panic: ASan: Unauthorized Access In ADDR: Addr ADDR [225 bytes, read, Unknown]
0 views
Skip to first unread message
syzbot
Jul 1, 2019, 10:51:09 AM7/1/19
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: f4fe9ee8 Avoid GCC warning on NetBSD/i386
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=14789605a00000
dashboard link: https://syzkaller.appspot.com/bug?extid=8b4ea3978a3da95ddaa2
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8b4ea3...@syzkaller.appspotmail.com
[ 179.4088761] panic: ASan: Unauthorized Access In 0xffffffff811dc6ad: Addr
0xffffa7817bdafd60 [225 bytes, read, Unknown]
[ 179.4199347] cpu1: Begin traceback...
[ 179.4644310] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 179.5979207] snprintf() at netbsd:snprintf
[ 179.7314213] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 179.7314213] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 179.8537705] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 179.8537705] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
sys/kern/subr_asan.c:548
[ 179.9872617] sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf
sys/kern/sys_lwp.c:862
[ 180.1096267] sys___syscall() at netbsd:sys___syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.1096267] sys___syscall() at netbsd:sys___syscall+0xf5
sys/kern/sys_syscall.c:77
[ 180.2431095] syscall() at netbsd:syscall+0x3ac sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.2431095] syscall() at netbsd:syscall+0x3ac sy_invoke
sys/sys/syscallvar.h:94 [inline]
[ 180.2431095] syscall() at netbsd:syscall+0x3ac
sys/arch/x86/x86/syscall.c:138
[ 180.2764824] --- syscall (number 198) ---
[ 180.3209818] 71783fe43b9a:
[ 180.3320970] cpu1: End traceback...
[ 180.3320970] fatal breakpoint trap in supervisor mode
[ 180.3432272] trap type 1 code 0 rip 0xffffffff8021cd1d cs 0x8 rflags
0x246 cr2 0x771a62c04000 ilevel 0 rsp 0xffffa7817bdafbc0
[ 180.3543478] curlwp 0xffffa78013915920 pid 763.2 lowest kstack
0xffffa7817bda82c0
Stopped in pid 763.2 (syz-executor.0) at netbsd:breakpoint+0x5:
leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xf9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
snprintf() at netbsd:snprintf
kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
kasan_report() at netbsd:kasan_report+0x89 sys/kern/subr_asan.c:194
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 kasan_shadow_check
sys/kern/subr_asan.c:421 [inline]
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 sys/kern/subr_asan.c:548
sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf sys/kern/sys_lwp.c:862
sys___syscall() at netbsd:sys___syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0xf5 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x3ac sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x3ac sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x3ac sys/arch/x86/x86/syscall.c:138
--- syscall (number 198) ---
71783fe43b9a:
ds 0
es 1
fs f3e4
gs 597c
rdi ffffa7800d935458
rsi ffffa78013915c08
rbp ffffa7817bdafbc0
rbx ffffa7816d8a0000
rdx 3ffff
rcx ffffa7816f030000
rax ffffa78012fd3488
r8 4
r9 ffffffff82891e63 db_onpanic+0x3
r10 1ffffffff05123cc
r11 10
r12 ffffa7816d8b2000
r13 ffffffff82200b40 ostype+0x49140
r14 ffffa7817bdafc50
r15 ffffa7816d8a0058
rip ffffffff8021cd1d breakpoint+0x5
cs 8
rflags 246
rsp ffffa7817bdafbc0
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
763 > 2 7 1 0 ffffa78013915920 syz-executor.0
763 1 2 0 10000000 ffffa7801397c180 syz-executor.0
782 3 3 0 80 ffffa780138d44a0 syz-executor.2 parked
782 2 2 1 0 ffffa7801398ca20 syz-executor.2
782 1 2 1 10040000 ffffa7801396c580 syz-executor.2
887 3 2 0 100000 ffffa78013940560 syz-executor.5
887 1 3 0 10040004 ffffa7801397c5c0 syz-executor.5 lwpwait
862 3 3 1 40080 ffffa780138d48e0 syz-executor.1 parked
862 2 3 1 80 ffffa78013925940 syz-executor.1 parked
862 1 2 1 40000 ffffa780139250c0 syz-executor.1
297 1 2 0 0 ffffa78013995600 syz-executor.3
601 > 1 7 0 0 ffffa78012a38720 syz-executor.4
45 1 2 1 0 ffffa78013838040 syz-executor.5
522 1 2 0 0 ffffa78012a38b60 syz-executor.2
591 1 2 1 0 ffffa780136f5bc0 syz-executor.1
40 1 2 1 0 ffffa78011fb26a0 syz-executor.0
594 11 3 1 80 ffffa780136f5780 syz-fuzzer parked
594 10 2 1 0 ffffa780136f5340 syz-fuzzer
594 9 3 0 80 ffffa780136c3ba0 syz-fuzzer kqueue
594 8 3 0 80 ffffa780120962a0 syz-fuzzer parked
594 7 3 1 80 ffffa780136c3760 syz-fuzzer parked
594 6 3 0 80 ffffa780136c3320 syz-fuzzer parked
594 5 3 0 80 ffffa78013183b80 syz-fuzzer parked
594 4 3 1 80 ffffa78013183740 syz-fuzzer parked
594 3 3 1 80 ffffa78012a382e0 syz-fuzzer parked
594 2 3 1 80 ffffa78011f8a680 syz-fuzzer parked
594 1 3 1 80 ffffa7801203f6c0 syz-fuzzer parked
604 1 3 1 80 ffffa78011fb2ae0 sshd select
541 1 3 0 80 ffffa78012a23b40 getty nanoslp
550 1 3 1 80 ffffa78011fb2260 getty nanoslp
592 1 3 0 80 ffffa78011f8a240 getty nanoslp
459 1 3 1 80 ffffa78011f59200 getty ttyraw
428 1 3 1 80 ffffa780120966e0 cron nanoslp
420 1 3 0 80 ffffa78013183300 inetd kqueue
483 1 3 1 80 ffffa78012a23700 sshd select
465 1 3 0 80 ffffa78012a232c0 powerd kqueue
287 1 2 0 40000 ffffa78012096b20 makemandb
342 1 3 0 80 ffffa78011f8aac0 syslogd kqueue
295 1 3 1 80 ffffa7801203fb00 dhcpcd kqueue
248 1 3 1 80 ffffa7801203f280 dhcpcd kqueue
1 1 3 1 80 ffffa78011f12a60 init wait
0 58 3 1 204 ffffa78011f59640 physiod physiod
0 57 3 1 204 ffffa78011f5c220 pooldrain pooldrain
0 56 3 0 204 ffffa78011f5caa0 aiodoned aiodoned
0 55 3 0 200 ffffa78011f5c660 ioflush syncer
0 54 3 1 200 ffffa78011f59a80 pgdaemon pgdaemon
0 51 2 1 200 ffffa7800f6ea9c0 npfgc-0
0 50 3 0 204 ffffa78011f12620 rt_free rt_free
0 49 3 0 204 ffffa78011f121e0 unpgc unpgc
0 48 3 1 204 ffffa78011dc6a40 key_timehandler
key_timehandler
0 47 3 1 204 ffffa78011db8160 icmp6_wqinput/1
icmp6_wqinput
0 46 3 0 204 ffffa78011db85a0 icmp6_wqinput/0
icmp6_wqinput
0 45 3 0 204 ffffa78011db89e0 nd6_timer nd6_timer
0 44 3 1 204 ffffa78011db9180 carp6_wqinput/1
carp6_wqinput
0 43 3 0 204 ffffa78011db95c0 carp6_wqinput/0
carp6_wqinput
0 42 3 1 204 ffffa78011db9a00 carp_wqinput/1
carp_wqinput
0 41 3 0 204 ffffa78011dba1a0 carp_wqinput/0
carp_wqinput
0 40 3 1 204 ffffa78011dc6600 icmp_wqinput/1
icmp_wqinput
0 39 3 0 204 ffffa78011dc61c0 icmp_wqinput/0
icmp_wqinput
0 38 2 1 200 ffffa78011dbaa20 rt_timer
0 37 2 1 200 ffffa78011dba5e0 vmem_rehash
0 27 3 0 204 ffffa7800f6ea580 scsibus0 sccomp
0 26 3 0 200 ffffa7800f6ea140 pms0 pmsreset
0 25 3 1 204 ffffa7800f6b39a0 xcall/1 xcall
0 24 1 1 200 ffffa7800f6b3560 softser/1
0 23 1 1 200 ffffa7800f6b3120 softclk/1
0 22 1 1 200 ffffa7800f6b0980 softbio/1
0 21 1 1 200 ffffa7800f6b0540 softnet/1
0 20 1 1 201 ffffa7800f6b0100 idle/1
0 19 3 0 204 ffffa7800de68960 lnxpwrwq lnxpwrwq
0 18 3 0 204 ffffa7800de68520 lnxlngwq lnxlngwq
0 17 3 0 204 ffffa7800de680e0 lnxsyswq lnxsyswq
0 16 3 0 204 ffffa7800de62940 lnxrcugc lnxrcugc
0 15 3 0 204 ffffa7800de62500 sysmon smtaskq
0 14 3 0 204 ffffa7800de620c0 pmfsuspend pmfsuspend
0 13 3 0 204 ffffa7800de58920 pmfevent pmfevent
0 12 3 0 204 ffffa7800de584e0 sopendfree sopendfr
0 11 3 0 204 ffffa7800de580a0 nfssilly nfssilly
0 10 2 1 200 ffffa7800de4e900 cachegc
0 9 3 0 204 ffffa7800de4e4c0 vdrain vdrain
0 8 3 0 200 ffffa7800de4e080 modunload mod_unld
0 7 3 0 204 ffffa7800de3f8e0 xcall/0 xcall
0 6 1 0 200 ffffa7800de3f4a0 softser/0
0 5 1 0 200 ffffa7800de3f060 softclk/0
0 4 1 0 200 ffffa7800de3a8c0 softbio/0
0 3 1 0 200 ffffa7800de3a480 softnet/0
0 2 1 0 201 ffffa7800de3a040 idle/0
0 1 2 1 200 ffffffff82959000 swapper
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor.2):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa780138bd1d0 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa7801398ca20
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa7801398ca20 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b708e0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.1):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffa7801382d600 type : sleep/adaptive
initialized : 0xffffffff810c24b3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa780139250c0
last locked* : 0xffffffff810a735b unlocked : 0xffffffff810a4158
owner field : 0xffffa780139250c0 wait/spin: 0/0
Turnstile chain at 0xffffffff82b70540.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.3):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa780139ab488 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa78013915920 last held: 0xffffa78013995600
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa78013995600 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b70650.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa780136b41b8 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa78013915920 last held: 0xffffa78013995600
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa78013995600 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b708b0.
=> No active turnstile for this lock.
Lock 2 (initialized at genfs_node_init)
lock address : 0xffffa780136adcd0 type : sleep/adaptive
initialized : 0xffffffff8129d400
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa78013995600
last locked* : 0xffffffff80ff50cd unlocked : 000000000000000000
owner/count : 0xffffa78013995600 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b706e0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.4):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa780138bd888 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa78012a38720
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa78012a38720 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b70650.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa780139abdf0 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa78012a38720
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
[ 180.3543478] Skipping crash dump on recursive panic
[ 180.3543478] panic: ASan: Unauthorized Access In 0xffffffff8114f860: Addr
0xffffa780139abdf0 [8 bytes, read, PoolUseAfterFree]
[ 180.3543478] cpu1: Begin traceback...
[ 180.3543478] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 180.3543478] snprintf() at netbsd:snprintf
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_1byte_isvalid sys/kern/subr_asan.c:302 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_2byte_isvalid sys/kern/subr_asan.c:317 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_4byte_isvalid sys/kern/subr_asan.c:337 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_8byte_isvalid sys/kern/subr_asan.c:357 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_check sys/kern/subr_asan.c:410 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
sys/kern/subr_asan.c:599
[ 180.3543478] rw_dump() at netbsd:rw_dump+0x20 sys/kern/kern_rwlock.c:176
[ 180.3543478] lockdebug_dump() at netbsd:lockdebug_dump+0x15f
sys/kern/subr_lockdebug.c:777
[ 180.3543478] lockdebug_show_one() at netbsd:lockdebug_show_one+0xc4
sys/kern/subr_lockdebug.c:855
[ 180.3543478] lockdebug_show_all_locks() at
netbsd:lockdebug_show_all_locks+0x12f lockdebug_show_all_locks_lwp
sys/kern/subr_lockdebug.c:886 [inline]
[ 180.3543478] lockdebug_show_all_locks() at
netbsd:lockdebug_show_all_locks+0x12f sys/kern/subr_lockdebug.c:933
[ 180.3543478] db_command() at netbsd:db_command+0x2d6
sys/ddb/db_command.c:936
[ 180.3543478] db_command_loop() at netbsd:db_command_loop+0x277
db_execute_commandlist sys/ddb/db_command.c:432 [inline]
[ 180.3543478] db_command_loop() at netbsd:db_command_loop+0x277
sys/ddb/db_command.c:582
[ 180.3543478] db_trap() at netbsd:db_trap+0x219 sys/ddb/db_trap.c:94
[ 180.3543478] kdb_trap() at netbsd:kdb_trap+0x1cd
sys/arch/amd64/amd64/db_interface.c:246
[ 180.3543478] trap() at netbsd:trap+0x6c5 sys/arch/amd64/amd64/trap.c:321
[ 180.3543478] --- trap (number 1) ---
[ 180.3543478] breakpoint() at netbsd:breakpoint+0x5
[ 180.3543478] db_panic() at netbsd:db_panic+0xf9 sys/ddb/db_panic.c:67
[ 180.3543478] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 180.3543478] snprintf() at netbsd:snprintf
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 180.3543478] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 180.3543478] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
sys/kern/subr_asan.c:548
[ 180.3543478] sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf
sys/kern/sys_lwp.c:862
[ 180.3543478] sys___syscall() at netbsd:sys___syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.3543478] sys___syscall() at netbsd:sys___syscall+0xf5
sys/kern/sys_syscall.c:77
[ 180.3543478] syscall() at netbsd:syscall+0x3ac sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.3543478] syscall() at netbsd:syscall+0x3ac sy_invoke
sys/sys/syscallvar.h:94 [inline]
[ 180.3543478] syscall() at netbsd:syscall+0x3ac
sys/arch/x86/x86/syscall.c:138
[ 180.3543478] --- syscall (number 198) ---
[ 180.3543478] 71783fe43b9a:
[ 180.3543478] cpu1: End traceback...
[ 180.3543478] fatal breakpoint trap in supervisor mode
[ 180.3543478] trap type 1 code 0 rip 0xffffffff8021cd1d cs 0x8 rflags
0x246 cr2 0x771a62c04000 ilevel 0x8 rsp 0xffffa7817bdaf180
[ 180.3543478] curlwp 0xffffa78013915920 pid 763.2 lowest kstack
0xffffa7817bda82c0
Stopped in pid 763.2 (syz-executor.0) at netbsd:breakpoint+0x5:
leave
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: f4fe9ee8 Avoid GCC warning on NetBSD/i386
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=14789605a00000
dashboard link: https://syzkaller.appspot.com/bug?extid=8b4ea3978a3da95ddaa2
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8b4ea3...@syzkaller.appspotmail.com
[ 179.4088761] panic: ASan: Unauthorized Access In 0xffffffff811dc6ad: Addr
0xffffa7817bdafd60 [225 bytes, read, Unknown]
[ 179.4199347] cpu1: Begin traceback...
[ 179.4644310] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 179.5979207] snprintf() at netbsd:snprintf
[ 179.7314213] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 179.7314213] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 179.8537705] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 179.8537705] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
sys/kern/subr_asan.c:548
[ 179.9872617] sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf
sys/kern/sys_lwp.c:862
[ 180.1096267] sys___syscall() at netbsd:sys___syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.1096267] sys___syscall() at netbsd:sys___syscall+0xf5
sys/kern/sys_syscall.c:77
[ 180.2431095] syscall() at netbsd:syscall+0x3ac sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.2431095] syscall() at netbsd:syscall+0x3ac sy_invoke
sys/sys/syscallvar.h:94 [inline]
[ 180.2431095] syscall() at netbsd:syscall+0x3ac
sys/arch/x86/x86/syscall.c:138
[ 180.2764824] --- syscall (number 198) ---
[ 180.3209818] 71783fe43b9a:
[ 180.3320970] cpu1: End traceback...
