UBSan: Undefined Behavior in _icmp6_input.cold

2 views

Skip to first unread message

syzbot

unread,

Aug 26, 2023, 7:14:59 PM8/26/23

to syzkaller-...@googlegroups.com

Hello,

syzbot found the following issue on:

HEAD commit: 9194f8e9f8cd error: remove redundant parentheses around re..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13dd5233a80000
kernel config: https://syzkaller.appspot.com/x/.config?x=1420f906d33d9f1f
dashboard link: https://syzkaller.appspot.com/bug?extid=99350f250dd5d57f8b76
compiler: g++ (Debian 12.2.0-14) 12.2.0

Unfortunately, I don't have any reproducer for this issue yet.

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/a38b8cee2ead/disk-9194f8e9.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/c37da189ae87/netbsd-9194f8e9.gdb.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+99350f...@syzkaller.appspotmail.com

[ 3344.0473941] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/netinet6/icmp6.c:1977:7, left shift of 1 by 31 places cannot be represented in type 'int'

[ 3344.0656393] cpu0: Begin traceback...
[ 3344.0873769] vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:292
[ 3344.1573757] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
[ 3344.2173770] HandleShiftOutOfBounds() at netbsd:HandleShiftOutOfBounds+0x24e sys/../common/lib/libc/misc/ubsan.c:479
[ 3344.2773758] _icmp6_input.cold() at netbsd:_icmp6_input.cold+0x8b
[ 3344.3373758] wqinput_work() at netbsd:wqinput_work+0x207 sys/netinet/wqinput.c:245
[ 3344.3973770] workqueue_worker() at netbsd:workqueue_worker+0x373 workqueue_runlist sys/kern/subr_workqueue.c:149 [inline]
[ 3344.3973770] workqueue_worker() at netbsd:workqueue_worker+0x373 sys/kern/subr_workqueue.c:184
[ 3344.4073775] cpu0: End traceback...
[ 3344.4195663] fatal breakpoint trap in supervisor mode
[ 3344.4195663] trap type 1 code 0 rip 0xffffffff80235485 cs 0x8 rflags 0x246 cr2 0x7f19a22d7000 ilevel 0x4 rsp 0xffffc0023fef9600
[ 3344.4359945] curlwp 0xffff83d5b9655500 pid 0.118 lowest kstack 0xffffc0023fef52c0
Stopped in pid 0.118 (system) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:69
vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:292
Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
HandleShiftOutOfBounds() at netbsd:HandleShiftOutOfBounds+0x24e sys/../common/lib/libc/misc/ubsan.c:479
_icmp6_input.cold() at netbsd:_icmp6_input.cold+0x8b
wqinput_work() at netbsd:wqinput_work+0x207 sys/netinet/wqinput.c:245
workqueue_worker() at netbsd:workqueue_worker+0x373 workqueue_runlist sys/kern/subr_workqueue.c:149 [inline]
workqueue_worker() at netbsd:workqueue_worker+0x373 sys/kern/subr_workqueue.c:184
Panic string: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/netinet6/icmp6.c:1977:7, left shift of 1 by 31 places cannot be represented in type 'int'

PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
18654 18654 3 1 10000000 ffff83d615416b00 syz-executor.1 tstile
18788 8529 3 1 0 ffff83d5f8cf1700 syz-executor.4 lwpwait
18788 27125 2 0 100000 ffff83d61462d700 syz-executor.4
28486 18857 3 0 180 ffff83d60caf6b80 syz-executor.2 parked
28486 28486 2 0 10040000 ffff83d5ffde3a00 syz-executor.2
27175 3219 3 0 40180 ffff83d622bf78c0 syz-executor.3 parked
27175 28294 3 1 180 ffff83d619b45900 syz-executor.3 parked
27175 27175 3 0 10040180 ffff83d624790600 syz-executor.3 nanoslp
5101 5101 2 0 40 ffff83d60d397a00 syz-executor.5
27088 27088 3 1 180 ffff83d625e10140 syz-executor.0 parked
28927 28927 3 0 180 ffff83d625df8540 syz-executor.0 parked
4533 4533 3 0 180 ffff83d5f95ab740 syz-executor.0 parked
2112 2112 3 0 180 ffff83d622bf7040 syz-executor.0 parked
28922 28922 3 0 180 ffff83d625df8980 syz-executor.2 parked
12152 12152 3 0 180 ffff83d60caf6740 syz-executor.4 parked
20790 20790 3 0 180 ffff83d621bed100 syz-executor.2 parked
14063 14063 3 0 180 ffff83d6080db6c0 syz-executor.2 parked
24505 24505 3 1 180 ffff83d5d7102ac0 syz-executor.2 parked
25141 25141 3 0 180 ffff83d6222ac600 syz-executor.2 parked
28123 28123 3 0 180 ffff83d6154166c0 syz-executor.2 parked
11719 11719 3 0 180 ffff83d6163ef780 syz-executor.2 parked
10664 10664 3 0 180 ffff83d622bf7480 syz-executor.2 parked
13913 13913 3 0 180 ffff83d61462db40 syz-executor.2 parked
10517 10517 3 0 180 ffff83d5e8e63180 syz-executor.2 parked
10011 10011 3 0 180 ffff83d6163efbc0 syz-executor.2 parked
10214 10214 3 0 180 ffff83d61ebbbbc0 syz-executor.2 parked
25244 25244 3 0 180 ffff83d6224e9200 syz-executor.2 parked
8968 8968 3 0 180 ffff83d60caf6300 syz-executor.4 parked
6842 6842 2 1 140 ffff83d620228480 syz-executor.2
5499 5499 3 1 180 ffff83d621dc6240 syz-executor.5 parked
12682 12682 3 0 180 ffff83d6229c2140 syz-executor.5 parked
5495 5495 3 0 180 ffff83d615416280 syz-executor.5 parked
5486 5486 3 1 180 ffff83d61f404900 syz-executor.5 parked
20813 20813 3 1 180 ffff83d62254fa00 syz-executor.4 parked
22149 22149 2 1 140 ffff83d6222ac1c0 syz-executor.1
20017 20017 3 1 180 ffff83d61f404080 syz-executor.5 parked
6727 6727 3 1 180 ffff83d620228040 syz-executor.5 parked
5389 5389 3 0 180 ffff83d6224e9640 syz-executor.4 parked
5381 5381 3 0 180 ffff83d5edb75b00 syz-executor.4 parked
5382 5382 3 1 180 ffff83d6236e0500 syz-executor.5 parked
26801 26801 3 0 180 ffff83d6128a9a80 syz-executor.5 parked
5391 5391 3 0 180 ffff83d6229c2580 syz-executor.4 parked
25292 25292 3 0 180 ffff83d6229c29c0 syz-executor.5 parked
22111 22111 3 0 180 ffff83d62254f5c0 syz-executor.5 parked
20727 20727 3 0 180 ffff83d621dc6680 syz-executor.5 parked
11762 11762 3 1 180 ffff83d6222aca40 syz-executor.5 parked
7330 7330 3 0 180 ffff83d6202288c0 syz-executor.4 parked
5059 5059 3 1 180 ffff83d61f748b80 syz-executor.5 parked
12393 12393 3 1 180 ffff83d61ebbb780 syz-executor.5 parked
19378 19378 3 0 180 ffff83d621bed980 syz-executor.4 parked
4973 4973 3 1 180 ffff83d5ffde35c0 syz-executor.4 parked
9599 9599 3 1 180 ffff83d6236e0940 syz-executor.5 parked
14482 14482 3 1 180 ffff83d61f4044c0 syz-executor.4 parked
20879 20879 3 0 180 ffff83d5ee113640 syz-executor.5 parked
4990 4990 3 1 180 ffff83d5d5dfe540 syz-executor.5 parked
4988 4988 3 0 180 ffff83d6121bc6c0 syz-executor.5 parked
21484 21484 3 0 180 ffff83d6128a9640 syz-executor.4 parked
21133 21133 3 0 180 ffff83d5fc6a38c0 syz-executor.4 parked
2990 2990 3 1 10000000 ffff83d60e0a6940 syz-executor.5 tstile
23633 23633 3 1 180 ffff83d61f748740 syz-executor.4 parked
20471 20471 3 1 180 ffff83d61f748300 syz-executor.4 parked
21099 21099 3 0 180 ffff83d61462d2c0 syz-executor.5 parked
5574 5574 3 0 180 ffff83d60e0a1540 syz-executor.4 parked
4463 16559 3 1 1100000 ffff83d60f1f1a40 syz-executor.5 tstile
4463 4463 3 1 11000000 ffff83d6128a9200 syz-executor.5 lwpwait
7773 17770 3 1 1100000 ffff83d60e0a6500 syz-executor.5 tstile
7773 7773 2 0 11000040 ffff83d6121bc280 syz-executor.5
4371 20520 3 0 1100000 ffff83d601ae9bc0 syz-executor.5 tstile
4371 4371 2 0 11000040 ffff83d6121bcb00 syz-executor.5
4359 4359 2 0 140 ffff83d60f1f11c0 syz-executor.4
20900 15755 3 0 1100000 ffff83d60b9635c0 syz-executor.5 tstile
20900 20900 3 1 11000000 ffff83d60cbae9c0 syz-executor.5 lwpwait
4531 7115 3 0 1100000 ffff83d60cbae580 syz-executor.5 tstile
4531 4531 2 0 11000040 ffff83d60b7a2ac0 syz-executor.5
11843 11843 3 1 10000000 ffff83d60b963a00 syz-executor.5 tstile
3445 3445 3 0 180 ffff83d5cf91e900 syz-executor.5 parked
9948 9948 3 0 10000000 ffff83d60b7a2680 syz-executor.5 tstile
19038 19038 3 1 10000000 ffff83d60cbae140 syz-executor.5 tstile
7215 7215 3 0 10000000 ffff83d60e0a1100 syz-executor.5 tstile
2841 2841 3 1 180 ffff83d5c1e76740 syz-executor.5 parked
2834 2834 3 1 180 ffff83d6029581c0 syz-executor.5 parked
18333 18333 3 1 180 ffff83d60f1f1600 syz-executor.1 parked
11004 11004 3 0 180 ffff83d60b963180 syz-executor.1 parked
2788 2788 3 0 180 ffff83d5dc1da300 syz-executor.1 parked
22988 22988 3 0 180 ffff83d60e0a60c0 syz-executor.1 parked
2734 2734 3 1 180 ffff83d608998700 syz-executor.1 parked
11931 11931 3 1 180 ffff83d6089982c0 syz-executor.5 parked
17297 17297 3 0 180 ffff83d602443900 syz-executor.5 parked
2429 2429 3 0 180 ffff83d600c39100 syz-executor.5 parked
5001 5001 3 1 180 ffff83d5d6ee3600 syz-executor.1 parked
2664 2664 3 0 180 ffff83d5fc6a3040 syz-executor.1 parked
17765 17765 3 1 180 ffff83d5c228fbc0 syz-executor.1 parked
2418 2418 3 1 180 ffff83d5fefda740 syz-executor.5 parked
2416 2416 3 0 180 ffff83d607e66040 syz-executor.1 parked
18002 18002 3 0 180 ffff83d602443080 syz-executor.1 parked
5204 5204 3 0 180 ffff83d5d5dfe980 syz-executor.5 parked
5717 5717 3 1 180 ffff83d5cf553b00 syz-executor.1 parked
10062 10062 3 1 180 ffff83d6003ee500 syz-executor.1 parked
18218 18218 3 1 180 ffff83d6024434c0 syz-executor.5 parked
2306 2306 3 0 180 ffff83d608301200 syz-executor.5 parked
2308 2308 3 1 180 ffff83d601ae9780 syz-executor.5 parked
19488 1571 3 0 1100000 ffff83d607e668c0 syz-executor.5 tstile
19488 19488 2 0 11000040 ffff83d607ab6680 syz-executor.5
16537 18490 3 0 1100000 ffff83d5fefdab80 syz-executor.5 tstile
16537 16537 2 0 11000040 ffff83d5fc438900 syz-executor.5
5971 12887 3 0 1100000 ffff83d6080db280 syz-executor.5 tstile
5971 5971 2 0 11000040 ffff83d607e66480 syz-executor.5
9459 9459 3 1 180 ffff83d601ae9340 syz-executor.5 parked
4564 4564 3 0 180 ffff83d5fc4384c0 syz-executor.5 parked
1468 1468 3 0 180 ffff83d5fc04d780 syz-executor.5 parked
10147 10147 3 0 180 ffff83d5ee2fa240 syz-executor.5 parked
884 884 3 1 180 ffff83d5fefda300 syz-executor.5 parked
866 866 3 1 180 ffff83d6080dbb00 syz-executor.5 parked
6234 6234 3 1 180 ffff83d5faa9e9c0 syz-executor.4 parked
6736 6736 3 0 180 ffff83d608998b40 syz-executor.5 parked
15439 15439 3 0 180 ffff83d5fc438080 syz-executor.5 parked
18227 18227 3 0 180 ffff83d5ecb0b600 syz-executor.5 parked
8242 8242 3 1 180 ffff83d5f8cf12c0 syz-executor.5 parked
9761 9761 3 1 180 ffff83d607ab6ac0 syz-executor.5 parked
19232 19232 3 1 180 ffff83d602958600 syz-executor.5 parked
791 791 3 1 180 ffff83d607ab6240 syz-executor.5 parked
780 780 3 0 180 ffff83d602958a40 syz-executor.5 parked
17212 17212 3 1 180 ffff83d608301a80 syz-executor.5 parked
16680 16680 3 0 180 ffff83d608301640 syz-executor.5 parked
18757 18757 3 1 180 ffff83d5fc6a3480 syz-executor.5 parked
16598 16598 3 0 180 ffff83d6003ee0c0 syz-executor.4 parked
16382 16382 3 0 180 ffff83d6003ee940 syz-executor.4 parked
15869 15869 3 0 180 ffff83d5e8e63a00 syz-executor.4 parked
16210 16210 3 0 180 ffff83d5faa9e140 syz-executor.5 parked
16734 16734 3 0 180 ffff83d5ffde3180 syz-executor.5 parked
16015 16015 3 1 180 ffff83d5cf91e4c0 syz-executor.4 parked
13418 15461 3 0 1100000 ffff83d600c39980 syz-executor.5 tstile
13418 13418 2 0 11000040 ffff83d5ccfe5040 syz-executor.5
14993 14913 3 0 1100000 ffff83d5dfcf0500 syz-executor.5 tstile
14993 14993 2 0 11000040 ffff83d600c39540 syz-executor.5
14638 15183 3 0 1100000 ffff83d5faa9e580 syz-executor.5 tstile
14638 14638 3 1 11000000 ffff83d5dc1da740 syz-executor.5 lwpwait
14782 14782 3 0 180 ffff83d5f95abb80 syz-executor.1 parked
16383 9462 3 0 1100000 ffff83d5fc04dbc0 syz-executor.1 vfork
16383 16383 2 0 11000040 ffff83d5c675f0c0 syz-executor.1
13099 13099 3 0 180 ffff83d5f8cf1b40 syz-executor.1 parked
11915 17209 2 0 1000040 ffff83d5ee2fa680 syz-executor.1
11915 17463 3 0 1100000 ffff83d5dfcf0940 syz-executor.1 vfork
16820 16820 3 1 180 ffff83d5edb756c0 syz-executor.1 parked
17115 17324 3 1 1100000 ffff83d5f95ab300 syz-executor.1 vfork
17115 17115 2 0 11000040 ffff83d5fc04d340 syz-executor.1
11965 11965 3 0 10000000 ffff83d5df20b4c0 syz-executor.5 tstile
16045 16045 3 0 10000000 ffff83d5cf996740 syz-executor.5 tstile
11488 10910 3 0 1100000 ffff83d5cf91e080 syz-executor.5 tstile
11488 11488 2 0 11000040 ffff83d5ee113a80 syz-executor.5
9977 10628 3 0 1100000 ffff83d5e2586580 syz-executor.5 tstile
9977 9977 2 0 11000040 ffff83d5dfcf00c0 syz-executor.5
15196 15404 3 1 1100000 ffff83d5d7102240 syz-executor.5 tstile
15196 15196 2 0 11000040 ffff83d5cdd5d680 syz-executor.5
15437 10382 3 0 1100000 ffff83d5c2f888c0 syz-executor.5 tstile
15437 15437 3 1 11000000 ffff83d5d6c64b40 syz-executor.5 lwpwait
15335 10130 3 0 1100000 ffff83d5cf996300 syz-executor.5 tstile
15335 15335 3 1 11000000 ffff83d5edb75280 syz-executor.5 lwpwait
10139 14032 3 1 1100000 ffff83d5e2586140 syz-executor.5 tstile
10139 10139 2 0 11000040 ffff83d5d6d1c640 syz-executor.5
14683 14683 3 1 10000000 ffff83d5cd097640 syz-executor.5 tstile
9198 9198 3 1 180 ffff83d5cdd5dac0 syz-executor.1 parked
9027 14133 2 0 1000040 ffff83d5ecb0b1c0 syz-executor.1
9027 9201 3 1 11100000 ffff83d5e8e635c0 syz-executor.1 vfork
9505 9505 3 1 180 ffff83d5dd833bc0 syz-executor.1 parked
9200 9200 3 0 180 ffff83d5ccfe5480 syz-executor.1 parked
9090 8999 2 0 1000040 ffff83d5deddd540 syz-executor.1
9090 8998 3 1 1100000 ffff83d5caabb580 syz-executor.1 vfork
9090 9100 3 0 11100000 ffff83d5d696da00 syz-executor.1 vfork
9379 9379 3 0 180 ffff83d5cdd5d240 syz-executor.1 parked
8949 9798 3 0 11100000 ffff83d5deddd980 syz-executor.1 vfork
8949 8949 2 0 11000040 ffff83d5e25869c0 syz-executor.1
12845 12845 3 0 10000000 ffff83d5cd097200 syz-executor.5 tstile
12985 12219 3 0 1100000 ffff83d5cefbabc0 syz-executor.5 tstile
12985 12985 2 0 11000040 ffff83d5d5dfe100 syz-executor.5
8041 11465 3 0 1100000 ffff83d5d6d1c200 syz-executor.5 tstile
8041 8041 2 0 11000040 ffff83d5df20b080 syz-executor.5
7651 8424 3 1 1100000 ffff83d5dd833780 syz-executor.5 tstile
7651 7651 3 1 11000000 ffff83d5d7169280 syz-executor.5 lwpwait
7156 7156 3 0 10000000 ffff83d5c59e7600 syz-executor.5 tstile
7312 7312 3 0 10000000 ffff83d5dd833340 syz-executor.5 tstile
7137 7137 3 0 10000000 ffff83d5deddd100 syz-executor.5 tstile
6898 6949 3 0 1000040 ffff83d5df20b900 syz-executor.5 tstile
3430 3430 3 1 180 ffff83d5dc1dab80 syz-executor.1 parked
3929 3933 3 1 11100000 ffff83d5d6c64700 syz-executor.1 vfork
3929 3929 2 0 11000040 ffff83d5c675f500 syz-executor.1
3925 3925 3 0 180 ffff83d5d6ee31c0 syz-executor.1 parked
2857 3007 3 0 1100000 ffff83d5d71696c0 syz-executor.1 vfork
2857 2857 3 1 11000000 ffff83d5d696d5c0 syz-executor.1 lwpwait
7644 7644 3 1 180 ffff83d5d7169b00 syz-executor.1 parked
8254 3658 3 1 11100000 ffff83d5caabb9c0 syz-executor.1 vfork
8254 8254 2 0 11000040 ffff83d5c3297540 syz-executor.1
2697 2978 3 0 1100000 ffff83d5d6c642c0 syz-executor.5 tstile
2697 2697 3 1 11000000 ffff83d5caabb140 syz-executor.5 lwpwait
7758 6480 3 0 1100000 ffff83d5d6d1ca80 syz-executor.5 tstile
7758 7758 3 1 11000000 ffff83d5d7102680 syz-executor.5 lwpwait
5223 4952 3 0 1100000 ffff83d5d0850480 syz-executor.5 tstile
5223 5223 3 1 11000000 ffff83d5cf996b80 syz-executor.5 lwpwait
4735 3787 3 0 1100000 ffff83d5cefba780 syz-executor.5 tstile
4735 4735 2 0 11000040 ffff83d5d0850040 syz-executor.5
4411 4049 3 0 1100000 ffff83d5c2a044c0 syz-executor.5 tstile
4411 4411 2 0 11000040 ffff83d5cf3d32c0 syz-executor.5
3520 3913 3 0 1100000 ffff83d5cf5536c0 syz-executor.5 tstile
3520 3520 3 1 11000000 ffff83d5d08508c0 syz-executor.5 lwpwait
1239 >1239 7 1 140 ffff83d5c3297100 syz-executor.3
1231 2744 3 1 1c0 ffff83d5c675f940 syz-fuzzer parked
1231 1247 3 0 180 ffff83d5c1e0fb40 syz-fuzzer parked
1231 1203 3 0 1c0 ffff83d5c1bfbb00 syz-fuzzer wait
1231 1132 3 0 180 ffff83d5c1e0f2c0 syz-fuzzer kqueue
1231 1245 3 1 180 ffff83d5c1e76300 syz-fuzzer wait
1231 990 3 1 180 ffff83d5c59e7a40 syz-fuzzer parked
1231 1120 3 1 180 ffff83d5c59e71c0 syz-fuzzer wait
1231 829 3 0 1c0 ffff83d5c3038a00 syz-fuzzer wait
1231 1242 3 1 180 ffff83d5c30385c0 syz-fuzzer parked
1231 449 3 1 180 ffff83d5c2a54500 syz-fuzzer parked
1231 1224 3 0 180 ffff83d5c3297980 syz-fuzzer parked
1231 1226 3 0 1c0 ffff83d5c351d9c0 syz-fuzzer wait
1231 1237 3 1 180 ffff83d5c3038180 syz-fuzzer parked
1231 1231 3 1 180 ffff83d5c2a54940 syz-fuzzer parked
1080 1080 3 1 180 ffff83d5c1bfb6c0 sshd select
1222 1222 3 0 180 ffff83d5c2a04900 getty nanoslp
1184 1184 3 0 180 ffff83d5c1877200 getty nanoslp
1223 1223 3 1 180 ffff83d5c1bfb280 getty nanoslp
1195 1195 3 1 1c0 ffff83d5c1884ac0 getty ttyraw
872 872 3 0 180 ffff83d5c351d140 sshd select
954 954 3 0 180 ffff83d5c351d580 powerd kqueue
700 700 3 1 180 ffff83d5c2a04080 syslogd kqueue
747 747 3 1 180 ffff83d5c2a540c0 dhcpcd poll
742 742 3 0 180 ffff83d5c2f88480 dhcpcd poll
466 466 3 1 180 ffff83d5c1e76b80 dhcpcd poll
598 598 3 1 180 ffff83d5c2f88040 dhcpcd poll
292 292 3 1 180 ffff83d5c228f780 dhcpcd poll
485 485 3 0 180 ffff83d5c228f340 dhcpcd poll
291 291 3 0 180 ffff83d5c1e0f700 dhcpcd poll
1 1 3 0 180 ffff83d5b9687140 init wait
0 21891 3 1 200 ffff83d5cf553280 ktrace ktrwait
0 22221 5 0 200 ffff83d619b45080 (zombie)
0 15153 3 0 200 ffff83d5cf3d3700 ktrace ktrwait
0 6279 3 0 200 ffff83d5cd097a80 ktrace ktrwait
0 996 3 0 200 ffff83d5cefba340 ktrace ktrwait
0 1863 3 0 200 ffff83d5cf3d3b40 ktrace ktrwait
0 673 3 0 200 ffff83d5c1877640 physiod physiod
0 196 3 0 200 ffff83d5c1884680 pooldrain pooldrain
0 195 3 1 200 ffff83d5c1884240 ioflush syncer
0 194 3 1 200 ffff83d5c1877a80 pgdaemon pgdaemon
0 170 3 0 200 ffff83d5bf7b6a40 usb7 usbevt
0 169 3 0 200 ffff83d5bf7b6600 usb6 usbevt
0 168 3 1 240 ffff83d5bf7b61c0 usb5 tstile
0 167 3 1 200 ffff83d5bc771a00 usb4 usbevt
0 166 3 1 200 ffff83d5bc7715c0 usb3 usbevt
0 165 3 1 200 ffff83d5bc771180 usb2 usbevt
0 31 3 0 200 ffff83d5b96879c0 usb1 usbevt
0 63 3 0 200 ffff83d5b94ff740 usb0 usbevt
0 126 3 1 200 ffff83d5b94ffb80 usbtask-dr usbtsk
0 125 3 1 200 ffff83d5b95de340 usbtask-hc usbtsk
0 124 3 0 200 ffff83d5b7a95b00 swwreboot swwreboot
0 123 3 1 200 ffff83d5b9687580 npfgc0 npfgcw
0 122 3 1 200 ffff83d5b966a980 rt_free rt_free
0 121 3 1 200 ffff83d5b966a540 unpgc unpgc
0 120 3 1 200 ffff83d5b966a100 key_timehandler key_timehandler
0 119 3 1 200 ffff83d5b9655940 icmp6_wqinput/1 icmp6_wqinput
0 > 118 7 0 200 ffff83d5b9655500 icmp6_wqinput/0
0 117 3 0 200 ffff83d5b96550c0 nd6_timer nd6_timer
0 116 3 1 200 ffff83d5b9648900 carp6_wqinput/1 carp6_wqinput
0 115 3 0 200 ffff83d5b96484c0 carp6_wqinput/0 carp6_wqinput
0 114 3 1 200 ffff83d5b9648080 carp_wqinput/1 carp_wqinput
0 113 3 0 200 ffff83d5b96138c0 carp_wqinput/0 carp_wqinput
0 112 3 1 200 ffff83d5b9613480 icmp_wqinput/1 icmp_wqinput
0 111 3 0 200 ffff83d5b9613040 icmp_wqinput/0 icmp_wqinput
0 110 3 1 200 ffff83d5b95debc0 rt_timer rt_timer
0 109 3 0 200 ffff83d5b95de780 vmem_rehash vmem_rehash
0 100 3 1 200 ffff83d5b94ff300 entbutler entropy
0 99 3 1 200 ffff83d5b8f36b40 viomb balloon
0 98 3 1 200 ffff83d5b8f36700 vioif0_txrx/1 vioif0_txrx
0 97 3 0 200 ffff83d5b8f362c0 vioif0_txrx/0 vioif0_txrx
0 30 3 1 200 ffff83d5b7a956c0 scsibus0 sccomp
0 29 3 0 200 ffff83d5b7a95280 pms0 pmsreset
0 28 3 1 200 ffff83d5b79b5ac0 xcall/1 xcall
0 27 1 1 200 ffff83d5b79b5680 softser/1
0 26 1 1 200 ffff83d5b79b5240 softclk/1
0 25 1 1 200 ffff83d5b7998a80 softbio/1
0 24 1 1 200 ffff83d5b7998640 softnet/1
0 23 1 1 201 ffff83d5b7998200 idle/1
0 22 3 1 200 ffff83d6e5d29a40 lnxsyswq lnxsyswq
0 21 3 1 200 ffff83d6e5d29600 lnxubdwq lnxubdwq
0 20 3 1 200 ffff83d6e5d291c0 lnxpwrwq lnxpwrwq
0 19 3 1 200 ffff83d6e5d38a00 lnxlngwq lnxlngwq
0 18 3 1 200 ffff83d6e5d385c0 lnxhipwq lnxhipwq
0 17 3 1 200 ffff83d6e5d38180 lnxrcugc lnxrcugc
0 16 3 0 200 ffff83d6e5d4f9c0 sysmon smtaskq
0 15 3 1 200 ffff83d6e5d4f580 pmfsuspend pmfsuspend
0 14 3 0 200 ffff83d6e5d4f140 pmfevent pmfevent
0 13 3 1 200 ffff83d6e5d60980 sopendfree sopendfr
0 12 3 0 200 ffff83d6e5d60540 ifwdog ifwdog
0 11 3 0 200 ffff83d6e5d60100 iflnkst iflnkst
0 10 3 1 200 ffff83d6e6d91940 nfssilly nfssilly
0 9 3 0 200 ffff83d6e6d91500 vdrain vdrain
0 8 3 1 200 ffff83d6e6d910c0 modunload mod_unld
0 7 3 0 200 ffff83d6e6db8900 xcall/0 xcall
0 6 1 0 200 ffff83d6e6db84c0 softser/0
0 5 1 0 200 ffff83d6e6db8080 softclk/0
0 4 1 0 200 ffff83d6e6de98c0 softbio/0
0 3 1 0 200 ffff83d6e6de9480 softnet/0
0 2 1 0 201 ffff83d6e6de9040 idle/0
0 0 3 1 200 ffffffff867663c0 swapper uvm
[Locks tracked through LWPs]

