panic: kernel diagnostic assertion "(cnp->cn_flags & LOCKPARENT) == 0 || searchdir == NULL || VOP_ISLOCKED(searchd
syzbot
syzbot found the following crash on:
HEAD commit: 1758894a Use "-fno-unwind-tables" to shrink binaries more.
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1779b8a5100000
kernel config: https://syzkaller.appspot.com/x/.config?x=fab579639ba4bf0a
dashboard link: https://syzkaller.appspot.com/bug?extid=cbd22ced287e04c5af65
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+cbd22c...@syzkaller.appspotmail.com
login: � � [ 67.9604906] panic: kernel diagnostic assertion "(cnp->cn_flags & LOCKPARENT) == 0 || searchdir == NULL || VOP_ISLOCKED(searchdir) == LK_EXCLUSIVE" failed: file "/syzkaller/managers/netbsd/kernel/sys/kern/vfs_lookup.c", line 1758
[ 67.9840054] cpu0: Begin traceback...
[ 68.0098836] vpanic() at netbsd:vpanic+0x22e
[ 68.0899410] _GLOBAL__sub_D_65535_0_cpu_configure() at netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[ 68.1298853] namei_tryemulroot() at netbsd:namei_tryemulroot+0x14f8 namei_oneroot sys/kern/vfs_lookup.c:1760 [inline]
[ 68.1298853] namei_tryemulroot() at netbsd:namei_tryemulroot+0x14f8 sys/kern/vfs_lookup.c:1909
[ 68.1598823] namei() at netbsd:namei+0x6a sys/kern/vfs_lookup.c:1945
[ 68.1798842] compat_43_sys_lstat() at netbsd:compat_43_sys_lstat+0x194 sys/compat/common/vfs_syscalls_43.c:198
[ 68.2098863] sys___syscall() at netbsd:sys___syscall+0xde sy_call sys/sys/syscallvar.h:65 [inline]
[ 68.2098863] sys___syscall() at netbsd:sys___syscall+0xde sys/kern/sys_syscall.c:77
[ 68.2398842] syscall() at netbsd:syscall+0x553 sy_call sys/sys/syscallvar.h:65 [inline]
[ 68.2398842] syscall() at netbsd:syscall+0x553 sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 68.2398842] syscall() at netbsd:syscall+0x553 sys/arch/x86/x86/syscall.c:138
[ 68.2498878] --- syscall (number 198) ---
[ 68.2598842] netbsd:syscall+0x553:
[ 68.2598842] cpu0: End traceback...
[ 68.2702306] fatal breakpoint trap in supervisor mode
[ 68.2702306] trap type 1 code 0 rip 0xffffffff80220a2d cs 0x8 rflags 0x286 cr2 0x71815dea0020 ilevel 0 rsp 0xffffd081931bd530
[ 68.2864569] curlwp 0xffffd08012d09b80 pid 1886.1587 lowest kstack 0xffffd081931b62c0
Stopped in pid 1886.1587 (syz-executor.4) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xe9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x22e sys/kern/subr_prf.c:290
_GLOBAL__sub_D_65535_0_cpu_configure() at netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
namei_tryemulroot() at netbsd:namei_tryemulroot+0x14f8 namei_oneroot sys/kern/vfs_lookup.c:1760 [inline]
namei_tryemulroot() at netbsd:namei_tryemulroot+0x14f8 sys/kern/vfs_lookup.c:1909
namei() at netbsd:namei+0x6a sys/kern/vfs_lookup.c:1945
compat_43_sys_lstat() at netbsd:compat_43_sys_lstat+0x194 sys/compat/common/vfs_syscalls_43.c:198
sys___syscall() at netbsd:sys___syscall+0xde sy_call sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0xde sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x553 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x553 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x553 sys/arch/x86/x86/syscall.c:138
--- syscall (number 198) ---
netbsd:syscall+0x553:
ds d5d0
es d80
fs d510
gs d560
rdi ffffffff82bd6c80 db_onpanic
rsi 1ffffffff057ad90
rbp ffffd081931bd530
rbx ffffffff829b4f80 cpu_info_primary
rdx ffffd0818c5b6000
rcx ffffffff81264af9 db_panic+0xd5
rax 3ffff
r8 4
r9 1ffffffff057ad90
r10 ffffffff82bd6c83 db_onpanic+0x3
r11 10
r12 ffffd0816e6aa000
r13 ffffffff823453c0 vfs_special_vnodeopv_descs+0x760
r14 ffffd081931bd5c0
r15 ffffd0816e699060
rip ffffffff80220a2d breakpoint+0x5
cs 8
rflags 286
rsp ffffd081931bd530
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
1740 1093 2 0 0 ffffd08012df2300 syz-executor.2
