UBSan: Undefined Behavior in tunwrite (2)
0 views
Skip to first unread message
syzbot
Aug 28, 2020, 5:03:16 AM8/28/20
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 805fb82e Limit MA10-ST0's quirk only for on-chip devices.
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15b7bbe5900000
kernel config: https://syzkaller.appspot.com/x/.config?x=1420f906d33d9f1f
dashboard link: https://syzkaller.appspot.com/bug?extid=2258ba48e5662df5df59
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1390f669900000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=106eff41900000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2258ba...@syzkaller.appspotmail.com
[ 53.2424424] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/if_tun.c:948:20, member access within null pointer of type 'struct mbuf'
[ 53.2632717] cpu0: Begin traceback...
[ 53.2924147] vpanic() at netbsd:vpanic+0x2d3 sys/kern/subr_prf.c:290
[ 53.3724141] isAlreadyReported() at netbsd:isAlreadyReported
[ 53.4524152] HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0x14e
[ 53.5224152] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
[ 53.6124176] tunwrite() at netbsd:tunwrite+0xc7e sys/net/if_tun.c:948
[ 53.6824159] cdev_write() at netbsd:cdev_write+0xfc sys/kern/subr_devsw.c:919
[ 53.7624173] spec_write() at netbsd:spec_write+0x26c sys/miscfs/specfs/spec_vnops.c:778
[ 53.8324155] VOP_WRITE() at netbsd:VOP_WRITE+0x138 sys/kern/vnode_if.c:540
[ 53.9124163] vn_write() at netbsd:vn_write+0x308 sys/kern/vfs_vnops.c:612
[ 54.0024167] do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x4a0
[ 54.0724163] sys_writev() at netbsd:sys_writev+0x5e do_filewritev sys/kern/sys_generic.c:381 [inline]
[ 54.0724163] sys_writev() at netbsd:sys_writev+0x5e sys/kern/sys_generic.c:381
[ 54.1524213] sys_syscall() at netbsd:sys_syscall+0x1cf sy_call sys/sys/syscallvar.h:66 [inline]
[ 54.1524213] sys_syscall() at netbsd:sys_syscall+0x1cf sys/kern/sys_syscall.c:77
[ 54.2324179] syscall() at netbsd:syscall+0x2d5 sy_call sys/sys/syscallvar.h:65 [inline]
[ 54.2324179] syscall() at netbsd:syscall+0x2d5 sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 54.2324179] syscall() at netbsd:syscall+0x2d5 sys/arch/x86/x86/syscall.c:138
[ 54.2524193] --- syscall (number 0) ---
[ 54.2724174] netbsd:syscall+0x2d5:
[ 54.2841173] cpu0: End traceback...
[ 54.2841173] fatal breakpoint trap in supervisor mode
[ 54.2932310] trap type 1 code 0 rip 0xffffffff80221a85 cs 0x8 rflags 0x246 cr2 0x7b025a83ed30 ilevel 0 rsp 0xffff9980bf3955d0
[ 54.3043981] curlwp 0xffff89130573aa00 pid 1233.1233 lowest kstack 0xffff9980bf3912c0
Stopped in pid 1233.1233 (syz-executor5939) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x2d3 sys/kern/subr_prf.c:290
isAlreadyReported() at netbsd:isAlreadyReported
HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0x14e
HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
tunwrite() at netbsd:tunwrite+0xc7e sys/net/if_tun.c:948
cdev_write() at netbsd:cdev_write+0xfc sys/kern/subr_devsw.c:919
spec_write() at netbsd:spec_write+0x26c sys/miscfs/specfs/spec_vnops.c:778
VOP_WRITE() at netbsd:VOP_WRITE+0x138 sys/kern/vnode_if.c:540
vn_write() at netbsd:vn_write+0x308 sys/kern/vfs_vnops.c:612
do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x4a0
sys_writev() at netbsd:sys_writev+0x5e do_filewritev sys/kern/sys_generic.c:381 [inline]
sys_writev() at netbsd:sys_writev+0x5e sys/kern/sys_generic.c:381
sys_syscall() at netbsd:sys_syscall+0x1cf sy_call sys/sys/syscallvar.h:66 [inline]
sys_syscall() at netbsd:sys_syscall+0x1cf sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x2d5 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x2d5 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x2d5 sys/arch/x86/x86/syscall.c:138
--- syscall (number 0) ---
netbsd:syscall+0x2d5:
Panic string: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/if_tun.c:948:20, member access within null pointer of type 'struct mbuf'
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
1223 1223 2 0 0 ffff891303e164c0 syz-executor5939
1380 1380 3 0 0 ffff891304bcf600 syz-executor5939 tstile
1217 1217 3 1 40000 ffff89130546d580 syz-executor5939 tstile
1073 1073 3 1 40000 ffff89130573a180 syz-executor5939 tstile
1233 >1233 7 0 40000 ffff89130573aa00 syz-executor5939
1069 1069 2 0 40 ffff8913029e7980 syz-executor5939
1076 >1076 7 1 40 ffff8913029e7540 syz-executor5939
1116 1116 2 1 40 ffff891303e16900 syz-executor5939
1068 1068 2 0 40 ffff891303c72bc0 syz-executor5939
1100 1100 2 1 40 ffff891302ba8240 syz-executor5939
1121 1121 2 0 40 ffff891302a62200 syz-executor5939
1250 1250 3 1 40080 ffff8913029e7100 syz-executor5939 nanoslp
991 991 3 1 80 ffff891304c84940 sshd select
850 850 3 1 80 ffff891304c840c0 getty nanoslp
1088 1088 3 1 80 ffff891304c84500 getty nanoslp
696 696 3 0 80 ffff891302a62640 getty nanoslp
1090 1090 3 1 c0 ffff8913026765c0 getty ttyraw
942 942 3 1 80 ffff891303fe18c0 sshd select
979 979 3 1 80 ffff891303fe1040 powerd kqueue
734 734 3 0 80 ffff891302ba8680 syslogd kqueue
592 592 3 1 80 ffff891303c72780 dhcpcd poll
590 590 3 0 80 ffff891302f21280 dhcpcd poll
589 589 3 0 80 ffff891302d962c0 dhcpcd poll
546 546 3 0 80 ffff8913030c7b80 dhcpcd poll
347 347 3 0 80 ffff8913030c7300 dhcpcd poll
346 346 3 0 80 ffff891302d96b40 dhcpcd poll
345 345 3 1 80 ffff891302f216c0 dhcpcd poll
1 1 3 1 80 ffff8912fa49d900 init wait
0 853 3 0 200 ffff891302676a00 physiod physiod
0 166 3 0 200 ffff8913026f6a40 pooldrain pooldrain
0 165 2 0 240 ffff8913026f6600 ioflush
0 164 3 1 200 ffff8913026f61c0 pgdaemon pgdaemon
0 161 3 0 200 ffff891302676180 usb7 usbevt
0 31 3 0 200 ffff8912ff5e19c0 usb6 usbevt
0 63 3 1 200 ffff8912ff5e1580 usb5 usbevt
0 126 3 1 200 ffff8912ff5e1140 usb4 usbevt
0 125 3 1 200 ffff8912fc57c980 usb3 usbevt
0 124 3 0 200 ffff8912fc57c540 usb2 usbevt
0 123 3 1 200 ffff8912fc57c100 usb1 usbevt
0 122 3 1 200 ffff8912fa4d7940 usb0 usbevt
0 121 3 1 200 ffff8912fa4d7500 usbtask-dr usbtsk