****** LWP 18654.18654 (syz-executor.1) @ 0xffff83d615416b00, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:uvm_map_setup+0x282 sys/uvm/uvm_map.c:4794)
lock address : netbsd:kernel_map_store+0x8
type : sleep/adaptive
initialized : netbsd:uvm_map_setup+0x282
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
relevant cpu : 1 last held: 0
relevant lwp : 0xffff83d615416b00 last held: 0xffff83d60d397a00
last locked* : netbsd:vm_map_lock+0x146
unlocked : netbsd:uvm_unmap1+0x6b
owner/count : 0xffff83d60d397a00 flags : 0x0000000000000007
Turnstile:
=> 0 waiting readers:
=> 1 waiting writers: 0xffff83d615416b00

****** LWP 5101.5101 (syz-executor.5) @ 0xffff83d60d397a00, l_stat=2

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d6091b0890
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d60d397a00 last held: 0xffff83d60d397a00
last locked* : netbsd:exit1+0x393
unlocked : netbsd:execve_runproc+0x2da4
owner/count : 0xffff83d60d397a00 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

* Lock 1 (initialized at netbsd:uvm_map_setup+0x282 sys/uvm/uvm_map.c:4794)
lock address : netbsd:kernel_map_store+0x8
type : sleep/adaptive
initialized : netbsd:uvm_map_setup+0x282
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d60d397a00 last held: 0xffff83d60d397a00
last locked* : netbsd:vm_map_lock+0x146
unlocked : netbsd:uvm_unmap1+0x6b
owner/count : 0xffff83d60d397a00 flags : 0x0000000000000007
Turnstile:
=> 0 waiting readers:
=> 1 waiting writers: 0xffff83d615416b00

* Lock 2 (initialized at netbsd:pmap_bootstrap+0xcc sys/arch/x86/x86/pmap.c:1237)
lock address : netbsd:kernel_pmap_store+0x180
type : sleep/adaptive
initialized : netbsd:pmap_bootstrap+0xcc
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d60d397a00 last held: 0xffff83d60d397a00
last locked* : netbsd:pmap_remove+0x9d
unlocked : netbsd:pmap_unwire+0x2c8
owner field : 0xffff83d60d397a00 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 2990.2990 (syz-executor.5) @ 0xffff83d60e0a6940, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d61b961c10
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60e0a6940 last held: 0xffff83d60e0a6940
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d60e0a6940 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60e0a6940 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 4463.16559 (syz-executor.5) @ 0xffff83d60f1f1a40, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60f1f1a40 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 7773.17770 (syz-executor.5) @ 0xffff83d60e0a6500, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60e0a6500 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 4371.20520 (syz-executor.5) @ 0xffff83d601ae9bc0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d601ae9bc0 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 20900.15755 (syz-executor.5) @ 0xffff83d60b9635c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d60b9635c0 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 4531.7115 (syz-executor.5) @ 0xffff83d60cbae580, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d60cbae580 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 11843.11843 (syz-executor.5) @ 0xffff83d60b963a00, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d6109c2450
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60b963a00 last held: 0xffff83d60b963a00
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d60b963a00 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60b963a00 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 9948.9948 (syz-executor.5) @ 0xffff83d60b7a2680, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d5cc7e0390
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d60b7a2680 last held: 0xffff83d60b7a2680
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d60b7a2680 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d60b7a2680 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 19038.19038 (syz-executor.5) @ 0xffff83d60cbae140, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d5ce92c710
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60cbae140 last held: 0xffff83d60cbae140
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d60cbae140 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d60cbae140 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 7215.7215 (syz-executor.5) @ 0xffff83d60e0a1100, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d5f8da9bd0
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d60e0a1100 last held: 0xffff83d60e0a1100
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d60e0a1100 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d60e0a1100 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 19488.1571 (syz-executor.5) @ 0xffff83d607e668c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d607e668c0 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 16537.18490 (syz-executor.5) @ 0xffff83d5fefdab80, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5fefdab80 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 5971.12887 (syz-executor.5) @ 0xffff83d6080db280, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d6080db280 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 13418.15461 (syz-executor.5) @ 0xffff83d600c39980, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d600c39980 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 14993.14913 (syz-executor.5) @ 0xffff83d5dfcf0500, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5dfcf0500 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 14638.15183 (syz-executor.5) @ 0xffff83d5faa9e580, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5faa9e580 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 11965.11965 (syz-executor.5) @ 0xffff83d5df20b4c0, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d5edc07750
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d5df20b4c0 last held: 0xffff83d5df20b4c0
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d5df20b4c0 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5df20b4c0 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 16045.16045 (syz-executor.5) @ 0xffff83d5cf996740, l_stat=3

