ 770.0175621] hardclock() at netbsd:hardclock+0x18d sys/kern/kern_clock.c:301
[ 770.0175621] Xresume_lapic_ltimer() at netbsd:Xresume_lapic_ltimer+0x1e
[ 770.0175621] --- interrupt ---
[ 770.0175621] Xspllower() at netbsd:Xspllower+0xe
[ 770.0175621] mutex_enter() at netbsd:mutex_enter+0x50c sys/kern/kern_mutex.c:702
[ 770.0175621] pool_put() at netbsd:pool_put+0x77 pool_put_quarantine sys/kern/subr_pool.c:3105 [inline]
[ 770.0175621] pool_put() at netbsd:pool_put+0x77 sys/kern/subr_pool.c:1364
[ 770.0175621] uvm_unmap_detach() at netbsd:uvm_unmap_detach+0x16e sys/uvm/uvm_map.c:2441
[ 770.0175621] uvm_unmap1() at netbsd:uvm_unmap1+0xe7 sys/uvm/uvm_map.c:4831
[ 770.0175621] uvmspace_exec() at netbsd:uvmspace_exec+0x1ff sys/uvm/uvm_map.c:4273
[ 770.0175621] execve_runproc() at netbsd:execve_runproc+0xc21 sys/kern/kern_exec.c:1253
[ 770.0175621] execve1() at netbsd:execve1+0x104 sys/kern/kern_exec.c:1485
[ 770.0175621] sys_execve() at netbsd:sys_execve+0x5f sys/kern/kern_exec.c:608
[ 770.0175621] syscall() at netbsd:syscall+0x25a sy_call sys/sys/syscallvar.h:65 [inline]
[ 770.0175621] syscall() at netbsd:syscall+0x25a sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 770.0175621] syscall() at netbsd:syscall+0x25a sys/arch/x86/x86/syscall.c:138
[ 770.0175621] --- syscall (number 59) ---
[ 770.0175621] netbsd:syscall+0x25a:
[ 770.0175621] cpu0: End traceback...
[ 770.0175621] fatal breakpoint trap in supervisor mode
[ 770.0175621] trap type 1 code 0 rip 0xffffffff8023241d cs 0x8 rflags 0x246 cr2 0xc0004aa2c0 ilevel 0x8 rsp 0xffffb8824a1991a8
[ 770.0175621] curlwp 0xffffb88012c572c0 pid 3410.3410 lowest kstack 0xffffb8824a1922c0
Stopped in pid 3410.3410 (syz-fuzzer) at        netbsd:breakpoint+0x5:  leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:69
vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:292
panic() at netbsd:panic+0x9e sys/kern/subr_prf.c:1060
kasan_report() at netbsd:kasan_report+0x8f kasan_code_name sys/kern/subr_asan.c:169 [inline]
kasan_report() at netbsd:kasan_report+0x8f sys/kern/subr_asan.c:201
__asan_store8() at netbsd:__asan_store8+0xaf kasan_shadow_8byte_isvalid sys/kern/subr_asan.c:371 [inline]
__asan_store8() at netbsd:__asan_store8+0xaf kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
__asan_store8() at netbsd:__asan_store8+0xaf sys/kern/subr_asan.c:1208
callout_hardclock() at netbsd:callout_hardclock+0xf7 sys/kern/kern_timeout.c:789
hardclock() at netbsd:hardclock+0x18d sys/kern/kern_clock.c:301
Xresume_lapic_ltimer() at netbsd:Xresume_lapic_ltimer+0x1e
--- interrupt ---
Xspllower() at netbsd:Xspllower+0xe
mutex_enter() at netbsd:mutex_enter+0x50c sys/kern/kern_mutex.c:702
pool_put() at netbsd:pool_put+0x77 pool_put_quarantine sys/kern/subr_pool.c:3105 [inline]
pool_put() at netbsd:pool_put+0x77 sys/kern/subr_pool.c:1364
uvm_unmap_detach() at netbsd:uvm_unmap_detach+0x16e sys/uvm/uvm_map.c:2441
uvm_unmap1() at netbsd:uvm_unmap1+0xe7 sys/uvm/uvm_map.c:4831
uvmspace_exec() at netbsd:uvmspace_exec+0x1ff sys/uvm/uvm_map.c:4273
execve_runproc() at netbsd:execve_runproc+0xc21 sys/kern/kern_exec.c:1253
execve1() at netbsd:execve1+0x104 sys/kern/kern_exec.c:1485
sys_execve() at netbsd:sys_execve+0x5f sys/kern/kern_exec.c:608
syscall() at netbsd:syscall+0x25a sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x25a sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x25a sys/arch/x86/x86/syscall.c:138
--- syscall (number 59) ---
netbsd:syscall+0x25a:
Panic string: ASan: Unauthorized Access In 0xffffffff81b9f833: Addr 0xffffb880128da2f8 [8 bytes, write, PoolUseAfterFree]