0 120 3 0 200 ffff8912f795aac0 usbtask-hc usbtsk
0 119 3 0 200 ffff8912fa4d70c0 npfgc0 npfgcw
0 118 3 1 200 ffff8912fa49d4c0 rt_free rt_free
0 117 3 1 200 ffff8912fa49d080 unpgc unpgc
0 116 3 1 200 ffff8912fa4b08c0 key_timehandler key_timehandler
0 115 3 1 200 ffff8912fa4b0480 icmp6_wqinput/1 icmp6_wqinput
0 114 3 0 200 ffff8912fa4b0040 icmp6_wqinput/0 icmp6_wqinput
0 113 2 0 200 ffff8912fa453bc0 nd6_timer
0 112 3 1 200 ffff8912fa453780 carp6_wqinput/1 carp6_wqinput
0 111 3 0 200 ffff8912fa453340 carp6_wqinput/0 carp6_wqinput
0 110 3 1 200 ffff8912fa409700 carp_wqinput/1 carp_wqinput
0 109 3 0 200 ffff8912fa4092c0 carp_wqinput/0 carp_wqinput
0 108 3 1 200 ffff8912fa426b80 icmp_wqinput/1 icmp_wqinput
0 107 3 0 200 ffff8912fa426740 icmp_wqinput/0 icmp_wqinput
0 106 2 0 200 ffff8912fa426300 rt_timer
0 105 3 0 200 ffff8912fa409b40 vmem_rehash vmem_rehash
0 104 3 0 200 ffff8912f9da8b00 entbutler entropy
0 30 3 1 200 ffff8912f9da86c0 vioif0_txrx/1 vioif0_txrx
0 29 3 0 200 ffff8912f9da8280 vioif0_txrx/0 vioif0_txrx
0 27 3 0 200 ffff8912f795a680 scsibus0 sccomp
0 26 3 0 200 ffff8912f795a240 pms0 pmsreset
0 25 3 1 200 ffff8912f788ca80 xcall/1 xcall
0 24 1 1 200 ffff8912f788c640 softser/1
0 23 1 1 200 ffff8912f788c200 softclk/1
0 22 1 1 200 ffff8912f7857a40 softbio/1
0 21 1 1 200 ffff8912f7857600 softnet/1
0 20 1 1 201 ffff8912f78571c0 idle/1
0 19 3 0 200 ffff89140778fa00 lnxpwrwq lnxpwrwq
0 18 3 0 200 ffff89140778f5c0 lnxlngwq lnxlngwq
0 17 3 0 200 ffff89140778f180 lnxsyswq lnxsyswq
0 16 3 0 200 ffff8914077a09c0 lnxrcugc lnxrcugc
0 15 3 0 200 ffff8914077a0580 sysmon smtaskq
0 14 3 0 200 ffff8914077a0140 pmfsuspend pmfsuspend
0 13 3 0 200 ffff8914077bb980 pmfevent pmfevent
0 12 3 0 200 ffff8914077bb540 sopendfree sopendfr
0 11 3 1 200 ffff8914077bb100 iflnkst iflnkst
0 10 3 0 200 ffff8914087dc940 nfssilly nfssilly
0 9 3 0 200 ffff8914087dc500 vdrain vdrain
0 8 3 0 200 ffff8914087dc0c0 modunload mod_unld
0 7 3 0 200 ffff891408815900 xcall/0 xcall
0 6 1 0 200 ffff8914088154c0 softser/0
0 5 1 0 200 ffff891408815080 softclk/0
0 4 1 0 200 ffff89140883f8c0 softbio/0
0 3 1 0 200 ffff89140883f480 softnet/0
0 2 1 0 201 ffff89140883f040 idle/0
0 0 2 0 240 ffffffff85cc96c0 swapper
[Locks tracked through LWPs]
****** LWP 1223.1223 (syz-executor5939) @ 0xffff891303e164c0, l_stat=2
*** Locks held:
* Lock 0 (initialized at pmap_ctor)
lock address : 0xffff891302ed7b80 type : sleep/adaptive
initialized : 0xffffffff80f2dea3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891303e164c0 last held: 0xffff891303e164c0
last locked* : 0xffffffff80f30557 unlocked : 0xffffffff80f2dbe6
owner field : 0xffff891303e164c0 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 1380.1380 (syz-executor5939) @ 0xffff891304bcf600, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff891304f36d80 type : sleep/adaptive
initialized : 0xffffffff830a032c
shared holds : 1 exclusive: 0
shares wanted: 0 exclusive: 2
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891304bcf600 last held: 0xffff8913029e7980
last locked : 0xffffffff830e751e unlocked*: 0xffffffff830d6c3a
owner/count : 0x0000000000000020 flags : 0x0000000000000003
Turnstile:
=> 0 waiting readers:
=> 3 waiting writers: 0xffff89130573a180 0xffff891304bcf600 0xffff89130546d580
****** LWP 1217.1217 (syz-executor5939) @ 0xffff89130546d580, l_stat=3
*** Locks held:
* Lock 0 (initialized at fork1)
lock address : 0xffff891305485dd0 type : sleep/adaptive
initialized : 0xffffffff831b8bb0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff89130546d580 last held: 0xffff89130546d580
last locked* : 0xffffffff831b0e5b unlocked : 000000000000000000
owner/count : 0xffff89130546d580 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff891304f36a00 type : sleep/adaptive
initialized : 0xffffffff830a032c
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 1 last held: 1
relevant lwp : 0xffff89130546d580 last held: 000000000000000000
last locked : 0xffffffff830c3cec unlocked*: 0xffffffff830c0228
owner/count : 000000000000000000 flags : 000000000000000000
Turnstile: no active turnstile for this lock.
****** LWP 1073.1073 (syz-executor5939) @ 0xffff89130573a180, l_stat=3
*** Locks held:
* Lock 0 (initialized at fork1)
lock address : 0xffff891305b99390 type : sleep/adaptive
initialized : 0xffffffff831b8bb0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff89130573a180 last held: 0xffff89130573a180
last locked* : 0xffffffff831b0e5b unlocked : 000000000000000000
owner/count : 0xffff89130573a180 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff891304f36d80 type : sleep/adaptive
initialized : 0xffffffff830a032c
shared holds : 1 exclusive: 0
shares wanted: 0 exclusive: 2
relevant cpu : 1 last held: 0
relevant lwp : 0xffff89130573a180 last held: 0xffff8913029e7980
last locked : 0xffffffff830e751e unlocked*: 0xffffffff830d6c3a
owner/count : 0x0000000000000020 flags : 0x0000000000000003
Turnstile:
=> 0 waiting readers:
=> 3 waiting writers: 0xffff89130573a180 0xffff891304bcf600 0xffff89130546d580
****** LWP 1069.1069 (syz-executor5939) @ 0xffff8913029e7980, l_stat=2
*** Locks held:
* Lock 0 (initialized at uvm_map_setup)
lock address : 0xffff8912fa4e0460 type : sleep/adaptive
initialized : 0xffffffff830e6ecc
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8913029e7980 last held: 0xffff8913029e7980
last locked* : 0xffffffff830d9291 unlocked : 0xffffffff830c0247
owner/count : 0xffff8913029e7980 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at pmap_ctor)
lock address : 0xffff891302d20980 type : sleep/adaptive
initialized : 0xffffffff80f2dea3
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8913029e7980 last held: 000000000000000000
last locked : 0xffffffff80f30557 unlocked*: 0xffffffff80f30c4c