[ 180.3320970] fatal breakpoint trap in supervisor mode
[ 180.3432272] trap type 1 code 0 rip 0xffffffff8021cd1d cs 0x8 rflags
0x246 cr2 0x771a62c04000 ilevel 0 rsp 0xffffa7817bdafbc0
[ 180.3543478] curlwp 0xffffa78013915920 pid 763.2 lowest kstack
0xffffa7817bda82c0
Stopped in pid 763.2 (syz-executor.0) at netbsd:breakpoint+0x5:
leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xf9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
snprintf() at netbsd:snprintf
kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
kasan_report() at netbsd:kasan_report+0x89 sys/kern/subr_asan.c:194
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 kasan_shadow_check
sys/kern/subr_asan.c:421 [inline]
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 sys/kern/subr_asan.c:548
sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf sys/kern/sys_lwp.c:862
sys___syscall() at netbsd:sys___syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0xf5 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x3ac sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x3ac sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x3ac sys/arch/x86/x86/syscall.c:138
--- syscall (number 198) ---
71783fe43b9a:
ds 0
es 1
fs f3e4
gs 597c
rdi ffffa7800d935458
rsi ffffa78013915c08
rbp ffffa7817bdafbc0
rbx ffffa7816d8a0000
rdx 3ffff
rcx ffffa7816f030000
rax ffffa78012fd3488
r8 4
r9 ffffffff82891e63 db_onpanic+0x3
r10 1ffffffff05123cc
r11 10
r12 ffffa7816d8b2000
r13 ffffffff82200b40 ostype+0x49140
r14 ffffa7817bdafc50
r15 ffffa7816d8a0058
rip ffffffff8021cd1d breakpoint+0x5
cs 8
rflags 246
rsp ffffa7817bdafbc0
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
763 > 2 7 1 0 ffffa78013915920 syz-executor.0
763 1 2 0 10000000 ffffa7801397c180 syz-executor.0
782 3 3 0 80 ffffa780138d44a0 syz-executor.2 parked
782 2 2 1 0 ffffa7801398ca20 syz-executor.2
782 1 2 1 10040000 ffffa7801396c580 syz-executor.2
887 3 2 0 100000 ffffa78013940560 syz-executor.5
887 1 3 0 10040004 ffffa7801397c5c0 syz-executor.5 lwpwait
862 3 3 1 40080 ffffa780138d48e0 syz-executor.1 parked
862 2 3 1 80 ffffa78013925940 syz-executor.1 parked
862 1 2 1 40000 ffffa780139250c0 syz-executor.1
297 1 2 0 0 ffffa78013995600 syz-executor.3
601 > 1 7 0 0 ffffa78012a38720 syz-executor.4
45 1 2 1 0 ffffa78013838040 syz-executor.5
522 1 2 0 0 ffffa78012a38b60 syz-executor.2
591 1 2 1 0 ffffa780136f5bc0 syz-executor.1
40 1 2 1 0 ffffa78011fb26a0 syz-executor.0
594 11 3 1 80 ffffa780136f5780 syz-fuzzer parked
594 10 2 1 0 ffffa780136f5340 syz-fuzzer
594 9 3 0 80 ffffa780136c3ba0 syz-fuzzer kqueue
594 8 3 0 80 ffffa780120962a0 syz-fuzzer parked
594 7 3 1 80 ffffa780136c3760 syz-fuzzer parked
594 6 3 0 80 ffffa780136c3320 syz-fuzzer parked
594 5 3 0 80 ffffa78013183b80 syz-fuzzer parked
594 4 3 1 80 ffffa78013183740 syz-fuzzer parked
594 3 3 1 80 ffffa78012a382e0 syz-fuzzer parked
594 2 3 1 80 ffffa78011f8a680 syz-fuzzer parked
594 1 3 1 80 ffffa7801203f6c0 syz-fuzzer parked
604 1 3 1 80 ffffa78011fb2ae0 sshd select
541 1 3 0 80 ffffa78012a23b40 getty nanoslp
550 1 3 1 80 ffffa78011fb2260 getty nanoslp
592 1 3 0 80 ffffa78011f8a240 getty nanoslp
459 1 3 1 80 ffffa78011f59200 getty ttyraw
428 1 3 1 80 ffffa780120966e0 cron nanoslp
420 1 3 0 80 ffffa78013183300 inetd kqueue
483 1 3 1 80 ffffa78012a23700 sshd select
465 1 3 0 80 ffffa78012a232c0 powerd kqueue
287 1 2 0 40000 ffffa78012096b20 makemandb
342 1 3 0 80 ffffa78011f8aac0 syslogd kqueue
295 1 3 1 80 ffffa7801203fb00 dhcpcd kqueue
248 1 3 1 80 ffffa7801203f280 dhcpcd kqueue
1 1 3 1 80 ffffa78011f12a60 init wait
0 58 3 1 204 ffffa78011f59640 physiod physiod
0 57 3 1 204 ffffa78011f5c220 pooldrain pooldrain
0 56 3 0 204 ffffa78011f5caa0 aiodoned aiodoned
0 55 3 0 200 ffffa78011f5c660 ioflush syncer
0 54 3 1 200 ffffa78011f59a80 pgdaemon pgdaemon
0 51 2 1 200 ffffa7800f6ea9c0 npfgc-0
0 50 3 0 204 ffffa78011f12620 rt_free rt_free
0 49 3 0 204 ffffa78011f121e0 unpgc unpgc
0 48 3 1 204 ffffa78011dc6a40 key_timehandler
key_timehandler
0 47 3 1 204 ffffa78011db8160 icmp6_wqinput/1
icmp6_wqinput
0 46 3 0 204 ffffa78011db85a0 icmp6_wqinput/0
icmp6_wqinput
0 45 3 0 204 ffffa78011db89e0 nd6_timer nd6_timer
0 44 3 1 204 ffffa78011db9180 carp6_wqinput/1
carp6_wqinput
0 43 3 0 204 ffffa78011db95c0 carp6_wqinput/0
carp6_wqinput
0 42 3 1 204 ffffa78011db9a00 carp_wqinput/1
carp_wqinput
0 41 3 0 204 ffffa78011dba1a0 carp_wqinput/0
carp_wqinput
0 40 3 1 204 ffffa78011dc6600 icmp_wqinput/1
icmp_wqinput
0 39 3 0 204 ffffa78011dc61c0 icmp_wqinput/0
icmp_wqinput
0 38 2 1 200 ffffa78011dbaa20 rt_timer
0 37 2 1 200 ffffa78011dba5e0 vmem_rehash
0 27 3 0 204 ffffa7800f6ea580 scsibus0 sccomp
0 26 3 0 200 ffffa7800f6ea140 pms0 pmsreset
0 25 3 1 204 ffffa7800f6b39a0 xcall/1 xcall
0 24 1 1 200 ffffa7800f6b3560 softser/1
0 23 1 1 200 ffffa7800f6b3120 softclk/1
0 22 1 1 200 ffffa7800f6b0980 softbio/1
0 21 1 1 200 ffffa7800f6b0540 softnet/1
0 20 1 1 201 ffffa7800f6b0100 idle/1
0 19 3 0 204 ffffa7800de68960 lnxpwrwq lnxpwrwq
0 18 3 0 204 ffffa7800de68520 lnxlngwq lnxlngwq
0 17 3 0 204 ffffa7800de680e0 lnxsyswq lnxsyswq
0 16 3 0 204 ffffa7800de62940 lnxrcugc lnxrcugc
0 15 3 0 204 ffffa7800de62500 sysmon smtaskq
0 14 3 0 204 ffffa7800de620c0 pmfsuspend pmfsuspend
0 13 3 0 204 ffffa7800de58920 pmfevent pmfevent
0 12 3 0 204 ffffa7800de584e0 sopendfree sopendfr
0 11 3 0 204 ffffa7800de580a0 nfssilly nfssilly
0 10 2 1 200 ffffa7800de4e900 cachegc
0 9 3 0 204 ffffa7800de4e4c0 vdrain vdrain
0 8 3 0 200 ffffa7800de4e080 modunload mod_unld
0 7 3 0 204 ffffa7800de3f8e0 xcall/0 xcall
0 6 1 0 200 ffffa7800de3f4a0 softser/0
0 5 1 0 200 ffffa7800de3f060 softclk/0
0 4 1 0 200 ffffa7800de3a8c0 softbio/0
0 3 1 0 200 ffffa7800de3a480 softnet/0
0 2 1 0 201 ffffa7800de3a040 idle/0
0 1 2 1 200 ffffffff82959000 swapper
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor.2):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa780138bd1d0 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa7801398ca20
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa7801398ca20 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b708e0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.1):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffa7801382d600 type : sleep/adaptive
initialized : 0xffffffff810c24b3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa780139250c0
last locked* : 0xffffffff810a735b unlocked : 0xffffffff810a4158
owner field : 0xffffa780139250c0 wait/spin: 0/0
Turnstile chain at 0xffffffff82b70540.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.3):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa780139ab488 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa78013915920 last held: 0xffffa78013995600
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa78013995600 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b70650.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa780136b41b8 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa78013915920 last held: 0xffffa78013995600
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa78013995600 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b708b0.
=> No active turnstile for this lock.
Lock 2 (initialized at genfs_node_init)
lock address : 0xffffa780136adcd0 type : sleep/adaptive
initialized : 0xffffffff8129d400
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa78013995600
last locked* : 0xffffffff80ff50cd unlocked : 000000000000000000
owner/count : 0xffffa78013995600 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b706e0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.4):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa780138bd888 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa78012a38720
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
owner/count : 0xffffa78012a38720 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b70650.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa780139abdf0 type : sleep/adaptive
initialized : 0xffffffff8126e4ab
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa78013915920 last held: 0xffffa78012a38720
last locked* : 0xffffffff8129d280 unlocked : 0xffffffff8129d2b3
[ 180.3543478] Skipping crash dump on recursive panic
[ 180.3543478] panic: ASan: Unauthorized Access In 0xffffffff8114f860: Addr
0xffffa780139abdf0 [8 bytes, read, PoolUseAfterFree]
[ 180.3543478] cpu1: Begin traceback...
[ 180.3543478] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 180.3543478] snprintf() at netbsd:snprintf
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_1byte_isvalid sys/kern/subr_asan.c:302 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_2byte_isvalid sys/kern/subr_asan.c:317 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_4byte_isvalid sys/kern/subr_asan.c:337 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_8byte_isvalid sys/kern/subr_asan.c:357 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
kasan_shadow_check sys/kern/subr_asan.c:410 [inline]
[ 180.3543478] __asan_load8() at netbsd:__asan_load8+0x285
sys/kern/subr_asan.c:599
[ 180.3543478] rw_dump() at netbsd:rw_dump+0x20 sys/kern/kern_rwlock.c:176
[ 180.3543478] lockdebug_dump() at netbsd:lockdebug_dump+0x15f
sys/kern/subr_lockdebug.c:777
[ 180.3543478] lockdebug_show_one() at netbsd:lockdebug_show_one+0xc4
sys/kern/subr_lockdebug.c:855
[ 180.3543478] lockdebug_show_all_locks() at
netbsd:lockdebug_show_all_locks+0x12f lockdebug_show_all_locks_lwp
sys/kern/subr_lockdebug.c:886 [inline]
[ 180.3543478] lockdebug_show_all_locks() at
netbsd:lockdebug_show_all_locks+0x12f sys/kern/subr_lockdebug.c:933
[ 180.3543478] db_command() at netbsd:db_command+0x2d6
sys/ddb/db_command.c:936
[ 180.3543478] db_command_loop() at netbsd:db_command_loop+0x277
db_execute_commandlist sys/ddb/db_command.c:432 [inline]
[ 180.3543478] db_command_loop() at netbsd:db_command_loop+0x277
sys/ddb/db_command.c:582
[ 180.3543478] db_trap() at netbsd:db_trap+0x219 sys/ddb/db_trap.c:94
[ 180.3543478] kdb_trap() at netbsd:kdb_trap+0x1cd
sys/arch/amd64/amd64/db_interface.c:246
[ 180.3543478] trap() at netbsd:trap+0x6c5 sys/arch/amd64/amd64/trap.c:321
[ 180.3543478] --- trap (number 1) ---
[ 180.3543478] breakpoint() at netbsd:breakpoint+0x5
[ 180.3543478] db_panic() at netbsd:db_panic+0xf9 sys/ddb/db_panic.c:67
[ 180.3543478] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 180.3543478] snprintf() at netbsd:snprintf
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 180.3543478] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 180.3543478] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 180.3543478] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
sys/kern/subr_asan.c:548
[ 180.3543478] sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf
sys/kern/sys_lwp.c:862
[ 180.3543478] sys___syscall() at netbsd:sys___syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.3543478] sys___syscall() at netbsd:sys___syscall+0xf5
sys/kern/sys_syscall.c:77
[ 180.3543478] syscall() at netbsd:syscall+0x3ac sy_call
sys/sys/syscallvar.h:65 [inline]
[ 180.3543478] syscall() at netbsd:syscall+0x3ac sy_invoke
sys/sys/syscallvar.h:94 [inline]
[ 180.3543478] syscall() at netbsd:syscall+0x3ac
sys/arch/x86/x86/syscall.c:138
[ 180.3543478] --- syscall (number 198) ---
[ 180.3543478] 71783fe43b9a:
[ 180.3543478] cpu1: End traceback...
[ 180.3543478] fatal breakpoint trap in supervisor mode
[ 180.3543478] trap type 1 code 0 rip 0xffffffff8021cd1d cs 0x8 rflags
0x246 cr2 0x771a62c04000 ilevel 0x8 rsp 0xffffa7817bdaf180
[ 180.3543478] curlwp 0xffffa78013915920 pid 763.2 lowest kstack
0xffffa7817bda82c0
Stopped in pid 763.2 (syz-executor.0) at netbsd:breakpoint+0x5:
leave
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Jul 1, 2019, 11:12:06 AM7/1/19
to syzkaller-...@googlegroups.com
syzbot has found a reproducer for the following crash on:
HEAD commit: f4fe9ee8 Avoid GCC warning on NetBSD/i386
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13852093a00000
dashboard link: https://syzkaller.appspot.com/bug?extid=8b4ea3978a3da95ddaa2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14ab9e0ba00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=172bbca3a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8b4ea3...@syzkaller.appspotmail.com
[ 122.2338135] panic: ASan: Unauthorized Access In 0xffffffff811dc6ad: Addr
0xffffce816ec7bd60 [225 bytes, read, Unknown]
[ 122.2448965] cpu1: Begin traceback...
[ 122.3003577] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 122.4113369] snprintf() at netbsd:snprintf
[ 122.5223280] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 122.5223280] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 122.6444050] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 122.6444050] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
sys/kern/subr_asan.c:548
[ 122.7554251] sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf
sys/kern/sys_lwp.c:862
[ 122.8663776] sys_syscall() at netbsd:sys_syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
[ 122.8663776] sys_syscall() at netbsd:sys_syscall+0xf5
sys/kern/sys_syscall.c:77
[ 122.9773649] syscall() at netbsd:syscall+0x3ac sy_call
sys/sys/syscallvar.h:65 [inline]
[ 122.9773649] syscall() at netbsd:syscall+0x3ac sy_invoke
sys/sys/syscallvar.h:94 [inline]
[ 122.9773649] syscall() at netbsd:syscall+0x3ac
sys/arch/x86/x86/syscall.c:138
[ 123.0106604] --- syscall (number 0) ---
[ 123.0550528] 71f2670e4b5a:
[ 123.0661461] cpu1: End traceback...
[ 123.0661461] fatal breakpoint trap in supervisor mode
[ 123.0661461] trap type 1 code 0 rip 0xffffffff8021cd1d cs 0x8 rflags
0x246 cr2 0x71f267a115c0 ilevel 0 rsp 0xffffce816ec7bbc0
[ 123.0772453] curlwp 0xffffce80129feb40 pid 597.1 lowest kstack
0xffffce816ec742c0
Stopped in pid 597.1 (syz-executor6028) at netbsd:breakpoint+0x5:
[inline]
sys_syscall() at netbsd:sys_syscall+0xf5 sys/kern/sys_syscall.c:77
71f2670e4b5a:
rdi ffffce800d935458
rsi ffffce80129fee28
rbp ffffce816ec7bbc0
rbx ffffce816d8a0000
rdx 2
rcx ffffffff80cd92ab db_panic+0xe5
rax 0
r13 ffffffff82200b40 ostype+0x49140
r14 ffffce816ec7bc50
r15 ffffce816d8a0058
597 > 1 7 1 0 ffffce80129feb40 syz-executor6028
571 1 2 0 0 ffffce8013673340 syz-executor6028
633 1 2 1 0 ffffce8011f71680 syz-executor6028
45 1 3 0 0 ffffce8012047b00 syz-executor6028 tstile
492 1 2 0 0 ffffce8011fb1260 syz-executor6028
41 1 2 1 0 ffffce8011f59200 syz-executor6028
40 1 2 1 40000 ffffce8013132760 syz-executor6028
613 1 2 0 0 ffffce80120476c0 syz-executor6028
534 1 3 0 40080 ffffce8011fb16a0 syz-executor6028 nanoslp
483 1 2 1 0 ffffce80120a56e0 sshd
529 1 3 1 80 ffffce8013108740 getty nanoslp
567 1 3 1 80 ffffce8013108b80 getty nanoslp
590 1 3 0 80 ffffce8013132320 getty nanoslp
427 1 3 1 80 ffffce8011f71240 getty ttyraw
548 1 3 0 80 ffffce8013108300 cron nanoslp
560 1 3 1 80 ffffce8013132ba0 inetd kqueue
490 1 3 0 80 ffffce8011fb1ae0 sshd select
286 1 3 0 80 ffffce8012a21b60 powerd kqueue
431 1 2 0 0 ffffce8012a21720 makemandb
314 1 3 0 80 ffffce80120a52a0 syslogd kqueue
274 1 3 1 80 ffffce80129fe700 dhcpcd kqueue
198 1 3 1 80 ffffce80120a5b20 dhcpcd kqueue
1 1 3 1 80 ffffce8011f11a60 init wait
0 58 3 0 204 ffffce8011f59640 physiod physiod
0 57 3 0 204 ffffce8011f5c220 pooldrain pooldrain
0 56 3 1 204 ffffce8011f5caa0 aiodoned aiodoned
0 55 2 0 200 ffffce8011f5c660 ioflush
0 54 3 0 200 ffffce8011f59a80 pgdaemon pgdaemon
0 51 3 0 200 ffffce800f6ea9c0 npfgc-0 npfgccv
0 50 3 0 204 ffffce8011f11620 rt_free rt_free
0 49 3 0 204 ffffce8011f111e0 unpgc unpgc
0 48 2 1 200 ffffce8011f0aa40 key_timehandler
0 47 3 1 204 ffffce8011f0a600 icmp6_wqinput/1
icmp6_wqinput
0 46 3 0 204 ffffce8011f0a1c0 icmp6_wqinput/0
icmp6_wqinput
0 45 2 1 200 ffffce8011dbaa20 nd6_timer
0 44 3 1 204 ffffce8011db8160 carp6_wqinput/1
carp6_wqinput
0 43 3 0 204 ffffce8011db85a0 carp6_wqinput/0
carp6_wqinput
0 42 3 1 204 ffffce8011db89e0 carp_wqinput/1
carp_wqinput
0 41 3 0 204 ffffce8011db9180 carp_wqinput/0
carp_wqinput
0 40 3 1 204 ffffce8011db95c0 icmp_wqinput/1
icmp_wqinput
0 39 3 0 204 ffffce8011db9a00 icmp_wqinput/0
icmp_wqinput
0 38 2 1 200 ffffce8011dba1a0 rt_timer
0 37 3 0 204 ffffce8011dba5e0 vmem_rehash vmem_rehash
0 27 3 0 204 ffffce800f6ea580 scsibus0 sccomp
0 26 3 0 200 ffffce800f6ea140 pms0 pmsreset
0 25 3 1 204 ffffce800f6b39a0 xcall/1 xcall
0 24 1 1 200 ffffce800f6b3560 softser/1
0 23 1 1 200 ffffce800f6b3120 softclk/1
0 22 1 1 200 ffffce800f6b0980 softbio/1
0 21 1 1 200 ffffce800f6b0540 softnet/1
0 20 1 1 201 ffffce800f6b0100 idle/1
0 19 3 0 204 ffffce800de68960 lnxpwrwq lnxpwrwq
0 18 3 0 204 ffffce800de68520 lnxlngwq lnxlngwq
0 17 3 0 204 ffffce800de680e0 lnxsyswq lnxsyswq
0 16 3 0 204 ffffce800de62940 lnxrcugc lnxrcugc
0 15 3 0 204 ffffce800de62500 sysmon smtaskq
0 14 3 0 204 ffffce800de620c0 pmfsuspend pmfsuspend
0 13 3 0 204 ffffce800de58920 pmfevent pmfevent
0 12 3 0 204 ffffce800de584e0 sopendfree sopendfr
0 11 3 0 204 ffffce800de580a0 nfssilly nfssilly
0 10 3 1 200 ffffce800de4e900 cachegc cachegc
0 9 3 1 204 ffffce800de4e4c0 vdrain vdrain
0 8 3 0 200 ffffce800de4e080 modunload mod_unld
0 7 3 0 204 ffffce800de3f8e0 xcall/0 xcall
0 6 1 0 200 ffffce800de3f4a0 softser/0
0 5 1 0 200 ffffce800de3f060 softclk/0
0 4 1 0 200 ffffce800de3a8c0 softbio/0
0 3 1 0 200 ffffce800de3a480 softnet/0
0 2 1 0 201 ffffce800de3a040 idle/0
0 1 3 0 200 ffffffff82959000 swapper uvm
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor6028):
Turnstile chain at 0xffffffff82b708c0.