PID    LID S CPU     FLAGS       STRUCT LWP *               NAME WAIT
3410 >3410 7   0         0   ffffb88012c572c0         syz-fuzzer
2881  2881 3   0       180   ffffb8801347c100               init nanoslp
3892  2711 3   1   1100000   ffffb88014015580     syz-executor.2 tstile
3892  3892 2   1  11000040   ffffb88013dff240     syz-executor.2
1845  4320 3   1   1100000   ffffb88012c21680     syz-executor.2 tstile
1845  1845 2   1  11000040   ffffb88012d14640     syz-executor.2
2370  2370 3   0       1c0   ffffb88012c0ca80     syz-executor.1 pipe_rd
3888  3537 3   1   1100000   ffffb88012d1f240     syz-executor.2 tstile
3888  3888 2   1  11000040   ffffb88012c79300     syz-executor.2
2887  2887 3   1       1c0   ffffb88012bc75c0     syz-executor.5 pipe_rd
1665  3105 3   0   1100000   ffffb88013fe80c0     syz-executor.2 tstile
1665  1665 2   1  11000040   ffffb88012b77100     syz-executor.2
1612  3327 3   0   1100000   ffffb88012b93580     syz-executor.2 tstile
1612  1612 2   1  11000040   ffffb88012db5080     syz-executor.2
3273  1471 3   1   1100000   ffffb880134b4a00     syz-executor.2 tstile
3273  3273 2   1  11000040   ffffb88013cf1a40     syz-executor.2
1428  1428 3   1       1c0   ffffb88014036a40     syz-executor.4 pipe_rd
2750  1872 2   1   1000040   ffffb8801407c680     syz-executor.2
2750  2999 3   1   1100000   ffffb88012bc7a00     syz-executor.2 tstile
1170  2080 3   0   1100000   ffffb8801402a5c0     syz-executor.2 tstile
1170  1170 2   1  11000040   ffffb880140361c0     syz-executor.2
1018  1012 3   0   1100000   ffffb88012d14200     syz-executor.2 tstile
1018  1018 2   1  11000040   ffffb880133ec6c0     syz-executor.2
1188   908 3   0   1100000   ffffb88013472500     syz-executor.2 tstile
1188  1455 3   0   1100000   ffffb880134720c0     syz-executor.2 tstile
1188  1188 2   1  11000040   ffffb88012bf1a40     syz-executor.2
1620   553 2   1   1000040   ffffb88013dff680     syz-executor.2
1620  1747 3   0   1100000   ffffb88012ce2580     syz-executor.2 tstile
1600  1600 3   0       180   ffffb88012c57700     syz-executor.0 parked
665    665 3   0       180   ffffb88013444300     syz-executor.0 parked
2284  2284 3   0       180   ffffb88013fe8940     syz-executor.1 parked
1978  1978 3   0       180   ffffb88012c0c200     syz-executor.3 parked
1971  1971 3   0       180   ffffb88013ed3b40     syz-executor.1 parked
393    393 3   1       180   ffffb88012aa14c0     syz-executor.3 parked
1998  1998 3   0       180   ffffb88013452780     syz-executor.2 parked
1900  1900 3   1       180   ffffb880126e7740     syz-executor.2 parked
1697  1697 3   1       180   ffffb8801347c980     syz-executor.2 parked
1751  1751 3   1       180   ffffb880133cb200     syz-executor.2 parked
991    991 3   0       1c0   ffffb88013ddd640     syz-executor.3 pipe_rd
1242  1242 3   0       1c0   ffffb88012ad1500     syz-executor.0 pipe_rd
1236  1073 3   0       180   ffffb88013efd740         syz-fuzzer parked
1236  1245 3   1       180   ffffb88013e3d6c0         syz-fuzzer parked
1236  1384 3   0       180   ffffb88013e3d280         syz-fuzzer wait
1236   941 3   1       1c0   ffffb88013dffac0         syz-fuzzer wait
1236  1246 3   0       180   ffffb88013ddda80         syz-fuzzer wait
1236  1241 3   0       180   ffffb88013cf1600         syz-fuzzer wait
1236   829 3   1       1c0   ffffb88013cf11c0         syz-fuzzer wait
1236  1243 3   1       180   ffffb880133ecb00         syz-fuzzer parked
1236   449 2   1       140   ffffb880133ec280         syz-fuzzer
1236  1223 3   0       1c0   ffffb880133cba80         syz-fuzzer pipe_rd
1236   949 3   1       180   ffffb880133d5ac0         syz-fuzzer parked
1236  1081 2   1       140   ffffb880133d5680         syz-fuzzer
1236  1236 3   1       180   ffffb880133a5a00         syz-fuzzer parked
1238  1238 3   1       180   ffffb88012ad1940               sshd select
1224  1224 3   0       180   ffffb880126ea780              getty nanoslp
1216  1216 3   0       180   ffffb880126ea340              getty nanoslp
1107  1107 3   0       180   ffffb880134b45c0              getty nanoslp
1105  1105 3   0       180   ffffb880133b9600               sshd select
978    978 3   0       180   ffffb88012d8e040             powerd kqueue
699    699 3   1       180   ffffb88013452bc0            syslogd kqueue
559    559 3   0       180   ffffb88012c79740             dhcpcd poll
746    746 3   0       180   ffffb88012cd6100             dhcpcd poll
745    745 3   0       180   ffffb88012c95bc0             dhcpcd poll
604    604 3   0       180   ffffb88012c95780             dhcpcd poll
487    487 3   0       180   ffffb88012dd10c0             dhcpcd poll
292    292 3   1       180   ffffb88012db5900             dhcpcd poll
485    485 3   1       180   ffffb88012db54c0             dhcpcd poll
1        1 3   0       180   ffffb88012877180               init wait
0     2446 5   1       200   ffffb88012b77540           (zombie)
0     1969 3   1       200   ffffb88012c95340             ktrace ktrwait
0     2027 3   0       200   ffffb88012d31280             ktrace ktrwait
0      392 3   0       200   ffffb880126eabc0             ktrace ktrwait
0     1460 3   1       200   ffffb880133d5240             ktrace ktrwait
0      674 3   0       200   ffffb880129a16c0            physiod physiod
0      196 3   0       200   ffffb880129a3700          pooldrain pooldrain
0    > 195 7   1       240   ffffb880129a32c0            ioflush
0      194 3   1       200   ffffb880129a1b00           pgdaemon pgdaemon
0      169 3   0       200   ffffb88012961ac0               usb7 usbevt
0      172 3   0       200   ffffb88012961680               usb6 usbevt
0      170 3   0       200   ffffb88012961240               usb5 usbevt
0      168 3   0       200   ffffb88012915a80               usb4 usbevt
0      166 3   0       200   ffffb88012915640               usb3 usbevt
0      165 3   1       240   ffffb88012915200               usb2 tstile
0       31 3   0       200   ffffb880128d9a40               usb1 usbevt
0       63 3   0       200   ffffb880128d9600               usb0 usbevt
0      126 3   1       200   ffffb880128d91c0         usbtask-dr usbtsk
0      125 3   1       200   ffffb88012877a00         usbtask-hc usbtsk
0      124 3   0       200   ffffb88010d76b00          swwreboot swwreboot
0      123 3   0       200   ffffb880128775c0             npfgc0 npfgcw
0      122 3   1       200   ffffb8801286a9c0            rt_free rt_free
0      121 3   1       200   ffffb8801286a580              unpgc unpgc
0      120 3   0       200   ffffb8801286a140    key_timehandler key_timehandler
0      119 3   1       200   ffffb8801271b980    icmp6_wqinput/1 icmp6_wqinput
0      118 3   0       200   ffffb8801271b540    icmp6_wqinput/0 icmp6_wqinput
0      117 3   0       200   ffffb8801271b100          nd6_timer nd6_timer
0      116 3   1       200   ffffb88012713940    carp6_wqinput/1 carp6_wqinput
0      115 3   0       200   ffffb88012713500    carp6_wqinput/0 carp6_wqinput
0      114 3   1       200   ffffb880127130c0     carp_wqinput/1 carp_wqinput
0      113 3   0       200   ffffb88012703900     carp_wqinput/0 carp_wqinput
0      112 3   1       200   ffffb880127034c0     icmp_wqinput/1 icmp_wqinput
0      111 3   0       200   ffffb88012703080     icmp_wqinput/0 icmp_wqinput
0      110 3   0       200   ffffb880126eb8c0           rt_timer rt_timer
0      109 3   0       200   ffffb880126e7b80        vmem_rehash vmem_rehash
0      100 3   0       200   ffffb880126e7300          entbutler entropy
0       99 3   0       200   ffffb880120bcb40              viomb balloon
0       98 3   1       200   ffffb880120bc700      vioif0_txrx/1 vioif0_txrx
0       97 3   0       200   ffffb880120bc2c0      vioif0_txrx/0 vioif0_txrx
0       30 3   0       200   ffffb88010d766c0           scsibus0 sccomp
0       29 3   0       200   ffffb88010d76280               pms0 pmsreset
0       28 3   1       200   ffffb88010cbcac0            xcall/1 xcall
0       27 1   1       200   ffffb88010cbc680          softser/1
0       26 1   1       200   ffffb88010cbc240          softclk/1
0       25 1   1       200   ffffb88010cb9a80          softbio/1
0       24 1   1       200   ffffb88010cb9640          softnet/1
0       23 1   1       201   ffffb88010cb9200             idle/1
0       22 3   0       200   ffffb8800fb56a40           lnxsyswq lnxsyswq
0       21 3   0       200   ffffb8800fb56600           lnxubdwq lnxubdwq
0       20 3   0       200   ffffb8800fb561c0           lnxpwrwq lnxpwrwq
0       19 3   0       200   ffffb8800fb55a00           lnxlngwq lnxlngwq
0       18 3   0       200   ffffb8800fb555c0           lnxhipwq lnxhipwq
0       17 3   0       200   ffffb8800fb55180           lnxrcugc lnxrcugc
0       16 3   0       200   ffffb8800fb4e9c0             sysmon smtaskq
0       15 3   0       200   ffffb8800fb4e580         pmfsuspend pmfsuspend
0       14 3   0       200   ffffb8800fb4e140           pmfevent pmfevent
0       13 3   0       200   ffffb8800fb49980         sopendfree sopendfr
0       12 3   0       200   ffffb8800fb49540             ifwdog ifwdog
0       11 3   0       200   ffffb8800fb49100            iflnkst iflnkst
0       10 3   0       200   ffffb8800fb3c940           nfssilly nfssilly
0        9 3   0       200   ffffb8800fb3c500             vdrain vdrain
0        8 3   1       200   ffffb8800fb3c0c0          modunload mod_unld
0        7 3   0       200   ffffb8800fb33900            xcall/0 xcall
0        6 1   0       200   ffffb8800fb334c0          softser/0
0        5 1   0       200   ffffb8800fb33080          softclk/0
0        4 1   0       200   ffffb8800fb318c0          softbio/0
0        3 1   0       200   ffffb8800fb31480          softnet/0
0        2 1   0       201   ffffb8800fb31040             idle/0
0        0 3   0       200   ffffffff8334b900            swapper uvm
[Locks tracked through LWPs]