*** Locks held:

* Lock 0 (initialized at netbsd:fork1+0x4b8 sys/kern/kern_fork.c:366)
lock address : ffff83d5f8eb7b90
type : sleep/adaptive
initialized : netbsd:fork1+0x4b8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff83d5cf996740 last held: 0xffff83d5cf996740
last locked* : netbsd:exit1+0x393
unlocked : 0
owner/count : 0xffff83d5cf996740 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5cf996740 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 11488.10910 (syz-executor.5) @ 0xffff83d5cf91e080, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5cf91e080 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 9977.10628 (syz-executor.5) @ 0xffff83d5e2586580, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5e2586580 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 15196.15404 (syz-executor.5) @ 0xffff83d5d7102240, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 1 last held: 1
relevant lwp : 0xffff83d5d7102240 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 15437.10382 (syz-executor.5) @ 0xffff83d5c2f888c0, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5c2f888c0 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 15335.10130 (syz-executor.5) @ 0xffff83d5cf996300, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:vhci_attach+0x1cb sys/dev/usb/vhci.c:1280)
lock address : ffffc0000f98d4c8
type : sleep/adaptive
initialized : netbsd:vhci_attach+0x1cb
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 39
relevant cpu : 0 last held: 1
relevant lwp : 0xffff83d5cf996300 last held: 0xffff83d5bf7b61c0
last locked* : netbsd:usbd_transfer+0x350
unlocked : netbsd:usbd_setup_pipe_flags+0x13c
owner field : 0xffff83d5bf7b61c0 wait/spin: 1/0
Turnstile:
=> 0 waiting readers:
=> 39 waiting writers: 0xffff83d5cf5536c0 0xffff83d5c2a044c0 0xffff83d5cefba780 0xffff83d5d0850480 0xffff83d5d6d1ca80 0xffff83d5d6c642c0 0xffff83d5dd833780 0xffff83d5d6d1c200 0xffff83d5cefbabc0 0xffff83d5e2586140 0xffff83d5cf996300 0xffff83d5c2f888c0 0xffff83d5d7102240 0xffff83d5e2586580 0xffff83d5cf91e080 0xffff83d5faa9e580 0xffff83d5dfcf0500 0xffff83d600c39980 0xffff83d6080db280 0xffff83d5fefdab80 0xffff83d607e668c0 0xffff83d60cbae580 0xffff83d60b9635c0 0xffff83d601ae9bc0 0xffff83d60e0a6500 0xffff83d60f1f1a40 0xffff83d5dd833340 0xffff83d5cd097200 0xffff83d5deddd100 0xffff83d5c59e7600 0xffff83d60cbae140 0xffff83d60b7a2680 0xffff83d5df20b4c0 0xffff83d5cd097640 0xffff83d60e0a1100 0xffff83d5df20b900 0xffff83d5cf996740 0xffff83d60b963a00 0xffff83d60e0a6940

****** LWP 10139.14032 (syz-executor.5) @ 0xffff83d5e2586140, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initi

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

syzbot

unread,

Aug 26, 2023, 7:30:58 PM8/26/23

to syzkaller-...@googlegroups.com

syzbot has found a reproducer for the following issue on:

HEAD commit: 9194f8e9f8cd error: remove redundant parentheses around re..
git tree: netbsd

console output: https://syzkaller.appspot.com/x/log.txt?x=10bd7013a80000

kernel config: https://syzkaller.appspot.com/x/.config?x=1420f906d33d9f1f
dashboard link: https://syzkaller.appspot.com/bug?extid=99350f250dd5d57f8b76
compiler: g++ (Debian 12.2.0-14) 12.2.0

syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13345187a80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=110d709fa80000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/a38b8cee2ead/disk-9194f8e9.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/c37da189ae87/netbsd-9194f8e9.gdb.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+99350f...@syzkaller.appspotmail.com

[ 46.4584304] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/netinet6/icmp6.c:1977:7, left shift of 1 by 31 places cannot be represented in type 'int'

[ 46.4584304] cpu0: Begin traceback...
[ 46.4884127] vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:292
[ 46.5784118] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
[ 46.6384116] HandleShiftOutOfBounds() at netbsd:HandleShiftOutOfBounds+0x24e sys/../common/lib/libc/misc/ubsan.c:479
[ 46.6984147] _icmp6_input.cold() at netbsd:_icmp6_input.cold+0x8b
[ 46.7684297] wqinput_work() at netbsd:wqinput_work+0x207 sys/netinet/wqinput.c:245
[ 46.8284244] workqueue_worker() at netbsd:workqueue_worker+0x373 workqueue_runlist sys/kern/subr_workqueue.c:149 [inline]
[ 46.8284244] workqueue_worker() at netbsd:workqueue_worker+0x373 sys/kern/subr_workqueue.c:184
[ 46.8484123] cpu0: End traceback...
[ 46.8484123] fatal breakpoint trap in supervisor mode
[ 46.8602026] trap type 1 code 0 rip 0xffffffff80235485 cs 0x8 rflags 0x246 cr2 0x7f7ecae0a70a ilevel 0x4 rsp 0xffff80023fef9600
[ 46.8731991] curlwp 0xfffffc4be3855500 pid 0.118 lowest kstack 0xffff80023fef52c0

Stopped in pid 0.118 (system) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:69
vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:292
Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
HandleShiftOutOfBounds() at netbsd:HandleShiftOutOfBounds+0x24e sys/../common/lib/libc/misc/ubsan.c:479
_icmp6_input.cold() at netbsd:_icmp6_input.cold+0x8b
wqinput_work() at netbsd:wqinput_work+0x207 sys/netinet/wqinput.c:245
workqueue_worker() at netbsd:workqueue_worker+0x373 workqueue_runlist sys/kern/subr_workqueue.c:149 [inline]
workqueue_worker() at netbsd:workqueue_worker+0x373 sys/kern/subr_workqueue.c:184
Panic string: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/netinet6/icmp6.c:1977:7, left shift of 1 by 31 places cannot be represented in type 'int'

PID LID S CPU FLAGS STRUCT LWP * NAME WAIT

1247 1247 2 0 0 fffffc4beccfb100 syz-executor2813
1236 >1236 7 1 0 fffffc4bebdbcb00 syz-executor2813
990 990 2 0 0 fffffc4bed620580 syz-executor2813
829 829 2 0 0 fffffc4beccfb540 syz-executor2813
813 813 2 0 0 fffffc4bece67180 syz-executor2813
953 953 3 0 180 fffffc4bebfbf700 syz-executor2813 nanoslp
1244 1244 2 1 0 fffffc4bed620140 syz-executor2813
929 929 2 0 0 fffffc4beccfb980 syz-executor2813
449 449 2 1 140 fffffc4bed6209c0 syz-executor2813
1080 1080 3 0 180 fffffc4bed6a0600 syz-executor2813 nanoslp
1235 1235 3 0 180 fffffc4bebdbc6c0 sshd select
1223 1223 3 0 180 fffffc4bece675c0 getty nanoslp
947 947 3 0 180 fffffc4bed6a01c0 getty nanoslp
982 982 3 1 180 fffffc4bebdbc280 getty nanoslp
1224 1224 3 0 1c0 fffffc4be36ff740 getty ttyraw
814 814 3 0 180 fffffc4bece67a00 sshd select
1097 1097 3 0 180 fffffc4bec376bc0 powerd kqueue
812 812 3 0 180 fffffc4becf71900 syslogd kqueue
605 605 3 0 180 fffffc4bec5c7040 dhcpcd poll
559 559 3 1 180 fffffc4bebfbfb40 dhcpcd poll
747 747 3 0 180 fffffc4becf99500 dhcpcd poll
601 601 3 0 180 fffffc4bec376780 dhcpcd poll
292 292 3 0 180 fffffc4bec376340 dhcpcd poll
485 485 3 1 180 fffffc4bec07e300 dhcpcd poll
291 291 3 1 180 fffffc4bebfbf2c0 dhcpcd poll
1 1 3 0 180 fffffc4be3897140 init wait
0 864 3 0 200 fffffc4beba9a680 physiod physiod
0 196 3 0 200 fffffc4be36ffb80 ioflush syncer
0 195 3 0 200 fffffc4be37de340 pooldrain pooldrain
0 194 3 1 200 fffffc4beba9aac0 pgdaemon pgdaemon
0 170 3 1 200 fffffc4be99eba80 usb7 usbevt
0 169 3 1 200 fffffc4be99eb640 usb6 usbevt
0 168 3 1 200 fffffc4be99eb200 usb5 usbevt
0 167 3 1 200 fffffc4be693ea40 usb4 usbevt
0 166 3 1 200 fffffc4be693e600 usb3 usbevt
0 165 3 1 200 fffffc4be693e1c0 usb2 usbevt
0 31 3 1 200 fffffc4be4919a00 usb1 usbevt
0 63 3 1 200 fffffc4be49195c0 usb0 usbevt
0 126 3 1 200 fffffc4be4919180 usbtask-dr usbtsk
0 125 3 0 200 fffffc4be38979c0 usbtask-hc usbtsk
0 124 3 1 200 fffffc4be3897580 swwreboot swwreboot
0 123 3 0 200 fffffc4be1c95b00 npfgc0 npfgcw
0 122 3 1 200 fffffc4be386a980 rt_free rt_free
0 121 3 1 200 fffffc4be386a540 unpgc unpgc
0 120 3 0 200 fffffc4be386a100 key_timehandler key_timehandler
0 119 3 1 200 fffffc4be3855940 icmp6_wqinput/1 icmp6_wqinput
0 > 118 7 0 200 fffffc4be3855500 icmp6_wqinput/0
0 117 3 0 200 fffffc4be38550c0 nd6_timer nd6_timer
0 116 3 1 200 fffffc4be3850900 carp6_wqinput/1 carp6_wqinput
0 115 3 0 200 fffffc4be38504c0 carp6_wqinput/0 carp6_wqinput
0 114 3 1 200 fffffc4be3850080 carp_wqinput/1 carp_wqinput
0 113 3 0 200 fffffc4be381b8c0 carp_wqinput/0 carp_wqinput
0 112 3 1 200 fffffc4be381b480 icmp_wqinput/1 icmp_wqinput
0 111 3 0 200 fffffc4be381b040 icmp_wqinput/0 icmp_wqinput
0 110 3 0 200 fffffc4be37debc0 rt_timer rt_timer
0 109 3 0 200 fffffc4be37de780 vmem_rehash vmem_rehash
0 100 3 0 200 fffffc4be36ff300 entbutler entropy
0 99 3 1 200 fffffc4be3136b40 viomb balloon
0 98 3 1 200 fffffc4be3136700 vioif0_txrx/1 vioif0_txrx
0 97 3 0 200 fffffc4be31362c0 vioif0_txrx/0 vioif0_txrx
0 30 3 1 200 fffffc4be1c956c0 scsibus0 sccomp
0 29 3 0 200 fffffc4be1c95280 pms0 pmsreset
0 28 3 1 200 fffffc4be1bb5ac0 xcall/1 xcall
0 27 1 1 200 fffffc4be1bb5680 softser/1
0 > 26 7 1 200 fffffc4be1bb5240 softclk/1
0 25 1 1 200 fffffc4be1b98a80 softbio/1
0 24 1 1 200 fffffc4be1b98640 softnet/1
0 23 1 1 201 fffffc4be1b98200 idle/1
0 22 3 0 200 fffffc4d0ff29a40 lnxsyswq lnxsyswq
0 21 3 0 200 fffffc4d0ff29600 lnxubdwq lnxubdwq
0 20 3 0 200 fffffc4d0ff291c0 lnxpwrwq lnxpwrwq
0 19 3 1 200 fffffc4d0ff38a00 lnxlngwq lnxlngwq
0 18 3 0 200 fffffc4d0ff385c0 lnxhipwq lnxhipwq
0 17 3 0 200 fffffc4d0ff38180 lnxrcugc lnxrcugc
0 16 3 0 200 fffffc4d0ff4f9c0 sysmon smtaskq
0 15 3 1 200 fffffc4d0ff4f580 pmfsuspend pmfsuspend
0 14 3 0 200 fffffc4d0ff4f140 pmfevent pmfevent
0 13 3 0 200 fffffc4d0ff60980 sopendfree sopendfr
0 12 3 1 200 fffffc4d0ff60540 ifwdog ifwdog
0 11 3 0 200 fffffc4d0ff60100 iflnkst iflnkst
0 10 3 1 200 fffffc4d10f91940 nfssilly nfssilly
0 9 3 1 200 fffffc4d10f91500 vdrain vdrain
0 8 3 0 200 fffffc4d10f910c0 modunload mod_unld
0 7 3 0 200 fffffc4d10fb8900 xcall/0 xcall
0 6 1 0 200 fffffc4d10fb84c0 softser/0
0 5 1 0 200 fffffc4d10fb8080 softclk/0
0 4 1 0 200 fffffc4d10fe98c0 softbio/0
0 3 1 0 200 fffffc4d10fe9480 softnet/0
0 2 1 0 201 fffffc4d10fe9040 idle/0
0 0 3 0 200 ffffffff867663c0 swapper uvm
[Locks tracked through LWPs]

****** LWP 1236.1236 (syz-executor2813) @ 0xfffffc4bebdbcb00, l_stat=7

*** Locks held:

* Lock 0 (initialized at netbsd:amap_alloc1+0x30a sys/uvm/uvm_amap.c:167)
lock address : fffffc4bee0de2c0
type : sleep/adaptive
initialized : netbsd:amap_alloc1+0x30a

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1

relevant lwp : 0xfffffc4bebdbcb00 last held: 0xfffffc4bebdbcb00
last locked* : netbsd:uvm_fault_internal+0x75d
unlocked : netbsd:uvm_fault_upper_enter+0x454
owner/count : 000000000000000000 flags : 000000000000000000

Turnstile: no active turnstile for this lock.