=> Turnstile at 0xffffce8011f0e790 (wrq=0xffffce8011f0e7b0,
rdq=0xffffce8011f0e7c0).
=> 0 waiting readers:
=> 1 waiting writers: 0xffffce8012047b00
Locks held by an LWP (syz-executor6028):
Lock 0 (initialized at uvm_map_setup)
lock address : 0xffffce8012a59340 type : sleep/adaptive
initialized : 0xffffffff810b6b6d
last locked* : 0xffffffff810b0b48 unlocked : 0xffffffff810a4196
owner/count : 0xffffce8013673340 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b707c0.
Lock 0 (initialized at uvm_map_setup)
lock address : 0xffffce8011f19910 type : sleep/adaptive
initialized : 0xffffffff810b6b6d
last locked* : 0xffffffff810b0b48 unlocked : 0xffffffff810a4196
owner/count : 0xffffce8011f59200 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b70760.
PAGE FLAG PQ UOBJECT UANON
0xffffce8000014180 0048 0000 0x0 0x0
0xffffce80000141f8 0048 0000 0x0 0x0
0xffffce8000014270 0048 0000 0x0 0x0
0xffffce80000142e8 0048 0000 0x0 0x0
0xffffce8000014360 0048 0000 0x0 0x0
0xffffce80000143d8 0040 0000 0x0 0x0
0xffffce8000014450 0048 0000 0x0 0x0
0xffffce80000144c8 0048 0000 0x0 0x0
0xffffce8000014540 0040 0000 0x0 0x0
0xffffce80000145b8 0040 0000 0x0 0x0
0xffffce8000014630 0040 0000 0x0 0x0
0xffffce80000146a8 0040 0000 0x0 0x0
0xffffce8000014720 0040 0000 0x0 0x0
0xffffce8000014798 0048 0000 0x0 0x0
0xffffce8000014810 0048 0000 0x0 0x0
0xffffce8000014888 0040 0000 0x0 0x0
0xffffce8000014900 0048 0000 0x0 0x0
0xffffce8000014978 0048 0000 0x0 0x0
0xffffce80000149f0 0048 0000 0x0 0x0
0xffffce8000014a68 0048 0000 0x0 0x0
0xffffce8000014ae0 0048 0000 0x0 0x0
0xffffce8000014b58 0048 0000 0x0 0x0
0xffffce8000014bd0 0040 0000 0x0 0x0
0xffffce8000014c48 0048 0000 0x0 0x0
0xffffce8000014cc0 0048 0000 0x0 0x0
0xffffce8000014d38 0048 0000 0x0 0x0
0xffffce8000014db0 0048 0000 0x0 0x0
0xffffce8000014e28 0048 0000 0x0 0x0
0xffffce8000014ea0 0048 0000 0x0 0x0
0xffffce8000014f18 0040 0000 0x0 0x0
0xffffce8000014f90 0048 0000 0x0 0x0
0xffffce8000015008 0048 0000 0x0 0x0
0xffffce8000015080 0048 0000 0x0 0x0
0xffffce80000150f8 0048 0000 0x0 0x0
0xffffce8000015170 0048 0000 0x0 0x0
0xffffce80000151e8 0048 0000 0x0 0x0
0xffffce8000015260 0048 0000 0x0 0x0
0xffffce80000152d8 0048 0000 0x0 0x0
0xffffce8000015350 0048 0000 0x0 0x0
0xffffce80000153c8 0048 0000 0x0 0x0
0xffffce8000015440 0048 0000 0x0 0x0
0xffffce80000154b8 0048 0000 0x0 0x0
0xffffce8000015530 0048 0000 0x0 0x0
0xffffce80000155a8 0048 0000 0x0 0x0
0xffffce8000015620 0048 0000 0x0 0x0
0xffffce8000015698 0048 0000 0x0 0x0
0xffffce8000015710 0048 0000 0x0 0x0
0xffffce8000015788 0048 0000 0x0 0x0
0xffffce8000015800 0048 0000 0x0 0x0
0xffffce8000015878 0048 0000 0x0 0x0
0xffffce80000158f0 0048 0000 0x0 0x0
0xffffce8000015968 0048 0000 0x0 0x0
0xffffce80000159e0 0048 0000 0x0 0x0
0xffffce8000015a58 0048 0000 0x0 0x0
0xffffce8000015ad0 0048 0000 0x0 0x0
0xffffce8000015b48 0048 0000 0x0 0x0
0xffffce8000015bc0 0048 0000 0x0 0x0
0xffffce8000015c38 0048 0000 0x0 0x0
0xffffce8000015cb0 0048 0000 0x0 0x0
0xffffce8000015d28 0041 0000 0x0 0x0
0xffffce8000015da0 0041 0000 0x0 0x0
0xffffce8000015e18 0048 0000 0x0 0x0
0xffffce8000015e90 0048 0000 0x0 0x0
0xffffce8000015f08 0048 0000 0x0 0x0
0xffffce8000015f80 0048 0000 0x0 0x0
0xffffce8000015ff8 0048 0000 0x0 0x0
0xffffce8000016070 0040 0000 0x0 0x0
0xffffce80000160e8 0041 0000 0x0 0x0
0xffffce8000016160 0041 0000 0x0 0x0
0xffffce80000161d8 0048 0000 0x0 0x0
0xffffce8000016250 0048 0000 0x0 0x0
0xffffce80000162c8 0048 0000 0x0 0x0
0xffffce8000016340 0048 0000 0x0 0x0
0xffffce80000163b8 0048 0000 0x0 0x0
0xffffce8000016430 0041 0000 0x0 0x0
0xffffce80000164a8 0048 0000 0x0 0x0
0xffffce8000016520 0048 0000 0x0 0x0
0xffffce8000016598 0041 0000 0x0 0x0
0xffffce8000016610 0040 0000 0x0 0x0
0xffffce8000016688 0048 0000 0x0 0x0
0xffffce8000016700 0040 0000 0x0 0x0
0xffffce8000016778 0040 0000 0x0 0x0
0xffffce80000167f0 0041 0000 0x0 0x0
0xffffce8000016868 0048 0000 0x0 0x0
0xffffce80000168e0 0048 0000 0x0 0x0
0xffffce8000016958 0041 0000 0x0 0x0
0xffffce80000169d0 0041 0000 0x0 0x0
0xffffce8000016a48 0040 0000 0x0 0x0
0xffffce8000016ac0 0041 0000 0x0 0x0
0xffffce8000016b38 0041 0000 0x0 0x0
0xffffce8000016bb0 0048 0000 0x0 0x0
0xffffce8000016c28 0048 0000 0x0 0x0
0xffffce8000016ca0 0048 0000 0x0 0x0
0xffffce8000016d18 0048 0000 0x0 0x0
0xffffce8000016d90 0041 0000 0x0 0x0
0xffffce8000016e08 0041 0000 0x0 0x0
0xffffce8000016e80 0041 0000 0x0 0x0
0xffffce8000016ef8 0041 0000 0x0 0x0
0xffffce8000016f70 0048 0000 0x0 0x0
0xffffce8000016fe8 0048 0000 0x0 0x0
0xffffce8000017060 0048 0000 0x0 0x0
0xffffce80000170d8 0048 0000 0x0 0x0
0xffffce8000017150 0048 0000 0x0 0x0
0xffffce80000171c8 0041 0000 0x0 0x0
0xffffce8000017240 0048 0000 0x0 0x0
0xffffce80000172b8 0048 0000 0x0 0x0
0xffffce8000017330 0048 0000 0x0 0x0
0xffffce80000173a8 0048 0000 0x0 0x0
0xffffce8000017420 0048 0000 0x0 0x0
0xffffce8000017498 0048 0000 0x0 0x0
0xffffce8000017510 0048 0000 0x0 0x0
0xffffce8000017588 0048 0000 0x0 0x0
0xffffce8000017600 0048 0000 0x0 0x0
0xffffce8000017678 0048 0000 0x0 0x0
0xffffce80000176f0 0048 0000 0x0 0x0
0xffffce8000017768 0048 0000 0x0 0x0
0xffffce80000177e0 0048 0000 0x0 0x0
0xffffce8000017858 0048 0000 0x0 0x0
0xffffce80000178d0 0048 0000 0x0 0x0
0xffffce8000017948 0048 0000 0x0 0x0
0xffffce80000179c0 0048 0000 0x0 0x0
0xffffce8000017a38 0048 0000 0x0 0x0
0xffffce8000017ab0 0048 0000 0x0 0x0
0xffffce8000017b28 0048 0000 0x0 0x0
0xffffce8000017ba0 0048 0000 0x0 0x0
0xffffce8000017c18 0048 0000 0x0 0x0
0xffffce8000017c90 0048 0000 0x0 0x0
0xffffce8000017d08 0048 0000 0x0 0x0
0xffffce8000017d80 0048 0000 0x0 0x0
0xffffce8000017df8 0048 0000 0x0 0x0
0xffffce8000017e70 0048 0000 0x0 0x0
0xffffce8000017ee8 0048 0000 0x0 0x0
0xffffce8000017f60 0048 0000 0x0 0x0
0xffffce8000017fd8 0048 0000 0x0 0x0
0xffffce8000018050 0048 0000 0x0 0x0
0xffffce80000180c8 0048 0000 0x0 0x0
0xffffce8000018140 0048 0000 0x0 0x0
0xffffce80000181b8 0048 0000 0x0 0x0
0xffffce8000018230 0048 0000 0x0 0x0
0xffffce80000182a8 0048 0000 0x0 0x0
0xffffce8000018320 0048 0000 0x0 0x0
0xffffce8000018398 0048 0000 0x0 0x0
0xffffce8000018410 0048 0000 0x0 0x0
0xffffce8000018488 0048 0000 0x0 0x0
0xffffce8000018500 0048 0000 0x0 0x0
0xffffce8000018578 0048 0000 0x0 0x0
0xffffce80000185f0 0048 0000 0x0 0x0
0xffffce8000018668 0048 0000 0x0 0x0
0xffffce80000186e0 0048 0000 0x0 0x0
0xffffce8000018758 0048 0000 0x0 0x0
0xffffce80000187d0 0048 0000 0x0 0x0
0xffffce8000018848 0048 0000 0x0 0x0
0xffffce80000188c0 0048 0000 0x0 0x0
0xffffce8000018938 0048 0000 0x0 0x0
0xffffce80000189b0 0048 0000 0x0 0x0
0xffffce8000018a28 0048 0000 0x0 0x0
0xffffce8000018aa0 0048 0000 0x0 0x0
0xffffce8000018b18 0048 0000 0x0 0x0
0xffffce8000018b90 0048 0000 0x0 0x0
0xffffce8000018c08 0048 0000 0x0 0x0
0xffffce8000018c80 0048 0000 0x0 0x0
0xffffce8000018cf8 0048 0000 0x0 0x0
0xffffce8000018d70 0048 0000 0x0 0x0
0xffffce8000018de8 0048 0000 0x0 0x0
0xffffce8000018e60 0048 0000 0x0 0x0
0xffffce8000018ed8 0048 0000 0x0 0x0
0xffffce8000018f50 0048 0000 0x0 0x0
0xffffce8000018fc8 0048 0000 0x0 0x0
0xffffce8000019040 0048 0000 0x0 0x0
0xffffce80000190b8 0048 0000 0x0 0x0
0xffffce8000019130 0048 0000 0x0 0x0
0xffffce80000191a8 0048 0000 0x0 0x0
0xffffce8000019220 0048 0000 0x0 0x0
0xffffce8000019298 0048 0000 0x0 0x0
0xffffce8000019310 0048 0000 0x0 0x0
0xffffce8000019388 0048 0000 0x0 0x0
0xffffce8000019400 0048 0000 0x0 0x0
0xffffce8000019478 0048 0000 0x0 0x0
0xffffce80000194f0 0048 0000 0x0 0x0
0xffffce8000019568 0048 0000 0x0 0x0
0xffffce80000195e0 0048 0000 0x0 0x0
0xffffce8000019658 0048 0000 0x0 0x0
0xffffce80000196d0 0048 0000 0x0 0x0
0xffffce8000019748 0048 0000 0x0 0x0
0xffffce80000197c0 0048 0000 0x0 0x0
0xffffce8000019838 0008 0000 0x0 0x0
0xffffce80000198b0 0008 0000 0x0 0x0
0xffffce8000019928 0008 0000 0x0 0x0
0xffffce80000199a0 0008 0000 0x0 0x0
0xffffce8000019a18 0008 0000 0x0 0x0
0xffffce8000019a90 0008 0000 0x0 0x0
0xffffce8000019b08 0008 0000 0x0 0x0
0xffffce8000019b80 0008 0000 0x0 0x0
0xffffce8000019bf8 0008 0000 0x0 0x0
0xffffce8000019c70 0008 0000 0x0 0x0
0xffffce8000019ce8 0008 0000 0x0 0x0
0xffffce8000019d60 0008 0000 0x0 0x0
0xffffce8000019dd8 0008 0000 0x0 0x0
0xffffce8000019e50 0008 0000 0x0 0x0
0xffffce8000019ec8 0008 0000 0x0 0x0
0xffffce8000019f40 0008 0000 0x0 0x0
0xffffce8000019fb8 0008 0000 0x0 0x0
0xffffce800001a030 0008 0000 0x0 0x0
0xffffce800001a0a8 0008 0000 0x0 0x0
0xffffce800001a120 0008 0000 0x0 0x0
0xffffce800001a198 0008 0000 0x0 0x0
0xffffce800001a210 0008 0000 0x0 0x0
0xffffce800001a288 0008 0000 0x0 0x0
0xffffce800001a300 0008 0000 0x0 0x0
0xffffce800001a378 0008 0000 0x0 0x0
0xffffce800001a3f0 0008 0000 0x0 0x0
0xffffce800001a468 0008 0000 0x0 0x0
0xffffce800001a4e0 0008 0000 0x0 0x0
0xffffce800001a558 0008 0000 0x0 0x0
0xffffce800001a5d0 0008 0000 0x0 0x0
0xffffce800001a648 0008 0000 0x0 0x0
0xffffce800001a6c0 0008 0000 0x0 0x0
0xffffce800001a738 0008 0000 0x0 0x0
0xffffce800001a7b0 0008 0000 0x0 0x0
0xffffce800001a828 0008 0000 0x0 0x0
0xffffce800001a8a0 0008 0000 0x0 0x0
0xffffce800001a918 0008 0000 0x0 0x0
0xffffce800001a990 0008 0000 0x0 0x0
0xffffce800001aa08 0008 0000 0x0 0x0
0xffffce800001aa80 0008 0000 0x0 0x0
0xffffce800001aaf8 0008 0000 0x0 0x0
0xffffce800001ab70 0008 0000 0x0 0x0
0xffffce800001abe8 0008 0000 0x0 0x0
0xffffce800001ac60 0008 0000 0x0 0x0
0xffffce800001acd8 0008 0000 0x0 0x0
0xffffce800001ad50 0008 0000 0x0 0x0
0xffffce800001adc8 0008 0000 0x0 0x0
0xffffce800001ae40 0008 0000 0x0 0x0
0xffffce800001aeb8 0008 0000 0x0 0x0
0xffffce800001af30 0008 0000 0x0 0x0
0xffffce800001afa8 0008 0000 0x0 0x0
0xffffce800001b020 0008 0000 0x0 0x0
0xffffce800001b098 0008 0000 0x0 0x0
0xffffce800001b110 0008 0000 0x0 0x0
0xffffce800001b188 0048 0000 0x0 0x0
0xffffce800001b200 0048 0000 0x0 0x0
0xffffce800001b278 0048 0000 0x0 0x0
0xffffce800001b2f0 0048 0000 0x0 0x0
0xffffce800001b368 0048 0000 0x0 0x0
0xffffce800001b3e0 0048 0000 0x0 0x0
0xffffce800001b458 0048 0000 0x0 0x0
0xffffce800001b4d0 0048 0000 0x0 0x0
0xffffce800001b548 0048 0000 0x0 0x0
0xffffce800001b5c0 0048 0000 0x0 0x0
0xffffce800001b638 0048 0000 0x0 0x0
0xffffce800001b6b0 0048 0000 0x0 0x0
0xffffce800001b728 0048 0000 0x0 0x0
0xffffce800001b7a0 0048 0000 0x0 0x0
0xffffce800001b818 0048 0000 0x0 0x0
0xffffce800001b890 0048 0000 0x0 0x0
0xffffce800001b908 0048 0000 0x0 0x0
0xffffce800001b980 0048 0000 0x0 0x0
0xffffce800001b9f8 0048 0000 0x0 0x0
0xffffce800001ba70 0048 0000 0x0 0x0
0xffffce800001bae8 0048 0000 0x0 0x0
0xffffce800001bb60 0048 0000 0x0 0x0
0xffffce800001bbd8 0048 0000 0x0 0x0
0xffffce800001bc50 0048 0000 0x0 0x0
0xffffce800001bcc8 0048 0000 0x0 0x0
0xffffce800001bd40 0048 0000 0x0 0x0
0xffffce800001bdb8 0048 0000 0x0 0x0
0xffffce800001be30 0048 0000 0x0 0x0
0xffffce800001bea8 0048 0000 0x0 0x0
0xffffce800001bf20 0048 0000 0x0 0x0
0xffffce800001bf98 0048 0000 0x0 0x0
0xffffce800001c010 0048 0000 0x0 0x0
0xffffce800001c088 0048 0000 0x0 0x0
0xffffce800001c100 0048 0000 0x0 0x0