owner field : 0xffff8913029e7980 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 590.590 (dhcpcd) @ 0xffff891302f21280, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891302f21280 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 589.589 (dhcpcd) @ 0xffff891302d962c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891302d962c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 346.346 (dhcpcd) @ 0xffff891302d96b40, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891302d96b40 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 345.345 (dhcpcd) @ 0xffff891302f216c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffff891302f216c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.11 (iflnkst) @ 0xffff8914077bb100, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffff8914077bb100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.5 (softclk/0) @ 0xffff891408815080, l_stat=1
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891408815080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
[Locks tracked through CPUs]
PAGE FLAG PQ UOBJECT UANON
0xffff998000007180 0045 00000000 0x0 0x0
0xffff998000007200 0045 00000000 0x0 0x0
0xffff998000007280 0045 00000000 0x0 0x0
0xffff998000007300 0045 00000000 0x0 0x0
0xffff998000007380 0045 00000000 0x0 0x0
0xffff998000007400 0045 00000000 0x0 0x0
0xffff998000007480 0045 00000000 0x0 0x0
0xffff998000007500 0045 00000000 0x0 0x0
0xffff998000007580 0041 00000000 0x0 0x0
0xffff998000007600 0041 00000000 0x0 0x0
0xffff998000007680 0041 00000000 0x0 0x0
0xffff998000007700 0045 00000000 0x0 0x0
0xffff998000007780 0045 00000000 0x0 0x0
0xffff998000007800 0045 00000000 0x0 0x0
0xffff998000007880 0041 00000000 0x0 0x0
0xffff998000007900 0041 00000000 0x0 0x0
0xffff998000007980 0041 00000000 0x0 0x0
0xffff998000007a00 0041 00000000 0x0 0x0
0xffff998000007a80 0041 00000000 0x0 0x0
0xffff998000007b00 0041 00000000 0x0 0x0
0xffff998000007b80 0041 00000000 0x0 0x0
0xffff998000007c00 0041 00000000 0x0 0x0
0xffff998000007c80 0041 00000000 0x0 0x0
0xffff998000007d00 0041 00000000 0x0 0x0
0xffff998000007d80 0041 00000000 0x0 0x0
0xffff998000007e00 0041 00000000 0x0 0x0
0xffff998000007e80 0041 00000000 0x0 0x0
0xffff998000007f00 0041 00000000 0x0 0x0
0xffff998000007f80 0041 00000000 0x0 0x0
0xffff998000008000 0041 00000000 0x0 0x0
0xffff998000008080 0041 00000000 0x0 0x0
0xffff998000008100 0041 00000000 0x0 0x0
0xffff998000008180 0041 00000000 0x0 0x0
0xffff998000008200 0041 00000000 0x0 0x0
0xffff998000008280 0041 00000000 0x0 0x0
0xffff998000008300 0041 00000000 0x0 0x0
0xffff998000008380 0041 00000000 0x0 0x0
0xffff998000008400 0041 00000000 0x0 0x0
0xffff998000008480 0041 00000000 0x0 0x0
0xffff998000008500 0041 00000000 0x0 0x0
0xffff998000008580 0041 00000000 0x0 0x0
0xffff998000008600 0041 00000000 0x0 0x0
0xffff998000008680 0045 00000000 0x0 0x0
0xffff998000008700 0041 00000000 0x0 0x0
0xffff998000008780 0041 00000000 0x0 0x0
0xffff998000008800 0041 00000000 0x0 0x0
0xffff998000008880 0041 00000000 0x0 0x0
0xffff998000008900 0041 00000000 0x0 0x0
0xffff998000008980 0041 00000000 0x0 0x0
0xffff998000008a00 0041 00000000 0x0 0x0
0xffff998000008a80 0041 00000000 0x0 0x0
0xffff998000008b00 0041 00000000 0x0 0x0
0xffff998000008b80 0041 00000000 0x0 0x0
0xffff998000008c00 0041 00000000 0x0 0x0
0xffff998000008c80 0041 00000000 0x0 0x0
0xffff998000008d00 0041 00000000 0x0 0x0
0xffff998000008d80 0041 00000000 0x0 0x0
0xffff998000008e00 0041 00000000 0x0 0x0
0xffff998000008e80 0041 00000000 0x0 0x0
0xffff998000008f00 0045 00000000 0x0 0x0
0xffff998000008f80 0041 00000000 0x0 0x0
0xffff998000009000 0041 00000000 0x0 0x0
0xffff998000009080 0041 00000000 0x0 0x0
0xffff998000009100 0041 00000000 0x0 0x0
0xffff998000009180 0041 00000000 0x0 0x0
0xffff998000009200 0041 00000000 0x0 0x0
0xffff998000009280 0041 00000000 0x0 0x0
0xffff998000009300 0041 00000000 0x0 0x0
0xffff998000009380 0041 00000000 0x0 0x0
0xffff998000009400 0041 00000000 0x0 0x0
0xffff998000009480 0041 00000000 0x0 0x0
0xffff998000009500 0041 00000000 0x0 0x0
0xffff998000009580 0045 00000000 0x0 0x0
0xffff998000009600 0041 00000000 0x0 0x0
0xffff998000009680 0041 00000000 0x0 0x0
0xffff998000009700 0041 00000000 0x0 0x0
0xffff998000009780 0041 00000000 0x0 0x0
0xffff998000009800 0041 00000000 0x0 0x0
0xffff998000009880 0041 00000000 0x0 0x0
0xffff998000009900 0041 00000000 0x0 0x0
0xffff998000009980 0041 00000000 0x0 0x0
0xffff998000009a00 0041 00000000 0x0 0x0
0xffff998000009a80 0041 00000000 0x0 0x0
0xffff998000009b00 0041 00000000 0x0 0x0
0xffff998000009b80 0041 00000000 0x0 0x0
0xffff998000009c00 0041 00000000 0x0 0x0
0xffff998000009c80 0041 00000000 0x0 0x0
0xffff998000009d00 0041 00000000 0x0 0x0
0xffff998000009d80 0041 00000000 0x0 0x0
0xffff998000009e00 0041 00000000 0x0 0x0
0xffff998000009e80 0041 00000000 0x0 0x0
0xffff998000009f00 0041 00000000 0x0 0x0
0xffff998000009f80 0041 00000000 0x0 0x0
0xffff99800000a000 0041 00000000 0x0 0x0
0xffff99800000a080 0041 00000000 0x0 0x0
0xffff99800000a100 0045 00000000 0x0 0x0
0xffff99800000a180 0041 00000000 0x0 0x0
0xffff99800000a200 0041 00000000 0x0 0x0
0xffff99800000a280 0041 00000000 0x0 0x0
0xffff99800000a300 0041 00000000 0x0 0x0
0xffff99800000a380 0041 00000000 0x0 0x0
0xffff99800000a400 0041 00000000 0x0 0x0
0xffff99800000a480 0041 00000000 0x0 0x0
0xffff99800000a500 0041 00000000 0x0 0x0
0xffff99800000a580 0041 00000000 0x0 0x0
0xffff99800000a600 0041 00000000 0x0 0x0
0xffff99800000a680 0041 00000000 0x0 0x0
0xffff99800000a700 0041 00000000 0x0 0x0
0xffff99800000a780 0041 00000000 0x0 0x0
0xffff99800000a800 0041 00000000 0x0 0x0
0xffff99800000a880 0041 00000000 0x0 0x0
0xffff99800000a900 0041 00000000 0x0 0x0
0xffff99800000a980 0041 00000000 0x0 0x0
0xffff99800000aa00 0045 00000000 0x0 0x0
0xffff99800000aa80 0041 00000000 0x0 0x0
0xffff99800000ab00 0041 00000000 0x0 0x0
0xffff99800000ab80 0041 00000000 0x0 0x0
0xffff99800000ac00 0041 00000000 0x0 0x0
0xffff99800000ac80 0041 00000000 0x0 0x0
0xffff99800000ad00 0041 00000000 0x0 0x0
0xffff99800000ad80 0045 00000000 0x0 0x0
0xffff99800000ae00 0045 00000000 0x0 0x0
0xffff99800000ae80 0045 00000000 0x0 0x0
0xffff99800000af00 0041 00000000 0x0 0x0
0xffff99800000af80 0041 00000000 0x0 0x0