* Lock 1 (initialized at netbsd:pmap_ctor+0x6d sys/arch/x86/x86/pmap.c:2872)
lock address : fffffc4beccdfb80
type : sleep/adaptive
initialized : netbsd:pmap_ctor+0x6d

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1

relevant lwp : 0xfffffc4bebdbcb00 last held: 0xfffffc4bebdbcb00
last locked* : netbsd:pmap_remove+0x9d
unlocked : netbsd:pmap_enter_ma+0xb24
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

*** Locks wanted:

* Lock 0 (initialized at netbsd:pmap_ctor+0x9b sys/arch/x86/x86/pmap.c:2873)
lock address : fffffc4beccdfb88
type : sleep/adaptive
initialized : netbsd:pmap_ctor+0x9b
shared holds : 0 exclusive: 0

shares wanted: 0 exclusive: 1

relevant cpu : 1 last held: 1
relevant lwp : 0xfffffc4bebdbcb00 last held: 000000000000000000
last locked : netbsd:pmap_get_ptp+0x25e
unlocked* : netbsd:pmap_get_ptp+0x6dc
owner/count : 000000000000000000 flags : 000000000000000000

Turnstile: no active turnstile for this lock.

****** LWP 813.813 (syz-executor2813) @ 0xfffffc4bece67180, l_stat=2

*** Locks held:

* Lock 0 (initialized at netbsd:pmap_ctor+0x6d sys/arch/x86/x86/pmap.c:2872)
lock address : fffffc4bec409580
type : sleep/adaptive
initialized : netbsd:pmap_ctor+0x6d

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4bece67180 last held: 0xfffffc4bece67180
last locked* : netbsd:pmap_enter_ma+0x3c0
unlocked : netbsd:pmap_extract+0x2c8
owner field : 0xfffffc4bece67180 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

* Lock 1 (initialized at netbsd:pmap_ctor+0x9b sys/arch/x86/x86/pmap.c:2873)
lock address : fffffc4bec409588
type : sleep/adaptive
initialized : netbsd:pmap_ctor+0x9b

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4bece67180 last held: 0xfffffc4bece67180
last locked* : netbsd:pmap_get_ptp+0x25e
unlocked : netbsd:pmap_get_ptp+0x6dc
owner/count : 0xfffffc4bece67180 flags : 0x0000000000000004

Turnstile: no active turnstile for this lock.

* Lock 2 (initialized at netbsd:pool_init+0x1156 sys/kern/subr_pool.c:981)
lock address : fffffc4d114bf370
type : sleep/adaptive
initialized : netbsd:pool_init+0x1156

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4bece67180 last held: 0xfffffc4bece67180
last locked* : netbsd:pool_get+0x18b
unlocked : netbsd:pool_get+0xfe1
owner field : 0xfffffc4bece67180 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 1244.1244 (syz-executor2813) @ 0xfffffc4bed620140, l_stat=2

*** Locks held:

* Lock 0 (initialized at netbsd:pmap_ctor+0x6d sys/arch/x86/x86/pmap.c:2872)
lock address : fffffc4beccdfd80
type : sleep/adaptive
initialized : netbsd:pmap_ctor+0x6d

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1

relevant lwp : 0xfffffc4bed620140 last held: 0xfffffc4bed620140
last locked* : netbsd:pmap_enter_ma+0x3c0
unlocked : netbsd:pmap_extract+0x2c8
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 559.559 (dhcpcd) @ 0xfffffc4bebfbfb40, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132)
lock address : netbsd:module_hook
type : sleep/adaptive
initialized : netbsd:module_hook_init+0x1c
shared holds : 0 exclusive: 0

shares wanted: 0 exclusive: 0

relevant cpu : 1 last held: 0
relevant lwp : 0xfffffc4bebfbfb40 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

****** LWP 747.747 (dhcpcd) @ 0xfffffc4becf99500, l_stat=3

*** Locks held: none

*** Locks wanted:

shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4becf99500 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

****** LWP 485.485 (dhcpcd) @ 0xfffffc4bec07e300, l_stat=3

*** Locks held: none

*** Locks wanted:

shares wanted: 0 exclusive: 0

relevant cpu : 1 last held: 0
relevant lwp : 0xfffffc4bec07e300 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

****** LWP 291.291 (dhcpcd) @ 0xfffffc4bebfbf2c0, l_stat=3

*** Locks held: none

*** Locks wanted:

shares wanted: 0 exclusive: 0

relevant cpu : 1 last held: 0
relevant lwp : 0xfffffc4bebfbf2c0 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

****** LWP 0.118 (icmp6_wqinput/0) @ 0xfffffc4be3855500, l_stat=7

*** Locks held:

* Lock 0 (initialized at netbsd:soinit+0x1f7 sys/kern/uipc_socket.c:459)
lock address : fffffc4d11468080
type : sleep/adaptive
initialized : netbsd:soinit+0x1f7

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4be3855500 last held: 0xfffffc4be3855500
last locked* : netbsd:wqinput_work+0x1b4
unlocked : netbsd:softint_dispatch+0x3d4
owner field : 0xfffffc4be3855500 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 0.11 (iflnkst) @ 0xfffffc4d0ff60100, l_stat=3

*** Locks held: none

*** Locks wanted:

shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4d0ff60100 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

****** LWP 0.5 (softclk/0) @ 0xfffffc4d10fb8080, l_stat=1

*** Locks held: none

*** Locks wanted:

shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4d10fb8080 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

****** LWP 0.0 (swapper) @ 0xffffffff867663c0, l_stat=3

*** Locks held: none

*** Locks wanted:

shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xffffffff867663c0 last held: 000000000000000000
last locked : 0
unlocked* : 0
owner field : 000000000000000000 wait/spin: 0/0

Turnstile: no active turnstile for this lock.

[Locks tracked through CPUs]

******* Locks held on cpu0:

* Lock 0 (initialized at netbsd:main+0x106 sys/kern/init_main.c:305)
lock address : netbsd:kernel_lock
type : spin
initialized : netbsd:main+0x106

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4be3855500 last held: 0xfffffc4be3855500
last locked* : netbsd:wqinput_work+0x1be
unlocked : netbsd:ip6intr+0xc89
curcpu holds : 1 wanted by: 000000000000000000

* Lock 1 (initialized at netbsd:kprintf_init+0x72 sys/kern/subr_prf.c:156)
lock address : netbsd:kprintf_mtx
type : spin
initialized : netbsd:kprintf_init+0x72

shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0

relevant lwp : 0xfffffc4be3855500 last held: 0xfffffc4be3855500
last locked* : netbsd:kprintf_lock+0x50
unlocked : netbsd:kprintf_unlock+0x70
owner field : 0x0000000000000800 wait/spin: 0/1