1740 1740 2 1 0 ffffd08012c85a40 syz-executor.2
1886 >1587 7 0 0 ffffd08012d09b80 syz-executor.4
1886 1860 3 1 80 ffffd08012d09300 syz-executor.4 parked
1886 1955 2 0 0 ffffd08012c73a00 syz-executor.4
1886 1886 2 1 0 ffffd08012b2ebc0 syz-executor.4
1741 1741 2 0 10000000 ffffd08012c73180 syz-executor.5
1709 1709 3 0 80 ffffd0801442e6c0 syz-executor.5 parked
1846 1846 3 0 80 ffffd08012c851c0 syz-executor.5 parked
842 842 3 0 80 ffffd08012b2e780 syz-executor.5 parked
1624 1624 3 1 10000000 ffffd08012a906c0 syz-executor.1 xclocv
1381 1381 3 1 80 ffffd08012d86a80 syz-executor.3 parked
1111 1111 3 0 80 ffffd08012d5b580 syz-executor.4 parked
1324 1324 3 1 80 ffffd080144c18c0 syz-executor.4 parked
1083 1083 2 1 40 ffffd0801436a680 syz-executor.5
1071 1071 2 0 40 ffffd0801436a240 syz-executor.4
1151 1151 2 1 40 ffffd08014301200 syz-executor.2
421 421 2 0 40 ffffd080142d6600 syz-executor.3
1084 1084 2 1 40 ffffd080142d61c0 syz-executor.1
1124 1124 2 0 40 ffffd080141e5a00 syz-executor.0
1067 1085 3 0 80 ffffd08014301640 syz-fuzzer parked
1067 1079 3 1 c0 ffffd080142d6a40 syz-fuzzer parked
1067 1120 3 1 c0 ffffd080141e55c0 syz-fuzzer parked
1067 1081 2 0 40 ffffd08012bef080 syz-fuzzer
1067 1072 3 1 80 ffffd080141149c0 syz-fuzzer parked
1067 1104 3 1 80 ffffd0801386aa00 syz-fuzzer parked
1067 1250 3 0 80 ffffd08013876a40 syz-fuzzer parked
1067 1077 3 0 c0 ffffd08013876600 syz-fuzzer parked
1067 1074 3 1 80 ffffd08012a20ac0 syz-fuzzer parked
1067 1066 3 1 80 ffffd08012744b40 syz-fuzzer parked
1067 1067 3 1 80 ffffd08012b54040 syz-fuzzer parked
1070 1070 3 1 80 ffffd08012b54480 sshd select
1119 1119 3 0 80 ffffd08012747740 getty nanoslp
1096 1096 3 0 80 ffffd0801395a540 getty nanoslp
1107 1107 3 0 80 ffffd08012744700 getty nanoslp
945 945 3 0 c0 ffffd08012a90280 getty ttyraw
967 967 3 1 80 ffffd08013852580 sshd select
1123 1123 3 0 80 ffffd08012dd42c0 powerd kqueue
553 553 3 0 80 ffffd080138ff740 syslogd kqueue
597 597 3 0 80 ffffd08012ce06c0 dhcpcd kqueue
593 593 3 1 80 ffffd08012d258c0 dhcpcd kqueue
591 591 3 1 80 ffffd08012cf5b40 dhcpcd kqueue
578 578 3 0 80 ffffd08012cf52c0 dhcpcd kqueue
481 481 3 1 80 ffffd080137ba4c0 dhcpcd kqueue
348 348 3 1 80 ffffd08012e31040 dhcpcd kqueue
347 347 3 0 80 ffffd08012e1dbc0 dhcpcd kqueue
346 346 3 1 80 ffffd08012e1d780 dhcpcd kqueue
1 1 3 1 80 ffffd080128f4100 init wait
0 830 3 0 200 ffffd08012a1d200 physiod physiod
0 167 3 0 200 ffffd08012a20240 pooldrain pooldrain
0 166 2 0 240 ffffd08012a1da80 ioflush
0 160 3 0 240 ffffd08012a1d640 pgdaemon pgdaemon
0 161 3 0 200 ffffd080129f3600 usb7 usbevt
0 31 3 0 200 ffffd080129f31c0 usb6 usbevt
0 63 3 0 200 ffffd080129a5a00 usb5 usbevt
0 126 3 0 200 ffffd080129a55c0 usb4 usbevt
0 125 3 0 200 ffffd080129a5180 usb3 usbevt
0 124 3 0 200 ffffd080129519c0 usb2 usbevt
0 123 3 0 200 ffffd08012951580 usb1 usbevt
0 122 3 1 200 ffffd08012951140 usb0 usbevt
0 121 3 1 200 ffffd080128f4980 usbtask-dr usbtsk
0 120 3 0 200 ffffd0800fe5aac0 usbtask-hc usbtsk
0 119 3 0 200 ffffd080128f4540 npfgc0 npfgcw
0 118 3 1 200 ffffd080128e6940 rt_free rt_free
0 117 3 1 200 ffffd080128e6500 unpgc unpgc
0 116 3 0 200 ffffd080128e60c0 key_timehandler key_timehandler
0 115 3 1 200 ffffd080128dc900 icmp6_wqinput/1 icmp6_wqinput
0 114 3 0 200 ffffd080128dc4c0 icmp6_wqinput/0 icmp6_wqinput
0 113 3 1 200 ffffd080128dc080 nd6_timer nd6_timer
0 112 3 1 200 ffffd080128d48c0 carp6_wqinput/1 carp6_wqinput
0 111 3 0 200 ffffd080128d4480 carp6_wqinput/0 carp6_wqinput
0 110 3 1 200 ffffd080128d4040 carp_wqinput/1 carp_wqinput
0 109 3 0 200 ffffd08012759bc0 carp_wqinput/0 carp_wqinput
0 108 3 1 200 ffffd08012759780 icmp_wqinput/1 icmp_wqinput
0 107 3 0 200 ffffd08012759340 icmp_wqinput/0 icmp_wqinput
0 106 3 1 200 ffffd08012747300 rt_timer rt_timer