****** LWP 3410.3410 (syz-fuzzer) @ 0xffffb88012c572c0, l_stat=7

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x392 sys/kern/kern_fork.c:366)
lock address : ffffb8801349e790
type         : sleep/adaptive
initialized  : netbsd:fork1+0x392
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012c572c0 last held: 0xffffb88012c572c0
last locked* : netbsd:execve_loadvm+0x308
unlocked     : 0
owner/count  : 0xffffb88012c572c0 flags    : 0x0000000000000004
Turnstile: no active turnstile for this lock.

* Lock 1 (initialized at netbsd:pool_init+0xa66 sys/kern/subr_pool.c:981)
lock address : netbsd:uvm_map_entry_cache+0xb0
type         : sleep/adaptive
initialized  : netbsd:pool_init+0xa66
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012c572c0 last held: 0xffffb88012c572c0
last locked* : netbsd:pool_put+0x77
unlocked     : netbsd:pool_put+0x18d
owner field  : 0xffffb88012c572c0 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 3892.2711 (syz-executor.2) @ 0xffffb88014015580, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb88014015580 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1845.4320 (syz-executor.2) @ 0xffffb88012c21680, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb88012c21680 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 3888.3537 (syz-executor.2) @ 0xffffb88012d1f240, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb88012d1f240 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1665.3105 (syz-executor.2) @ 0xffffb88013fe80c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb88013fe80c0 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1612.3327 (syz-executor.2) @ 0xffffb88012b93580, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb88012b93580 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 3273.1471 (syz-executor.2) @ 0xffffb880134b4a00, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb880134b4a00 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 2750.2999 (syz-executor.2) @ 0xffffb88012bc7a00, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb88012bc7a00 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1170.2080 (syz-executor.2) @ 0xffffb8801402a5c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb8801402a5c0 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1018.1012 (syz-executor.2) @ 0xffffb88012d14200, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb88012d14200 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1188.908 (syz-executor.2) @ 0xffffb88013472500, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb88013472500 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1188.1455 (syz-executor.2) @ 0xffffb880134720c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb880134720c0 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 1620.1747 (syz-executor.2) @ 0xffffb88012ce2580, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:vhci_attach+0x129 sys/dev/usb/vhci.c:1283)
lock address : ffffb880126af6f0
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0x129
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  1
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012ce2580 last held: 0xffffb88012ce2580
last locked* : netbsd:vhci_usb_detach+0x115
unlocked     : netbsd:vhci_fd_read+0x475
owner field  : 0xffffb88012ce2580 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 1 waiting writers: 0xffffb88012915200