0xffff99800000b000 0041 00000000 0x0 0x0
0xffff99800000b080 0041 00000000 0x0 0x0
0xffff99800000b100 0041 00000000 0x0 0x0
0xffff99800000b180 0045 00000000 0x0 0x0
0xffff99800000b200 0045 00000000 0x0 0x0
0xffff99800000b280 0045 00000000 0x0 0x0
0xffff99800000b300 0041 00000000 0x0 0x0
0xffff99800000b380 0041 00000000 0x0 0x0
0xffff99800000b400 0041 00000000 0x0 0x0
0xffff99800000b480 0041 00000000 0x0 0x0
0xffff99800000b500 0041 00000000 0x0 0x0
0xffff99800000b580 0045 00000000 0x0 0x0
0xffff99800000b600 0045 00000000 0x0 0x0
0xffff99800000b680 0045 00000000 0x0 0x0
0xffff99800000b700 0041 00000000 0x0 0x0
0xffff99800000b780 0045 00000000 0x0 0x0
0xffff99800000b800 0045 00000000 0x0 0x0
0xffff99800000b880 0041 00000000 0x0 0x0
0xffff99800000b900 0045 00000000 0x0 0x0
0xffff99800000b980 0045 00000000 0x0 0x0
0xffff99800000ba00 0045 00000000 0x0 0x0
0xffff99800000ba80 0045 00000000 0x0 0x0
0xffff99800000bb00 0045 00000000 0x0 0x0
0xffff99800000bb80 0045 00000000 0x0 0x0
0xffff99800000bc00 0045 00000000 0x0 0x0
0xffff99800000bc80 0045 00000000 0x0 0x0
0xffff99800000bd00 0045 00000000 0x0 0x0
0xffff99800000bd80 0045 00000000 0x0 0x0
0xffff99800000be00 0041 00000000 0x0 0x0
0xffff99800000be80 0041 00000000 0x0 0x0
0xffff99800000bf00 0045 00000000 0x0 0x0
0xffff99800000bf80 0045 00000000 0x0 0x0
0xffff99800000c000 0045 00000000 0x0 0x0
0xffff99800000c080 0045 00000000 0x0 0x0
0xffff99800000c100 0045 00000000 0x0 0x0
0xffff99800000c180 0041 00000000 0x0 0x0
0xffff99800000c200 0041 00000000 0x0 0x0
0xffff99800000c280 0041 00000000 0x0 0x0
0xffff99800000c300 0045 00000000 0x0 0x0
0xffff99800000c380 0045 00000000 0x0 0x0
0xffff99800000c400 0045 00000000 0x0 0x0
0xffff99800000c480 0045 00000000 0x0 0x0
0xffff99800000c500 0045 00000000 0x0 0x0
0xffff99800000c580 0041 00000000 0x0 0x0
0xffff99800000c600 0041 00000000 0x0 0x0
0xffff99800000c680 0041 00000000 0x0 0x0
0xffff99800000c700 0045 00000000 0x0 0x0
0xffff99800000c780 0041 00000000 0x0 0x0
0xffff99800000c800 0045 00000000 0x0 0x0
0xffff99800000c880 0045 00000000 0x0 0x0
0xffff99800000c900 0045 00000000 0x0 0x0
0xffff99800000c980 0041 00000000 0x0 0x0
0xffff99800000ca00 0041 00000000 0x0 0x0
0xffff99800000ca80 0041 00000000 0x0 0x0
0xffff99800000cb00 0041 00000000 0x0 0x0
0xffff99800000cb80 0041 00000000 0x0 0x0
0xffff99800000cc00 0041 00000000 0x0 0x0
0xffff99800000cc80 0045 00000000 0x0 0x0
0xffff99800000cd00 0041 00000000 0x0 0x0
0xffff99800000cd80 0041 00000000 0x0 0x0
0xffff99800000ce00 0041 00000000 0x0 0x0
0xffff99800000ce80 0041 00000000 0x0 0x0
0xffff99800000cf00 0041 00000000 0x0 0x0
0xffff99800000cf80 0041 00000000 0x0 0x0
0xffff99800000d000 0041 00000000 0x0 0x0
0xffff99800000d080 0041 00000000 0x0 0x0
0xffff99800000d100 0041 00000000 0x0 0x0
0xffff99800000d180 0041 00000000 0x0 0x0
0xffff99800000d200 0045 00000000 0x0 0x0
0xffff99800000d280 0045 00000000 0x0 0x0
0xffff99800000d300 0041 00000000 0x0 0x0
0xffff99800000d380 0045 00000000 0x0 0x0
0xffff99800000d400 0041 00000000 0x0 0x0
0xffff99800000d480 0041 00000000 0x0 0x0
0xffff99800000d500 0041 00000000 0x0 0x0
0xffff99800000d580 0045 00000000 0x0 0x0
0xffff99800000d600 0041 00000000 0x0 0x0
0xffff99800000d680 0041 00000000 0x0 0x0
0xffff99800000d700 0045 00000000 0x0 0x0
0xffff99800000d780 0041 00000000 0x0 0x0
0xffff99800000d800 0045 00000000 0x0 0x0
0xffff99800000d880 0041 00000000 0x0 0x0
0xffff99800000d900 0041 00000000 0x0 0x0
0xffff99800000d980 0045 00000000 0x0 0x0
0xffff99800000da00 0041 00000000 0x0 0x0
0xffff99800000da80 0041 00000000 0x0 0x0
0xffff99800000db00 0041 00000000 0x0 0x0
0xffff99800000db80 0045 00000000 0x0 0x0
0xffff99800000dc00 0041 00000000 0x0 0x0
0xffff99800000dc80 0041 00000000 0x0 0x0
0xffff99800000dd00 0045 00000000 0x0 0x0
0xffff99800000dd80 0041 00000000 0x0 0x0
0xffff99800000de00 0041 00000000 0x0 0x0
0xffff99800000de80 0041 00000000 0x0 0x0
0xffff99800000df00 0041 00000000 0x0 0x0
0xffff99800000df80 0045 00000000 0x0 0x0
0xffff99800000e000 0045 00000000 0x0 0x0
0xffff99800000e080 0045 00000000 0x0 0x0
0xffff99800000e100 0045 00000000 0x0 0x0
0xffff99800000e180 0041 00000000 0x0 0x0
0xffff99800000e200 0041 00000000 0x0 0x0
0xffff99800000e280 0041 00000000 0x0 0x0
0xffff99800000e300 0045 00000000 0x0 0x0
0xffff99800000e380 0045 00000000 0x0 0x0
0xffff99800000e400 0045 00000000 0x0 0x0
0xffff99800000e480 0045 00000000 0x0 0x0
0xffff99800000e500 0041 00000000 0x0 0x0
0xffff99800000e580 0041 00000000 0x0 0x0
0xffff99800000e600 0041 00000000 0x0 0x0
0xffff99800000e680 0041 00000000 0x0 0x0
0xffff99800000e700 0041 00000000 0x0 0x0
0xffff99800000e780 0041 00000000 0x0 0x0
0xffff99800000e800 0045 00000000 0x0 0x0
0xffff99800000e880 0045 00000000 0x0 0x0
0xffff99800000e900 0041 00000000 0x0 0x0
0xffff99800000e980 0041 00000000 0x0 0x0
0xffff99800000ea00 0041 00000000 0x0 0x0
0xffff99800000ea80 0041 00000000 0x0 0x0
0xffff99800000eb00 0045 00000000 0x0 0x0
0xffff99800000eb80 0041 00000000 0x0 0x0
0xffff99800000ec00 0041 00000000 0x0 0x0
0xffff99800000ec80 0041 00000000 0x0 0x0
0xffff99800000ed00 0045 00000000 0x0 0x0
0xffff99800000ed80 0041 00000000 0x0 0x0
0xffff99800000ee00 0041 00000000 0x0 0x0
0xffff99800000ee80 0041 00000000 0x0 0x0
0xffff99800000ef00 0041 00000000 0x0 0x0
0xffff99800000ef80 0041 00000000 0x0 0x0
0xffff99800000f000 0045 00000000 0x0 0x0
0xffff99800000f080 0045 00000000 0x0 0x0
0xffff99800000f100 0041 00000000 0x0 0x0
0xffff99800000f180 0041 00000000 0x0 0x0
0xffff99800000f200 0041 00000000 0x0 0x0
0xffff99800000f280 0045 00000000 0x0 0x0
0xffff99800000f300 0041 00000000 0x0 0x0
0xffff99800000f380 0041 00000000 0x0 0x0
0xffff99800000f400 0041 00000000 0x0 0x0
0xffff99800000f480 0041 00000000 0x0 0x0
0xffff99800000f500 0041 00000000 0x0 0x0
0xffff99800000f580 0041 00000000 0x0 0x0
0xffff99800000f600 0045 00000000 0x0 0x0
0xffff99800000f680 0041 00000000 0x0 0x0
0xffff99800000f700 0041 00000000 0x0 0x0
0xffff99800000f780 0041 00000000 0x0 0x0
0xffff99800000f800 0041 00000000 0x0 0x0