0 105 3 1 200 ffffd08012747b80 vmem_rehash vmem_rehash
0 104 3 1 200 ffffd08012161b00 entbutler entropy
0 30 3 1 200 ffffd080121616c0 vioif0_txrx/1 vioif0_txrx
0 29 3 0 200 ffffd08012161280 vioif0_txrx/0 vioif0_txrx
0 27 3 0 200 ffffd0800fe5a680 scsibus0 sccomp
0 26 3 0 200 ffffd0800fe5a240 pms0 pmsreset
0 25 3 1 200 ffffd0800fd9ba80 xcall/1 xcall
0 24 1 1 200 ffffd0800fd9b640 softser/1
0 23 1 1 200 ffffd0800fd9b200 softclk/1
0 22 1 1 200 ffffd0800fd99a40 softbio/1
0 21 1 1 200 ffffd0800fd99600 softnet/1
0 20 1 1 201 ffffd0800fd991c0 idle/1
0 19 3 0 200 ffffd0800e80aa00 lnxpwrwq lnxpwrwq
0 18 3 0 200 ffffd0800e80a5c0 lnxlngwq lnxlngwq
0 17 3 0 200 ffffd0800e80a180 lnxsyswq lnxsyswq
0 16 3 0 200 ffffd0800e8049c0 lnxrcugc lnxrcugc
0 15 3 0 200 ffffd0800e804580 sysmon smtaskq
0 14 3 0 200 ffffd0800e804140 pmfsuspend pmfsuspend
0 13 3 0 200 ffffd0800e7ff980 pmfevent pmfevent
0 12 3 0 200 ffffd0800e7ff540 sopendfree sopendfr
0 11 3 0 200 ffffd0800e7ff100 iflnkst iflnkst
0 10 3 0 200 ffffd0800e7f3940 nfssilly nfssilly
0 9 3 0 200 ffffd0800e7f3500 vdrain vdrain
0 8 3 0 200 ffffd0800e7f30c0 modunload mod_unld
0 7 2 0 200 ffffd0800e7e6900 xcall/0
0 6 1 0 200 ffffd0800e7e64c0 softser/0
0 5 1 0 200 ffffd0800e7e6080 softclk/0
0 4 1 0 200 ffffd0800e7e48c0 softbio/0
0 3 1 0 200 ffffd0800e7e4480 softnet/0
0 2 1 0 201 ffffd0800e7e4040 idle/0
0 > 0 7 1 240 ffffffff82ca1fc0 swapper
[Locks tracked through LWPs]
****** LWP 1741.1741 (syz-executor.5) @ 0xffffd08012c73180, l_stat=2
*** Locks held:
* Lock 0 (initialized at fork1)
lock address : 0xffffd08012c7da50 type : sleep/adaptive
initialized : 0xffffffff816af1c8
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 1
relevant lwp : 0xffffd08012c73180 last held: 0xffffd08012c73180
last locked* : 0xffffffff816aba94 unlocked : 000000000000000000
owner/count : 0xffffd08012c73180 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at pmap_ctor)
lock address : 0xffffd080137bb780 type : sleep/adaptive
initialized : 0xffffffff80872a37
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd08012c73180 last held: 0xffffd08012c73180
last locked* : 0xffffffff80878d9c unlocked : 0xffffffff80871f52
owner field : 0xffffd08012c73180 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 421.421 (syz-executor.3) @ 0xffffd080142d6600, l_stat=2
*** Locks held:
* Lock 0 (initialized at vcache_alloc)
lock address : 0xffffd0801433c740 type : sleep/adaptive
initialized : 0xffffffff8181cd43
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd080142d6600 last held: 0xffffd080142d6600
last locked* : 0xffffffff8184ba7f unlocked : 0xffffffff8184bae1
owner/count : 0xffffd080142d6600 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at vcache_alloc)
lock address : 0xffffd08012a0d280 type : sleep/adaptive
initialized : 0xffffffff8181cd43
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd080142d6600 last held: 0xffffd080142d6600
last locked* : 0xffffffff8184ba7f unlocked : 0xffffffff8184bae1
owner/count : 0xffffd080142d6600 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at vcache_alloc)
lock address : 0xffffd080142c3900 type : sleep/adaptive
initialized : 0xffffffff8181cd4f
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd080142d6600 last held: 000000000000000000
last locked : 0xffffffff817e6aae unlocked*: 0xffffffff817e6b1e
owner field : 0xffffd080142d6600 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 1124.1124 (syz-executor.0) @ 0xffffd080141e5a00, l_stat=2
*** Locks held:
* Lock 0 (initialized at vcache_alloc)
lock address : 0xffffd080142d7540 type : sleep/adaptive
initialized : 0xffffffff8181cd43
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 1
relevant lwp : 0xffffd080141e5a00 last held: 0xffffd080141e5a00
last locked* : 0xffffffff8184ba7f unlocked : 0xffffffff8184bae1