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  0 last held:                  1
relevant lwp : 0xffffb88012ce2580 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

****** LWP 746.746 (dhcpcd) @ 0xffffb88012cd6100, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012cd6100 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

****** LWP 745.745 (dhcpcd) @ 0xffffb88012c95bc0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012c95bc0 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

****** LWP 292.292 (dhcpcd) @ 0xffffb88012db5900, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  1 last held:                  0
relevant lwp : 0xffffb88012db5900 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

****** LWP 485.485 (dhcpcd) @ 0xffffb88012db54c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  1 last held:                  0
relevant lwp : 0xffffb88012db54c0 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

****** LWP 0.165 (usb2) @ 0xffffb88012915200, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:vhci_attach+0xe1 sys/dev/usb/vhci.c:1280)
lock address : ffffb880126af4c8
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0xe1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                 12
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb88012915200 last held: 0xffffb88012915200
last locked* : netbsd:usbd_transfer+0x23e
unlocked     : netbsd:usbd_setup_pipe_flags+0xc8
owner field  : 0xffffb88012915200 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 12 waiting writers: 0xffffb88012ce2580 0xffffb88013472500 0xffffb880134720c0 0xffffb88012d14200 0xffffb8801402a5c0 0xffffb88012bc7a00 0xffffb880134b4a00 0xffffb88012b93580 0xffffb88013fe80c0 0xffffb88012d1f240 0xffffb88012c21680 0xffffb88014015580

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x129 sys/dev/usb/vhci.c:1283)
lock address : ffffb880126af6f0
type         : sleep/adaptive
initialized  : netbsd:vhci_attach+0x129
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  1
relevant cpu :                  1 last held:                  0
relevant lwp : 0xffffb88012915200 last held: 0xffffb88012ce2580
last locked* : netbsd:vhci_usb_detach+0x115
unlocked     : netbsd:vhci_fd_read+0x475
owner field  : 0xffffb88012ce2580 wait/spin:                1/0
Turnstile:
=> 0 waiting readers:
=> 1 waiting writers: 0xffffb88012915200

****** LWP 0.11 (iflnkst) @ 0xffffb8800fb49100, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb8800fb49100 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

****** LWP 0.5 (softclk/0) @ 0xffffb8800fb33080, l_stat=1

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb8800fb33080 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

****** LWP 0.0 (swapper) @ 0xffffffff8334b900, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type         : sleep/adaptive
initialized  : netbsd:module_hook_init+0x1c
shared holds :                  0 exclusive:                  0
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffffff8334b900 last held: 000000000000000000
last locked  : 0
unlocked*    : 0
owner field  : 000000000000000000 wait/spin:                0/0
Turnstile: no active turnstile for this lock.

[Locks tracked through CPUs]

******* Locks held on cpu0:

* Lock 0 (initialized at netbsd:callout_startup+0x43 sys/kern/kern_timeout.c:280)
lock address : ffffb8800f67d040
type         : spin
initialized  : netbsd:callout_startup+0x43
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012c572c0 last held: 0xffffb88012c572c0
last locked* : netbsd:callout_hardclock+0x42
unlocked     : netbsd:callout_hardclock+0x28b
owner field  : 0x0000000000010700 wait/spin:                0/1

* Lock 1 (initialized at netbsd:kprintf_init+0x61 sys/kern/subr_prf.c:156)
lock address : netbsd:kprintf_mtx
type         : spin
initialized  : netbsd:kprintf_init+0x61
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
relevant cpu :                  0 last held:                  0
relevant lwp : 0xffffb88012c572c0 last held: 0xffffb88012c572c0
last locked* : netbsd:kprintf_lock+0x33
unlocked     : netbsd:kprintf_unlock+0x53
owner field  : 0x0000000000000800 wait/spin:                0/1

******* Locks held on cpu1:

* Lock 0 (initialized at netbsd:sleeptab_init+0x85 sys/kern/kern_sleepq.c:84)
lock address : netbsd:sleepq_locks+0xdc0
type         : spin
initialized  : netbsd:sleeptab_init+0x85
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
relevant cpu :                  1 last held:                  1
relevant lwp : 0xffffb880129a32c0 last held: 0xffffb880133ec6c0
last locked* : netbsd:cv_enter+0x168
unlocked     : netbsd:mi_switch+0x7ac
owner field  : 0x0000000000000700 wait/spin:                0/1