0xffff99800000f880 0041 00000000 0x0 0x0
0xffff99800000f900 0041 00000000 0x0 0x0
0xffff99800000f980 0041 00000000 0x0 0x0
0xffff99800000fa00 0041 00000000 0x0 0x0
0xffff99800000fa80 0041 00000000 0x0 0x0
0xffff99800000fb00 0041 00000000 0x0 0x0
0xffff99800000fb80 0045 00000000 0x0 0x0
0xffff99800000fc00 0041 00000000 0x0 0x0
0xffff99800000fc80 0041 00000000 0x0 0x0
0xffff99800000fd00 0041 00000000 0x0 0x0
0xffff99800000fd80 0045 00000000 0x0 0x0
0xffff99800000fe00 0041 00000000 0x0 0x0
0xffff99800000fe80 0041 00000000 0x0 0x0
0xffff99800000ff00 0041 00000000 0x0 0x0
0xffff99800000ff80 0041 00000000 0x0 0x0
0xffff998000010000 0041 00000000 0x0 0x0
0xffff998000010080 0041 00000000 0x0 0x0
0xffff998000010100 0041 00000000 0x0 0x0
0xffff998000010180 0041 00000000 0x0 0x0
0xffff998000010200 0041 00000000 0x0 0x0
0xffff998000010280 0041 00000000 0x0 0x0
0xffff998000010300 0041 00000000 0x0 0x0
0xffff998000010380 0041 00000000 0x0 0x0
0xffff998000010400 0041 00000000 0x0 0x0
0xffff998000010480 0041 00000000 0x0 0x0
0xffff998000010500 0041 00000000 0x0 0x0
0xffff998000010580 0041 00000000 0x0 0x0
0xffff998000010600 0041 00000000 0x0 0x0
0xffff998000010680 0041 00000000 0x0 0x0
0xffff998000010700 0045 00000000 0x0 0x0
0xffff998000010780 0041 00000000 0x0 0x0
0xffff998000010800 0045 00000000 0x0 0x0
0xffff998000010880 0041 00000000 0x0 0x0
0xffff998000010900 0045 00000000 0x0 0x0
0xffff998000010980 0041 00000000 0x0 0x0
0xffff998000010a00 0041 00000000 0x0 0x0
0xffff998000010a80 0041 00000000 0x0 0x0
0xffff998000010b00 0041 00000000 0x0 0x0
0xffff998000010b80 0045 00000000 0x0 0x0
0xffff998000010c00 0041 00000000 0x0 0x0
0xffff998000010c80 0041 00000000 0x0 0x0
0xffff998000010d00 0041 00000000 0x0 0x0
0xffff998000010d80 0041 00000000 0x0 0x0
0xffff998000010e00 0041 00000000 0x0 0x0
0xffff998000010e80 0041 00000000 0x0 0x0
0xffff998000010f00 0041 00000000 0x0 0x0
0xffff998000010f80 0041 00000000 0x0 0x0
0xffff998000011000 0041 00000000 0x0 0x0
0xffff998000011080 0041 00000000 0x0 0x0
0xffff998000011100 0041 00000000 0x0 0x0
0xffff998000011180 0041 00000000 0x0 0x0
0xffff998000011200 0041 00000000 0x0 0x0
0xffff998000011280 0041 00000000 0x0 0x0
0xffff998000011300 0041 00000000 0x0 0x0
0xffff998000011380 0041 00000000 0x0 0x0
0xffff998000011400 0041 00000000 0x0 0x0
0xffff998000011480 0001 00000000 0x0 0x0
0xffff998000011500 0001 00000000 0x0 0x0
0xffff998000011580 0001 00000000 0x0 0x0
0xffff998000011600 0001 00000000 0x0 0x0
0xffff998000011680 0001 00000000 0x0 0x0
0xffff998000011700 0001 00000000 0x0 0x0
0xffff998000011780 0001 00000000 0x0 0x0
0xffff998000011800 0001 00000000 0x0 0x0
0xffff998000011880 0001 00000000 0x0 0x0
0xffff998000011900 0001 00000000 0x0 0x0
0xffff998000011980 0001 00000000 0x0 0x0
0xffff998000011a00 0001 00000000 0x0 0x0
0xffff998000011a80 0001 00000000 0x0 0x0
0xffff998000011b00 0001 00000000 0x0 0x0
0xffff998000011b80 0001 00000000 0x0 0x0
0xffff998000011c00 0001 00000000 0x0 0x0
0xffff998000011c80 0001 00000000 0x0 0x0
0xffff998000011d00 0001 00000000 0x0 0x0
0xffff998000011d80 0001 00000000 0x0 0x0
0xffff998000011e00 0001 00000000 0x0 0x0
0xffff998000011e80 0001 00000000 0x0 0x0
0xffff998000011f00 0001 00000000 0x0 0x0
0xffff998000011f80 0001 00000000 0x0 0x0
0xffff998000012000 0001 00000000 0x0 0x0
0xffff998000012080 0001 00000000 0x0 0x0
0xffff998000012100 0001 00000000 0x0 0x0
0xffff998000012180 0001 00000000 0x0 0x0
0xffff998000012200 0001 00000000 0x0 0x0
0xffff998000012280 0001 00000000 0x0 0x0
0xffff998000012300 0001 00000000 0x0 0x0
0xffff998000012380 0001 00000000 0x0 0x0
0xffff998000012400 0001 00000000 0x0 0x0
0xffff998000012480 0001 00000000 0x0 0x0
0xffff998000012500 0001 00000000 0x0 0x0
0xffff998000012580 0001 00000000 0x0 0x0
0xffff998000012600 0001 00000000 0x0 0x0
0xffff998000012680 0001 00000000 0x0 0x0
0xffff998000012700 0001 00000000 0x0 0x0
0xffff998000012780 0001 00000000 0x0 0x0
0xffff998000012800 0001 00000000 0x0 0x0
0xffff998000012880 0001 00000000 0x0 0x0
0xffff998000012900 0001 00000000 0x0 0x0
0xffff998000012980 0001 00000000 0x0 0x0
0xffff998000012a00 0001 00000000 0x0 0x0
0xffff998000012a80 0001 00000000 0x0 0x0
0xffff998000012b00 0001 00000000 0x0 0x0
0xffff998000012b80 0001 00000000 0x0 0x0
0xffff998000012c00 0001 00000000 0x0 0x0
0xffff998000012c80 0001 00000000 0x0 0x0
0xffff998000012d00 0001 00000000 0x0 0x0
0xffff998000012d80 0001 00000000 0x0 0x0
0xffff998000012e00 0001 00000000 0x0 0x0
0xffff998000012e80 0001 00000000 0x0 0x0
0xffff998000012f00 0001 00000000 0x0 0x0
0xffff998000012f80 0041 00000000 0x0 0x0
0xffff998000013000 0045 00000000 0x0 0x0
0xffff998000013080 0041 00000000 0x0 0x0
0xffff998000013100 0041 00000000 0x0 0x0
0xffff998000013180 0041 00000000 0x0 0x0
0xffff998000013200 0041 00000000 0x0 0x0
0xffff998000013280 0041 00000000 0x0 0x0
0xffff998000013300 0041 00000000 0x0 0x0
0xffff998000013380 0041 00000000 0x0 0x0
0xffff998000013400 0041 00000000 0x0 0x0
0xffff998000013480 0041 00000000 0x0 0x0
0xffff998000013500 0041 00000000 0x0 0x0
0xffff998000013580 0041 00000000 0x0 0x0
0xffff998000013600 0041 00000000 0x0 0x0
0xffff998000013680 0041 00000000 0x0 0x0
0xffff998000013700 0041 00000000 0x0 0x0
0xffff998000013780 0041 00000000 0x0 0x0
0xffff998000013800 0041 00000000 0x0 0x0
0xffff998000013880 0041 00000000 0x0 0x0
0xffff998000013900 0041 00000000 0x0 0x0
0xffff998000013980 0041 00000000 0x0 0x0
0xffff998000013a00 0041 00000000 0x0 0x0
0xffff998000013a80 0041 00000000 0x0 0x0
0xffff998000013b00 0041 00000000 0x0 0x0
0xffff998000013b80 0041 00000000 0x0 0x0
0xffff998000013c00 0041 00000000 0x0 0x0
0xffff998000013c80 0041 00000000 0x0 0x0
0xffff998000013d00 0041 00000000 0x0 0x0
0xffff998000013d80 0041 00000000 0x0 0x0
0xffff998000013e00 0041 00000000 0x0 0x0
0xffff998000013e80 0041 00000000 0x0 0x0
0xffff998000013f00 0041 00000000 0x0 0x0
0xffff998000013f80 0041 00000000 0x0 0x0
0xffff998000014000 0041 00000000 0x0 0x0
0xffff998000014080 0041 00000000 0x0 0x0
0xffff998000014100 0041 00000000 0x0 0x0