0xffffce800001c178 0048 0000 0x0 0x0
0xffffce800001c1f0 0048 0000 0x0 0x0
0xffffce800001c268 0048 0000 0x0 0x0
0xffffce800001c2e0 0048 0000 0x0 0x0
0xffffce800001c358 0048 0000 0x0 0x0
0xffffce800001c3d0 0048 0000 0x0 0x0
0xffffce800001c448 0048 0000 0x0 0x0
0xffffce800001c4c0 0048 0000 0x0 0x0
0xffffce800001c538 0048 0000 0x0 0x0
0xffffce800001c5b0 0008 0000 0x0 0x0
0xffffce800001c628 0008 0000 0x0 0x0
0xffffce800001c6a0 0008 0000 0x0 0x0
0xffffce800001c718 0008 0000 0x0 0x0
0xffffce800001c790 0008 0000 0x0 0x0
0xffffce800001c808 0008 0000 0x0 0x0
0xffffce800001c880 0008 0000 0x0 0x0
0xffffce800001c8f8 0008 0000 0x0 0x0
0xffffce800001c970 0008 0000 0x0 0x0
0xffffce800001c9e8 0008 0000 0x0 0x0
0xffffce800001ca60 0008 0000 0x0 0x0
0xffffce800001cad8 0008 0000 0x0 0x0
0xffffce800001cb50 0008 0000 0x0 0x0
0xffffce800001cbc8 0008 0000 0x0 0x0
0xffffce800001cc40 0008 0000 0x0 0x0
0xffffce800001ccb8 0008 0000 0x0 0x0
0xffffce800001cd30 0008 0000 0x0 0x0
0xffffce800001cda8 0008 0000 0x0 0x0
0xffffce800001ce20 0008 0000 0x0 0x0
0xffffce800001ce98 0008 0000 0x0 0x0
0xffffce800001cf10 0008 0000 0x0 0x0
0xffffce800001cf88 0008 0000 0x0 0x0
0xffffce800001d000 0008 0000 0x0 0x0
0xffffce800001d078 0008 0000 0x0 0x0
0xffffce800001d0f0 0008 0000 0x0 0x0
0xffffce800001d168 0008 0000 0x0 0x0
0xffffce800001d1e0 0008 0000 0x0 0x0
0xffffce800001d258 0008 0000 0x0 0x0
0xffffce800001d2d0 0008 0000 0x0 0x0
0xffffce800001d348 0008 0000 0x0 0x0
0xffffce800001d3c0 0008 0000 0x0 0x0
0xffffce800001d438 0008 0000 0x0 0x0
0xffffce800001d4b0 0008 0000 0x0 0x0
0xffffce800001d528 0008 0000 0x0 0x0
0xffffce800001d5a0 0008 0000 0x0 0x0
0xffffce800001d618 0008 0000 0x0 0x0
0xffffce800001d690 0008 0000 0x0 0x0
0xffffce800001d708 0008 0000 0x0 0x0
0xffffce800001d780 0008 0000 0x0 0x0
0xffffce800001d7f8 0008 0000 0x0 0x0
0xffffce800001d870 0008 0000 0x0 0x0
0xffffce800001d8e8 0008 0000 0x0 0x0
0xffffce800001d960 0008 0000 0x0 0x0
0xffffce800001d9d8 0008 0000 0x0 0x0
0xffffce800001da50 0008 0000 0x0 0x0
0xffffce800001dac8 0008 0000 0x0 0x0
0xffffce800001db40 0008 0000 0x0 0x0
0xffffce800001dbb8 0008 0000 0x0 0x0
0xffffce800001dc30 0008 0000 0x0 0x0
0xffffce800001dca8 0008 0000 0x0 0x0
0xffffce800001dd20 0008 0000 0x0 0x0
0xffffce800001dd98 0008 0000 0x0 0x0
0xffffce800001de10 0008 0000 0x0 0x0
0xffffce800001de88 0008 0000 0x0 0x0
0xffffce800001df00 0048 0000 0x0 0x0
0xffffce800001df78 0048 0000 0x0 0x0
0xffffce800001dff0 0048 0000 0x0 0x0
0xffffce800001e068 0048 0000 0x0 0x0
0xffffce800001e0e0 0048 0000 0x0 0x0
0xffffce800001e158 0048 0000 0x0 0x0
0xffffce800001e1d0 0048 0000 0x0 0x0
0xffffce800001e248 0048 0000 0x0 0x0
0xffffce800001e2c0 0048 0000 0x0 0x0
0xffffce800001e338 0048 0000 0x0 0x0
0xffffce800001e3b0 0048 0000 0x0 0x0
0xffffce800001e428 0048 0000 0x0 0x0
0xffffce800001e4a0 0048 0000 0x0 0x0
0xffffce800001e518 0048 0000 0x0 0x0
0xffffce800001e590 0048 0000 0x0 0x0
0xffffce800001e608 0048 0000 0x0 0x0
0xffffce800001e680 0048 0000 0x0 0x0
0xffffce800001e6f8 0048 0000 0x0 0x0
0xffffce800001e770 0048 0000 0x0 0x0
0xffffce800001e7e8 0048 0000 0x0 0x0
0xffffce800001e860 0048 0000 0x0 0x0
0xffffce800001e8d8 0048 0000 0x0 0x0
0xffffce800001e950 0048 0000 0x0 0x0
0xffffce800001e9c8 0048 0000 0x0 0x0
0xffffce800001ea40 0048 0000 0x0 0x0
0xffffce800001eab8 0048 0000 0x0 0x0
0xffffce800001eb30 0048 0000 0x0 0x0
0xffffce800001eba8 0048 0000 0x0 0x0
0xffffce800001ec20 0040 0000 0x0 0x0
0xffffce800001ec98 0048 0000 0x0 0x0
0xffffce800001ed10 0048 0000 0x0 0x0
0xffffce800001ed88 0048 0000 0x0 0x0
0xffffce800001ee00 0048 0000 0x0 0x0
0xffffce800001ee78 0048 0000 0x0 0x0
0xffffce800001eef0 0048 0000 0x0 0x0
0xffffce800001ef68 0040 0000 0x0 0x0
0xffffce800001efe0 0040 0000 0x0 0x0
0xffffce800001f058 0048 0000 0x0 0x0
0xffffce800001f0d0 0040 0000 0x0 0x0
0xffffce800001f148 0040 0000 0x0 0x0
0xffffce800001f1c0 0048 0000 0x0 0x0
0xffffce800001f238 0048 0000 0x0 0x0
0xffffce800001f2b0 0048 0000 0x0 0x0
0xffffce800001f328 0008 0000 0x0 0x0
0xffffce800001f3a0 0008 0000 0x0 0x0
0xffffce800001f418 0008 0000 0x0 0x0
0xffffce800001f490 0008 0000 0x0 0x0
0xffffce800001f508 0008 0000 0x0 0x0
0xffffce800001f580 0008 0000 0x0 0x0
0xffffce800001f5f8 0008 0000 0x0 0x0
0xffffce800001f670 0008 0000 0x0 0x0
0xffffce800001f6e8 0008 0000 0x0 0x0
0xffffce800001f760 0008 0000 0x0 0x0
0xffffce800001f7d8 0008 0000 0x0 0x0
0xffffce800001f850 0008 0000 0x0 0x0
0xffffce800001f8c8 0008 0000 0x0 0x0
0xffffce800001f940 0008 0000 0x0 0x0
0xffffce800001f9b8 0008 0000 0x0 0x0
0xffffce800001fa30 0008 0000 0x0 0x0
0xffffce800001faa8 0008 0000 0x0 0x0
0xffffce800001fb20 0008 0000 0x0 0x0
0xffffce800001fb98 0008 0000 0x0 0x0
0xffffce800001fc10 0008 0000 0x0 0x0
0xffffce800001fc88 0008 0000 0x0 0x0
0xffffce800001fd00 0008 0000 0x0 0x0
0xffffce800001fd78 0008 0000 0x0 0x0
0xffffce800001fdf0 0008 0000 0x0 0x0
0xffffce800001fe68 0008 0000 0x0 0x0
0xffffce800001fee0 0008 0000 0x0 0x0
0xffffce800001ff58 0008 0000 0x0 0x0
0xffffce800001ffd0 0008 0000 0x0 0x0
0xffffce8000020048 0008 0000 0x0 0x0
0xffffce80000200c0 0008 0000 0x0 0x0
0xffffce8000020138 0008 0000 0x0 0x0
0xffffce80000201b0 0008 0000 0x0 0x0
0xffffce8000020228 0008 0000 0x0 0x0
0xffffce80000202a0 0008 0000 0x0 0x0
0xffffce8000020318 0008 0000 0x0 0x0
0xffffce8000020390 0008 0000 0x0 0x0
0xffffce8000020408 0008 0000 0x0 0x0
0xffffce8000020480 0008 0000 0x0 0x0
0xffffce80000204f8 0008 0000 0x0 0x0
0xffffce8000020570 0008 0000 0x0 0x0
0xffffce80000205e8 0008 0000 0x0 0x0
0xffffce8000020660 0008 0000 0x0 0x0
0xffffce80000206d8 0008 0000 0x0 0x0
0xffffce8000020750 0008 0000 0x0 0x0
0xffffce80000207c8 0008 0000 0x0 0x0
0xffffce8000020840 0008 0000 0x0 0x0
0xffffce80000208b8 0008 0000 0x0 0x0
0xffffce8000020930 0008 0000 0x0 0x0
0xffffce80000209a8 0008 0000 0x0 0x0
0xffffce8000020a20 0008 0000 0x0 0x0
0xffffce8000020a98 0008 0000 0x0 0x0
0xffffce8000020b10 0008 0000 0x0 0x0
0xffffce8000020b88 0008 0000 0x0 0x0
0xffffce8000020c00 0008 0000 0x0 0x0
0xffffce8000020c78 0040 0000 0x0 0x0
0xffffce8000020cf0 0040 0000 0x0 0x0
0xffffce8000020d68 0040 0000 0x0 0x0
0xffffce8000020de0 0040 0000 0x0 0x0
0xffffce8000020e58 0040 0000 0x0 0x0
0xffffce8000020ed0 0040 0000 0x0 0x0
0xffffce8000020f48 0040 0000 0x0 0x0
0xffffce8000020fc0 0040 0000 0x0 0x0
0xffffce8000021038 0040 0000 0x0 0x0
0xffffce80000210b0 0040 0000 0x0 0x0
0xffffce8000021128 0040 0000 0x0 0x0
0xffffce80000211a0 0040 0000 0x0 0x0
0xffffce8000021218 0040 0000 0x0 0x0
0xffffce8000021290 0040 0000 0x0 0x0
0xffffce8000021308 0040 0000 0x0 0x0
0xffffce8000021380 0040 0000 0x0 0x0
0xffffce80000213f8 0040 0000 0x0 0x0
0xffffce8000021470 0040 0000 0x0 0x0
0xffffce80000214e8 0040 0000 0x0 0x0
0xffffce8000021560 0040 0000 0x0 0x0
0xffffce80000215d8 0040 0000 0x0 0x0
0xffffce8000021650 0040 0000 0x0 0x0
0xffffce80000216c8 0040 0000 0x0 0x0
0xffffce8000021740 0040 0000 0x0 0x0
0xffffce80000217b8 0040 0000 0x0 0x0
0xffffce8000021830 0040 0000 0x0 0x0
0xffffce80000218a8 0040 0000 0x0 0x0
0xffffce8000021920 0040 0000 0x0 0x0
0xffffce8000021998 0040 0000 0x0 0x0
0xffffce8000021a10 0040 0000 0x0 0x0
0xffffce8000021a88 0040 0000 0x0 0x0
0xffffce8000021b00 0040 0000 0x0 0x0
0xffffce8000021b78 0040 0000 0x0 0x0
0xffffce8000021bf0 0040 0000 0x0 0x0
0xffffce8000021c68 0040 0000 0x0 0x0
0xffffce8000021ce0 0040 0000 0x0 0x0
0xffffce8000021d58 0040 0000 0x0 0x0
0xffffce8000021dd0 0040 0000 0x0 0x0
0xffffce8000021e48 0040 0000 0x0 0x0
0xffffce8000021ec0 0040 0000 0x0 0x0
0xffffce8000021f38 0040 0000 0x0 0x0
0xffffce8000021fb0 0040 0000 0x0 0x0
0xffffce8000022028 0040 0000 0x0 0x0
0xffffce80000220a0 0040 0000 0x0 0x0
0xffffce8000022118 0040 0000 0x0 0x0
0xffffce8000022190 0040 0000 0x0 0x0
0xffffce8000022208 0040 0000 0x0 0x0
0xffffce8000022280 0040 0000 0x0 0x0
0xffffce80000222f8 0040 0000 0x0 0x0
0xffffce8000022370 0040 0000 0x0 0x0
0xffffce80000223e8 0040 0000 0x0 0x0
0xffffce8000022460 0048 0000 0x0 0x0
0xffffce80000224d8 0040 0000 0x0 0x0
0xffffce8000022550 0040 0000 0x0 0x0
0xffffce80000225c8 0040 0000 0x0 0x0
0xffffce8000022640 0040 0000 0x0 0x0
0xffffce80000226b8 0040 0000 0x0 0x0
0xffffce8000022730 0040 0000 0x0 0x0
0xffffce80000227a8 0048 0000 0x0 0x0
0xffffce8000022820 0048 0000 0x0 0x0
0xffffce8000022898 0040 0000 0x0 0x0
0xffffce8000022910 0040 0000 0x0 0x0
0xffffce8000022988 0048 0000 0x0 0x0
0xffffce8000022a00 0040 0000 0x0 0x0
0xffffce8000022a78 0048 0000 0x0 0x0
0xffffce8000022af0 0048 0000 0x0 0x0
0xffffce8000022b68 0048 0000 0x0 0x0
0xffffce8000022be0 0048 0000 0x0 0x0
0xffffce8000022c58 0048 0000 0x0 0x0
0xffffce8000022cd0 0048 0000 0x0 0x0
0xffffce8000022d48 0048 0000 0x0 0x0
0xffffce8000022dc0 0048 0000 0x0 0x0
0xffffce8000022e38 0048 0000 0x0 0x0
0xffffce8000022eb0 0048 0000 0x0 0x0
0xffffce8000022f28 0048 0000 0x0 0x0
0xffffce8000022fa0 0048 0000 0x0 0x0
0xffffce8000023018 0048 0000 0x0 0x0
0xffffce8000023090 0048 0000 0x0 0x0
0xffffce8000023108 0048 0000 0x0 0x0
0xffffce8000023180 0048 0000 0x0 0x0
0xffffce80000231f8 0048 0000 0x0 0x0
0xffffce8000023270 0048 0000 0x0 0x0
0xffffce80000232e8 0048 0000 0x0 0x0
0xffffce8000023360 0048 0000 0x0 0x0
0xffffce80000233d8 0048 0000 0x0 0x0
0xffffce8000023450 0048 0000 0x0 0x0
0xffffce80000234c8 0048 0000 0x0 0x0
0xffffce8000023540 0048 0000 0x0 0x0
0xffffce80000235b8 0048 0000 0x0 0x0
0xffffce8000023630 0048 0000 0x0 0x0
0xffffce80000236a8 0048 0000 0x0 0x0
0xffffce8000023720 0048 0000 0x0 0x0
0xffffce8000023798 0048 0000 0x0 0x0
0xffffce8000023810 0048 0000 0x0 0x0
0xffffce8000023888 0048 0000 0x0 0x0
0xffffce8000023900 0048 0000 0x0 0x0
0xffffce8000023978 0048 0000 0x0 0x0
0xffffce80000239f0 0048 0000 0x0 0x0
0xffffce8000023a68 0048 0000 0x0 0x0
0xffffce8000023ae0 0048 0000 0x0 0x0
0xffffce8000023b58 0048 0000 0x0 0x0
0xffffce8000023bd0 0048 0000 0x0 0x0
0xffffce8000023c48 0048 0000 0x0 0x0
0xffffce8000023cc0 0048 0000 0x0 0x0
0xffffce8000023d38 0048 0000 0x0 0x0
0xffffce8000023db0 0048 0000 0x0 0x0
0xffffce8000023e28 0048 0000 0x0 0x0
0xffffce8000023ea0 0048 0000 0x0 0x0
0xffffce8000023f18 0048 0000 0x0 0x0
0xffffce8000023f90 0048 0000 0x0 0x0
0xffffce8000024008 0048 0000 0x0 0x0
0xffffce8000024080 0048 0000 0x0 0x0
0xffffce80000240f8 0048 0000 0x0 0x0
0xffffce8000024170 0048 0000 0x0 0x0
0xffffce80000241e8 0048 0000 0x0 0x0
0xffffce8000024260 0048 0000 0x0 0x0
0xffffce80000242d8 0048 0000 0x0 0x0
0xffffce8000024350 0048 0000 0x0 0x0
0xffffce80000243c8 0008 0000 0x0 0x0
0xffffce8000024440 0008 0000 0x0 0x0
0xffffce80000244b8 0008 0000 0x0 0x0
0xffffce8000024530 0008 0000 0x0 0x0
0xffffce80000245a8 0008 0000 0x0 0x0
0xffffce8000024620 0008 0000 0x0 0x0
0xffffce8000024698 0008 0000 0x0 0x0
0xffffce8000024710 0008 0000 0x0 0x0
0xffffce8000024788 0008 0000 0x0 0x0
0xffffce8000024800 0008 0000 0x0 0x0
0xffffce8000024878 0008 0000 0x0 0x0
0xffffce80000248f0 0008 0000 0x0 0x0
0xffffce8000024968 0008 0000 0x0 0x0
0xffffce80000249e0 0008 0000 0x0 0x0
0xffffce8000024a58 0008 0000 0x0 0x0
0xffffce8000024ad0 0008 0000 0x0 0x0
0xffffce8000024b48 0008 0000 0x0 0x0