              PAGE FLAG   PQ            UOBJECT              UANON
0xffffb88000017180 0041 00000000                0x0                0x0
0xffffb88000017200 0041 00000000                0x0                0x0
0xffffb88000017280 0041 00000000                0x0                0x0
0xffffb88000017300 0041 00000000                0x0                0x0
0xffffb88000017380 0041 00000000                0x0                0x0
0xffffb88000017400 0041 00000000                0x0                0x0
0xffffb88000017480 0041 00000000                0x0                0x0
0xffffb88000017500 0041 00000000                0x0                0x0
0xffffb88000017580 0041 00000000                0x0                0x0
0xffffb88000017600 0041 00000000                0x0                0x0
0xffffb88000017680 0041 00000000                0x0                0x0
0xffffb88000017700 0041 00000000                0x0                0x0
0xffffb88000017780 0041 00000000                0x0                0x0
0xffffb88000017800 0041 00000000                0x0                0x0
0xffffb88000017880 0041 00000000                0x0                0x0
0xffffb88000017900 0041 00000000                0x0                0x0
0xffffb88000017980 0041 00000000                0x0                0x0
0xffffb88000017a00 0041 00000000                0x0                0x0
0xffffb88000017a80 0041 00000000                0x0                0x0
0xffffb88000017b00 0041 00000000                0x0                0x0
0xffffb88000017b80 0041 00000000                0x0                0x0
0xffffb88000017c00 0041 00000000                0x0                0x0
0xffffb88000017c80 0041 00000000                0x0                0x0
0xffffb88000017d00 0041 00000000                0x0                0x0
0xffffb88000017d80 0041 00000000                0x0                0x0
0xffffb88000017e00 0041 00000000                0x0                0x0
0xffffb88000017e80 0041 00000000                0x0                0x0
0xffffb88000017f00 0041 00000000                0x0                0x0
0xffffb88000017f80 0041 00000000                0x0                0x0
0xffffb88000018000 0041 00000000                0x0                0x0
0xffffb88000018080 0041 00000000                0x0                0x0
0xffffb88000018100 0041 00000000                0x0                0x0
0xffffb88000018180 0041 00000000                0x0                0x0
0xffffb88000018200 0041 00000000                0x0                0x0
0xffffb88000018280 0041 00000000                0x0                0x0
0xffffb88000018300 0041 00000000                0x0                0x0
0xffffb88000018380 0041 00000000                0x0                0x0
0xffffb88000018400 0041 00000000                0x0                0x0
0xffffb88000018480 0041 00000000                0x0                0x0
0xffffb88000018500 0041 00000000                0x0                0x0
0xffffb88000018580 0041 00000000                0x0                0x0
0xffffb88000018600 0041 00000000                0x0                0x0
0xffffb88000018680 0041 00000000                0x0                0x0
0xffffb88000018700 0041 00000000                0x0                0x0
0xffffb88000018780 0041 00000000                0x0                0x0
0xffffb88000018800 0041 00000000                0x0                0x0
0xffffb88000018880 0041 00000000                0x0                0x0
0xffffb88000018900 0041 00000000                0x0                0x0
0xffffb88000018980 0041 00000000                0x0                0x0
0xffffb88000018a00 0041 00000000                0x0                0x0
0xffffb88000018a80 0041 00000000                0x0                0x0
0xffffb88000018b00 0041 00000000                0x0                0x0
0xffffb88000018b80 0041 00000000                0x0                0x0
0xffffb88000018c00 0041 00000000                0x0                0x0
0xffffb88000018c80 0041 00000000                0x0                0x0
0xffffb88000018d00 0041 00000000                0x0                0x0
0xffffb88000018d80 0041 00000000                0x0                0x0
0xffffb88000018e00 0041 00000000                0x0                0x0
0xffffb88000018e80 0041 00000000                0x0                0x0
0xffffb88000018f00 0041 00000000                0x0                0x0
0xffffb88000018f80 0041 00000000                0x0                0x0
0xffffb88000019000 0041 00000000                0x0                0x0
0xffffb88000019080 0041 00000000                0x0                0x0
0xffffb88000019100 0041 00000000                0x0                0x0
0xffffb88000019180 0041 00000000                0x0                0x0
0xffffb88000019200 0041 00000000                0x0                0x0
0xffffb88000019280 0041 00000000                0x0                0x0
0xffffb88000019300 0041 00000000                0x0                0x0
0xffffb88000019380 0041 00000000                0x0                0x0
0xffffb88000019400 0041 00000000                0x0                0x0
0xffffb88000019480 0041 00000000                0x0                0x0
0xffffb88000019500 0041 00000000                0x0                0x0
0xffffb88000019580 0041 00000000                0x0                0x0
0xffffb88000019600 0041 00000000                0x0                0x0
0xffffb88000019680 0041 00000000                0x0                0x0
0xffffb88000019700 0041 00000000                0x0                0x0
0xffffb88000019780 0041 00000000                0x0                0x0
0xffffb88000019800 0041 00000000                0x0                0x0
0xffffb88000019880 0041 00000000                0x0                0x0
0xffffb88000019900 0041 00000000                0x0                0x0
0xffffb88000019980 0041 00000000                0x0                0x0
0xffffb88000019a00 0041 00000000                0x0                0x0
0xffffb88000019a80 0041 00000000                0x0                0x0
0xffffb88000019b00 0041 00000000                0x0                0x0
0xffffb88000019b80 0041 00000000                0x0                0x0
0xffffb88000019c00 0041 00000000                0x0                0x0
0xffffb88000019c80 0041 00000000                0x0                0x0
0xffffb88000019d00 0041 00000000                0x0                0x0
0xffffb88000019d80 0041 00000000                0x0                0x0
0xffffb88000019e00 0041 00000000                0x0                0x0
0xffffb88000019e80 0041 00000000                0x0                0x0
0xffffb88000019f00 0041 00000000                0x0                0x0
0xffffb88000019f80 0041 00000000                0x0                0x0
0xffffb8800001a000 0041 00000000                0x0                0x0
0xffffb8800001a080 0041 00000000                0x0                0x0
0xffffb8800001a100 0041 00000000                0x0                0x0
0xffffb8800001a180 0041 00000000                0x0                0x0
0xffffb8800001a200 0041 00000000                0x0                0x0
0xffffb8800001a280 0041 00000000                0x0                0x0
0xffffb8800001a300 0041 00000000                0x0                0x0
0xffffb8800001a380 0041 00000000                0x0                0x0
0xffffb8800001a400 0041 00000000                0x0                0x0
0xffffb8800001a480 0041 00000000                0x0                0x0