PAGE FLAG PQ UOBJECT UANON
0xffff800000007180 0045 00000000 0x0 0x0
0xffff800000007200 0045 00000000 0x0 0x0
0xffff800000007280 0045 00000000 0x0 0x0
0xffff800000007300 0045 00000000 0x0 0x0
0xffff800000007380 0045 00000000 0x0 0x0
0xffff800000007400 0045 00000000 0x0 0x0
0xffff800000007480 0045 00000000 0x0 0x0
0xffff800000007500 0045 00000000 0x0 0x0
0xffff800000007580 0045 00000000 0x0 0x0
0xffff800000007600 0045 00000000 0x0 0x0
0xffff800000007680 0045 00000000 0x0 0x0
0xffff800000007700 0041 00000000 0x0 0x0
0xffff800000007780 0041 00000000 0x0 0x0
0xffff800000007800 0041 00000000 0x0 0x0
0xffff800000007880 0041 00000000 0x0 0x0
0xffff800000007900 0045 00000000 0x0 0x0
0xffff800000007980 0041 00000000 0x0 0x0
0xffff800000007a00 0041 00000000 0x0 0x0
0xffff800000007a80 0041 00000000 0x0 0x0
0xffff800000007b00 0041 00000000 0x0 0x0
0xffff800000007b80 0041 00000000 0x0 0x0
0xffff800000007c00 0041 00000000 0x0 0x0
0xffff800000007c80 0041 00000000 0x0 0x0
0xffff800000007d00 0041 00000000 0x0 0x0
0xffff800000007d80 0041 00000000 0x0 0x0
0xffff800000007e00 0041 00000000 0x0 0x0
0xffff800000007e80 0041 00000000 0x0 0x0
0xffff800000007f00 0041 00000000 0x0 0x0
0xffff800000007f80 0041 00000000 0x0 0x0
0xffff800000008000 0041 00000000 0x0 0x0
0xffff800000008080 0041 00000000 0x0 0x0
0xffff800000008100 0041 00000000 0x0 0x0
0xffff800000008180 0041 00000000 0x0 0x0
0xffff800000008200 0041 00000000 0x0 0x0
0xffff800000008280 0041 00000000 0x0 0x0
0xffff800000008300 0041 00000000 0x0 0x0
0xffff800000008380 0041 00000000 0x0 0x0
0xffff800000008400 0041 00000000 0x0 0x0
0xffff800000008480 0041 00000000 0x0 0x0
0xffff800000008500 0041 00000000 0x0 0x0
0xffff800000008580 0041 00000000 0x0 0x0
0xffff800000008600 0045 00000000 0x0 0x0
0xffff800000008680 0041 00000000 0x0 0x0
0xffff800000008700 0041 00000000 0x0 0x0
0xffff800000008780 0041 00000000 0x0 0x0
0xffff800000008800 0041 00000000 0x0 0x0
0xffff800000008880 0041 00000000 0x0 0x0
0xffff800000008900 0041 00000000 0x0 0x0
0xffff800000008980 0041 00000000 0x0 0x0
0xffff800000008a00 0041 00000000 0x0 0x0
0xffff800000008a80 0041 00000000 0x0 0x0
0xffff800000008b00 0041 00000000 0x0 0x0
0xffff800000008b80 0041 00000000 0x0 0x0
0xffff800000008c00 0041 00000000 0x0 0x0
0xffff800000008c80 0041 00000000 0x0 0x0
0xffff800000008d00 0041 00000000 0x0 0x0
0xffff800000008d80 0041 00000000 0x0 0x0
0xffff800000008e00 0041 00000000 0x0 0x0
0xffff800000008e80 0041 00000000 0x0 0x0
0xffff800000008f00 0041 00000000 0x0 0x0
0xffff800000008f80 0041 00000000 0x0 0x0
0xffff800000009000 0041 00000000 0x0 0x0
0xffff800000009080 0045 00000000 0x0 0x0
0xffff800000009100 0045 00000000 0x0 0x0
0xffff800000009180 0045 00000000 0x0 0x0
0xffff800000009200 0041 00000000 0x0 0x0
0xffff800000009280 0041 00000000 0x0 0x0
0xffff800000009300 0041 00000000 0x0 0x0
0xffff800000009380 0041 00000000 0x0 0x0
0xffff800000009400 0041 00000000 0x0 0x0
0xffff800000009480 0041 00000000 0x0 0x0
0xffff800000009500 0041 00000000 0x0 0x0
0xffff800000009580 0041 00000000 0x0 0x0
0xffff800000009600 0041 00000000 0x0 0x0
0xffff800000009680 0041 00000000 0x0 0x0
0xffff800000009700 0041 00000000 0x0 0x0
0xffff800000009780 0041 00000000 0x0 0x0
0xffff800000009800 0041 00000000 0x0 0x0
0xffff800000009880 0041 00000000 0x0 0x0
0xffff800000009900 0041 00000000 0x0 0x0
0xffff800000009980 0041 00000000 0x0 0x0
0xffff800000009a00 0041 00000000 0x0 0x0
0xffff800000009a80 0041 00000000 0x0 0x0
0xffff800000009b00 0041 00000000 0x0 0x0
0xffff800000009b80 0041 00000000 0x0 0x0
0xffff800000009c00 0041 00000000 0x0 0x0
0xffff800000009c80 0041 00000000 0x0 0x0
0xffff800000009d00 0041 00000000 0x0 0x0
0xffff800000009d80 0041 00000000 0x0 0x0
0xffff800000009e00 0041 00000000 0x0 0x0
0xffff800000009e80 0041 00000000 0x0 0x0
0xffff800000009f00 0041 00000000 0x0 0x0
0xffff800000009f80 0045 00000000 0x0 0x0
0xffff80000000a000 0041 00000000 0x0 0x0
0xffff80000000a080 0041 00000000 0x0 0x0
0xffff80000000a100 0041 00000000 0x0 0x0
0xffff80000000a180 0041 00000000 0x0 0x0
0xffff80000000a200 0041 00000000 0x0 0x0
0xffff80000000a280 0041 00000000 0x0 0x0
0xffff80000000a300 0041 00000000 0x0 0x0
0xffff80000000a380 0041 00000000 0x0 0x0
0xffff80000000a400 0041 00000000 0x0 0x0
0xffff80000000a480 0041 00000000 0x0 0x0
0xffff80000000a500 0041 00000000 0x0 0x0
0xffff80000000a580 0041 00000000 0x0 0x0
0xffff80000000a600 0041 00000000 0x0 0x0
0xffff80000000a680 0041 00000000 0x0 0x0
0xffff80000000a700 0041 00000000 0x0 0x0
0xffff80000000a780 0041 00000000 0x0 0x0
0xffff80000000a800 0041 00000000 0x0 0x0
0xffff80000000a880 0041 00000000 0x0 0x0
0xffff80000000a900 0041 00000000 0x0 0x0
0xffff80000000a980 0041 00000000 0x0 0x0
0xffff80000000aa00 0041 00000000 0x0 0x0
0xffff80000000aa80 0041 00000000 0x0 0x0
0xffff80000000ab00 0041 00000000 0x0 0x0
0xffff80000000ab80 0041 00000000 0x0 0x0
0xffff80000000ac00 0041 00000000 0x0 0x0
0xffff80000000ac80 0041 00000000 0x0 0x0
0xffff80000000ad00 0041 00000000 0x0 0x0
0xffff80000000ad80 0041 00000000 0x0 0x0
0xffff80000000ae00 0041 00000000 0x0 0x0
0xffff80000000ae80 0041 00000000 0x0 0x0
0xffff80000000af00 0041 00000000 0x0 0x0
0xffff80000000af80 0041 00000000 0x0 0x0
0xffff80000000b000 0045 00000000 0x0 0x0
0xffff80000000b080 0041 00000000 0x0 0x0
0xffff80000000b100 0041 00000000 0x0 0x0
0xffff80000000b180 0041 00000000 0x0 0x0
0xffff80000000b200 0045 00000000 0x0 0x0
0xffff80000000b280 0041 00000000 0x0 0x0
0xffff80000000b300 0045 00000000 0x0 0x0
0xffff80000000b380 0045 00000000 0x0 0x0
0xffff80000000b400 0045 00000000 0x0 0x0
0xffff80000000b480 0041 00000000 0x0 0x0
0xffff80000000b500 0041 00000000 0x0 0x0
0xffff80000000b580 0041 00000000 0x0 0x0
0xffff80000000b600 0045 00000000 0x0 0x0
0xffff80000000b680 0045 00000000 0x0 0x0
0xffff80000000b700 0045 00000000 0x0 0x0
0xffff80000000b780 0045 00000000 0x0 0x0
0xffff80000000b800 0045 00000000 0x0 0x0
0xffff80000000b880 0045 00000000 0x0 0x0
0xffff80000000b900 0045 00000000 0x0 0x0
0xffff80000000b980 0045 00000000 0x0 0x0
0xffff80000000ba00 0045 00000000 0x0 0x0
0xffff80000000ba80 0045 00000000 0x0 0x0
0xffff80000000bb00 0045 00000000 0x0 0x0
0xffff80000000bb80 0045 00000000 0x0 0x0
0xffff80000000bc00 0045 00000000 0x0 0x0
0xffff80000000bc80 0045 00000000 0x0 0x0
0xffff80000000bd00 0045 00000000 0x0 0x0
0xffff80000000bd80 0045 00000000 0x0 0x0
0xffff80000000be00 0045 00000000 0x0 0x0
0xffff80000000be80 0045 00000000 0x0 0x0
0xffff80000000bf00 0045 00000000 0x0 0x0
0xffff80000000bf80 0045 00000000 0x0 0x0
0xffff80000000c000 0045 00000000 0x0 0x0
0xffff80000000c080 0045 00000000 0x0 0x0
0xffff80000000c100 0045 00000000 0x0 0x0
0xffff80000000c180 0045 00000000 0x0 0x0
0xffff80000000c200 0045 00000000 0x0 0x0
0xffff80000000c280 0045 00000000 0x0 0x0
0xffff80000000c300 0045 00000000 0x0 0x0
0xffff80000000c380 0045 00000000 0x0 0x0
0xffff80000000c400 0045 00000000 0x0 0x0
0xffff80000000c480 0045 00000000 0x0 0x0
0xffff80000000c500 0045 00000000 0x0 0x0
0xffff80000000c580 0045 00000000 0x0 0x0
0xffff80000000c600 0045 00000000 0x0 0x0
0xffff80000000c680 0045 00000000 0x0 0x0
0xffff80000000c700 0045 00000000 0x0 0x0
0xffff80000000c780 0045 00000000 0x0 0x0
0xffff80000000c800 0041 00000000 0x0 0x0
0xffff80000000c880 0045 00000000 0x0 0x0
0xffff80000000c900 0045 00000000 0x0 0x0
0xffff80000000c980 0045 00000000 0x0 0x0
0xffff80000000ca00 0041 00000000 0x0 0x0
0xffff80000000ca80 0045 00000000 0x0 0x0
0xffff80000000cb00 0045 00000000 0x0 0x0
0xffff80000000cb80 0045 00000000 0x0 0x0
0xffff80000000cc00 0041 00000000 0x0 0x0
0xffff80000000cc80 0045 00000000 0x0 0x0
0xffff80000000cd00 0045 00000000 0x0 0x0
0xffff80000000cd80 0045 00000000 0x0 0x0
0xffff80000000ce00 0041 00000000 0x0 0x0
0xffff80000000ce80 0045 00000000 0x0 0x0
0xffff80000000cf00 0041 00000000 0x0 0x0
0xffff80000000cf80 0041 00000000 0x0 0x0
0xffff80000000d000 0041 00000000 0x0 0x0
0xffff80000000d080 0041 00000000 0x0 0x0
0xffff80000000d100 0041 00000000 0x0 0x0
0xffff80000000d180 0041 00000000 0x0 0x0
0xffff80000000d200 0041 00000000 0x0 0x0
0xffff80000000d280 0041 00000000 0x0 0x0
0xffff80000000d300 0041 00000000 0x0 0x0
0xffff80000000d380 0041 00000000 0x0 0x0
0xffff80000000d400 0041 00000000 0x0 0x0
0xffff80000000d480 0041 00000000 0x0 0x0
0xffff80000000d500 0041 00000000 0x0 0x0
0xffff80000000d580 0041 00000000 0x0 0x0
0xffff80000000d600 0041 00000000 0x0 0x0
0xffff80000000d680 0041 00000000 0x0 0x0
0xffff80000000d700 0041 00000000 0x0 0x0
0xffff80000000d780 0041 00000000 0x0 0x0
0xffff80000000d800 0045 00000000 0x0 0x0
0xffff80000000d880 0041 00000000 0x0 0x0
0xffff80000000d900 0041 00000000 0x0 0x0
0xffff80000000d980 0041 00000000 0x0 0x0
0xffff80000000da00 0041 00000000 0x0 0x0
0xffff80000000da80 0041 00000000 0x0 0x0
0xffff80000000db00 0045 00000000 0x0 0x0
0xffff80000000db80 0041 00000000 0x0 0x0