0xffffce8000024bc0 0008 0000 0x0 0x0
0xffffce8000024c38 0008 0000 0x0 0x0
0xffffce8000024cb0 0008 0000 0x0 0x0
0xffffce8000024d28 0008 0000 0x0 0x0
0xffffce8000024da0 0008 0000 0x0 0x0
0xffffce8000024e18 0008 0000 0x0 0x0
0xffffce8000024e90 0008 0000 0x0 0x0
0xffffce8000024f08 0008 0000 0x0 0x0
0xffffce8000024f80 0008 0000 0x0 0x0
0xffffce8000024ff8 0008 0000 0x0 0x0
0xffffce8000025070 0008 0000 0x0 0x0
0xffffce80000250e8 0008 0000 0x0 0x0
0xffffce8000025160 0008 0000 0x0 0x0
0xffffce80000251d8 0008 0000 0x0 0x0
0xffffce8000025250 0008 0000 0x0 0x0
0xffffce80000252c8 0008 0000 0x0 0x0
0xffffce8000025340 0008 0000 0x0 0x0
0xffffce80000253b8 0008 0000 0x0 0x0
0xffffce8000025430 0008 0000 0x0 0x0
0xffffce80000254a8 0008 0000 0x0 0x0
0xffffce8000025520 0008 0000 0x0 0x0
0xffffce8000025598 0008 0000 0x0 0x0
0xffffce8000025610 0008 0000 0x0 0x0
0xffffce8000025688 0008 0000 0x0 0x0
0xffffce8000025700 0008 0000 0x0 0x0
0xffffce8000025778 0008 0000 0x0 0x0
0xffffce80000257f0 0008 0000 0x0 0x0
0xffffce8000025868 0008 0000 0x0 0x0
0xffffce80000258e0 0008 0000 0x0 0x0
0xffffce8000025958 0008 0000 0x0 0x0
0xffffce80000259d0 0008 0000 0x0 0x0
0xffffce8000025a48 0008 0000 0x0 0x0
0xffffce8000025ac0 0008 0000 0x0 0x0
0xffffce8000025b38 0008 0000 0x0 0x0
0xffffce8000025bb0 0008 0000 0x0 0x0
0xffffce8000025c28 0008 0000 0x0 0x0
0xffffce8000025ca0 0008 0000 0x0 0x0
0xffffce8000025d18 0008 0000 0x0 0x0
0xffffce8000025d90 0008 0000 0x0 0x0
0xffffce8000025e08 0008 0000 0x0 0x0
0xffffce8000025e80 0008 0000 0x0 0x0
0xffffce8000025ef8 0008 0000 0x0 0x0
0xffffce8000025f70 0008 0000 0x0 0x0
0xffffce8000025fe8 0008 0000 0x0 0x0
0xffffce8000026060 0008 0000 0x0 0x0
0xffffce80000260d8 0008 0000 0x0 0x0
0xffffce8000026150 0008 0000 0x0 0x0
0xffffce80000261c8 0008 0000 0x0 0x0
0xffffce8000026240 0008 0000 0x0 0x0
0xffffce80000262b8 0008 0000 0x0 0x0
0xffffce8000026330 0008 0000 0x0 0x0
0xffffce80000263a8 0008 0000 0x0 0x0
0xffffce8000026420 0008 0000 0x0 0x0
0xffffce8000026498 0008 0000 0x0 0x0
0xffffce8000026510 0008 0000 0x0 0x0
0xffffce8000026588 0008 0000 0x0 0x0
0xffffce8000026600 0008 0000 0x0 0x0
0xffffce8000026678 0008 0000 0x0 0x0
0xffffce80000266f0 0008 0000 0x0 0x0
0xffffce8000026768 0008 0000 0x0 0x0
0xffffce80000267e0 0008 0000 0x0 0x0
0xffffce8000026858 0008 0000 0x0 0x0
0xffffce80000268d0 0008 0000 0x0 0x0
0xffffce8000026948 0008 0000 0x0 0x0
0xffffce80000269c0 0008 0000 0x0 0x0
0xffffce8000026a38 0008 0000 0x0 0x0
0xffffce8000026ab0 0008 0000 0x0 0x0
0xffffce8000026b28 0008 0000 0x0 0x0
0xffffce8000026ba0 0008 0000 0x0 0x0
0xffffce8000026c18 0008 0000 0x0 0x0
0xffffce8000026c90 0008 0000 0x0 0x0
0xffffce8000026d08 0008 0000 0x0 0x0
0xffffce8000026d80 0008 0000 0x0 0x0
0xffffce8000026df8 0008 0000 0x0 0x0
0xffffce8000026e70 0008 0000 0x0 0x0
0xffffce8000026ee8 0008 0000 0x0 0x0
0xffffce8000026f60 0008 0000 0x0 0x0
0xffffce8000026fd8 0008 0000 0x0 0x0
0xffffce8000027050 0008 0000 0x0 0x0
0xffffce80000270c8 0008 0000 0x0 0x0
0xffffce8000027140 0008 0000 0x0 0x0
0xffffce80000271b8 0008 0000 0x0 0x0
0xffffce8000027230 0008 0000 0x0 0x0
0xffffce80000272a8 0008 0000 0x0 0x0
0xffffce8000027320 0008 0000 0x0 0x0
0xffffce8000027398 0008 0000 0x0 0x0
0xffffce8000027410 0008 0000 0x0 0x0
0xffffce8000027488 0008 0000 0x0 0x0
0xffffce8000027500 0008 0000 0x0 0x0
0xffffce8000027578 0008 0000 0x0 0x0
0xffffce80000275f0 0008 0000 0x0 0x0
0xffffce8000027668 0008 0000 0x0 0x0
0xffffce80000276e0 0008 0000 0x0 0x0
0xffffce8000027758 0008 0000 0x0 0x0
0xffffce80000277d0 0008 0000 0x0 0x0
0xffffce8000027848 0008 0000 0x0 0x0
0xffffce80000278c0 0008 0000 0x0 0x0
0xffffce8000027938 0008 0000 0x0 0x0
0xffffce80000279b0 0008 0000 0x0 0x0
0xffffce8000027a28 0008 0000 0x0 0x0
0xffffce8000027aa0 0008 0000 0x0 0x0
0xffffce8000027b18 0008 0000 0x0 0x0
0xffffce8000027b90 0008 0000 0x0 0x0
0xffffce8000027c08 0008 0000 0x0 0x0
0xffffce8000027c80 0008 0000 0x0 0x0
0xffffce8000027cf8 0008 0000 0x0 0x0
0xffffce8000027d70 0008 0000 0x0 0x0
0xffffce8000027de8 0008 0000 0x0 0x0
0xffffce8000027e60 0008 0000 0x0 0x0
0xffffce8000027ed8 0008 0000 0x0 0x0
0xffffce8000027f50 0008 0000 0x0 0x0
0xffffce8000027fc8 0008 0000 0x0 0x0
0xffffce8000028040 0008 0000 0x0 0x0
0xffffce80000280b8 0008 0000 0x0 0x0
0xffffce8000028130 0008 0000 0x0 0x0
0xffffce80000281a8 0008 0000 0x0 0x0
0xffffce8000028220 0008 0000 0x0 0x0
0xffffce8000028298 0008 0000 0x0 0x0
0xffffce8000028310 0008 0000 0x0 0x0
0xffffce8000028388 0008 0000 0x0 0x0
0xffffce8000028400 0008 0000 0x0 0x0
0xffffce8000028478 0008 0000 0x0 0x0
0xffffce80000284f0 0008 0000 0x0 0x0
0xffffce8000028568 0008 0000 0x0 0x0
0xffffce80000285e0 0008 0000 0x0 0x0
0xffffce8000028658 0008 0000 0x0 0x0
0xffffce80000286d0 0008 0000 0x0 0x0
0xffffce8000028748 0008 0000 0x0 0x0
0xffffce80000287c0 0008 0000 0x0 0x0
0xffffce8000028838 0008 0000 0x0 0x0
0xffffce80000288b0 0008 0000 0x0 0x0
0xffffce8000028928 0008 0000 0x0 0x0
0xffffce80000289a0 0008 0000 0x0 0x0
0xffffce8000028a18 0008 0000 0x0 0x0
0xffffce8000028a90 0008 0000 0x0 0x0
0xffffce8000028b08 0008 0000 0x0 0x0
0xffffce8000028b80 0008 0000 0x0 0x0
0xffffce8000028bf8 0008 0000 0x0 0x0
0xffffce8000028c70 0008 0000 0x0 0x0
0xffffce8000028ce8 0008 0000 0x0 0x0
0xffffce8000028d60 0008 0000 0x0 0x0
0xffffce8000028dd8 0008 0000 0x0 0x0
0xffffce8000028e50 0008 0000 0x0 0x0
0xffffce8000028ec8 0008 0000 0x0 0x0
0xffffce8000028f40 0008 0000 0x0 0x0
0xffffce8000028fb8 0008 0000 0x0 0x0
0xffffce8000029030 0008 0000 0x0 0x0
0xffffce80000290a8 0008 0000 0x0 0x0
0xffffce8000029120 0008 0000 0x0 0x0
0xffffce8000029198 0008 0000 0x0 0x0
0xffffce8000029210 0008 0000 0x0 0x0
0xffffce8000029288 0008 0000 0x0 0x0
0xffffce8000029300 0008 0000 0x0 0x0
0xffffce8000029378 0008 0000 0x0 0x0
0xffffce80000293f0 0008 0000 0x0 0x0
0xffffce8000029468 0008 0000 0x0 0x0
0xffffce80000294e0 0008 0000 0x0 0x0
0xffffce8000029558 0008 0000 0x0 0x0
0xffffce80000295d0 0008 0000 0x0 0x0
0xffffce8000029648 0008 0000 0x0 0x0
0xffffce80000296c0 0008 0000 0x0 0x0
0xffffce8000029738 0008 0000 0x0 0x0
0xffffce80000297b0 0008 0000 0x0 0x0
0xffffce8000029828 0008 0000 0x0 0x0
0xffffce80000298a0 0008 0000 0x0 0x0
0xffffce8000029918 0008 0000 0x0 0x0
0xffffce8000029990 0008 0000 0x0 0x0
0xffffce8000029a08 0008 0000 0x0 0x0
0xffffce8000029a80 0008 0000 0x0 0x0
0xffffce8000029af8 0008 0000 0x0 0x0
0xffffce8000029b70 0008 0000 0x0 0x0
0xffffce8000029be8 0008 0000 0x0 0x0
0xffffce8000029c60 0008 0000 0x0 0x0
0xffffce8000029cd8 0008 0000 0x0 0x0
0xffffce8000029d50 0008 0000 0x0 0x0
0xffffce8000029dc8 0008 0000 0x0 0x0
0xffffce8000029e40 0008 0000 0x0 0x0
0xffffce8000029eb8 0008 0000 0x0 0x0
0xffffce8000029f30 0008 0000 0x0 0x0
0xffffce8000029fa8 0008 0000 0x0 0x0
0xffffce800002a020 0008 0000 0x0 0x0
0xffffce800002a098 0008 0000 0x0 0x0
0xffffce800002a110 0008 0000 0x0 0x0
0xffffce800002a188 0008 0000 0x0 0x0
0xffffce800002a200 0008 0000 0x0 0x0
0xffffce800002a278 0008 0000 0x0 0x0
0xffffce800002a2f0 0008 0000 0x0 0x0
0xffffce800002a368 0008 0000 0x0 0x0
0xffffce800002a3e0 0008 0000 0x0 0x0
0xffffce800002a458 0008 0000 0x0 0x0
0xffffce800002a4d0 0008 0000 0x0 0x0
0xffffce800002a548 0008 0000 0x0 0x0
0xffffce800002a5c0 0008 0000 0x0 0x0
0xffffce800002a638 0008 0000 0x0 0x0
0xffffce800002a6b0 0008 0000 0x0 0x0
0xffffce800002a728 0008 0000 0x0 0x0
0xffffce800002a7a0 0008 0000 0x0 0x0
0xffffce800002a818 0008 0000 0x0 0x0
0xffffce800002a890 0008 0000 0x0 0x0
0xffffce800002a908 0008 0000 0x0 0x0
0xffffce800002a980 0008 0000 0x0 0x0
0xffffce800002a9f8 0008 0000 0x0 0x0
0xffffce800002aa70 0008 0000 0x0 0x0
0xffffce800002aae8 0008 0000 0x0 0x0
0xffffce800002ab60 0008 0000 0x0 0x0
0xffffce800002abd8 0008 0000 0x0 0x0
0xffffce800002ac50 0008 0000 0x0 0x0
0xffffce800002acc8 0008 0000 0x0 0x0
0xffffce800002ad40 0008 0000 0x0 0x0
0xffffce800002adb8 0008 0000 0x0 0x0
0xffffce800002ae30 0008 0000 0x0 0x0
0xffffce800002aea8 0008 0000 0x0 0x0
0xffffce800002af20 0008 0000 0x0 0x0
0xffffce800002af98 0008 0000 0x0 0x0
0xffffce800002b010 0008 0000 0x0 0x0
0xffffce800002b088 0008 0000 0x0 0x0
0xffffce800002b100 0008 0000 0x0 0x0
0xffffce800002b178 0008 0000 0x0 0x0
0xffffce800002b1f0 0008 0000 0x0 0x0
0xffffce800002b268 0008 0000 0x0 0x0
0xffffce800002b2e0 0008 0000 0x0 0x0
0xffffce800002b358 0008 0000 0x0 0x0
0xffffce800002b3d0 0008 0000 0x0 0x0
0xffffce800002b448 0008 0000 0x0 0x0
0xffffce800002b4c0 0008 0000 0x0 0x0
0xffffce800002b538 0008 0000 0x0 0x0
0xffffce800002b5b0 0008 0000 0x0 0x0
0xffffce800002b628 0008 0000 0x0 0x0
0xffffce800002b6a0 0008 0000 0x0 0x0
0xffffce800002b718 0008 0000 0x0 0x0
0xffffce800002b790 0008 0000 0x0 0x0
0xffffce800002b808 0008 0000 0x0 0x0
0xffffce800002b880 0008 0000 0x0 0x0
0xffffce800002b8f8 0008 0000 0x0 0x0
0xffffce800002b970 0008 0000 0x0 0x0
0xffffce800002b9e8 0008 0000 0x0 0x0
0xffffce800002ba60 0008 0000 0x0 0x0
0xffffce800002bad8 0008 0000 0x0 0x0
0xffffce800002bb50 0008 0000 0x0 0x0
0xffffce800002bbc8 0008 0000 0x0 0x0
0xffffce800002bc40 0008 0000 0x0 0x0
0xffffce800002bcb8 0008 0000 0x0 0x0
0xffffce800002bd30 0008 0000 0x0 0x0
0xffffce800002bda8 0008 0000 0x0 0x0
0xffffce800002be20 0008 0000 0x0 0x0
0xffffce800002be98 0008 0000 0x0 0x0
0xffffce800002bf10 0008 0000 0x0 0x0
0xffffce800002bf88 0008 0000 0x0 0x0
0xffffce800002c000 0008 0000 0x0 0x0
0xffffce800002c078 0008 0000 0x0 0x0
0xffffce800002c0f0 0008 0000 0x0 0x0
0xffffce800002c168 0008 0000 0x0 0x0
0xffffce800002c1e0 0008 0
HEAD commit: f4fe9ee8 Avoid GCC warning on NetBSD/i386
git tree: netbsd
dashboard link: https://syzkaller.appspot.com/bug?extid=8b4ea3978a3da95ddaa2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14ab9e0ba00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=172bbca3a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8b4ea3...@syzkaller.appspotmail.com
0xffffce816ec7bd60 [225 bytes, read, Unknown]
[ 122.2448965] cpu1: Begin traceback...
[ 122.3003577] vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
[ 122.4113369] snprintf() at netbsd:snprintf
[ 122.5223280] kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
[ 122.5223280] kasan_report() at netbsd:kasan_report+0x89
sys/kern/subr_asan.c:194
[ 122.6444050] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 122.6444050] kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73
sys/kern/subr_asan.c:548
[ 122.7554251] sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf
sys/kern/sys_lwp.c:862
[ 122.8663776] sys_syscall() at netbsd:sys_syscall+0xf5 sy_call
sys/sys/syscallvar.h:65 [inline]
[ 122.8663776] sys_syscall() at netbsd:sys_syscall+0xf5
sys/kern/sys_syscall.c:77
[ 122.9773649] syscall() at netbsd:syscall+0x3ac sy_call
sys/sys/syscallvar.h:65 [inline]
[ 122.9773649] syscall() at netbsd:syscall+0x3ac sy_invoke
sys/sys/syscallvar.h:94 [inline]
[ 122.9773649] syscall() at netbsd:syscall+0x3ac
sys/arch/x86/x86/syscall.c:138
[ 123.0106604] --- syscall (number 0) ---
[ 123.0550528] 71f2670e4b5a:
[ 123.0661461] cpu1: End traceback...