0xffffb8800001a500 0041 00000000                0x0                0x0
0xffffb8800001a580 0041 00000000                0x0                0x0
0xffffb8800001a600 0041 00000000                0x0                0x0
0xffffb8800001a680 0041 00000000                0x0                0x0
0xffffb8800001a700 0041 00000000                0x0                0x0
0xffffb8800001a780 0041 00000000                0x0                0x0
0xffffb8800001a800 0041 00000000                0x0                0x0
0xffffb8800001a880 0041 00000000                0x0                0x0
0xffffb8800001a900 0041 00000000                0x0                0x0
0xffffb8800001a980 0041 00000000                0x0                0x0
0xffffb8800001aa00 0041 00000000                0x0                0x0
0xffffb8800001aa80 0041 00000000                0x0                0x0
0xffffb8800001ab00 0041 00000000                0x0                0x0
0xffffb8800001ab80 0041 00000000                0x0                0x0
0xffffb8800001ac00 0041 00000000                0x0                0x0
0xffffb8800001ac80 0041 00000000                0x0                0x0
0xffffb8800001ad00 0041 00000000                0x0                0x0
0xffffb8800001ad80 0041 00000000                0x0                0x0
0xffffb8800001ae00 0041 00000000                0x0                0x0
0xffffb8800001ae80 0041 00000000                0x0                0x0
0xffffb8800001af00 0041 00000000                0x0                0x0
0xffffb8800001af80 0041 00000000                0x0                0x0
0xffffb8800001b000 0041 00000000                0x0                0x0
0xffffb8800001b080 0041 00000000                0x0                0x0
0xffffb8800001b100 0041 00000000                0x0                0x0
0xffffb8800001b180 0041 00000000                0x0                0x0
0xffffb8800001b200 0041 00000000                0x0                0x0
0xffffb8800001b280 0041 00000000                0x0                0x0
0xffffb8800001b300 0041 00000000                0x0                0x0
0xffffb8800001b380 0041 00000000                0x0                0x0
0xffffb8800001b400 0041 00000000                0x0                0x0
0xffffb8800001b480 0041 00000000                0x0                0x0
0xffffb8800001b500 0041 00000000                0x0                0x0
0xffffb8800001b580 0041 00000000                0x0                0x0
0xffffb8800001b600 0041 00000000                0x0                0x0
0xffffb8800001b680 0041 00000000                0x0                0x0
0xffffb8800001b700 0041 00000000                0x0                0x0
0xffffb8800001b780 0041 00000000                0x0                0x0
0xffffb8800001b800 0041 00000000                0x0                0x0
0xffffb8800001b880 0041 00000000                0x0                0x0
0xffffb8800001b900 0041 00000000                0x0                0x0
0xffffb8800001b980 0041 00000000                0x0                0x0
0xffffb8800001ba00 0041 00000000                0x0                0x0
0xffffb8800001ba80 0041 00000000                0x0                0x0
0xffffb8800001bb00 0041 00000000                0x0                0x0
0xffffb8800001bb80 0001 00000000                0x0                0x0
0xffffb8800001bc00 0001 00000000                0x0                0x0
0xffffb8800001bc80 0001 00000000                0x0                0x0
0xffffb8800001bd00 0001 00000000                0x0                0x0
0xffffb8800001bd80 0001 00000000                0x0                0x0
0xffffb8800001be00 0001 00000000                0x0                0x0
0xffffb8800001be80 0001 00000000                0x0                0x0
0xffffb8800001bf00 0001 00000000                0x0                0x0
0xffffb8800001bf80 0001 00000000                0x0                0x0
0xffffb8800001c000 0001 00000000                0x0                0x0
0xffffb8800001c080 0001 00000000                0x0                0x0
0xffffb8800001c100 0001 00000000                0x0                0x0
0xffffb8800001c180 0001 00000000                0x0                0x0
0xffffb8800001c200 0001 00000000                0x0                0x0
0xffffb8800001c280 0001 00000000                0x0                0x0
0xffffb8800001c300 0001 00000000                0x0                0x0
0xffffb8800001c380 0001 00000000                0x0                0x0
0xffffb8800001c400 0001 00000000                0x0                0x0
0xffffb8800001c480 0001 00000000                0x0                0x0
0xffffb8800001c500 0001 00000000                0x0                0x0
0xffffb8800001c580 0001 00000000                0x0                0x0
0xffffb8800001c600 0001 00000000                0x0                0x0
0xffffb8800001c680 0001 00000000                0x0                0x0
0xffffb8800001c700 0001 00000000                0x0                0x0
0xffffb8800001c780 0001 00000000                0x0                0x0
0xffffb8800001c800 0001 00000000                0x0                0x0
0xffffb8800001c880 0001 00000000                0x0                0x0
0xffffb8800001c900 0001 00000000                0x0                0x0
0xffffb8800001c980 0001 00000000                0x0                0x0
0xffffb8800001ca00 0001 00000000                0x0                0x0
0xffffb8800001ca80 0001 00000000                0x0                0x0
0xffffb8800001cb00 0001 00000000                0x0                0x0
0xffffb8800001cb80 0001 00000000                0x0                0x0
0xffffb8800001cc00 0001 00000000                0x0                0x0
0xffffb8800001cc80 0001 00000000                0x0                0x0
0xffffb8800001cd00 0001 00000000                0x0                0x0
0xffffb8800001cd80 0001 00000000                0x0                0x0
0xffffb8800001ce00 0001 00000000                0x0                0x0
0xffffb8800001ce80 0001 00000000                0x0                0x0
0xffffb8800001cf00 0001 00000000                0x0                0x0
0xffffb8800001cf80 0001 00000000                0x0                0x0
0xffffb8800001d000 0001 00000000                0x0                0x0
0xffffb8800001d080 0001 00000000                0x0                0x0
0xffffb8800001d100 0001 00000000                0x0                0x0
0xffffb8800001d180 0001 00000000                0x0                0x0
0xffffb8800001d200 0001 00000000                0x0                0x0
0xffffb8800001d280 0001 00000000                0x0                0x0
0xffffb8800001d300 0001 00000000                0x0                0x0
0xffffb8800001d380 0001 00000000                0x0                0x0
0xffffb8800001d400 0001 00000000                0x0                0x0
0xffffb8800001d480 0001 00000000                0x0                0x0
0xffffb8800001d500 0001 00000000                0x0                0x0
0xffffb8800001d580 0001 00000000                0x0                0x0
0xffffb8800001d600 0001 00000000                0x0                0x0
0xffffb8800001d680 0001 00000000                0x0                0x0
0xffffb8800001d700 0001 00000000                0x0                0x0
0xffffb8800001d780 0001 00000000                0x0                0x0
0xffffb8800001d800 0001 00000000                0x0                0x0
0xffffb8800001d880 0001 00000000                0x0                0x0