0xffff80000000dc00 0045 00000000 0x0 0x0
0xffff80000000dc80 0041 00000000 0x0 0x0
0xffff80000000dd00 0041 00000000 0x0 0x0
0xffff80000000dd80 0041 00000000 0x0 0x0
0xffff80000000de00 0045 00000000 0x0 0x0
0xffff80000000de80 0045 00000000 0x0 0x0
0xffff80000000df00 0041 00000000 0x0 0x0
0xffff80000000df80 0045 00000000 0x0 0x0
0xffff80000000e000 0045 00000000 0x0 0x0
0xffff80000000e080 0045 00000000 0x0 0x0
0xffff80000000e100 0041 00000000 0x0 0x0
0xffff80000000e180 0041 00000000 0x0 0x0
0xffff80000000e200 0041 00000000 0x0 0x0
0xffff80000000e280 0041 00000000 0x0 0x0
0xffff80000000e300 0045 00000000 0x0 0x0
0xffff80000000e380 0045 00000000 0x0 0x0
0xffff80000000e400 0041 00000000 0x0 0x0
0xffff80000000e480 0045 00000000 0x0 0x0
0xffff80000000e500 0045 00000000 0x0 0x0
0xffff80000000e580 0045 00000000 0x0 0x0
0xffff80000000e600 0041 00000000 0x0 0x0
0xffff80000000e680 0041 00000000 0x0 0x0
0xffff80000000e700 0045 00000000 0x0 0x0
0xffff80000000e780 0045 00000000 0x0 0x0
0xffff80000000e800 0041 00000000 0x0 0x0
0xffff80000000e880 0041 00000000 0x0 0x0
0xffff80000000e900 0041 00000000 0x0 0x0
0xffff80000000e980 0041 00000000 0x0 0x0
0xffff80000000ea00 0041 00000000 0x0 0x0
0xffff80000000ea80 0045 00000000 0x0 0x0
0xffff80000000eb00 0045 00000000 0x0 0x0
0xffff80000000eb80 0041 00000000 0x0 0x0
0xffff80000000ec00 0045 00000000 0x0 0x0
0xffff80000000ec80 0045 00000000 0x0 0x0
0xffff80000000ed00 0041 00000000 0x0 0x0
0xffff80000000ed80 0041 00000000 0x0 0x0
0xffff80000000ee00 0041 00000000 0x0 0x0
0xffff80000000ee80 0045 00000000 0x0 0x0
0xffff80000000ef00 0041 00000000 0x0 0x0
0xffff80000000ef80 0041 00000000 0x0 0x0
0xffff80000000f000 0041 00000000 0x0 0x0
0xffff80000000f080 0041 00000000 0x0 0x0
0xffff80000000f100 0041 00000000 0x0 0x0
0xffff80000000f180 0045 00000000 0x0 0x0
0xffff80000000f200 0041 00000000 0x0 0x0
0xffff80000000f280 0041 00000000 0x0 0x0
0xffff80000000f300 0041 00000000 0x0 0x0
0xffff80000000f380 0045 00000000 0x0 0x0
0xffff80000000f400 0045 00000000 0x0 0x0
0xffff80000000f480 0041 00000000 0x0 0x0
0xffff80000000f500 0041 00000000 0x0 0x0
0xffff80000000f580 0041 00000000 0x0 0x0
0xffff80000000f600 0041 00000000 0x0 0x0
0xffff80000000f680 0041 00000000 0x0 0x0
0xffff80000000f700 0041 00000000 0x0 0x0
0xffff80000000f780 0041 00000000 0x0 0x0
0xffff80000000f800 0041 00000000 0x0 0x0
0xffff80000000f880 0041 00000000 0x0 0x0
0xffff80000000f900 0045 00000000 0x0 0x0
0xffff80000000f980 0041 00000000 0x0 0x0
0xffff80000000fa00 0045 00000000 0x0 0x0
0xffff80000000fa80 0041 00000000 0x0 0x0
0xffff80000000fb00 0041 00000000 0x0 0x0
0xffff80000000fb80 0041 00000000 0x0 0x0
0xffff80000000fc00 0041 00000000 0x0 0x0
0xffff80000000fc80 0045 00000000 0x0 0x0
0xffff80000000fd00 0041 00000000 0x0 0x0
0xffff80000000fd80 0041 00000000 0x0 0x0
0xffff80000000fe00 0041 00000000 0x0 0x0
0xffff80000000fe80 0041 00000000 0x0 0x0
0xffff80000000ff00 0041 00000000 0x0 0x0
0xffff80000000ff80 0041 00000000 0x0 0x0
0xffff800000010000 0041 00000000 0x0 0x0
0xffff800000010080 0041 00000000 0x0 0x0
0xffff800000010100 0045 00000000 0x0 0x0
0xffff800000010180 0041 00000000 0x0 0x0
0xffff800000010200 0045 00000000 0x0 0x0
0xffff800000010280 0041 00000000 0x0 0x0
0xffff800000010300 0041 00000000 0x0 0x0
0xffff800000010380 0041 00000000 0x0 0x0
0xffff800000010400 0041 00000000 0x0 0x0
0xffff800000010480 0045 00000000 0x0 0x0
0xffff800000010500 0041 00000000 0x0 0x0
0xffff800000010580 0045 00000000 0x0 0x0
0xffff800000010600 0041 00000000 0x0 0x0
0xffff800000010680 0041 00000000 0x0 0x0
0xffff800000010700 0041 00000000 0x0 0x0
0xffff800000010780 0041 00000000 0x0 0x0
0xffff800000010800 0041 00000000 0x0 0x0
0xffff800000010880 0041 00000000 0x0 0x0
0xffff800000010900 0045 00000000 0x0 0x0
0xffff800000010980 0041 00000000 0x0 0x0
0xffff800000010a00 0045 00000000 0x0 0x0
0xffff800000010a80 0045 00000000 0x0 0x0
0xffff800000010b00 0041 00000000 0x0 0x0
0xffff800000010b80 0041 00000000 0x0 0x0
0xffff800000010c00 0041 00000000 0x0 0x0
0xffff800000010c80 0041 00000000 0x0 0x0
0xffff800000010d00 0041 00000000 0x0 0x0
0xffff800000010d80 0045 00000000 0x0 0x0
0xffff800000010e00 0041 00000000 0x0 0x0
0xffff800000010e80 0041 00000000 0x0 0x0
0xffff800000010f00 0041 00000000 0x0 0x0
0xffff800000010f80 0045 00000000 0x0 0x0
0xffff800000011000 0041 00000000 0x0 0x0
0xffff800000011080 0041 00000000 0x0 0x0
0xffff800000011100 0041 00000000 0x0 0x0
0xffff800000011180 0041 00000000 0x0 0x0
0xffff800000011200 0041 00000000 0x0 0x0
0xffff800000011280 0045 00000000 0x0 0x0
0xffff800000011300 0041 00000000 0x0 0x0
0xffff800000011380 0041 00000000 0x0 0x0
0xffff800000011400 0041 00000000 0x0 0x0
0xffff800000011480 0041 00000000 0x0 0x0
0xffff800000011500 0041 00000000 0x0 0x0
0xffff800000011580 0041 00000000 0x0 0x0
0xffff800000011600 0041 00000000 0x0 0x0
0xffff800000011680 0041 00000000 0x0 0x0
0xffff800000011700 0041 00000000 0x0 0x0
0xffff800000011780 0041 00000000 0x0 0x0
0xffff800000011800 0041 00000000 0x0 0x0
0xffff800000011880 0041 00000000 0x0 0x0
0xffff800000011900 0041 00000000 0x0 0x0
0xffff800000011980 0041 00000000 0x0 0x0
0xffff800000011a00 0045 00000000 0x0 0x0
0xffff800000011a80 0041 00000000 0x0 0x0
0xffff800000011b00 0045 00000000 0x0 0x0
0xffff800000011b80 0041 00000000 0x0 0x0
0xffff800000011c00 0041 00000000 0x0 0x0
0xffff800000011c80 0041 00000000 0x0 0x0
0xffff800000011d00 0041 00000000 0x0 0x0
0xffff800000011d80 0041 00000000 0x0 0x0
0xffff800000011e00 0041 00000000 0x0 0x0
0xffff800000011e80 0041 00000000 0x0 0x0
0xffff800000011f00 0041 00000000 0x0 0x0
0xffff800000011f80 0045 00000000 0x0 0x0
0xffff800000012000 0041 00000000 0x0 0x0
0xffff800000012080 0045 00000000 0x0 0x0
0xffff800000012100 0041 00000000 0x0 0x0
0xffff800000012180 0041 00000000 0x0 0x0
0xffff800000012200 0041 00000000 0x0 0x0
0xffff800000012280 0041 00000000 0x0 0x0
0xffff800000012300 0041 00000000 0x0 0x0
0xffff800000012380 0041 00000000 0x0 0x0
0xffff800000012400 0041 00000000 0x0 0x0
0xffff800000012480 0041 00000000 0x0 0x0
0xffff800000012500 0045 00000000 0x0 0x0
0xffff800000012580 0045 00000000 0x0 0x0
0xffff800000012600 0041 00000000 0x0 0x0
0xffff800000012680 0045 00000000 0x0 0x0
0xffff800000012700 0001 00000000 0x0 0x0
0xffff800000012780 0001 00000000 0x0 0x0
0xffff800000012800 0001 00000000 0x0 0x0
0xffff800000012880 0001 00000000 0x0 0x0
0xffff800000012900 0001 00000000 0x0 0x0
0xffff800000012980 0001 00000000 0x0 0x0
0xffff800000012a00 0001 00000000 0x0 0x0
0xffff800000012a80 0001 00000000 0x0 0x0
0xffff800000012b00 0001 00000000 0x0 0x0
0xffff800000012b80 0001 00000000 0x0 0x0
0xffff800000012c00 0001 00000000 0x0 0x0
0xffff800000012c80 0001 00000000 0x0 0x0
0xffff800000012d00 0001 00000000 0x0 0x0
0xffff800000012d80 0001 00000000 0x0 0x0
0xffff800000012e00 0001 00000000 0x0 0x0
0xffff800000012e80 0001 00000000 0x0 0x0
0xffff800000012f00 0001 00000000 0x0 0x0
0xffff800000012f80 0001 00000000 0x0 0x0
0xffff800000013000 0001 00000000 0x0 0x0
0xffff800000013080 0001 00000000 0x0 0x0
0xffff800000013100 0001 00000000 0x0 0x0
0xffff800000013180 0001 00000000 0x0 0x0
0xffff800000013200 0001 00000000 0x0 0x0
0xffff800000013280 0001 00000000 0x0 0x0
0xffff800000013300 0001 00000000 0x0 0x0
0xffff800000013380 0001 00000000 0x0 0x0
0xffff800000013400 0001 00000000 0x0 0x0
0xffff800000013480 0001 00000000 0x0 0x0
0xffff800000013500 0001 00000000 0x0 0x0
0xffff800000013580 0001 00000000 0x0 0x0
0xffff800000013600 0001 00000000 0x0 0x0
0xffff800000013680 0001 00000000 0x0 0x0
0xffff800000013700 0001 00000000 0x0 0x0
0xffff800000013780 0001 00000000 0x0 0x0
0xffff800000013800 0001 00000000 0x0 0x0
0xffff800000013880 0001 00000000 0x0 0x0
0xffff800000013900 0001 00000000 0x0 0x0
0xffff800000013980 0001 00000000 0x0 0x0
0xffff800000013a00 0001 00000000 0x0 0x0
0xffff800000013a80 0001 00000000 0x0 0x0
0xffff800000013b00 0001 00000000 0x0 0x0
0xffff800000013b80 0001 00000000 0x0 0x0
0xffff800000013c00 0001 00000000 0x0 0x0
0xffff800000013c80 0001 00000000 0x0 0x0
0xffff800000013d00 0001 00000000 0x0 0x0
0xffff800000013d80 0001 00000000 0x0 0x0
0xffff800000013e00 0001 00000000 0x0 0x0
0xffff800000013e80 0001 00000000 0x0 0x0
0xffff800000013f00 0001 00000000 0x0 0x0
0xffff800000013f80 0001 00000000 0x0 0x0
0xffff800000014000 0001 00000000 0x0 0x0
0xffff800000014080 0001 00000000 0x0 0x0
0xffff800000014100 0001 00000000 0x0 0x0
0xffff800000014180 0001 00000000 0x0 0x0
0xffff800000014200 0041 00000000 0x0 0x0
0xffff800000014280 0041 00000000 0x0 0x0
0xffff800000014300 0041 00000000 0x0 0x0
0xffff800000014380 0041 00000000 0x0 0x0
0xffff800000014400 0041 00000000 0x0 0x0
0xffff800000014480 0041 00000000 0x0 0x0
0xffff800000014500 0041 00000000 0x0 0x0
0xffff800000014580 0041 00000000 0x0 0x0
0xffff800000014600 0041 00000000 0x0 0x0
0xffff800000014680 0041 00000000 0x0 0x0