owner/count : 0xffffd080141e5a00 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at vcache_alloc)
lock address : 0xffffd08012a102c0 type : sleep/adaptive
initialized : 0xffffffff8181cd43
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 1
relevant lwp : 0xffffd080141e5a00 last held: 0xffffd080141e5a00
last locked* : 0xffffffff8184ba7f unlocked : 0xffffffff8184bae1
owner/count : 0xffffd080141e5a00 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 2 (initialized at genfs_node_init)
lock address : 0xffffd080146084b0 type : sleep/adaptive
initialized : 0xffffffff8184bc2e
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 1
relevant lwp : 0xffffd080141e5a00 last held: 0xffffd080141e5a00
last locked* : 0xffffffff8157f51e unlocked : 000000000000000000
owner/count : 0xffffd080141e5a00 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 3 (initialized at ffs_snapshot_init)
lock address : 0xffffd080129f5c48 type : sleep/adaptive
initialized : 0xffffffff81583f09
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd080141e5a00 last held: 0xffffd080141e5a00
last locked* : 0xffffffff81588920 unlocked : 0xffffffff81588b64
owner field : 0xffffd080141e5a00 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
* Lock 4 (initialized at ffs_snapshot_init)
lock address : 0xffffd080129f5c40 type : sleep/adaptive
initialized : 0xffffffff81583ef9
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd080141e5a00 last held: 0xffffd080141e5a00
last locked* : 0xffffffff81588928 unlocked : 0xffffffff81588b58
owner field : 0xffffd080141e5a00 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 593.593 (dhcpcd) @ 0xffffd08012d258c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff82d9b380 type : sleep/adaptive
initialized : 0xffffffff816c6ec2
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffffd08012d258c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 591.591 (dhcpcd) @ 0xffffd08012cf5b40, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff82d9b380 type : sleep/adaptive
initialized : 0xffffffff816c6ec2
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffffd08012cf5b40 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 347.347 (dhcpcd) @ 0xffffd08012e1dbc0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff82d9b380 type : sleep/adaptive
initialized : 0xffffffff816c6ec2
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd08012e1dbc0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 346.346 (dhcpcd) @ 0xffffd08012e1d780, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff82d9b380 type : sleep/adaptive
initialized : 0xffffffff816c6ec2
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffffd08012e1d780 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.11 (iflnkst) @ 0xffffd0800e7ff100, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff82d9b380 type : sleep/adaptive
initialized : 0xffffffff816c6ec2
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd0800e7ff100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.5 (softclk/0) @ 0xffffd0800e7e6080, l_stat=1
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff82d9b380 type : sleep/adaptive
initialized : 0xffffffff816c6ec2
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffd0800e7e6080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
[Locks tracked through CPUs]
PAGE FLAG PQ UOBJECT UANON
0xffffd08000017180 0041 00000000 0x0 0x0
0xffffd08000017200 0041 00000000 0x0 0x0
0xffffd08000017280 0041 00000000 0x0 0x0
0xffffd08000017300 0041 00000000 0x0 0x0
0xffffd08000017380 0041 00000000 0x0 0x0
0xffffd08000017400 0041 00000000 0x0 0x0
0xffffd08000017480 0041 00000000 0x0 0x0
0xffffd08000017500 0041 00000000 0x0 0x0
0xffffd08000017580 0041 00000000 0x0 0x0
0xffffd08000017600 0041 00000000 0x0 0x0