0xffffb8800001d900 0001 00000000                0x0                0x0
0xffffb8800001d980 0001 00000000                0x0                0x0
0xffffb8800001da00 0001 00000000                0x0                0x0
0xffffb8800001da80 0001 00000000                0x0                0x0
0xffffb8800001db00 0001 00000000                0x0                0x0
0xffffb8800001db80 0001 00000000                0x0                0x0
0xffffb8800001dc00 0001 00000000                0x0                0x0
0xffffb8800001dc80 0001 00000000                0x0                0x0
0xffffb8800001dd00 0001 00000000                0x0                0x0
0xffffb8800001dd80 0001 00000000                0x0                0x0
0xffffb8800001de00 0001 00000000                0x0                0x0
0xffffb8800001de80 0001 00000000                0x0                0x0
0xffffb8800001df00 0001 00000000                0x0                0x0
0xffffb8800001df80 0001 00000000                0x0                0x0
0xffffb8800001e000 0001 00000000                0x0                0x0
0xffffb8800001e080 0001 00000000                0x0                0x0
0xffffb8800001e100 0001 00000000                0x0                0x0
0xffffb8800001e180 0001 00000000                0x0                0x0
0xffffb8800001e200 0001 00000000                0x0                0x0
0xffffb8800001e280 0001 00000000                0x0                0x0
0xffffb8800001e300 0001 00000000                0x0                0x0
0xffffb8800001e380 0001 00000000                0x0                0x0
0xffffb8800001e400 0001 00000000                0x0                0x0
0xffffb8800001e480 0001 00000000                0x0                0x0
0xffffb8800001e500 0001 00000000                0x0                0x0
0xffffb8800001e580 0001 00000000                0x0                0x0
0xffffb8800001e600 0001 00000000                0x0                0x0
0xffffb8800001e680 0001 00000000                0x0                0x0
0xffffb8800001e700 0001 00000000                0x0                0x0
0xffffb8800001e780 0001 00000000                0x0                0x0
0xffffb8800001e800 0001 00000000                0x0                0x0
0xffffb8800001e880 0001 00000000                0x0                0x0
0xffffb8800001e900 0001 00000000                0x0                0x0
0xffffb8800001e980 0001 00000000                0x0                0x0
0xffffb8800001ea00 0001 00000000                0x0                0x0
0xffffb8800001ea80 0001 00000000                0x0                0x0
0xffffb8800001eb00 0001 00000000                0x0                0x0
0xffffb8800001eb80 0001 00000000                0x0                0x0
0xffffb8800001ec00 0001 00000000                0x0                0x0
0xffffb8800001ec80 0001 00000000                0x0                0x0
0xffffb8800001ed00 0001 00000000                0x0                0x0
0xffffb8800001ed80 0001 00000000                0x0                0x0
0xffffb8800001ee00 0001 00000000                0x0                0x0
0xffffb8800001ee80 0001 00000000                0x0                0x0
0xffffb8800001ef00 0001 00000000                0x0                0x0
0xffffb8800001ef80 0001 00000000                0x0                0x0
0xffffb8800001f000 0001 00000000                0x0                0x0
0xffffb8800001f080 0001 00000000                0x0                0x0
0xffffb8800001f100 0001 00000000                0x0                0x0
0xffffb8800001f180 0001 00000000                0x0                0x0
0xffffb8800001f200 0001 00000000                0x0                0x0
0xffffb8800001f280 0001 00000000                0x0                0x0
0xffffb8800001f300 0001 00000000                0x0                0x0
0xffffb8800001f380 0001 00000000                0x0                0x0
0xffffb8800001f400 0001 00000000                0x0                0x0
0xffffb8800001f480 0001 00000000                0x0                0x0
0xffffb8800001f500 0001 00000000                0x0                0x0
0xffffb8800001f580 0001 00000000                0x0                0x0
0xffffb8800001f600 0001 00000000                0x0                0x0
0xffffb8800001f680 0001 00000000                0x0                0x0
0xffffb8800001f700 0001 00000000                0x0                0x0
0xffffb8800001f780 0001 00000000                0x0                0x0
0xffffb8800001f800 0001 00000000                0x0                0x0
0xffffb8800001f880 0001 00000000                0x0                0x0
0xffffb8800001f900 0001 00000000                0x0                0x0
0xffffb8800001f980 0001 00000000                0x0                0x0
0xffffb8800001fa00 0001 00000000                0x0                0x0
0xffffb8800001fa80 0001 00000000                0x0                0x0
0xffffb8800001fb00 0001 00000000                0x0                0x0
0xffffb8800001fb80 0001 00000000                0x0                0x0
0xffffb8800001fc00 0001 00000000                0x0                0x0
0xffffb8800001fc80 0001 00000000                0x0                0x0
0xffffb8800001fd00 0001 00000000                0x0                0x0
0xffffb8800001fd80 0001 00000000                0x0                0x0
0xffffb8800001fe00 0001 00000000                0x0                0x0
0xffffb8800001fe80 0001 00000000                0x0                0x0
0xffffb8800001ff00 0001 00000000                0x0                0x0
0xffffb8800001ff80 0001 00000000                0x0                0x0
0xffffb88000020000 0001 00000000                0x0                0x0
0xffffb88000020080 0001 00000000                0x0                0x0
0xffffb88000020100 0001 00000000                0x0                0x0
0xffffb88000020180 0001 00000000                0x0                0x0
0xffffb88000020200 0001 00000000                0x0                0x0
0xffffb88000020280 0001 00000000                0x0                0x0
0xffffb88000020300 0001 00000000                0x0                0x0
0xffffb88000020380 0001 00000000                0x0                0x0
0xffffb88000020400 0001 00000000                0x0                0x0
0xffffb88000020480 0001 00000000                0x0                0x0
0xffffb88000020500 0001 00000000                0x0                0x0
0xffffb88000020580 0001 00000000                0x0                0x0
0xffffb88000020600 0001 00000000                0x0                0x0
0xffffb88000020680 0001 00000000                0x0                0x0
0xffffb88000020700 0001 00000000                0x0                0x0
0xffffb88000020780 0001 00000000                0x0                0x0
0xffffb88000020800 0001 00000000                0x0                0x0
0xffffb88000020880 0001 00000000                0x0                0x0
0xffffb88000020900 0001 00000000                0x0                0x0
0xffffb88000020980 0001 00000000                0x0                0x0
0xffffb88000020a00 0001 00000000                0x0                0x0
0xffffb88000020a80 0001 00000000                0x0                0x0
0xffffb88000020b00 0001 00000000                0x0                0x0
0xffffb88000020b80 0001 00000000                0x0                0x0
0xffffb88000020c00 0001 00000000                0x0                0x0
0xffffb88000020c80 0001 00000000                0x0                0x0