[ 123.0661461] fatal breakpoint trap in supervisor mode
[ 123.0661461] trap type 1 code 0 rip 0xffffffff8021cd1d cs 0x8 rflags
0x246 cr2 0x71f267a115c0 ilevel 0 rsp 0xffffce816ec7bbc0
[ 123.0772453] curlwp 0xffffce80129feb40 pid 597.1 lowest kstack
0xffffce816ec742c0
Stopped in pid 597.1 (syz-executor6028) at netbsd:breakpoint+0x5:
leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xf9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
snprintf() at netbsd:snprintf
kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
kasan_report() at netbsd:kasan_report+0x89 sys/kern/subr_asan.c:194
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 kasan_shadow_check
sys/kern/subr_asan.c:421 [inline]
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 sys/kern/subr_asan.c:548
sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf sys/kern/sys_lwp.c:862
sys_syscall() at netbsd:sys_syscall+0xf5 sy_call sys/sys/syscallvar.h:65
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xf9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x267 sys/kern/subr_prf.c:336
snprintf() at netbsd:snprintf
kasan_report() at netbsd:kasan_report+0x89 kasan_code_name
sys/kern/subr_asan.c:178 [inline]
kasan_report() at netbsd:kasan_report+0x89 sys/kern/subr_asan.c:194
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 kasan_shadow_check
sys/kern/subr_asan.c:421 [inline]
kasan_copyoutstr() at netbsd:kasan_copyoutstr+0x73 sys/kern/subr_asan.c:548
sys__lwp_getname() at netbsd:sys__lwp_getname+0x1cf sys/kern/sys_lwp.c:862
[inline]
sys_syscall() at netbsd:sys_syscall+0xf5 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x3ac sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x3ac sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x3ac sys/arch/x86/x86/syscall.c:138
--- syscall (number 0) ---
syscall() at netbsd:syscall+0x3ac sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x3ac sys/arch/x86/x86/syscall.c:138
71f2670e4b5a:
ds 0
es 1
fs f3e4
gs 2e8
es 1
fs f3e4
rdi ffffce800d935458
rsi ffffce80129fee28
rbp ffffce816ec7bbc0
rbx ffffce816d8a0000
rdx 2
rcx ffffffff80cd92ab db_panic+0xe5
rax 0
r8 4
r9 ffffffff82891e63 db_onpanic+0x3
r10 1ffffffff05123cc
r11 10
r12 ffffce816d8b2000
r9 ffffffff82891e63 db_onpanic+0x3
r10 1ffffffff05123cc
r11 10
r13 ffffffff82200b40 ostype+0x49140
r14 ffffce816ec7bc50
r15 ffffce816d8a0058
rip ffffffff8021cd1d breakpoint+0x5
cs 8
rflags 246
rsp ffffce816ec7bbc0
cs 8
rflags 246
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
604 > 1 7 0 0 ffffce8013673780 syz-executor6028
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
597 > 1 7 1 0 ffffce80129feb40 syz-executor6028
571 1 2 0 0 ffffce8013673340 syz-executor6028
633 1 2 1 0 ffffce8011f71680 syz-executor6028
45 1 3 0 0 ffffce8012047b00 syz-executor6028 tstile
492 1 2 0 0 ffffce8011fb1260 syz-executor6028
41 1 2 1 0 ffffce8011f59200 syz-executor6028
40 1 2 1 40000 ffffce8013132760 syz-executor6028
613 1 2 0 0 ffffce80120476c0 syz-executor6028
534 1 3 0 40080 ffffce8011fb16a0 syz-executor6028 nanoslp
483 1 2 1 0 ffffce80120a56e0 sshd
529 1 3 1 80 ffffce8013108740 getty nanoslp
567 1 3 1 80 ffffce8013108b80 getty nanoslp
590 1 3 0 80 ffffce8013132320 getty nanoslp
427 1 3 1 80 ffffce8011f71240 getty ttyraw
548 1 3 0 80 ffffce8013108300 cron nanoslp
560 1 3 1 80 ffffce8013132ba0 inetd kqueue
490 1 3 0 80 ffffce8011fb1ae0 sshd select
286 1 3 0 80 ffffce8012a21b60 powerd kqueue
431 1 2 0 0 ffffce8012a21720 makemandb
314 1 3 0 80 ffffce80120a52a0 syslogd kqueue
274 1 3 1 80 ffffce80129fe700 dhcpcd kqueue
198 1 3 1 80 ffffce80120a5b20 dhcpcd kqueue
1 1 3 1 80 ffffce8011f11a60 init wait
0 58 3 0 204 ffffce8011f59640 physiod physiod
0 57 3 0 204 ffffce8011f5c220 pooldrain pooldrain
0 56 3 1 204 ffffce8011f5caa0 aiodoned aiodoned
0 55 2 0 200 ffffce8011f5c660 ioflush
0 54 3 0 200 ffffce8011f59a80 pgdaemon pgdaemon
0 51 3 0 200 ffffce800f6ea9c0 npfgc-0 npfgccv
0 50 3 0 204 ffffce8011f11620 rt_free rt_free
0 49 3 0 204 ffffce8011f111e0 unpgc unpgc
0 48 2 1 200 ffffce8011f0aa40 key_timehandler
0 47 3 1 204 ffffce8011f0a600 icmp6_wqinput/1
icmp6_wqinput
0 46 3 0 204 ffffce8011f0a1c0 icmp6_wqinput/0
icmp6_wqinput
0 45 2 1 200 ffffce8011dbaa20 nd6_timer
0 44 3 1 204 ffffce8011db8160 carp6_wqinput/1
carp6_wqinput
0 43 3 0 204 ffffce8011db85a0 carp6_wqinput/0
carp6_wqinput
0 42 3 1 204 ffffce8011db89e0 carp_wqinput/1
carp_wqinput
0 41 3 0 204 ffffce8011db9180 carp_wqinput/0
carp_wqinput
0 40 3 1 204 ffffce8011db95c0 icmp_wqinput/1
icmp_wqinput
0 39 3 0 204 ffffce8011db9a00 icmp_wqinput/0
icmp_wqinput
0 38 2 1 200 ffffce8011dba1a0 rt_timer
0 37 3 0 204 ffffce8011dba5e0 vmem_rehash vmem_rehash
0 27 3 0 204 ffffce800f6ea580 scsibus0 sccomp
0 26 3 0 200 ffffce800f6ea140 pms0 pmsreset
0 25 3 1 204 ffffce800f6b39a0 xcall/1 xcall
0 24 1 1 200 ffffce800f6b3560 softser/1
0 23 1 1 200 ffffce800f6b3120 softclk/1
0 22 1 1 200 ffffce800f6b0980 softbio/1
0 21 1 1 200 ffffce800f6b0540 softnet/1
0 20 1 1 201 ffffce800f6b0100 idle/1
0 19 3 0 204 ffffce800de68960 lnxpwrwq lnxpwrwq
0 18 3 0 204 ffffce800de68520 lnxlngwq lnxlngwq
0 17 3 0 204 ffffce800de680e0 lnxsyswq lnxsyswq
0 16 3 0 204 ffffce800de62940 lnxrcugc lnxrcugc
0 15 3 0 204 ffffce800de62500 sysmon smtaskq
0 14 3 0 204 ffffce800de620c0 pmfsuspend pmfsuspend
0 13 3 0 204 ffffce800de58920 pmfevent pmfevent
0 12 3 0 204 ffffce800de584e0 sopendfree sopendfr
0 11 3 0 204 ffffce800de580a0 nfssilly nfssilly
0 10 3 1 200 ffffce800de4e900 cachegc cachegc
0 9 3 1 204 ffffce800de4e4c0 vdrain vdrain
0 8 3 0 200 ffffce800de4e080 modunload mod_unld
0 7 3 0 204 ffffce800de3f8e0 xcall/0 xcall
0 6 1 0 200 ffffce800de3f4a0 softser/0
0 5 1 0 200 ffffce800de3f060 softclk/0
0 4 1 0 200 ffffce800de3a8c0 softbio/0
0 3 1 0 200 ffffce800de3a480 softnet/0
0 2 1 0 201 ffffce800de3a040 idle/0
0 1 3 0 200 ffffffff82959000 swapper uvm
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor6028):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffce800de36fc0 type : sleep/adaptive
initialized : 0xffffffff810c24b3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 2
shared holds : 0 exclusive: 1
current cpu : 1 last held: 0
current lwp : 0xffffce80129feb40 last held: 0xffffce8013673780
last locked* : 0xffffffff810a735b unlocked : 0xffffffff810a4158
owner field : 000000000000000000 wait/spin: 0/0
Turnstile chain at 0xffffffff82b708c0.
=> Turnstile at 0xffffce8011f0e790 (wrq=0xffffce8011f0e7b0,
rdq=0xffffce8011f0e7c0).
=> 0 waiting readers:
=> 1 waiting writers: 0xffffce8012047b00
Locks held by an LWP (syz-executor6028):
Lock 0 (initialized at uvm_map_setup)
lock address : 0xffffce8012a59340 type : sleep/adaptive
initialized : 0xffffffff810b6b6d
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffce80129feb40 last held: 0xffffce8013673340
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
last locked* : 0xffffffff810b0b48 unlocked : 0xffffffff810a4196
owner/count : 0xffffce8013673340 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b707c0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor6028):
Lock 0 (initialized at uvm_map_setup)
lock address : 0xffffce8011f19910 type : sleep/adaptive
initialized : 0xffffffff810b6b6d
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffce80129feb40 last held: 0xffffce8011f59200
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
last locked* : 0xffffffff810b0b48 unlocked : 0xffffffff810a4196
owner/count : 0xffffce8011f59200 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82b70760.
=> No active turnstile for this lock.
[Locks tracked through CPUs]
PAGE FLAG PQ UOBJECT UANON
0xffffce8000014180 0048 0000 0x0 0x0
0xffffce80000141f8 0048 0000 0x0 0x0
0xffffce8000014270 0048 0000 0x0 0x0
0xffffce80000142e8 0048 0000 0x0 0x0
0xffffce8000014360 0048 0000 0x0 0x0
0xffffce80000143d8 0040 0000 0x0 0x0
0xffffce8000014450 0048 0000 0x0 0x0
0xffffce80000144c8 0048 0000 0x0 0x0
0xffffce8000014540 0040 0000 0x0 0x0
0xffffce80000145b8 0040 0000 0x0 0x0
0xffffce8000014630 0040 0000 0x0 0x0
0xffffce80000146a8 0040 0000 0x0 0x0
0xffffce8000014720 0040 0000 0x0 0x0
0xffffce8000014798 0048 0000 0x0 0x0
0xffffce8000014810 0048 0000 0x0 0x0
0xffffce8000014888 0040 0000 0x0 0x0
0xffffce8000014900 0048 0000 0x0 0x0
0xffffce8000014978 0048 0000 0x0 0x0
0xffffce80000149f0 0048 0000 0x0 0x0
0xffffce8000014a68 0048 0000 0x0 0x0
0xffffce8000014ae0 0048 0000 0x0 0x0
0xffffce8000014b58 0048 0000 0x0 0x0
0xffffce8000014bd0 0040 0000 0x0 0x0
0xffffce8000014c48 0048 0000 0x0 0x0
0xffffce8000014cc0 0048 0000 0x0 0x0
0xffffce8000014d38 0048 0000 0x0 0x0
0xffffce8000014db0 0048 0000 0x0 0x0
0xffffce8000014e28 0048 0000 0x0 0x0
0xffffce8000014ea0 0048 0000 0x0 0x0
0xffffce8000014f18 0040 0000 0x0 0x0
0xffffce8000014f90 0048 0000 0x0 0x0
0xffffce8000015008 0048 0000 0x0 0x0
0xffffce8000015080 0048 0000 0x0 0x0
0xffffce80000150f8 0048 0000 0x0 0x0
0xffffce8000015170 0048 0000 0x0 0x0
0xffffce80000151e8 0048 0000 0x0 0x0
0xffffce8000015260 0048 0000 0x0 0x0
0xffffce80000152d8 0048 0000 0x0 0x0
0xffffce8000015350 0048 0000 0x0 0x0
0xffffce80000153c8 0048 0000 0x0 0x0
0xffffce8000015440 0048 0000 0x0 0x0
0xffffce80000154b8 0048 0000 0x0 0x0
0xffffce8000015530 0048 0000 0x0 0x0
0xffffce80000155a8 0048 0000 0x0 0x0
0xffffce8000015620 0048 0000 0x0 0x0
0xffffce8000015698 0048 0000 0x0 0x0
0xffffce8000015710 0048 0000 0x0 0x0
0xffffce8000015788 0048 0000 0x0 0x0
0xffffce8000015800 0048 0000 0x0 0x0
0xffffce8000015878 0048 0000 0x0 0x0
0xffffce80000158f0 0048 0000 0x0 0x0
0xffffce8000015968 0048 0000 0x0 0x0
0xffffce80000159e0 0048 0000 0x0 0x0
0xffffce8000015a58 0048 0000 0x0 0x0
0xffffce8000015ad0 0048 0000 0x0 0x0
0xffffce8000015b48 0048 0000 0x0 0x0
0xffffce8000015bc0 0048 0000 0x0 0x0
0xffffce8000015c38 0048 0000 0x0 0x0
0xffffce8000015cb0 0048 0000 0x0 0x0
0xffffce8000015d28 0041 0000 0x0 0x0
0xffffce8000015da0 0041 0000 0x0 0x0
0xffffce8000015e18 0048 0000 0x0 0x0
0xffffce8000015e90 0048 0000 0x0 0x0
0xffffce8000015f08 0048 0000 0x0 0x0
0xffffce8000015f80 0048 0000 0x0 0x0
0xffffce8000015ff8 0048 0000 0x0 0x0
0xffffce8000016070 0040 0000 0x0 0x0
0xffffce80000160e8 0041 0000 0x0 0x0
0xffffce8000016160 0041 0000 0x0 0x0
0xffffce80000161d8 0048 0000 0x0 0x0
0xffffce8000016250 0048 0000 0x0 0x0
0xffffce80000162c8 0048 0000 0x0 0x0
0xffffce8000016340 0048 0000 0x0 0x0
0xffffce80000163b8 0048 0000 0x0 0x0
0xffffce8000016430 0041 0000 0x0 0x0
0xffffce80000164a8 0048 0000 0x0 0x0
0xffffce8000016520 0048 0000 0x0 0x0
0xffffce8000016598 0041 0000 0x0 0x0
0xffffce8000016610 0040 0000 0x0 0x0
0xffffce8000016688 0048 0000 0x0 0x0
0xffffce8000016700 0040 0000 0x0 0x0
0xffffce8000016778 0040 0000 0x0 0x0
0xffffce80000167f0 0041 0000 0x0 0x0
0xffffce8000016868 0048 0000 0x0 0x0
0xffffce80000168e0 0048 0000 0x0 0x0
0xffffce8000016958 0041 0000 0x0 0x0
0xffffce80000169d0 0041 0000 0x0 0x0
0xffffce8000016a48 0040 0000 0x0 0x0
0xffffce8000016ac0 0041 0000 0x0 0x0
0xffffce8000016b38 0041 0000 0x0 0x0
0xffffce8000016bb0 0048 0000 0x0 0x0
0xffffce8000016c28 0048 0000 0x0 0x0
0xffffce8000016ca0 0048 0000 0x0 0x0
0xffffce8000016d18 0048 0000 0x0 0x0
0xffffce8000016d90 0041 0000 0x0 0x0
0xffffce8000016e08 0041 0000 0x0 0x0
0xffffce8000016e80 0041 0000 0x0 0x0
0xffffce8000016ef8 0041 0000 0x0 0x0
0xffffce8000016f70 0048 0000 0x0 0x0
0xffffce8000016fe8 0048 0000 0x0 0x0
0xffffce8000017060 0048 0000 0x0 0x0
0xffffce80000170d8 0048 0000 0x0 0x0
0xffffce8000017150 0048 0000 0x0 0x0
0xffffce80000171c8 0041 0000 0x0 0x0
0xffffce8000017240 0048 0000 0x0 0x0
0xffffce80000172b8 0048 0000 0x0 0x0
0xffffce8000017330 0048 0000 0x0 0x0
0xffffce80000173a8 0048 0000 0x0 0x0
0xffffce8000017420 0048 0000 0x0 0x0
0xffffce8000017498 0048 0000 0x0 0x0
0xffffce8000017510 0048 0000 0x0 0x0
0xffffce8000017588 0048 0000 0x0 0x0
0xffffce8000017600 0048 0000 0x0 0x0
0xffffce8000017678 0048 0000 0x0 0x0
0xffffce80000176f0 0048 0000 0x0 0x0
0xffffce8000017768 0048 0000 0x0 0x0
0xffffce80000177e0 0048 0000 0x0 0x0
0xffffce8000017858 0048 0000 0x0 0x0
0xffffce80000178d0 0048 0000 0x0 0x0
0xffffce8000017948 0048 0000 0x0 0x0
0xffffce80000179c0 0048 0000 0x0 0x0
0xffffce8000017a38 0048 0000 0x0 0x0
0xffffce8000017ab0 0048 0000 0x0 0x0
0xffffce8000017b28 0048 0000 0x0 0x0
0xffffce8000017ba0 0048 0000 0x0 0x0
0xffffce8000017c18 0048 0000 0x0 0x0
0xffffce8000017c90 0048 0000 0x0 0x0
0xffffce8000017d08 0048 0000 0x0 0x0
0xffffce8000017d80 0048 0000 0x0 0x0
0xffffce8000017df8 0048 0000 0x0 0x0
0xffffce8000017e70 0048 0000 0x0 0x0
0xffffce8000017ee8 0048 0000 0x0 0x0
0xffffce8000017f60 0048 0000 0x0 0x0
0xffffce8000017fd8 0048 0000 0x0 0x0
0xffffce8000018050 0048 0000 0x0 0x0
0xffffce80000180c8 0048 0000 0x0 0x0
0xffffce8000018140 0048 0000 0x0 0x0
0xffffce80000181b8 0048 0000 0x0 0x0
0xffffce8000018230 0048 0000 0x0 0x0
0xffffce80000182a8 0048 0000 0x0 0x0
0xffffce8000018320 0048 0000 0x0 0x0