0xffffd08000017680 0041 00000000 0x0 0x0
0xffffd08000017700 0041 00000000 0x0 0x0
0xffffd08000017780 0041 00000000 0x0 0x0
0xffffd08000017800 0041 00000000 0x0 0x0
0xffffd08000017880 0041 00000000 0x0 0x0
0xffffd08000017900 0041 00000000 0x0 0x0
0xffffd08000017980 0041 00000000 0x0 0x0
0xffffd08000017a00 0041 00000000 0x0 0x0
0xffffd08000017a80 0041 00000000 0x0 0x0
0xffffd08000017b00 0041 00000000 0x0 0x0
0xffffd08000017b80 0041 00000000 0x0 0x0
0xffffd08000017c00 0041 00000000 0x0 0x0
0xffffd08000017c80 0041 00000000 0x0 0x0
0xffffd08000017d00 0041 00000000 0x0 0x0
0xffffd08000017d80 0041 00000000 0x0 0x0
0xffffd08000017e00 0041 00000000 0x0 0x0
0xffffd08000017e80 0041 00000000 0x0 0x0
0xffffd08000017f00 0041 00000000 0x0 0x0
0xffffd08000017f80 0041 00000000 0x0 0x0
0xffffd08000018000 0041 00000000 0x0 0x0
0xffffd08000018080 0041 00000000 0x0 0x0
0xffffd08000018100 0041 00000000 0x0 0x0
0xffffd08000018180 0041 00000000 0x0 0x0
0xffffd08000018200 0041 00000000 0x0 0x0
0xffffd08000018280 0041 00000000 0x0 0x0
0xffffd08000018300 0041 00000000 0x0 0x0
0xffffd08000018380 0041 00000000 0x0 0x0
0xffffd08000018400 0041 00000000 0x0 0x0
0xffffd08000018480 0041 00000000 0x0 0x0
0xffffd08000018500 0041 00000000 0x0 0x0
0xffffd08000018580 0041 00000000 0x0 0x0
0xffffd08000018600 0041 00000000 0x0 0x0
0xffffd08000018680 0041 00000000 0x0 0x0
0xffffd08000018700 0041 00000000 0x0 0x0
0xffffd08000018780 0041 00000000 0x0 0x0
0xffffd08000018800 0041 00000000 0x0 0x0
0xffffd08000018880 0041 00000000 0x0 0x0
0xffffd08000018900 0041 00000000 0x0 0x0
0xffffd08000018980 0041 00000000 0x0 0x0
0xffffd08000018a00 0041 00000000 0x0 0x0
0xffffd08000018a80 0041 00000000 0x0 0x0
0xffffd08000018b00 0041 00000000 0x0 0x0
0xffffd08000018b80 0041 00000000 0x0 0x0
0xffffd08000018c00 0041 00000000 0x0 0x0
0xffffd08000018c80 0041 00000000 0x0 0x0
0xffffd08000018d00 0041 00000000 0x0 0x0
0xffffd08000018d80 0041 00000000 0x0 0x0
0xffffd08000018e00 0041 00000000 0x0 0x0
0xffffd08000018e80 0041 00000000 0x0 0x0
0xffffd08000018f00 0041 00000000 0x0 0x0
0xffffd08000018f80 0041 00000000 0x0 0x0
0xffffd08000019000 0041 00000000 0x0 0x0
0xffffd08000019080 0041 00000000 0x0 0x0
0xffffd08000019100 0041 00000000 0x0 0x0
0xffffd08000019180 0041 00000000 0x0 0x0
0xffffd08000019200 0041 00000000 0x0 0x0
0xffffd08000019280 0041 00000000 0x0 0x0
0xffffd08000019300 0041 00000000 0x0 0x0
0xffffd08000019380 0041 00000000 0x0 0x0
0xffffd08000019400 0041 00000000 0x0 0x0
0xffffd08000019480 0041 00000000 0x0 0x0
0xffffd08000019500 0041 00000000 0x0 0x0
0xffffd08000019580 0041 00000000 0x0 0x0
0xffffd08000019600 0041 00000000 0x0 0x0
0xffffd08000019680 0041 00000000 0x0 0x0
0xffffd08000019700 0041 00000000 0x0 0x0
0xffffd08000019780 0041 00000000 0x0 0x0
0xffffd08000019800 0041 00000000 0x0 0x0
0xffffd08000019880 0041 00000000 0x0 0x0
0xffffd08000019900 0041 00000000 0x0 0x0
0xffffd08000019980 0041 00000000 0x0 0x0
0xffffd08000019a00 0041 00000000 0x0 0x0
0xffffd08000019a80 0041 00000000 0x0 0x0
0xffffd08000019b00 0041 00000000 0x0 0x0
0xffffd08000019b80 0041 00000000 0x0 0x0
0xffffd08000019c00 0041 00000000 0x0 0x0
0xffffd08000019c80 0041 00000000 0x0 0x0
0xffffd08000019d00 0041 00000000 0x0 0x0
0xffffd08000019d80 0041 00000000 0x0 0x0
0xffffd08000019e00 0041 00000000 0x0 0x0
0xffffd08000019e80 0041 00000000 0x0 0x0
0xffffd08000019f00 0041 00000000 0x0 0x0
0xffffd08000019f80 0041 00000000 0x0 0x0
0xffffd0800001a000 0041 00000000 0x0 0x0
0xffffd0800001a080 0041 00000000 0x0 0x0
0xffffd0800001a100 0041 00000000 0x0 0x0
0xffffd0800001a180 0041 00000000 0x0 0x0
0xffffd0800001a200 0041 00000000 0x0 0x0
0xffffd0800001a280 0041 00000000 0x0 0x0
0xffffd0800001a300 0041 00000000 0x0 0x0
0xffffd0800001a380 0041 00000000 0x0 0x0
0xffffd0800001a400 0041 00000000 0x0 0x0