0xffff800000014700 0041 00000000 0x0 0x0
0xffff800000014780 0041 00000000 0x0 0x0
0xffff800000014800 0041 00000000 0x0 0x0
0xffff800000014880 0041 00000000 0x0 0x0
0xffff800000014900 0041 00000000 0x0 0x0
0xffff800000014980 0041 00000000 0x0 0x0
0xffff800000014a00 0041 00000000 0x0 0x0
0xffff800000014a80 0041 00000000 0x0 0x0
0xffff800000014b00 0041 00000000 0x0 0x0
0xffff800000014b80 0041 00000000 0x0 0x0
0xffff800000014c00 0041 00000000 0x0 0x0
0xffff800000014c80 0041 00000000 0x0 0x0
0xffff800000014d00 0041 00000000 0x0 0x0
0xffff800000014d80 0041 00000000 0x0 0x0
0xffff800000014e00 0041 00000000 0x0 0x0
0xffff800000014e80 0041 00000000 0x0 0x0
0xffff800000014f00 0041 00000000 0x0 0x0
0xffff800000014f80 0041 00000000 0x0 0x0
0xffff800000015000 0041 00000000 0x0 0x0
0xffff800000015080 0041 00000000 0x0 0x0
0xffff800000015100 0041 00000000 0x0 0x0
0xffff800000015180 0041 00000000 0x0 0x0
0xffff800000015200 0041 00000000 0x0 0x0
0xffff800000015280 0041 00000000 0x0 0x0
0xffff800000015300 0041 00000000 0x0 0x0
0xffff800000015380 0041 00000000 0x0 0x0
0xffff800000015400 0041 00000000 0x0 0x0
0xffff800000015480 0041 00000000 0x0 0x0
0xffff800000015500 0041 00000000 0x0 0x0
0xffff800000015580 0041 00000000 0x0 0x0
0xffff800000015600 0041 00000000 0x0 0x0
0xffff800000015680 0041 00000000 0x0 0x0
0xffff800000015700 0041 00000000 0x0 0x0
0xffff800000015780 0041 00000000 0x0 0x0
0xffff800000015800 0041 00000000 0x0 0x0
0xffff800000015880 0041 00000000 0x0 0x0
0xffff800000015900 0041 00000000 0x0 0x0
0xffff800000015980 0041 00000000 0x0 0x0
0xffff800000015a00 0001 00000000 0x0 0x0
0xffff800000015a80 0001 00000000 0x0 0x0
0xffff800000015b00 0001 00000000 0x0 0x0
0xffff800000015b80 0001 00000000 0x0 0x0
0xffff800000015c00 0001 00000000 0x0 0x0
0xffff800000015c80 0001 00000000 0x0 0x0
0xffff800000015d00 0001 00000000 0x0 0x0
0xffff800000015d80 0001 00000000 0x0 0x0
0xffff800000015e00 0001 00000000 0x0 0x0
0xffff800000015e80 0001 00000000 0x0 0x0
0xffff800000015f00 0001 00000000 0x0 0x0
0xffff800000015f80 0001 00000000 0x0 0x0
0xffff800000016000 0001 00000000 0x0 0x0
0xffff800000016080 0001 00000000 0x0 0x0
0xffff800000016100 0001 00000000 0x0 0x0
0xffff800000016180 0001 00000000 0x0 0x0
0xffff800000016200 0001 00000000 0x0 0x0
0xffff800000016280 0001 00000000 0x0 0x0
0xffff800000016300 0001 00000000 0x0 0x0
0xffff800000016380 0001 00000000 0x0 0x0
0xffff800000016400 0001 00000000 0x0 0x0
0xffff800000016480 0001 00000000 0x0 0x0
0xffff800000016500 0001 00000000 0x0 0x0
0xffff800000016580 0001 00000000 0x0 0x0
0xffff800000016600 0001 00000000 0x0 0x0
0xffff800000016680 0001 00000000 0x0 0x0
0xffff800000016700 0001 00000000 0x0 0x0
0xffff800000016780 0001 00000000 0x0 0x0
0xffff800000016800 0001 00000000 0x0 0x0
0xffff800000016880 0001 00000000 0x0 0x0
0xffff800000016900 0001 00000000 0x0 0x0
0xffff800000016980 0001 00000000 0x0 0x0
0xffff800000016a00 0001 00000000 0x0 0x0
0xffff800000016a80 0001 00000000 0x0 0x0
0xffff800000016b00 0001 00000000 0x0 0x0
0xffff800000016b80 0001 00000000 0x0 0x0
0xffff800000016c00 0001 00000000 0x0 0x0
0xffff800000016c80 0001 00000000 0x0 0x0
0xffff800000016d00 0001 00000000 0x0 0x0
0xffff800000016d80 0001 00000000 0x0 0x0
0xffff800000016e00 0001 00000000 0x0 0x0
0xffff800000016e80 0001 00000000 0x0 0x0
0xffff800000016f00 0001 00000000 0x0 0x0
0xffff800000016f80 0001 00000000 0x0 0x0
0xffff800000017000 0001 00000000 0x0 0x0
0xffff800000017080 0001 00000000 0x0 0x0
0xffff800000017100 0001 00000000 0x0 0x0
0xffff800000017180 0001 00000000 0x0 0x0
0xffff800000017200 0001 00000000 0x0 0x0
0xffff800000017280 0001 00000000 0x0 0x0
0xffff800000017300 0001 00000000 0x0 0x0
0xffff800000017380 0001 00000000 0x0 0x0
0xffff800000017400 0001 00000000 0x0 0x0
0xffff800000017480 0001 00000000 0x0 0x0
0xffff800000017500 0041 00000000 0x0 0x0
0xffff800000017580 0041 00000000 0x0 0x0
0xffff800000017600 0041 00000000 0x0 0x0
0xffff800000017680 0041 00000000 0x0 0x0
0xffff800000017700 0041 00000000 0x0 0x0
0xffff800000017780 0041 00000000 0x0 0x0
0xffff800000017800 0041 00000000 0x0 0x0
0xffff800000017880 0041 00000000 0x0 0x0
0xffff800000017900 0041 00000000 0x0 0x0
0xffff800000017980 0041 00000000 0x0 0x0
0xffff800000017a00 0041 00000000 0x0 0x0
0xffff800000017a80 0041 00000000 0x0 0x0
0xffff800000017b00 0041 00000000 0x0 0x0
0xffff800000017b80 0041 00000000 0x0 0x0
0xffff800000017c00 0041 00000000 0x0 0x0
0xffff800000017c80 0041 00000000 0x0 0x0
0xffff800000017d00 0041 00000000 0x0 0x0
0xffff800000017d80 0041 00000000 0x0 0x0
0xffff800000017e00 0041 00000000 0x0 0x0
0xffff800000017e80 0041 00000000 0x0 0x0
0xffff800000017f00 0041 00000000 0x0 0x0
0xffff800000017f80 0041 00000000 0x0 0x0
0xffff800000018000 0041 00000000 0x0 0x0
0xffff800000018080 0041 00000000 0x0 0x0
0xffff800000018100 0041 00000000 0x0 0x0
0xffff800000018180 0041 00000000 0x0 0x0
0xffff800000018200 0041 00000000 0x0 0x0
0xffff800000018280 0041 00000000 0x0 0x0
0xffff800000018300 0041 00000000 0x0 0x0
0xffff800000018380 0041 00000000 0x0 0x0
0xffff800000018400 0041 00000000 0x0 0x0
0xffff800000018480 0041 00000000 0x0 0x0
0xffff800000018500 0041 00000000 0x0 0x0
0xffff800000018580 0041 00000000 0x0 0x0
0xffff800000018600 0041 00000000 0x0 0x0
0xffff800000018680 0041 00000000 0x0 0x0
0xffff800000018700 0041 00000000 0x0 0x0
0xffff800000018780 0041 00000000 0x0 0x0
0xffff800000018800 0041 00000000 0x0 0x0
0xffff800000018880 0041 00000000 0x0 0x0
0xffff800000018900 0041 00000000 0x0 0x0
0xffff800000018980 0041 00000000 0x0 0x0
0xffff800000018a00 0041 00000000 0x0 0x0
0xffff800000018a80 0041 00000000 0x0 0x0
0xffff800000018b00 0001 00000000 0x0 0x0
0xffff800000018b80 0001 00000000 0x0 0x0
0xffff800000018c00 0001 00000000 0x0 0x0
0xffff800000018c80 0001 00000000 0x0 0x0
0xffff800000018d00 0001 00000000 0x0 0x0
0xffff800000018d80 0001 00000000 0x0 0x0
0xffff800000018e00 0001 00000000 0x0 0x0
0xffff800000018e80 0001 00000000 0x0 0x0
0xffff800000018f00 0001 00000000 0x0 0x0
0xffff800000018f80 0001 00000000 0x0 0x0
0xffff800000019000 0001 00000000 0x0 0x0
0xffff800000019080 0001 00000000 0x0 0x0
0xffff800000019100 0001 00000000 0x0 0x0
0xffff800000019180 0001 00000000 0x0 0x0
0xffff800000019200 0001 00000000 0x0 0x0
0xffff800000019280 0001 00000000 0x0 0x0
0xffff800000019300 0001 00000000 0x0 0x0
0xffff800000019380 0001 00000000 0x0 0x0
0xffff800000019400 0001 00000000 0x0 0x0
0xffff800000019480 0001 00000000 0x0 0x0
0xffff800000019500 0001 00000000 0x0 0x0
0xffff800000019580 0001 00000000 0x0 0x0
0xffff800000019600 0001 00000000 0x0 0x0
0xffff800000019680 0001 00000000 0x0 0x0
0xffff800000019700 0001 00000000 0x0 0x0
0xffff800000019780 0001 00000000 0x0 0x0
0xffff800000019800 0001 00000000 0x0 0x0
0xffff800000019880 0001 00000000 0x0 0x0
0xffff800000019900 0001 00000000 0x0 0x0
0xffff800000019980 0001 00000000 0x0 0x0
0xffff800000019a00 0001 00000000 0x0 0x0
0xffff800000019a80 0001 00000000 0x0 0x0
0xffff800000019b00 0001 00000000 0x0 0x0
0xffff800000019b80 0001 00000000 0x0 0x0
0xffff800000019c00 0001 00000000 0x0 0x0
0xffff800000019c80 0001 00000000 0x0 0x0
0xffff800000019d00 0001 00000000 0x0 0x0
0xffff800000019d80 0001 00000000 0x0 0x0
0xffff800000019e00 0001 00000000 0x0 0x0
0xffff800000019e80 0001 00000000 0x0 0x0
0xffff800000019f00 0001 00000000 0x0 0x0
0xffff800000019f80 0001 00000000 0x0 0x0
0xffff80000001a000 0001 00000000 0x0 0x0
0xffff80000001a080 0001 00000000 0x0 0x0
0xffff80000001a100 0001 00000000 0x0 0x0
0xffff80000001a180 0001 00000000 0x0 0x0
0xffff80000001a200 0001 00000000 0x0 0x0
0xffff80000001a280 0001 00000000 0x0 0x0
0xffff80000001a300 0001 00000000 0x0 0x0
0xffff80000001a380 0001 00000000 0x0 0x0
0xffff80000001a400 0001 00000000 0x0 0x0
0xffff80000001a480 0001 00000000 0x0 0x0
0xffff80000001a500 0001 00000000 0x0 0x0
0xffff80000001a580 0001 00000000 0x0 0x0
0xffff80000001a600 0041 00000000 0x0 0x0
0xffff80000001a680 0041 00000000 0x0 0x0
0xffff80000001a700 0041 00000000 0x0 0x0
0xffff80000001a780 0041 00000000 0x0 0x0
0xffff80000001a800 0041 00000000 0x0 0x0
0xffff80000001a880 0041 00000000 0x0 0x0
0xffff80000001a900 0041 00000000 0x0 0x0
0xffff80000001a980 0041 00000000 0x0 0x0
0xffff80000001aa00 0041 00000000 0x0 0x0
0xffff80000001aa80 0041 00000000 0x0 0x0
0xffff80000001ab00 0041 00000000 0x0 0x0
0xffff80000001ab80 0041 00000000 0x0 0x0
0xffff80000001ac00 0041 00000000 0x0 0x0
0xffff80000001ac80 0041 00000000 0x0 0x0
0xffff80000001ad00 0041 00000000 0x0 0x0
0xffff80000001ad80 0041 00000000 0x0 0x0
0xffff80000001ae00 0041 00000000 0x0 0x0
0xffff80000001ae80 0041 00000000 0x0 0x0
0xffff80000001af00 0041 00000000 0x0 0x0
0xffff80000001af80 0041 00000000 0x0 0x0
0xffff80000001b000 0041 00000000 0x0 0x0
0xffff80000001b080 0041 00000000

---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

Reply all

Reply to author

Forward

0 new messages