0xffffce8000018398 0048 0000 0x0 0x0
0xffffce8000018410 0048 0000 0x0 0x0
0xffffce8000018488 0048 0000 0x0 0x0
0xffffce8000018500 0048 0000 0x0 0x0
0xffffce8000018578 0048 0000 0x0 0x0
0xffffce80000185f0 0048 0000 0x0 0x0
0xffffce8000018668 0048 0000 0x0 0x0
0xffffce80000186e0 0048 0000 0x0 0x0
0xffffce8000018758 0048 0000 0x0 0x0
0xffffce80000187d0 0048 0000 0x0 0x0
0xffffce8000018848 0048 0000 0x0 0x0
0xffffce80000188c0 0048 0000 0x0 0x0
0xffffce8000018938 0048 0000 0x0 0x0
0xffffce80000189b0 0048 0000 0x0 0x0
0xffffce8000018a28 0048 0000 0x0 0x0
0xffffce8000018aa0 0048 0000 0x0 0x0
0xffffce8000018b18 0048 0000 0x0 0x0
0xffffce8000018b90 0048 0000 0x0 0x0
0xffffce8000018c08 0048 0000 0x0 0x0
0xffffce8000018c80 0048 0000 0x0 0x0
0xffffce8000018cf8 0048 0000 0x0 0x0
0xffffce8000018d70 0048 0000 0x0 0x0
0xffffce8000018de8 0048 0000 0x0 0x0
0xffffce8000018e60 0048 0000 0x0 0x0
0xffffce8000018ed8 0048 0000 0x0 0x0
0xffffce8000018f50 0048 0000 0x0 0x0
0xffffce8000018fc8 0048 0000 0x0 0x0
0xffffce8000019040 0048 0000 0x0 0x0
0xffffce80000190b8 0048 0000 0x0 0x0
0xffffce8000019130 0048 0000 0x0 0x0
0xffffce80000191a8 0048 0000 0x0 0x0
0xffffce8000019220 0048 0000 0x0 0x0
0xffffce8000019298 0048 0000 0x0 0x0
0xffffce8000019310 0048 0000 0x0 0x0
0xffffce8000019388 0048 0000 0x0 0x0
0xffffce8000019400 0048 0000 0x0 0x0
0xffffce8000019478 0048 0000 0x0 0x0
0xffffce80000194f0 0048 0000 0x0 0x0
0xffffce8000019568 0048 0000 0x0 0x0
0xffffce80000195e0 0048 0000 0x0 0x0
0xffffce8000019658 0048 0000 0x0 0x0
0xffffce80000196d0 0048 0000 0x0 0x0
0xffffce8000019748 0048 0000 0x0 0x0
0xffffce80000197c0 0048 0000 0x0 0x0
0xffffce8000019838 0008 0000 0x0 0x0
0xffffce80000198b0 0008 0000 0x0 0x0
0xffffce8000019928 0008 0000 0x0 0x0
0xffffce80000199a0 0008 0000 0x0 0x0
0xffffce8000019a18 0008 0000 0x0 0x0
0xffffce8000019a90 0008 0000 0x0 0x0
0xffffce8000019b08 0008 0000 0x0 0x0
0xffffce8000019b80 0008 0000 0x0 0x0
0xffffce8000019bf8 0008 0000 0x0 0x0
0xffffce8000019c70 0008 0000 0x0 0x0
0xffffce8000019ce8 0008 0000 0x0 0x0
0xffffce8000019d60 0008 0000 0x0 0x0
0xffffce8000019dd8 0008 0000 0x0 0x0
0xffffce8000019e50 0008 0000 0x0 0x0
0xffffce8000019ec8 0008 0000 0x0 0x0
0xffffce8000019f40 0008 0000 0x0 0x0
0xffffce8000019fb8 0008 0000 0x0 0x0
0xffffce800001a030 0008 0000 0x0 0x0
0xffffce800001a0a8 0008 0000 0x0 0x0
0xffffce800001a120 0008 0000 0x0 0x0
0xffffce800001a198 0008 0000 0x0 0x0
0xffffce800001a210 0008 0000 0x0 0x0
0xffffce800001a288 0008 0000 0x0 0x0
0xffffce800001a300 0008 0000 0x0 0x0
0xffffce800001a378 0008 0000 0x0 0x0
0xffffce800001a3f0 0008 0000 0x0 0x0
0xffffce800001a468 0008 0000 0x0 0x0
0xffffce800001a4e0 0008 0000 0x0 0x0
0xffffce800001a558 0008 0000 0x0 0x0
0xffffce800001a5d0 0008 0000 0x0 0x0
0xffffce800001a648 0008 0000 0x0 0x0
0xffffce800001a6c0 0008 0000 0x0 0x0
0xffffce800001a738 0008 0000 0x0 0x0
0xffffce800001a7b0 0008 0000 0x0 0x0
0xffffce800001a828 0008 0000 0x0 0x0
0xffffce800001a8a0 0008 0000 0x0 0x0
0xffffce800001a918 0008 0000 0x0 0x0
0xffffce800001a990 0008 0000 0x0 0x0
0xffffce800001aa08 0008 0000 0x0 0x0
0xffffce800001aa80 0008 0000 0x0 0x0
0xffffce800001aaf8 0008 0000 0x0 0x0
0xffffce800001ab70 0008 0000 0x0 0x0
0xffffce800001abe8 0008 0000 0x0 0x0
0xffffce800001ac60 0008 0000 0x0 0x0
0xffffce800001acd8 0008 0000 0x0 0x0
0xffffce800001ad50 0008 0000 0x0 0x0
0xffffce800001adc8 0008 0000 0x0 0x0
0xffffce800001ae40 0008 0000 0x0 0x0
0xffffce800001aeb8 0008 0000 0x0 0x0
0xffffce800001af30 0008 0000 0x0 0x0
0xffffce800001afa8 0008 0000 0x0 0x0
0xffffce800001b020 0008 0000 0x0 0x0
0xffffce800001b098 0008 0000 0x0 0x0
0xffffce800001b110 0008 0000 0x0 0x0
0xffffce800001b188 0048 0000 0x0 0x0
0xffffce800001b200 0048 0000 0x0 0x0
0xffffce800001b278 0048 0000 0x0 0x0
0xffffce800001b2f0 0048 0000 0x0 0x0
0xffffce800001b368 0048 0000 0x0 0x0
0xffffce800001b3e0 0048 0000 0x0 0x0
0xffffce800001b458 0048 0000 0x0 0x0
0xffffce800001b4d0 0048 0000 0x0 0x0
0xffffce800001b548 0048 0000 0x0 0x0
0xffffce800001b5c0 0048 0000 0x0 0x0
0xffffce800001b638 0048 0000 0x0 0x0
0xffffce800001b6b0 0048 0000 0x0 0x0
0xffffce800001b728 0048 0000 0x0 0x0
0xffffce800001b7a0 0048 0000 0x0 0x0
0xffffce800001b818 0048 0000 0x0 0x0
0xffffce800001b890 0048 0000 0x0 0x0
0xffffce800001b908 0048 0000 0x0 0x0
0xffffce800001b980 0048 0000 0x0 0x0
0xffffce800001b9f8 0048 0000 0x0 0x0
0xffffce800001ba70 0048 0000 0x0 0x0
0xffffce800001bae8 0048 0000 0x0 0x0
0xffffce800001bb60 0048 0000 0x0 0x0
0xffffce800001bbd8 0048 0000 0x0 0x0
0xffffce800001bc50 0048 0000 0x0 0x0
0xffffce800001bcc8 0048 0000 0x0 0x0
0xffffce800001bd40 0048 0000 0x0 0x0
0xffffce800001bdb8 0048 0000 0x0 0x0
0xffffce800001be30 0048 0000 0x0 0x0
0xffffce800001bea8 0048 0000 0x0 0x0
0xffffce800001bf20 0048 0000 0x0 0x0
0xffffce800001bf98 0048 0000 0x0 0x0
0xffffce800001c010 0048 0000 0x0 0x0
0xffffce800001c088 0048 0000 0x0 0x0
0xffffce800001c100 0048 0000 0x0 0x0
0xffffce800001c178 0048 0000 0x0 0x0
0xffffce800001c1f0 0048 0000 0x0 0x0
0xffffce800001c268 0048 0000 0x0 0x0
0xffffce800001c2e0 0048 0000 0x0 0x0
0xffffce800001c358 0048 0000 0x0 0x0
0xffffce800001c3d0 0048 0000 0x0 0x0
0xffffce800001c448 0048 0000 0x0 0x0
0xffffce800001c4c0 0048 0000 0x0 0x0
0xffffce800001c538 0048 0000 0x0 0x0
0xffffce800001c5b0 0008 0000 0x0 0x0
0xffffce800001c628 0008 0000 0x0 0x0
0xffffce800001c6a0 0008 0000 0x0 0x0
0xffffce800001c718 0008 0000 0x0 0x0
0xffffce800001c790 0008 0000 0x0 0x0
0xffffce800001c808 0008 0000 0x0 0x0
0xffffce800001c880 0008 0000 0x0 0x0
0xffffce800001c8f8 0008 0000 0x0 0x0
0xffffce800001c970 0008 0000 0x0 0x0
0xffffce800001c9e8 0008 0000 0x0 0x0
0xffffce800001ca60 0008 0000 0x0 0x0
0xffffce800001cad8 0008 0000 0x0 0x0
0xffffce800001cb50 0008 0000 0x0 0x0
0xffffce800001cbc8 0008 0000 0x0 0x0
0xffffce800001cc40 0008 0000 0x0 0x0
0xffffce800001ccb8 0008 0000 0x0 0x0
0xffffce800001cd30 0008 0000 0x0 0x0
0xffffce800001cda8 0008 0000 0x0 0x0
0xffffce800001ce20 0008 0000 0x0 0x0
0xffffce800001ce98 0008 0000 0x0 0x0
0xffffce800001cf10 0008 0000 0x0 0x0
0xffffce800001cf88 0008 0000 0x0 0x0
0xffffce800001d000 0008 0000 0x0 0x0
0xffffce800001d078 0008 0000 0x0 0x0
0xffffce800001d0f0 0008 0000 0x0 0x0
0xffffce800001d168 0008 0000 0x0 0x0
0xffffce800001d1e0 0008 0000 0x0 0x0
0xffffce800001d258 0008 0000 0x0 0x0
0xffffce800001d2d0 0008 0000 0x0 0x0
0xffffce800001d348 0008 0000 0x0 0x0
0xffffce800001d3c0 0008 0000 0x0 0x0
0xffffce800001d438 0008 0000 0x0 0x0
0xffffce800001d4b0 0008 0000 0x0 0x0
0xffffce800001d528 0008 0000 0x0 0x0
0xffffce800001d5a0 0008 0000 0x0 0x0
0xffffce800001d618 0008 0000 0x0 0x0
0xffffce800001d690 0008 0000 0x0 0x0
0xffffce800001d708 0008 0000 0x0 0x0
0xffffce800001d780 0008 0000 0x0 0x0
0xffffce800001d7f8 0008 0000 0x0 0x0
0xffffce800001d870 0008 0000 0x0 0x0
0xffffce800001d8e8 0008 0000 0x0 0x0
0xffffce800001d960 0008 0000 0x0 0x0
0xffffce800001d9d8 0008 0000 0x0 0x0
0xffffce800001da50 0008 0000 0x0 0x0
0xffffce800001dac8 0008 0000 0x0 0x0
0xffffce800001db40 0008 0000 0x0 0x0
0xffffce800001dbb8 0008 0000 0x0 0x0
0xffffce800001dc30 0008 0000 0x0 0x0
0xffffce800001dca8 0008 0000 0x0 0x0
0xffffce800001dd20 0008 0000 0x0 0x0
0xffffce800001dd98 0008 0000 0x0 0x0
0xffffce800001de10 0008 0000 0x0 0x0
0xffffce800001de88 0008 0000 0x0 0x0
0xffffce800001df00 0048 0000 0x0 0x0
0xffffce800001df78 0048 0000 0x0 0x0
0xffffce800001dff0 0048 0000 0x0 0x0
0xffffce800001e068 0048 0000 0x0 0x0
0xffffce800001e0e0 0048 0000 0x0 0x0
0xffffce800001e158 0048 0000 0x0 0x0
0xffffce800001e1d0 0048 0000 0x0 0x0
0xffffce800001e248 0048 0000 0x0 0x0
0xffffce800001e2c0 0048 0000 0x0 0x0
0xffffce800001e338 0048 0000 0x0 0x0
0xffffce800001e3b0 0048 0000 0x0 0x0
0xffffce800001e428 0048 0000 0x0 0x0
0xffffce800001e4a0 0048 0000 0x0 0x0
0xffffce800001e518 0048 0000 0x0 0x0
0xffffce800001e590 0048 0000 0x0 0x0
0xffffce800001e608 0048 0000 0x0 0x0
0xffffce800001e680 0048 0000 0x0 0x0
0xffffce800001e6f8 0048 0000 0x0 0x0
0xffffce800001e770 0048 0000 0x0 0x0
0xffffce800001e7e8 0048 0000 0x0 0x0
0xffffce800001e860 0048 0000 0x0 0x0
0xffffce800001e8d8 0048 0000 0x0 0x0
0xffffce800001e950 0048 0000 0x0 0x0
0xffffce800001e9c8 0048 0000 0x0 0x0
0xffffce800001ea40 0048 0000 0x0 0x0
0xffffce800001eab8 0048 0000 0x0 0x0
0xffffce800001eb30 0048 0000 0x0 0x0
0xffffce800001eba8 0048 0000 0x0 0x0
0xffffce800001ec20 0040 0000 0x0 0x0
0xffffce800001ec98 0048 0000 0x0 0x0
0xffffce800001ed10 0048 0000 0x0 0x0
0xffffce800001ed88 0048 0000 0x0 0x0
0xffffce800001ee00 0048 0000 0x0 0x0
0xffffce800001ee78 0048 0000 0x0 0x0
0xffffce800001eef0 0048 0000 0x0 0x0
0xffffce800001ef68 0040 0000 0x0 0x0
0xffffce800001efe0 0040 0000 0x0 0x0
0xffffce800001f058 0048 0000 0x0 0x0
0xffffce800001f0d0 0040 0000 0x0 0x0
0xffffce800001f148 0040 0000 0x0 0x0
0xffffce800001f1c0 0048 0000 0x0 0x0
0xffffce800001f238 0048 0000 0x0 0x0
0xffffce800001f2b0 0048 0000 0x0 0x0
0xffffce800001f328 0008 0000 0x0 0x0
0xffffce800001f3a0 0008 0000 0x0 0x0
0xffffce800001f418 0008 0000 0x0 0x0
0xffffce800001f490 0008 0000 0x0 0x0
0xffffce800001f508 0008 0000 0x0 0x0
0xffffce800001f580 0008 0000 0x0 0x0
0xffffce800001f5f8 0008 0000 0x0 0x0
0xffffce800001f670 0008 0000 0x0 0x0
0xffffce800001f6e8 0008 0000 0x0 0x0
0xffffce800001f760 0008 0000 0x0 0x0
0xffffce800001f7d8 0008 0000 0x0 0x0
0xffffce800001f850 0008 0000 0x0 0x0
0xffffce800001f8c8 0008 0000 0x0 0x0
0xffffce800001f940 0008 0000 0x0 0x0
0xffffce800001f9b8 0008 0000 0x0 0x0
0xffffce800001fa30 0008 0000 0x0 0x0
0xffffce800001faa8 0008 0000 0x0 0x0
0xffffce800001fb20 0008 0000 0x0 0x0
0xffffce800001fb98 0008 0000 0x0 0x0
0xffffce800001fc10 0008 0000 0x0 0x0
0xffffce800001fc88 0008 0000 0x0 0x0
0xffffce800001fd00 0008 0000 0x0 0x0
0xffffce800001fd78 0008 0000 0x0 0x0
0xffffce800001fdf0 0008 0000 0x0 0x0
0xffffce800001fe68 0008 0000 0x0 0x0
0xffffce800001fee0 0008 0000 0x0 0x0
0xffffce800001ff58 0008 0000 0x0 0x0
0xffffce800001ffd0 0008 0000 0x0 0x0
0xffffce8000020048 0008 0000 0x0 0x0
0xffffce80000200c0 0008 0000 0x0 0x0
0xffffce8000020138 0008 0000 0x0 0x0
0xffffce80000201b0 0008 0000 0x0 0x0
0xffffce8000020228 0008 0000 0x0 0x0
0xffffce80000202a0 0008 0000 0x0 0x0
0xffffce8000020318 0008 0000 0x0 0x0
0xffffce8000020390 0008 0000 0x0 0x0
0xffffce8000020408 0008 0000 0x0 0x0
0xffffce8000020480 0008 0000 0x0 0x0
0xffffce80000204f8 0008 0000 0x0 0x0
0xffffce8000020570 0008 0000 0x0 0x0
0xffffce80000205e8 0008 0000 0x0 0x0
0xffffce8000020660 0008 0000 0x0 0x0
0xffffce80000206d8 0008 0000 0x0 0x0
0xffffce8000020750 0008 0000 0x0 0x0
0xffffce80000207c8 0008 0000 0x0 0x0
0xffffce8000020840 0008 0000 0x0 0x0
0xffffce80000208b8 0008 0000 0x0 0x0
0xffffce8000020930 0008 0000 0x0 0x0
0xffffce80000209a8 0008 0000 0x0 0x0
0xffffce8000020a20 0008 0000 0x0 0x0
0xffffce8000020a98 0008 0000 0x0 0x0
0xffffce8000020b10 0008 0000 0x0 0x0
0xffffce8000020b88 0008 0000 0x0 0x0
0xffffce8000020c00 0008 0000 0x0 0x0
0xffffce8000020c78 0040 0000 0x0 0x0
0xffffce8000020cf0 0040 0000 0x0 0x0
0xffffce8000020d68 0040 0000 0x0 0x0
0xffffce8000020de0 0040 0000 0x0 0x0
0xffffce8000020e58 0040 0000 0x0 0x0
0xffffce8000020ed0 0040 0000 0x0 0x0
0xffffce8000020f48 0040 0000 0x0 0x0
0xffffce8000020fc0 0040 0000 0x0 0x0
0xffffce8000021038 0040 0000 0x0 0x0
0xffffce80000210b0 0040 0000 0x0 0x0
0xffffce8000021128 0040 0000 0x0 0x0
0xffffce80000211a0 0040 0000 0x0 0x0
0xffffce8000021218 0040 0000 0x0 0x0
0xffffce8000021290 0040 0000 0x0 0x0
0xffffce8000021308 0040 0000 0x0 0x0
0xffffce8000021380 0040 0000 0x0 0x0
0xffffce80000213f8 0040 0000 0x0 0x0
0xffffce8000021470 0040 0000 0x0 0x0
0xffffce80000214e8 0040 0000 0x0 0x0
0xffffce8000021560 0040 0000 0x0 0x0
0xffffce80000215d8 0040 0000 0x0 0x0
0xffffce8000021650 0040 0000 0x0 0x0
0xffffce80000216c8 0040 0000 0x0 0x0
0xffffce8000021740 0040 0000 0x0 0x0
0xffffce80000217b8 0040 0000 0x0 0x0
0xffffce8000021830 0040 0000 0x0 0x0
0xffffce80000218a8 0040 0000 0x0 0x0
0xffffce8000021920 0040 0000 0x0 0x0
0xffffce8000021998 0040 0000 0x0 0x0
0xffffce8000021a10 0040 0000 0x0 0x0
0xffffce8000021a88 0040 0000 0x0 0x0
0xffffce8000021b00 0040 0000 0x0 0x0
0xffffce8000021b78 0040 0000 0x0 0x0
0xffffce8000021bf0 0040 0000 0x0 0x0
0xffffce8000021c68 0040 0000 0x0 0x0
0xffffce8000021ce0 0040 0000 0x0 0x0
0xffffce8000021d58 0040 0000 0x0 0x0
0xffffce8000021dd0 0040 0000 0x0 0x0
0xffffce8000021e48 0040 0000 0x0 0x0
0xffffce8000021ec0 0040 0000 0x0 0x0
0xffffce8000021f38 0040 0000 0x0 0x0
0xffffce8000021fb0 0040 0000 0x0 0x0
0xffffce8000022028 0040 0000 0x0 0x0
0xffffce80000220a0 0040 0000 0x0 0x0
0xffffce8000022118 0040 0000 0x0 0x0
0xffffce8000022190 0040 0000 0x0 0x0
0xffffce8000022208 0040 0000 0x0 0x0
0xffffce8000022280 0040 0000 0x0 0x0
0xffffce80000222f8 0040 0000 0x0 0x0
0xffffce8000022370 0040 0000 0x0 0x0
0xffffce80000223e8 0040 0000 0x0 0x0
0xffffce8000022460 0048 0000 0x0 0x0