0xffff998000014180 0041 00000000 0x0 0x0
0xffff998000014200 0041 00000000 0x0 0x0
0xffff998000014280 0041 00000000 0x0 0x0
0xffff998000014300 0041 00000000 0x0 0x0
0xffff998000014380 0041 00000000 0x0 0x0
0xffff998000014400 0041 00000000 0x0 0x0
0xffff998000014480 0041 00000000 0x0 0x0
0xffff998000014500 0041 00000000 0x0 0x0
0xffff998000014580 0041 00000000 0x0 0x0
0xffff998000014600 0041 00000000 0x0 0x0
0xffff998000014680 0041 00000000 0x0 0x0
0xffff998000014700 0041 00000000 0x0 0x0
0xffff998000014780 0041 00000000 0x0 0x0
0xffff998000014800 0041 00000000 0x0 0x0
0xffff998000014880 0001 00000000 0x0 0x0
0xffff998000014900 0001 00000000 0x0 0x0
0xffff998000014980 0001 00000000 0x0 0x0
0xffff998000014a00 0001 00000000 0x0 0x0
0xffff998000014a80 0001 00000000 0x0 0x0
0xffff998000014b00 0001 00000000 0x0 0x0
0xffff998000014b80 0001 00000000 0x0 0x0
0xffff998000014c00 0001 00000000 0x0 0x0
0xffff998000014c80 0001 00000000 0x0 0x0
0xffff998000014d00 0001 00000000 0x0 0x0
0xffff998000014d80 0001 00000000 0x0 0x0
0xffff998000014e00 0001 00000000 0x0 0x0
0xffff998000014e80 0001 00000000 0x0 0x0
0xffff998000014f00 0001 00000000 0x0 0x0
0xffff998000014f80 0001 00000000 0x0 0x0
0xffff998000015000 0001 00000000 0x0 0x0
0xffff998000015080 0001 00000000 0x0 0x0
0xffff998000015100 0001 00000000 0x0 0x0
0xffff998000015180 0001 00000000 0x0 0x0
0xffff998000015200 0001 00000000 0x0 0x0
0xffff998000015280 0001 00000000 0x0 0x0
0xffff998000015300 0001 00000000 0x0 0x0
0xffff998000015380 0001 00000000 0x0 0x0
0xffff998000015400 0001 00000000 0x0 0x0
0xffff998000015480 0001 00000000 0x0 0x0
0xffff998000015500 0001 00000000 0x0 0x0
0xffff998000015580 0001 00000000 0x0 0x0
0xffff998000015600 0001 00000000 0x0 0x0
0xffff998000015680 0001 00000000 0x0 0x0
0xffff998000015700 0001 00000000 0x0 0x0
0xffff998000015780 0001 00000000 0x0 0x0
0xffff998000015800 0001 00000000 0x0 0x0
0xffff998000015880 0001 00000000 0x0 0x0
0xffff998000015900 0001 00000000 0x0 0x0
0xffff998000015980 0001 00000000 0x0 0x0
0xffff998000015a00 0001 00000000 0x0 0x0
0xffff998000015a80 0001 00000000 0x0 0x0
0xffff998000015b00 0001 00000000 0x0 0x0
0xffff998000015b80 0001 00000000 0x0 0x0
0xffff998000015c00 0001 00000000 0x0 0x0
0xffff998000015c80 0001 00000000 0x0 0x0
0xffff998000015d00 0001 00000000 0x0 0x0
0xffff998000015d80 0001 00000000 0x0 0x0
0xffff998000015e00 0001 00000000 0x0 0x0
0xffff998000015e80 0001 00000000 0x0 0x0
0xffff998000015f00 0001 00000000 0x0 0x0
0xffff998000015f80 0001 00000000 0x0 0x0
0xffff998000016000 0001 00000000 0x0 0x0
0xffff998000016080 0001 00000000 0x0 0x0
0xffff998000016100 0001 00000000 0x0 0x0
0xffff998000016180 0001 00000000 0x0 0x0
0xffff998000016200 0001 00000000 0x0 0x0
0xffff998000016280 0001 00000000 0x0 0x0
0xffff998000016300 0001 00000000 0x0 0x0
0xffff998000016380 0041 00000000 0x0 0x0
0xffff998000016400 0041 00000000 0x0 0x0
0xffff998000016480 0041 00000000 0x0 0x0
0xffff998000016500 0041 00000000 0x0 0x0
0xffff998000016580 0041 00000000 0x0 0x0
0xffff998000016600 0041 00000000 0x0 0x0
0xffff998000016680 0041 00000000 0x0 0x0
0xffff998000016700 0041 00000000 0x0 0x0
0xffff998000016780 0041 00000000 0x0 0x0
0xffff998000016800 0041 00000000 0x0 0x0
0xffff998000016880 0041 00000000 0x0 0x0
0xffff998000016900 0041 00000000 0x0 0x0
0xffff998000016980 0041 00000000 0x0 0x0
0xffff998000016a00 0041 00000000 0x0 0x0
0xffff998000016a80 0041 00000000 0x0 0x0
0xffff998000016b00 0041 00000000 0x0 0x0
0xffff998000016b80 0041 00000000 0x0 0x0
0xffff998000016c00 0041 00000000 0x0 0x0
0xffff998000016c80 0041 00000000 0x0 0x0
0xffff998000016d00 0041 00000000 0x0 0x0
0xffff998000016d80 0041 00000000 0x0 0x0
0xffff998000016e00 0041 00000000 0x0 0x0
0xffff998000016e80 0041 00000000 0x0 0x0
0xffff998000016f00 0041 00000000 0x0 0x0
0xffff998000016f80 0041 00000000 0x0 0x0
0xffff998000017000 0041 00000000 0x0 0x0
0xffff998000017080 0041 00000000 0x0 0x0
0xffff998000017100 0041 00000000 0x0 0x0
0xffff998000017180 0041 00000000 0x0 0x0
0xffff998000017200 0041 00000000 0x0 0x0
0xffff998000017280 0041 00000000 0x0 0x0
0xffff998000017300 0041 00000000 0x0 0x0
0xffff998000017380 0041 00000000 0x0 0x0
0xffff998000017400 0041 00000000 0x0 0x0
0xffff998000017480 0041 00000000 0x0 0x0
0xffff998000017500 0041 00000000 0x0 0x0
0xffff998000017580 0041 00000000 0x0 0x0
0xffff998000017600 0041 00000000 0x0 0x0
0xffff998000017680 0045 00000000 0x0 0x0
0xffff998000017700 0041 00000000 0x0 0x0
0xffff998000017780 0041 00000000 0x0 0x0
0xffff998000017800 0041 00000000 0x0 0x0
0xffff998000017880 0001 00000000 0x0 0x0
0xffff998000017900 0001 00000000 0x0 0x0
0xffff998000017980 0001 00000000 0x0 0x0
0xffff998000017a00 0001 00000000 0x0 0x0
0xffff998000017a80 0001 00000000 0x0 0x0
0xffff998000017b00 0001 00000000 0x0 0x0
0xffff998000017b80 0001 00000000 0x0 0x0
0xffff998000017c00 0001 00000000 0x0 0x0
0xffff998000017c80 0001 00000000 0x0 0x0
0xffff998000017d00 0001 00000000 0x0 0x0
0xffff998000017d80 0001 00000000 0x0 0x0
0xffff998000017e00 0001 00000000 0x0 0x0
0xffff998000017e80 0001 00000000 0x0 0x0
0xffff998000017f00 0001 00000000 0x0 0x0
0xffff998000017f80 0001 00000000 0x0 0x0
0xffff998000018000 0001 00000000 0x0 0x0
0xffff998000018080 0001 00000000 0x0 0x0
0xffff998000018100 0001 00000000 0x0 0x0
0xffff998000018180 0001 00000000 0x0 0x0
0xffff998000018200 0001 00000000 0x0 0x0
0xffff998000018280 0001 00000000 0x0 0x0
0xffff998000018300 0001 00000000 0x0 0x0
0xffff998000018380 0001 00000000 0x0 0x0
0xffff998000018400 0001 00000000 0x0 0x0
0xffff998000018480 0001 00000000 0x0 0x0
0xffff998000018500 0001 00000000 0x0 0x0
0xffff998000018580 0001 00000000 0x0 0x0
0xffff998000018600 0001 00000000 0x0 0x0
0xffff998000018680 0001 00000000 0x0 0x0
0xffff998000018700 0001 00000000 0x0 0x0
0xffff998000018780 0001 00000000 0x0 0x0
0xffff998000018800 0001 00000000 0x0 0x0
0xffff998000018880 0001 00000000 0x0 0x0
0xffff998000018900 0001 00000000 0x0 0x0
0xffff998000018980 0001 00000000 0x0 0x0