0xffffb88000020d00 0001 00000000                0x0                0x0
0xffffb88000020d80 0001 00000000                0x0                0x0
0xffffb88000020e00 0001 00000000                0x0                0x0
0xffffb88000020e80 0001 00000000                0x0                0x0
0xffffb88000020f00 0001 00000000                0x0                0x0
0xffffb88000020f80 0001 00000000                0x0                0x0
0xffffb88000021000 0001 00000000                0x0                0x0
0xffffb88000021080 0001 00000000                0x0                0x0
0xffffb88000021100 0001 00000000                0x0                0x0
0xffffb88000021180 0001 00000000                0x0                0x0
0xffffb88000021200 0001 00000000                0x0                0x0
0xffffb88000021280 0001 00000000                0x0                0x0
0xffffb88000021300 0001 00000000                0x0                0x0
0xffffb88000021380 0001 00000000                0x0                0x0
0xffffb88000021400 0001 00000000                0x0                0x0
0xffffb88000021480 0001 00000000                0x0                0x0
0xffffb88000021500 0001 00000000                0x0                0x0
0xffffb88000021580 0001 00000000                0x0                0x0
0xffffb88000021600 0001 00000000                0x0                0x0
0xffffb88000021680 0001 00000000                0x0                0x0
0xffffb88000021700 0001 00000000                0x0                0x0
0xffffb88000021780 0001 00000000                0x0                0x0
0xffffb88000021800 0001 00000000                0x0                0x0
0xffffb88000021880 0001 00000000                0x0                0x0
0xffffb88000021900 0001 00000000                0x0                0x0
0xffffb88000021980 0001 00000000                0x0                0x0
0xffffb88000021a00 0001 00000000                0x0                0x0
0xffffb88000021a80 0001 00000000                0x0                0x0
0xffffb88000021b00 0001 00000000                0x0                0x0
0xffffb88000021b80 0001 00000000                0x0                0x0
0xffffb88000021c00 0001 00000000                0x0                0x0
0xffffb88000021c80 0001 00000000                0x0                0x0
0xffffb88000021d00 0001 00000000                0x0                0x0
0xffffb88000021d80 0001 00000000                0x0                0x0
0xffffb88000021e00 0001 00000000                0x0                0x0
0xffffb88000021e80 0001 00000000                0x0                0x0
0xffffb88000021f00 0001 00000000                0x0                0x0
0xffffb88000021f80 0001 00000000                0x0                0x0
0xffffb88000022000 0001 00000000                0x0                0x0
0xffffb88000022080 0001 00000000                0x0                0x0
0xffffb88000022100 0001 00000000                0x0                0x0
0xffffb88000022180 0001 00000000                0x0                0x0
0xffffb88000022200 0001 00000000                0x0                0x0
0xffffb88000022280 0001 00000000                0x0                0x0
0xffffb88000022300 0001 00000000                0x0                0x0
0xffffb88000022380 0001 00000000                0x0                0x0
0xffffb88000022400 0001 00000000                0x0                0x0
0xffffb88000022480 0001 00000000                0x0                0x0
0xffffb88000022500 0001 00000000                0x0                0x0
0xffffb88000022580 0001 00000000                0x0                0x0
0xffffb88000022600 0001 00000000                0x0                0x0
0xffffb88000022680 0001 00000000                0x0                0x0
0xffffb88000022700 0001 00000000                0x0                0x0
0xffffb88000022780 0001 00000000                0x0                0x0
0xffffb88000022800 0001 00000000                0x0                0x0
0xffffb88000022880 0001 00000000                0x0                0x0
0xffffb88000022900 0001 00000000                0x0                0x0
0xffffb88000022980 0001 00000000                0x0                0x0
0xffffb88000022a00 0001 00000000                0x0                0x0
0xffffb88000022a80 0001 00000000                0x0                0x0
0xffffb88000022b00 0001 00000000                0x0                0x0
0xffffb88000022b80 0001 00000000                0x0                0x0
0xffffb88000022c00 0001 00000000                0x0                0x0
0xffffb88000022c80 0001 00000000                0x0                0x0
0xffffb88000022d00 0001 00000000                0x0                0x0
0xffffb88000022d80 0001 00000000                0x0                0x0
0xffffb88000022e00 0001 00000000                0x0                0x0
0xffffb88000022e80 0001 00000000                0x0                0x0
0xffffb88000022f00 0001 00000000                0x0                0x0
0xffffb88000022f80 0001 00000000                0x0                0x0
0xffffb88000023000 0001 00000000                0x0                0x0
0xffffb88000023080 0001 00000000                0x0                0x0
0xffffb88000023100 0001 00000000                0x0                0x0
0xffffb88000023180 0001 00000000                0x0                0x0
0xffffb88000023200 0001 00000000                0x0                0x0
0xffffb88000023280 0001 00000000                0x0                0x0
0xffffb88000023300 0001 00000000                0x0                0x0
0xffffb88000023380 0001 00000000                0x0                0x0
0xffffb88000023400 0001 00000000                0x0                0x0
0xffffb88000023480 0001 00000000                0x0                0x0
0xffffb88000023500 0001 00000000                0x0                0x0
0xffffb88000023580 0001 00000000                0x0                0x0
0xffffb88000023600 0001 00000000                0x0                0x0
0xffffb88000023680 0001 00000000                0x0                0x0
0xffffb88000023700 0001 00000000                0x0                0x0
0xffffb88000023780 0001 00000000                0x0                0x0
0xffffb88000023800 0001 00000000                0x0                0x0
0xffffb88000023880 0001 00000000                0x0                0x0
0xffffb88000023900 0001 00000000                0x0                0x0
0xffffb88000023980 0001 00000000                0x0                0x0
0xffffb88000023a00 0001 00000000                0x0                0x0
0xffffb88000023a80 0001 00000000                0x0                0x0
0xffffb88000023b00 0001 00000000                0x0                0x0
0xffffb88000023b80 0001 00000000                0x0                0x0
0xffffb88000023c00 0001 00000000                0x0                0x0
0xffffb88000023c80 0001 00000000                0x0                0x0
0xffffb88000023d00 0001 00000000                

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller%googlegroups.com@localhost.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to change bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

-- 
You received this message because you are subscribed to the Google Groups "syzkaller-netbsd-bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-netbsd-bugs+unsubscribe%googlegroups.com@localhost.
To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-netbsd-bugs/000000000000285e7e05feaa8361%40google.com.


Home | Main Index | Thread Index | Old Index