0xffffce80000224d8 0040 0000 0x0 0x0
0xffffce8000022550 0040 0000 0x0 0x0
0xffffce80000225c8 0040 0000 0x0 0x0
0xffffce8000022640 0040 0000 0x0 0x0
0xffffce80000226b8 0040 0000 0x0 0x0
0xffffce8000022730 0040 0000 0x0 0x0
0xffffce80000227a8 0048 0000 0x0 0x0
0xffffce8000022820 0048 0000 0x0 0x0
0xffffce8000022898 0040 0000 0x0 0x0
0xffffce8000022910 0040 0000 0x0 0x0
0xffffce8000022988 0048 0000 0x0 0x0
0xffffce8000022a00 0040 0000 0x0 0x0
0xffffce8000022a78 0048 0000 0x0 0x0
0xffffce8000022af0 0048 0000 0x0 0x0
0xffffce8000022b68 0048 0000 0x0 0x0
0xffffce8000022be0 0048 0000 0x0 0x0
0xffffce8000022c58 0048 0000 0x0 0x0
0xffffce8000022cd0 0048 0000 0x0 0x0
0xffffce8000022d48 0048 0000 0x0 0x0
0xffffce8000022dc0 0048 0000 0x0 0x0
0xffffce8000022e38 0048 0000 0x0 0x0
0xffffce8000022eb0 0048 0000 0x0 0x0
0xffffce8000022f28 0048 0000 0x0 0x0
0xffffce8000022fa0 0048 0000 0x0 0x0
0xffffce8000023018 0048 0000 0x0 0x0
0xffffce8000023090 0048 0000 0x0 0x0
0xffffce8000023108 0048 0000 0x0 0x0
0xffffce8000023180 0048 0000 0x0 0x0
0xffffce80000231f8 0048 0000 0x0 0x0
0xffffce8000023270 0048 0000 0x0 0x0
0xffffce80000232e8 0048 0000 0x0 0x0
0xffffce8000023360 0048 0000 0x0 0x0
0xffffce80000233d8 0048 0000 0x0 0x0
0xffffce8000023450 0048 0000 0x0 0x0
0xffffce80000234c8 0048 0000 0x0 0x0
0xffffce8000023540 0048 0000 0x0 0x0
0xffffce80000235b8 0048 0000 0x0 0x0
0xffffce8000023630 0048 0000 0x0 0x0
0xffffce80000236a8 0048 0000 0x0 0x0
0xffffce8000023720 0048 0000 0x0 0x0
0xffffce8000023798 0048 0000 0x0 0x0
0xffffce8000023810 0048 0000 0x0 0x0
0xffffce8000023888 0048 0000 0x0 0x0
0xffffce8000023900 0048 0000 0x0 0x0
0xffffce8000023978 0048 0000 0x0 0x0
0xffffce80000239f0 0048 0000 0x0 0x0
0xffffce8000023a68 0048 0000 0x0 0x0
0xffffce8000023ae0 0048 0000 0x0 0x0
0xffffce8000023b58 0048 0000 0x0 0x0
0xffffce8000023bd0 0048 0000 0x0 0x0
0xffffce8000023c48 0048 0000 0x0 0x0
0xffffce8000023cc0 0048 0000 0x0 0x0
0xffffce8000023d38 0048 0000 0x0 0x0
0xffffce8000023db0 0048 0000 0x0 0x0
0xffffce8000023e28 0048 0000 0x0 0x0
0xffffce8000023ea0 0048 0000 0x0 0x0
0xffffce8000023f18 0048 0000 0x0 0x0
0xffffce8000023f90 0048 0000 0x0 0x0
0xffffce8000024008 0048 0000 0x0 0x0
0xffffce8000024080 0048 0000 0x0 0x0
0xffffce80000240f8 0048 0000 0x0 0x0
0xffffce8000024170 0048 0000 0x0 0x0
0xffffce80000241e8 0048 0000 0x0 0x0
0xffffce8000024260 0048 0000 0x0 0x0
0xffffce80000242d8 0048 0000 0x0 0x0
0xffffce8000024350 0048 0000 0x0 0x0
0xffffce80000243c8 0008 0000 0x0 0x0
0xffffce8000024440 0008 0000 0x0 0x0
0xffffce80000244b8 0008 0000 0x0 0x0
0xffffce8000024530 0008 0000 0x0 0x0
0xffffce80000245a8 0008 0000 0x0 0x0
0xffffce8000024620 0008 0000 0x0 0x0
0xffffce8000024698 0008 0000 0x0 0x0
0xffffce8000024710 0008 0000 0x0 0x0
0xffffce8000024788 0008 0000 0x0 0x0
0xffffce8000024800 0008 0000 0x0 0x0
0xffffce8000024878 0008 0000 0x0 0x0
0xffffce80000248f0 0008 0000 0x0 0x0
0xffffce8000024968 0008 0000 0x0 0x0
0xffffce80000249e0 0008 0000 0x0 0x0
0xffffce8000024a58 0008 0000 0x0 0x0
0xffffce8000024ad0 0008 0000 0x0 0x0
0xffffce8000024b48 0008 0000 0x0 0x0
0xffffce8000024bc0 0008 0000 0x0 0x0
0xffffce8000024c38 0008 0000 0x0 0x0
0xffffce8000024cb0 0008 0000 0x0 0x0
0xffffce8000024d28 0008 0000 0x0 0x0
0xffffce8000024da0 0008 0000 0x0 0x0
0xffffce8000024e18 0008 0000 0x0 0x0
0xffffce8000024e90 0008 0000 0x0 0x0
0xffffce8000024f08 0008 0000 0x0 0x0
0xffffce8000024f80 0008 0000 0x0 0x0
0xffffce8000024ff8 0008 0000 0x0 0x0
0xffffce8000025070 0008 0000 0x0 0x0
0xffffce80000250e8 0008 0000 0x0 0x0
0xffffce8000025160 0008 0000 0x0 0x0
0xffffce80000251d8 0008 0000 0x0 0x0
0xffffce8000025250 0008 0000 0x0 0x0
0xffffce80000252c8 0008 0000 0x0 0x0
0xffffce8000025340 0008 0000 0x0 0x0
0xffffce80000253b8 0008 0000 0x0 0x0
0xffffce8000025430 0008 0000 0x0 0x0
0xffffce80000254a8 0008 0000 0x0 0x0
0xffffce8000025520 0008 0000 0x0 0x0
0xffffce8000025598 0008 0000 0x0 0x0
0xffffce8000025610 0008 0000 0x0 0x0
0xffffce8000025688 0008 0000 0x0 0x0
0xffffce8000025700 0008 0000 0x0 0x0
0xffffce8000025778 0008 0000 0x0 0x0
0xffffce80000257f0 0008 0000 0x0 0x0
0xffffce8000025868 0008 0000 0x0 0x0
0xffffce80000258e0 0008 0000 0x0 0x0
0xffffce8000025958 0008 0000 0x0 0x0
0xffffce80000259d0 0008 0000 0x0 0x0
0xffffce8000025a48 0008 0000 0x0 0x0
0xffffce8000025ac0 0008 0000 0x0 0x0
0xffffce8000025b38 0008 0000 0x0 0x0
0xffffce8000025bb0 0008 0000 0x0 0x0
0xffffce8000025c28 0008 0000 0x0 0x0
0xffffce8000025ca0 0008 0000 0x0 0x0
0xffffce8000025d18 0008 0000 0x0 0x0
0xffffce8000025d90 0008 0000 0x0 0x0
0xffffce8000025e08 0008 0000 0x0 0x0
0xffffce8000025e80 0008 0000 0x0 0x0
0xffffce8000025ef8 0008 0000 0x0 0x0
0xffffce8000025f70 0008 0000 0x0 0x0
0xffffce8000025fe8 0008 0000 0x0 0x0
0xffffce8000026060 0008 0000 0x0 0x0
0xffffce80000260d8 0008 0000 0x0 0x0
0xffffce8000026150 0008 0000 0x0 0x0
0xffffce80000261c8 0008 0000 0x0 0x0
0xffffce8000026240 0008 0000 0x0 0x0
0xffffce80000262b8 0008 0000 0x0 0x0
0xffffce8000026330 0008 0000 0x0 0x0
0xffffce80000263a8 0008 0000 0x0 0x0
0xffffce8000026420 0008 0000 0x0 0x0
0xffffce8000026498 0008 0000 0x0 0x0
0xffffce8000026510 0008 0000 0x0 0x0
0xffffce8000026588 0008 0000 0x0 0x0
0xffffce8000026600 0008 0000 0x0 0x0
0xffffce8000026678 0008 0000 0x0 0x0
0xffffce80000266f0 0008 0000 0x0 0x0
0xffffce8000026768 0008 0000 0x0 0x0
0xffffce80000267e0 0008 0000 0x0 0x0
0xffffce8000026858 0008 0000 0x0 0x0
0xffffce80000268d0 0008 0000 0x0 0x0
0xffffce8000026948 0008 0000 0x0 0x0
0xffffce80000269c0 0008 0000 0x0 0x0
0xffffce8000026a38 0008 0000 0x0 0x0
0xffffce8000026ab0 0008 0000 0x0 0x0
0xffffce8000026b28 0008 0000 0x0 0x0
0xffffce8000026ba0 0008 0000 0x0 0x0
0xffffce8000026c18 0008 0000 0x0 0x0
0xffffce8000026c90 0008 0000 0x0 0x0
0xffffce8000026d08 0008 0000 0x0 0x0
0xffffce8000026d80 0008 0000 0x0 0x0
0xffffce8000026df8 0008 0000 0x0 0x0
0xffffce8000026e70 0008 0000 0x0 0x0
0xffffce8000026ee8 0008 0000 0x0 0x0
0xffffce8000026f60 0008 0000 0x0 0x0
0xffffce8000026fd8 0008 0000 0x0 0x0
0xffffce8000027050 0008 0000 0x0 0x0
0xffffce80000270c8 0008 0000 0x0 0x0
0xffffce8000027140 0008 0000 0x0 0x0
0xffffce80000271b8 0008 0000 0x0 0x0
0xffffce8000027230 0008 0000 0x0 0x0
0xffffce80000272a8 0008 0000 0x0 0x0
0xffffce8000027320 0008 0000 0x0 0x0
0xffffce8000027398 0008 0000 0x0 0x0
0xffffce8000027410 0008 0000 0x0 0x0
0xffffce8000027488 0008 0000 0x0 0x0
0xffffce8000027500 0008 0000 0x0 0x0
0xffffce8000027578 0008 0000 0x0 0x0
0xffffce80000275f0 0008 0000 0x0 0x0
0xffffce8000027668 0008 0000 0x0 0x0
0xffffce80000276e0 0008 0000 0x0 0x0
0xffffce8000027758 0008 0000 0x0 0x0
0xffffce80000277d0 0008 0000 0x0 0x0
0xffffce8000027848 0008 0000 0x0 0x0
0xffffce80000278c0 0008 0000 0x0 0x0
0xffffce8000027938 0008 0000 0x0 0x0
0xffffce80000279b0 0008 0000 0x0 0x0
0xffffce8000027a28 0008 0000 0x0 0x0
0xffffce8000027aa0 0008 0000 0x0 0x0
0xffffce8000027b18 0008 0000 0x0 0x0
0xffffce8000027b90 0008 0000 0x0 0x0
0xffffce8000027c08 0008 0000 0x0 0x0
0xffffce8000027c80 0008 0000 0x0 0x0
0xffffce8000027cf8 0008 0000 0x0 0x0
0xffffce8000027d70 0008 0000 0x0 0x0
0xffffce8000027de8 0008 0000 0x0 0x0
0xffffce8000027e60 0008 0000 0x0 0x0
0xffffce8000027ed8 0008 0000 0x0 0x0
0xffffce8000027f50 0008 0000 0x0 0x0
0xffffce8000027fc8 0008 0000 0x0 0x0
0xffffce8000028040 0008 0000 0x0 0x0
0xffffce80000280b8 0008 0000 0x0 0x0
0xffffce8000028130 0008 0000 0x0 0x0
0xffffce80000281a8 0008 0000 0x0 0x0
0xffffce8000028220 0008 0000 0x0 0x0
0xffffce8000028298 0008 0000 0x0 0x0
0xffffce8000028310 0008 0000 0x0 0x0
0xffffce8000028388 0008 0000 0x0 0x0
0xffffce8000028400 0008 0000 0x0 0x0
0xffffce8000028478 0008 0000 0x0 0x0
0xffffce80000284f0 0008 0000 0x0 0x0
0xffffce8000028568 0008 0000 0x0 0x0
0xffffce80000285e0 0008 0000 0x0 0x0
0xffffce8000028658 0008 0000 0x0 0x0
0xffffce80000286d0 0008 0000 0x0 0x0
0xffffce8000028748 0008 0000 0x0 0x0
0xffffce80000287c0 0008 0000 0x0 0x0
0xffffce8000028838 0008 0000 0x0 0x0
0xffffce80000288b0 0008 0000 0x0 0x0
0xffffce8000028928 0008 0000 0x0 0x0
0xffffce80000289a0 0008 0000 0x0 0x0
0xffffce8000028a18 0008 0000 0x0 0x0
0xffffce8000028a90 0008 0000 0x0 0x0
0xffffce8000028b08 0008 0000 0x0 0x0
0xffffce8000028b80 0008 0000 0x0 0x0
0xffffce8000028bf8 0008 0000 0x0 0x0
0xffffce8000028c70 0008 0000 0x0 0x0
0xffffce8000028ce8 0008 0000 0x0 0x0
0xffffce8000028d60 0008 0000 0x0 0x0
0xffffce8000028dd8 0008 0000 0x0 0x0
0xffffce8000028e50 0008 0000 0x0 0x0
0xffffce8000028ec8 0008 0000 0x0 0x0
0xffffce8000028f40 0008 0000 0x0 0x0
0xffffce8000028fb8 0008 0000 0x0 0x0
0xffffce8000029030 0008 0000 0x0 0x0
0xffffce80000290a8 0008 0000 0x0 0x0
0xffffce8000029120 0008 0000 0x0 0x0
0xffffce8000029198 0008 0000 0x0 0x0
0xffffce8000029210 0008 0000 0x0 0x0
0xffffce8000029288 0008 0000 0x0 0x0
0xffffce8000029300 0008 0000 0x0 0x0
0xffffce8000029378 0008 0000 0x0 0x0
0xffffce80000293f0 0008 0000 0x0 0x0
0xffffce8000029468 0008 0000 0x0 0x0
0xffffce80000294e0 0008 0000 0x0 0x0
0xffffce8000029558 0008 0000 0x0 0x0
0xffffce80000295d0 0008 0000 0x0 0x0
0xffffce8000029648 0008 0000 0x0 0x0
0xffffce80000296c0 0008 0000 0x0 0x0
0xffffce8000029738 0008 0000 0x0 0x0
0xffffce80000297b0 0008 0000 0x0 0x0
0xffffce8000029828 0008 0000 0x0 0x0
0xffffce80000298a0 0008 0000 0x0 0x0
0xffffce8000029918 0008 0000 0x0 0x0
0xffffce8000029990 0008 0000 0x0 0x0
0xffffce8000029a08 0008 0000 0x0 0x0
0xffffce8000029a80 0008 0000 0x0 0x0
0xffffce8000029af8 0008 0000 0x0 0x0
0xffffce8000029b70 0008 0000 0x0 0x0
0xffffce8000029be8 0008 0000 0x0 0x0
0xffffce8000029c60 0008 0000 0x0 0x0
0xffffce8000029cd8 0008 0000 0x0 0x0
0xffffce8000029d50 0008 0000 0x0 0x0
0xffffce8000029dc8 0008 0000 0x0 0x0
0xffffce8000029e40 0008 0000 0x0 0x0
0xffffce8000029eb8 0008 0000 0x0 0x0
0xffffce8000029f30 0008 0000 0x0 0x0
0xffffce8000029fa8 0008 0000 0x0 0x0
0xffffce800002a020 0008 0000 0x0 0x0
0xffffce800002a098 0008 0000 0x0 0x0
0xffffce800002a110 0008 0000 0x0 0x0
0xffffce800002a188 0008 0000 0x0 0x0
0xffffce800002a200 0008 0000 0x0 0x0
0xffffce800002a278 0008 0000 0x0 0x0
0xffffce800002a2f0 0008 0000 0x0 0x0
0xffffce800002a368 0008 0000 0x0 0x0
0xffffce800002a3e0 0008 0000 0x0 0x0
0xffffce800002a458 0008 0000 0x0 0x0
0xffffce800002a4d0 0008 0000 0x0 0x0
0xffffce800002a548 0008 0000 0x0 0x0
0xffffce800002a5c0 0008 0000 0x0 0x0
0xffffce800002a638 0008 0000 0x0 0x0
0xffffce800002a6b0 0008 0000 0x0 0x0
0xffffce800002a728 0008 0000 0x0 0x0
0xffffce800002a7a0 0008 0000 0x0 0x0
0xffffce800002a818 0008 0000 0x0 0x0
0xffffce800002a890 0008 0000 0x0 0x0
0xffffce800002a908 0008 0000 0x0 0x0
0xffffce800002a980 0008 0000 0x0 0x0
0xffffce800002a9f8 0008 0000 0x0 0x0
0xffffce800002aa70 0008 0000 0x0 0x0
0xffffce800002aae8 0008 0000 0x0 0x0
0xffffce800002ab60 0008 0000 0x0 0x0
0xffffce800002abd8 0008 0000 0x0 0x0
0xffffce800002ac50 0008 0000 0x0 0x0
0xffffce800002acc8 0008 0000 0x0 0x0
0xffffce800002ad40 0008 0000 0x0 0x0
0xffffce800002adb8 0008 0000 0x0 0x0
0xffffce800002ae30 0008 0000 0x0 0x0
0xffffce800002aea8 0008 0000 0x0 0x0
0xffffce800002af20 0008 0000 0x0 0x0
0xffffce800002af98 0008 0000 0x0 0x0
0xffffce800002b010 0008 0000 0x0 0x0
0xffffce800002b088 0008 0000 0x0 0x0
0xffffce800002b100 0008 0000 0x0 0x0
0xffffce800002b178 0008 0000 0x0 0x0
0xffffce800002b1f0 0008 0000 0x0 0x0
0xffffce800002b268 0008 0000 0x0 0x0
0xffffce800002b2e0 0008 0000 0x0 0x0
0xffffce800002b358 0008 0000 0x0 0x0
0xffffce800002b3d0 0008 0000 0x0 0x0
0xffffce800002b448 0008 0000 0x0 0x0
0xffffce800002b4c0 0008 0000 0x0 0x0
0xffffce800002b538 0008 0000 0x0 0x0
0xffffce800002b5b0 0008 0000 0x0 0x0
0xffffce800002b628 0008 0000 0x0 0x0
0xffffce800002b6a0 0008 0000 0x0 0x0
0xffffce800002b718 0008 0000 0x0 0x0
0xffffce800002b790 0008 0000 0x0 0x0
0xffffce800002b808 0008 0000 0x0 0x0
0xffffce800002b880 0008 0000 0x0 0x0
0xffffce800002b8f8 0008 0000 0x0 0x0
0xffffce800002b970 0008 0000 0x0 0x0
0xffffce800002b9e8 0008 0000 0x0 0x0
0xffffce800002ba60 0008 0000 0x0 0x0
0xffffce800002bad8 0008 0000 0x0 0x0
0xffffce800002bb50 0008 0000 0x0 0x0
0xffffce800002bbc8 0008 0000 0x0 0x0
0xffffce800002bc40 0008 0000 0x0 0x0
0xffffce800002bcb8 0008 0000 0x0 0x0
0xffffce800002bd30 0008 0000 0x0 0x0
0xffffce800002bda8 0008 0000 0x0 0x0
0xffffce800002be20 0008 0000 0x0 0x0
0xffffce800002be98 0008 0000 0x0 0x0
0xffffce800002bf10 0008 0000 0x0 0x0
0xffffce800002bf88 0008 0000 0x0 0x0
0xffffce800002c000 0008 0000 0x0 0x0
0xffffce800002c078 0008 0000 0x0 0x0
0xffffce800002c0f0 0008 0000 0x0 0x0
0xffffce800002c168 0008 0000 0x0 0x0
0xffffce800002c1e0 0008 0
Maxime Villard
Jul 2, 2019, 1:28:29 PM7/2/19
to syzbot, syzkaller-...@googlegroups.com
duplicate of invalid
#syz dup: panic: ASan: Unauthorized Access In ADDR: Addr ADDR [ADDR bytes, read, Unknown]
#syz dup: panic: ASan: Unauthorized Access In ADDR: Addr ADDR [ADDR bytes, read, Unknown]
Reply all
Reply to author
Forward
0 new messages