0xffff998000018a00 0001 00000000 0x0 0x0
0xffff998000018a80 0001 00000000 0x0 0x0
0xffff998000018b00 0001 00000000 0x0 0x0
0xffff998000018b80 0001 00000000 0x0 0x0
0xffff998000018c00 0001 00000000 0x0 0x0
0xffff998000018c80 0001 00000000 0x0 0x0
0xffff998000018d00 0001 00000000 0x0 0x0
0xffff998000018d80 0001 00000000 0x0 0x0
0xffff998000018e00 0001 00000000 0x0 0x0
0xffff998000018e80 0001 00000000 0x0 0x0
0xffff998000018f00 0001 00000000 0x0 0x0
0xffff998000018f80 0001 00000000 0x0 0x0
0xffff998000019000 0001 00000000 0x0 0x0
0xffff998000019080 0001 00000000 0x0 0x0
0xffff998000019100 0001 00000000 0x0 0x0
0xffff998000019180 0001 00000000 0x0 0x0
0xffff998000019200 0001 00000000 0x0 0x0
0xffff998000019280 0001 00000000 0x0 0x0
0xffff998000019300 0001 00000000 0x0 0x0
0xffff998000019380 0041 00000000 0x0 0x0
0xffff998000019400 0041 00000000 0x0 0x0
0xffff998000019480 0041 00000000 0x0 0x0
0xffff998000019500 0041 00000000 0x0 0x0
0xffff998000019580 0041 00000000 0x0 0x0
0xffff998000019600 0045 00000000 0x0 0x0
0xffff998000019680 0045 00000000 0x0 0x0
0xffff998000019700 0041 00000000 0x0 0x0
0xffff998000019780 0041 00000000 0x0 0x0
0xffff998000019800 0041 00000000 0x0 0x0
0xffff998000019880 0041 00000000 0x0 0x0
0xffff998000019900 0041 00000000 0x0 0x0
0xffff998000019980 0041 00000000 0x0 0x0
0xffff998000019a00 0045 00000000 0x0 0x0
0xffff998000019a80 0045 00000000 0x0 0x0
0xffff998000019b00 0041 00000000 0x0 0x0
0xffff998000019b80 0041 00000000 0x0 0x0
0xffff998000019c00 0041 00000000 0x0 0x0
0xffff998000019c80 0041 00000000 0x0 0x0
0xffff998000019d00 0041 00000000 0x0 0x0
0xffff998000019d80 0045 00000000 0x0 0x0
0xffff998000019e00 0045 00000000 0x0 0x0
0xffff998000019e80 0045 00000000 0x0 0x0
0xffff998000019f00 0041 00000000 0x0 0x0
0xffff998000019f80 0045 00000000 0x0 0x0
0xffff99800001a000 0041 00000000 0x0 0x0
0xffff99800001a080 0041 00000000 0x0 0x0
0xffff99800001a100 0041 00000000 0x0 0x0
0xffff99800001a180 0045 00000000 0x0 0x0
0xffff99800001a200 0045 00000000 0x0 0x0
0xffff99800001a280 0045 00000000 0x0 0x0
0xffff99800001a300 0041 00000000 0x0 0x0
0xffff99800001a380 0045 00000000 0x0 0x0
0xffff99800001a400 0041 00000000 0x0 0x0
0xffff99800001a480 0041 00000000 0x0 0x0
0xffff99800001a500 0041 00000000 0x0 0x0
0xffff99800001a580 0045 00000000 0x0 0x0
0xffff99800001a600 0045 00000000 0x0 0x0
0xffff99800001a680 0045 00000000 0x0 0x0
0xffff99800001a700 0045 00000000 0x0 0x0
0xffff99800001a780 0045 00000000 0x0 0x0
0xffff99800001a800 0041 00000000 0x0 0x0
0xffff99800001a880 0001 00000000 0x0 0x0
0xffff99800001a900 0001 00000000 0x0 0x0
0xffff99800001a980 0001 00000000 0x0 0x0
0xffff99800001aa00 0001 00000000 0x0 0x0
0xffff99800001aa80 0001 00000000 0x0 0x0
0xffff99800001ab00 0001 00000000 0x0 0x0
0xffff99800001ab80 0001 00000000 0x0 0x0
0xffff99800001ac00 0001 00000000 0x0 0x0
0xffff99800001ac80 0001 00000000 0x0 0x0
0xffff99800001ad00 0001 00000000 0x0 0x0
0xffff99800001ad80 0001 00000000 0x0 0x0
0xffff99800001ae00 0001 00000000 0x0 0x0
0xffff99800001ae80 0001 00000000 0x0 0x0
0xffff99800001af00 0001 00000000 0x0 0x0
0xffff99800001af80 0001 00000000 0x0 0x0
0xffff99800001b000 0001 00000000 0x0 0x0
0xffff99800001b080 0001 00000000 0x0 0x0
0xffff99800001b100 0001 00000000 0x0 0x0
0xffff99800001b180 0001 00000000 0x0 0x0
0xffff99800001b200 0001 00000000 0x0 0x0
0xffff99800001b280 0001 00000000 0x0 0x0
0xffff99800001b300 0001 00000000 0x0 0x0
0xffff99800001b380 0001 00000000 0x0 0x0
0xffff99800001b400 0001 00000000 0x0 0x0
0xffff99800001b480 0001 00000000 0x0 0x0
0xffff99800001b500 0001 00000000 0x0 0x0
0xffff99800001b580 0001 00000000 0x0 0x0
0xffff99800001b600 0001 00000000 0x0 0x0
0xffff99800001b680 0001 00000000 0x0 0x0
0xffff99800001b700 0001 00000000 0x0 0x0
0xffff9980000
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 805fb82e Limit MA10-ST0's quirk only for on-chip devices.
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15b7bbe5900000
kernel config: https://syzkaller.appspot.com/x/.config?x=1420f906d33d9f1f
dashboard link: https://syzkaller.appspot.com/bug?extid=2258ba48e5662df5df59
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1390f669900000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=106eff41900000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2258ba...@syzkaller.appspotmail.com
[ 53.2424424] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/if_tun.c:948:20, member access within null pointer of type 'struct mbuf'
[ 53.2632717] cpu0: Begin traceback...
[ 53.2924147] vpanic() at netbsd:vpanic+0x2d3 sys/kern/subr_prf.c:290
[ 53.3724141] isAlreadyReported() at netbsd:isAlreadyReported
[ 53.4524152] HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0x14e
[ 53.5224152] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
[ 53.6124176] tunwrite() at netbsd:tunwrite+0xc7e sys/net/if_tun.c:948
[ 53.6824159] cdev_write() at netbsd:cdev_write+0xfc sys/kern/subr_devsw.c:919
[ 53.7624173] spec_write() at netbsd:spec_write+0x26c sys/miscfs/specfs/spec_vnops.c:778
[ 53.8324155] VOP_WRITE() at netbsd:VOP_WRITE+0x138 sys/kern/vnode_if.c:540
[ 53.9124163] vn_write() at netbsd:vn_write+0x308 sys/kern/vfs_vnops.c:612
[ 54.0024167] do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x4a0
[ 54.0724163] sys_writev() at netbsd:sys_writev+0x5e do_filewritev sys/kern/sys_generic.c:381 [inline]
[ 54.0724163] sys_writev() at netbsd:sys_writev+0x5e sys/kern/sys_generic.c:381
[ 54.1524213] sys_syscall() at netbsd:sys_syscall+0x1cf sy_call sys/sys/syscallvar.h:66 [inline]
[ 54.1524213] sys_syscall() at netbsd:sys_syscall+0x1cf sys/kern/sys_syscall.c:77
[ 54.2324179] syscall() at netbsd:syscall+0x2d5 sy_call sys/sys/syscallvar.h:65 [inline]
[ 54.2324179] syscall() at netbsd:syscall+0x2d5 sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 54.2324179] syscall() at netbsd:syscall+0x2d5 sys/arch/x86/x86/syscall.c:138
[ 54.2524193] --- syscall (number 0) ---
[ 54.2724174] netbsd:syscall+0x2d5:
[ 54.2841173] cpu0: End traceback...