0xffffd0800001a480 0041 00000000 0x0 0x0
0xffffd0800001a500 0041 00000000 0x0 0x0
0xffffd0800001a580 0041 00000000 0x0 0x0
0xffffd0800001a600 0041 00000000 0x0 0x0
0xffffd0800001a680 0041 00000000 0x0 0x0
0xffffd0800001a700 0041 00000000 0x0 0x0
0xffffd0800001a780 0041 00000000 0x0 0x0
0xffffd0800001a800 0041 00000000 0x0 0x0
0xffffd0800001a880 0041 00000000 0x0 0x0
0xffffd0800001a900 0041 00000000 0x0 0x0
0xffffd0800001a980 0041 00000000 0x0 0x0
0xffffd0800001aa00 0041 00000000 0x0 0x0
0xffffd0800001aa80 0041 00000000 0x0 0x0
0xffffd0800001ab00 0041 00000000 0x0 0x0
0xffffd0800001ab80 0041 00000000 0x0 0x0
0xffffd0800001ac00 0041 00000000 0x0 0x0
0xffffd0800001ac80 0041 00000000 0x0 0x0
0xffffd0800001ad00 0041 00000000 0x0 0x0
0xffffd0800001ad80 0041 00000000 0x0 0x0
0xffffd0800001ae00 0041 00000000 0x0 0x0
0xffffd0800001ae80 0041 00000000 0x0 0x0
0xffffd0800001af00 0041 00000000 0x0 0x0
0xffffd0800001af80 0041 00000000 0x0 0x0
0xffffd0800001b000 0041 00000000 0x0 0x0
0xffffd0800001b080 0041 00000000 0x0 0x0
0xffffd0800001b100 0041 00000000 0x0 0x0
0xffffd0800001b180 0041 00000000 0x0 0x0
0xffffd0800001b200 0041 00000000 0x0 0x0
0xffffd0800001b280 0041 00000000 0x0 0x0
0xffffd0800001b300 0041 00000000 0x0 0x0
0xffffd0800001b380 0041 00000000 0x0 0x0
0xffffd0800001b400 0041 00000000 0x0 0x0
0xffffd0800001b480 0041 00000000 0x0 0x0
0xffffd0800001b500 0041 00000000 0x0 0x0
0xffffd0800001b580 0041 00000000 0x0 0x0
0xffffd0800001b600 0041 00000000 0x0 0x0
0xffffd0800001b680 0041 00000000 0x0 0x0
0xffffd0800001b700 0041 00000000 0x0 0x0
0xffffd0800001b780 0041 00000000 0x0 0x0
0xffffd0800001b800 0041 00000000 0x0 0x0
0xffffd0800001b880 0041 00000000 0x0 0x0
0xffffd0800001b900 0041 00000000 0x0 0x0
0xffffd0800001b980 0041 00000000 0x0 0x0
0xffffd0800001ba00 0041 00000000 0x0 0x0
0xffffd0800001ba80 0041 00000000 0x0 0x0
0xffffd0800001bb00 0041 00000000 0x0 0x0
0xffffd0800001bb80 0041 00000000 0x0 0x0
0xffffd0800001bc00 0041 00000000 0x0 0x0
0xffffd0800001bc80 0041 00000000 0x0 0x0
0xffffd0800001bd00 0041 00000000 0x0 0x0
0xffffd0800001bd80 0041 00000000 0x0 0x0
0xffffd0800001be00 0041 00000000 0x0 0x0
0xffffd0800001be80 0041 00000000 0x0 0x0
0xffffd0800001bf00 0041 00000000 0x0 0x0
0xffffd0800001bf80 0041 00000000 0x0 0x0
0xffffd0800001c000 0041 00000000 0x0 0x0
0xffffd0800001c080 0041 00000000 0x0 0x0
0xffffd0800001c100 0041 00000000 0x0 0x0
0xffffd0800001c180 0041 00000000 0x0 0x0
0xffffd0800001c200 0041 00000000 0x0 0x0
0xffffd0800001c280 0041 00000000 0x0 0x0
0xffffd0800001c300 0041 00000000 0x0 0x0
0xffffd0800001c380 0041 00000000 0x0 0x0
0xffffd0800001c400 0041 00000000 0x0 0x0
0xffffd0800001c480 0041 00000000 0x0 0x0
0xffffd0800001c500 0041 00000000 0x0 0x0
0xffffd0800001c580 0041 00000000 0x0 0x0
0xffffd0800001c600 0041 00000000 0x0 0x0
0xffffd0800001c680 0041 00000000 0x0 0x0
0xffffd0800001c700 0041 00000000 0x0 0x0
0xffffd0800001c780 0041 00000000 0x0 0x0
0xffffd0800001c800 0041 00000000 0x0 0x0
0xffffd0800001c880 0041 00000000 0x0 0x0
0xffffd0800001c900 0041 00000000 0x0 0x0
0xffffd0800001c980 0045 00000000 0x0 0x0
0xffffd0800001ca00 0045 00000000 0x0 0x0
0xffffd0800001ca80 0041 00000000 0x0 0x0
0xffffd0800001cb00 0045 00000000 0x0 0x0
0xffffd0800001cb80 0045 00000000 0x0 0x0
0xffffd0800001cc00 0045 00000000 0x0 0x0
0xffffd0800001cc80 0045 00000000 0x0 0x0
0xffffd0800001cd00 0045 00000000 0x0 0x0
0xffffd0800001cd80 0045 00000000 0x0 0x0
0xffffd0800001ce00 0045 00000000 0x0 0x0
0xffffd0800001ce80 0045 00000000 0x0 0x0
0xffffd0800001cf00 0045 00000000 0x0 0x0
0xffffd0800001cf80 0045 00000000 0x0 0x0
0xffffd0800001d000 0045 00000000 0x0 0x0
0xffffd0800001d080 0045 00000000 0x0 0x0
0xffffd0800001d100 0045 00000000 0x0 0x0
0xffffd0800001d180 0041 00000000 0x0 0x0
0xffffd0800001d200 0041 00000000 0x0 0x0
0xffffd0800001d280 0045 00000000 0x0 0x0
0xffffd0800001d300 0041 00000000 0x0 0x0
0xffffd0800001d380 0041 00000000 0x0 0x0
0xffffd0800001d400 0041 00000000 0x0 0x0
0xffffd0800001d480 0041 00000000 0x0 0x0
0xffffd0800001d500 0041 00000000 0x0 0x0
0xffffd0800001d580 0041 00000000 0x0 0x0
0xffffd0800001d600 0041 00000000 0x0 0x0
0xffffd0800001d680 0041 00000000 0x0 0x0
0xffffd0800001d700 0041 00000000 0x0 0x0
0xffffd0800001d780 0041 00000000 0x0 0x0
0xffffd0800001d800 0041 00000000 0x0 0x0
0xffffd0800001d880 0041 00000000 0x0 0x0
0xffffd0800001d900 0041 00000000 0x0 0x0
0xffffd0800001d980 0041 00000000 0x0 0x0
0xffffd0800001da00 0041 00000000 0x0 0x0
0xffffd0800001da80 0041 00000000 0x0 0x0
0xffffd0800001db00 0041 00000000 0x0 0x0
0xffffd0800001db80 0041 00000000 0x0 0x0
0xffffd0800001dc00 0041 00000000 0x0 0x0
0xffffd0800001dc80 0041 00000000 0x0 0x0
0xffffd0800001dd00 0041 00000000 0x0 0x0
0xffffd0800001dd80 0041 00000000 0x0 0x0
0xffffd0800001de00 0041 00000000 0x0 0x0
0xffffd0800001de80 0041 00000000 0x0 0x0
0xffffd0800001df00 0041 00000000 0x0 0x0
0xffffd0800001df80 0041 00000000 0x0 0x0
0xffffd0800001e000 0041 00000000 0x0 0x0
0xffffd0800001e080 0041 00000000 0x0 0x0
0xffffd0800001e100 0041 00000000 0x0 0x0
0xffffd0800001e180 0041 00000000 0x0 0x0
0xffffd0800001e200 0041 00000000 0x0 0x0
0xffffd0800001e280 0041 00000000 0x0 0x0
0xffffd0800001e300 0041 00000000 0x0 0x0
0xffffd0800001e380 0041 00000000 0x0 0x0
0xffffd0800001e400 0041 00000000 0x0 0x0
0xffffd0800001e480 0041 00000000 0x0 0x0
0xffffd0800001e500 0041 00000000 0x0 0x0
0xffffd0800001e580 0041 00000000 0x0 0x0
0xffffd0800001e600 0041 00000000 0x0 0x0
0xffffd0800001e680 0041 00000000 0x0 0x0
0xffffd0800001e700 0041 00000000 0x0 0x0
0xffffd0800001e780 0041 00000000 0x0 0x0
0xffffd0800001e800 0041 00000000 0x0 0x0
0xffffd0800001e880 0041 00000000 0x0 0x0
0xffffd0800001e900 0041 00000000 0x0 0x0
0xffffd0800001e980 0041 00000000 0x0 0x0
0xffffd0800001ea00 0041 00000000 0x0 0x0
0xffffd0800001ea80 0041 00000000 0x0 0x0
0xffffd0800001eb00 0041 00000000 0x0 0x0
0xffffd0800001eb80 0041 00000000 0x0 0x0
0xffffd0800001ec00 0041 00000000 0x0 0x0
0xffffd0800001ec80 0041 00000000 0x0 0x0
0xffffd0800001ed00 0041 00000000 0x0 0x0
0xffffd0800001ed80 0041 00000000 0x0 0x0
0xffffd0800001ee00 0041 00000000 0x0 0x0
0xffffd0800001ee80 0041 00000000 0x0 0x0
0xffffd0800001ef00 0041 00000000 0x0 0x0
0xffffd0800001ef80 0041 00000000 0x0 0x0
0xffffd0800001f000 0041 00000000 0x0 0x0
0xffffd0800001f080 0041 00000000 0x0 0x0
0xffffd0800001f100 0041 00000000 0x0 0x0
0xffffd0800001f180 0041 00000000 0x0 0x0
0xffffd0800001f200 0041 00000000 0x0 0x0
0xffffd0800001f280 0041 00000000 0x0 0x0
0xffffd0800001f300 0041 00000000 0x0 0x0
0xffffd0800001f380 0041 00000000 0x0 0x0
0xffffd0800001f400 0041 00000000 0x0 0x0
0xffffd0800001f480 0041 00000000 0x0 0x0
0xffffd0800001f500 0041 00000000 0x0 0x0
0xffffd0800001f580 0041 00000000 0x0 0x0
0xffffd0800001f600 0041 00000000 0x0 0x0
0xffffd0800001f680 0041 00000000 0x0 0x0
0xffffd0800001f700 0041 00000000 0x0 0x0
0xffffd0800001f780 0041 00000000 0x0 0x0
0xffffd0800001f800 0041 00000000 0x0 0x0
0xffffd0800001f880 0041 00000000 0x0 0x0
0xffffd0800001f900 0041 00000000 0x0 0x0
0xffffd0800001f980 0041 00000000 0x0 0x0
0xffffd0800001fa00 0041 00000000 0x0 0x0
0xffffd0800001fa80 0041 00000000 0x0 0x0
0xffffd0800001fb00 0041 00000000 0x0 0x0
0xffffd0800001fb80 0041 00000000 0x0 0x0
0xffffd0800001fc00 0041 00000000 0x0 0x0
0xffffd0800001fc80 0041 00000000 0x0 0x0
0xffffd0800001fd00 0041 00000000 0x0 0x0
0xffffd0800001fd80 0041 00000000 0x0 0x0
0xffffd0800001fe00 0041 00000000 0x0 0x0
0xffffd0800001fe80 0041 00000000 0x0 0x0
0xffffd0800001ff00 0041 00000000 0x0 0x0
0xffffd0800001ff80 0041 00000000 0x0 0x0
0xffffd08000020000 0041 00000000 0x0 0x0
0xffffd08000020080 0041 00000000 0x0 0x0
0xffffd08000020100 0041 00000000 0x0 0x0
0xffffd08000020180 0041 00000000 0x0 0x0
0xffffd08000020200 0041 00000000 0x0 0x0
0xffffd08000020280 0041 00000000 0x0 0x0
0xffffd08000020300 0041 00000000 0x0 0x0
0xffffd08000020380 0041 00000000 0x0 0x0
0xffffd08000020400 0041 00000000 0x0 0x0
0xffffd08000020480 0041 00000000 0x0 0x0
0xffffd08000020500 0041 00000000 0x0 0x0
0xffffd08000020580 0041 00000000 0x0 0x0
0xffffd08000020600 0041 00000000 0x0 0x0
0xffffd08000020680 0041 00000000 0x0 0x0
0xffffd08000020700 0041 00000000 0x0 0x0
0xffffd08000020780 0041 00000000 0x0 0x0
0xffffd08000020800 0041 00000000 0x0 0x0
0xffffd08000020880 0041 00000000 0x0 0x0
0xffffd08000020900 0041 00000000 0x0 0x0
0xffffd08000020980 0041 00000000 0x0 0x0
0xffffd08000020a00 0041 00000000 0x0 0x0
0xffffd08000020a80 0041 00000000 0x0 0x0
0xffffd08000020b00 0041 00000000 0x0 0x0
0xffffd08000020b80 0041 00000000 0x0 0x0
0xffffd08000020c00 0041 00000000 0x0 0x0
0xffffd08000020c80 0041 00000000 0x0 0x0
0xffffd08000020d00 0041 00000000 0x0 0x0
0xffffd08000020d80 0041 00000000 0x0 0x0
0xffffd08000020e00 0041 00000000 0x0 0x0
0xffffd08000020e80 0041 00000000 0x0 0x0
0xffffd08000020f00 0041 00000000 0x0 0x0
0xffffd08000020f80 0041 00000000 0x0 0x0
0xffffd08000021000 0041 00000000 0x0 0x0
0xffffd08000021080 0041 00000000 0x0 0x0
0xffffd08000021100 0041 00000000 0x0 0x0
0xffffd08000021180 0041 00000000 0x0 0x0
0xffffd08000021200 0041 00000000 0x0 0x0
0xffffd08000021280 0041 00000000 0x0 0x0
0xffffd08000021300 0041 00000000 0x0 0x0
0xffffd08000021380 0041 00000000 0x0 0x0
0xffffd08000021400 0041 00000000 0x0 0x0
0xffffd08000021480 0041 00000000 0x0 0x0
0xffffd08000021500 0041 00000000 0x0 0x0
0xffffd08000021580 0041 00000000 0x0 0x0
0xffffd08000021600 0041 00000000 0x0 0x0
0xffffd08000021680 0041 00000000 0x0 0x0
0xffffd08000021700 0041 00000000 0x0 0x0
0xffffd08000021780 0041 00000000 0x0 0x0
0xffffd08000021800 0041 00000000 0x0 0x0
0xffffd08000021880 0041 00000000 0x0 0x0
0xffffd08000021900 0041 00000000 0x0 0x0
0xffffd08000021980 0041 00000000 0x0 0x0
0xffffd08000021a00 0041 00000000 0x0 0x0
0xffffd08000021a80 0041 00000000 0x0 0x0
0xffffd08000021b00 0041 00000000 0x0 0x0
0xffffd08000021b80 0041 00000000 0x0 0x0
0xffffd08000021c00 0041 00000000 0x0 0x0
0xffffd08000021c80 0041 00000000 0x0 0x0
0xffffd08000021d00 0041 00000000 0x0 0x0
0xffffd08000021d80 0041 00000000 0x0 0x0
0xffffd08000021e00 0041 00000000 0x0 0x0
0xffffd08000021e80 0041 00000000 0x0 0x0
0xffffd08000021f00 0041 00000000 0x0 0x0
0xffffd08000021f80 0041 00000000 0x0 0x0
0xffffd08000022000 0041 00000000 0x0 0x0
0xffffd08000022080 0041 00000000 0x0 0x0
0xffffd08000022100 0041 00000000 0x0 0x0
0xffffd08000022180 0041 00000000 0x0 0x0
0xffffd08000022200 0041 00000000 0x0 0x0
0xffffd08000022280 0041 00000000 0x0 0x0
0xffffd08000022300 0041 00000000 0x0 0x0
0xffffd08000022380 0041 00000000 0x0 0x0
0xffffd08000022400 0041 00000000 0x0 0x0
0xffffd08000022480 0041 00000000 0x0 0x0
0xffffd08000022500 0041 00000000 0x0 0x0
0xffffd08000022580 0041 00000000 0x0 0x0
0xffffd08000022600 0041 00000000 0x0 0x0
0xffffd08000022680 0041 00000000 0x0 0x0
0xffffd08000022700 0041 00000000 0x0 0x0
0xffffd08000022780 0041 00000000 0x0 0x0
0xffffd08000022800 0041 00000000 0x0 0x0
0xffffd08000022880 0041 00000000 0x0 0x0
0xffffd08000022900 0041 00000000 0x0 0x0
0xffffd08000022980 0041 00000000 0x0 0x0
0xffffd08000022a00 0041 00000000 0x0 0x0
0xffffd08000022a80 0041 00000000 0x0 0x0
0xffffd08000022b00 0041 00000000 0x0 0x0
0xffffd08000022b80 0041 00000000 0x0 0x0
0xffffd08000022c00 0041 00000000 0x0 0x0
0xffffd08000022c80 0041 00000000 0x0 0x0
0xffffd08000022d00 0041 00000000 0x0 0x0
0xffffd
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.