[ 54.2841173] fatal breakpoint trap in supervisor mode
[ 54.2932310] trap type 1 code 0 rip 0xffffffff80221a85 cs 0x8 rflags 0x246 cr2 0x7b025a83ed30 ilevel 0 rsp 0xffff9980bf3955d0
[ 54.3043981] curlwp 0xffff89130573aa00 pid 1233.1233 lowest kstack 0xffff9980bf3912c0
Stopped in pid 1233.1233 (syz-executor5939) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x2d3 sys/kern/subr_prf.c:290
isAlreadyReported() at netbsd:isAlreadyReported
HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0x14e
HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
tunwrite() at netbsd:tunwrite+0xc7e sys/net/if_tun.c:948
cdev_write() at netbsd:cdev_write+0xfc sys/kern/subr_devsw.c:919
spec_write() at netbsd:spec_write+0x26c sys/miscfs/specfs/spec_vnops.c:778
VOP_WRITE() at netbsd:VOP_WRITE+0x138 sys/kern/vnode_if.c:540
vn_write() at netbsd:vn_write+0x308 sys/kern/vfs_vnops.c:612
do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x4a0
sys_writev() at netbsd:sys_writev+0x5e do_filewritev sys/kern/sys_generic.c:381 [inline]
sys_writev() at netbsd:sys_writev+0x5e sys/kern/sys_generic.c:381
sys_syscall() at netbsd:sys_syscall+0x1cf sy_call sys/sys/syscallvar.h:66 [inline]
sys_syscall() at netbsd:sys_syscall+0x1cf sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x2d5 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x2d5 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x2d5 sys/arch/x86/x86/syscall.c:138
--- syscall (number 0) ---
netbsd:syscall+0x2d5:
Panic string: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/if_tun.c:948:20, member access within null pointer of type 'struct mbuf'
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
1223 1223 2 0 0 ffff891303e164c0 syz-executor5939
1380 1380 3 0 0 ffff891304bcf600 syz-executor5939 tstile
1217 1217 3 1 40000 ffff89130546d580 syz-executor5939 tstile
1073 1073 3 1 40000 ffff89130573a180 syz-executor5939 tstile
1233 >1233 7 0 40000 ffff89130573aa00 syz-executor5939
1069 1069 2 0 40 ffff8913029e7980 syz-executor5939
1076 >1076 7 1 40 ffff8913029e7540 syz-executor5939
1116 1116 2 1 40 ffff891303e16900 syz-executor5939
1068 1068 2 0 40 ffff891303c72bc0 syz-executor5939
1100 1100 2 1 40 ffff891302ba8240 syz-executor5939
1121 1121 2 0 40 ffff891302a62200 syz-executor5939
1250 1250 3 1 40080 ffff8913029e7100 syz-executor5939 nanoslp
991 991 3 1 80 ffff891304c84940 sshd select
850 850 3 1 80 ffff891304c840c0 getty nanoslp
1088 1088 3 1 80 ffff891304c84500 getty nanoslp
696 696 3 0 80 ffff891302a62640 getty nanoslp
1090 1090 3 1 c0 ffff8913026765c0 getty ttyraw
942 942 3 1 80 ffff891303fe18c0 sshd select
979 979 3 1 80 ffff891303fe1040 powerd kqueue
734 734 3 0 80 ffff891302ba8680 syslogd kqueue
592 592 3 1 80 ffff891303c72780 dhcpcd poll
590 590 3 0 80 ffff891302f21280 dhcpcd poll
589 589 3 0 80 ffff891302d962c0 dhcpcd poll
546 546 3 0 80 ffff8913030c7b80 dhcpcd poll
347 347 3 0 80 ffff8913030c7300 dhcpcd poll
346 346 3 0 80 ffff891302d96b40 dhcpcd poll
345 345 3 1 80 ffff891302f216c0 dhcpcd poll
1 1 3 1 80 ffff8912fa49d900 init wait
0 853 3 0 200 ffff891302676a00 physiod physiod
0 166 3 0 200 ffff8913026f6a40 pooldrain pooldrain
0 165 2 0 240 ffff8913026f6600 ioflush
0 164 3 1 200 ffff8913026f61c0 pgdaemon pgdaemon
0 161 3 0 200 ffff891302676180 usb7 usbevt
0 31 3 0 200 ffff8912ff5e19c0 usb6 usbevt
0 63 3 1 200 ffff8912ff5e1580 usb5 usbevt
0 126 3 1 200 ffff8912ff5e1140 usb4 usbevt
0 125 3 1 200 ffff8912fc57c980 usb3 usbevt
0 124 3 0 200 ffff8912fc57c540 usb2 usbevt
0 123 3 1 200 ffff8912fc57c100 usb1 usbevt
0 122 3 1 200 ffff8912fa4d7940 usb0 usbevt
0 121 3 1 200 ffff8912fa4d7500 usbtask-dr usbtsk
0 120 3 0 200 ffff8912f795aac0 usbtask-hc usbtsk
0 119 3 0 200 ffff8912fa4d70c0 npfgc0 npfgcw
0 118 3 1 200 ffff8912fa49d4c0 rt_free rt_free
0 117 3 1 200 ffff8912fa49d080 unpgc unpgc
0 116 3 1 200 ffff8912fa4b08c0 key_timehandler key_timehandler
0 115 3 1 200 ffff8912fa4b0480 icmp6_wqinput/1 icmp6_wqinput
0 114 3 0 200 ffff8912fa4b0040 icmp6_wqinput/0 icmp6_wqinput
0 113 2 0 200 ffff8912fa453bc0 nd6_timer
0 112 3 1 200 ffff8912fa453780 carp6_wqinput/1 carp6_wqinput
0 111 3 0 200 ffff8912fa453340 carp6_wqinput/0 carp6_wqinput
0 110 3 1 200 ffff8912fa409700 carp_wqinput/1 carp_wqinput
0 109 3 0 200 ffff8912fa4092c0 carp_wqinput/0 carp_wqinput
0 108 3 1 200 ffff8912fa426b80 icmp_wqinput/1 icmp_wqinput
0 107 3 0 200 ffff8912fa426740 icmp_wqinput/0 icmp_wqinput
0 106 2 0 200 ffff8912fa426300 rt_timer
0 105 3 0 200 ffff8912fa409b40 vmem_rehash vmem_rehash
0 104 3 0 200 ffff8912f9da8b00 entbutler entropy
0 30 3 1 200 ffff8912f9da86c0 vioif0_txrx/1 vioif0_txrx
0 29 3 0 200 ffff8912f9da8280 vioif0_txrx/0 vioif0_txrx
0 27 3 0 200 ffff8912f795a680 scsibus0 sccomp
0 26 3 0 200 ffff8912f795a240 pms0 pmsreset
0 25 3 1 200 ffff8912f788ca80 xcall/1 xcall
0 24 1 1 200 ffff8912f788c640 softser/1
0 23 1 1 200 ffff8912f788c200 softclk/1
0 22 1 1 200 ffff8912f7857a40 softbio/1
0 21 1 1 200 ffff8912f7857600 softnet/1
0 20 1 1 201 ffff8912f78571c0 idle/1
0 19 3 0 200 ffff89140778fa00 lnxpwrwq lnxpwrwq
0 18 3 0 200 ffff89140778f5c0 lnxlngwq lnxlngwq
0 17 3 0 200 ffff89140778f180 lnxsyswq lnxsyswq
0 16 3 0 200 ffff8914077a09c0 lnxrcugc lnxrcugc
0 15 3 0 200 ffff8914077a0580 sysmon smtaskq
0 14 3 0 200 ffff8914077a0140 pmfsuspend pmfsuspend
0 13 3 0 200 ffff8914077bb980 pmfevent pmfevent
0 12 3 0 200 ffff8914077bb540 sopendfree sopendfr
0 11 3 1 200 ffff8914077bb100 iflnkst iflnkst
0 10 3 0 200 ffff8914087dc940 nfssilly nfssilly
0 9 3 0 200 ffff8914087dc500 vdrain vdrain
0 8 3 0 200 ffff8914087dc0c0 modunload mod_unld
0 7 3 0 200 ffff891408815900 xcall/0 xcall
0 6 1 0 200 ffff8914088154c0 softser/0
0 5 1 0 200 ffff891408815080 softclk/0
0 4 1 0 200 ffff89140883f8c0 softbio/0
0 3 1 0 200 ffff89140883f480 softnet/0
0 2 1 0 201 ffff89140883f040 idle/0
0 0 2 0 240 ffffffff85cc96c0 swapper
[Locks tracked through LWPs]
****** LWP 1223.1223 (syz-executor5939) @ 0xffff891303e164c0, l_stat=2
*** Locks held:
* Lock 0 (initialized at pmap_ctor)
lock address : 0xffff891302ed7b80 type : sleep/adaptive
initialized : 0xffffffff80f2dea3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891303e164c0 last held: 0xffff891303e164c0
last locked* : 0xffffffff80f30557 unlocked : 0xffffffff80f2dbe6
owner field : 0xffff891303e164c0 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 1380.1380 (syz-executor5939) @ 0xffff891304bcf600, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff891304f36d80 type : sleep/adaptive
initialized : 0xffffffff830a032c
shared holds : 1 exclusive: 0
shares wanted: 0 exclusive: 2
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891304bcf600 last held: 0xffff8913029e7980
last locked : 0xffffffff830e751e unlocked*: 0xffffffff830d6c3a
owner/count : 0x0000000000000020 flags : 0x0000000000000003
Turnstile:
=> 0 waiting readers:
=> 3 waiting writers: 0xffff89130573a180 0xffff891304bcf600 0xffff89130546d580
****** LWP 1217.1217 (syz-executor5939) @ 0xffff89130546d580, l_stat=3
*** Locks held:
* Lock 0 (initialized at fork1)
lock address : 0xffff891305485dd0 type : sleep/adaptive
initialized : 0xffffffff831b8bb0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff89130546d580 last held: 0xffff89130546d580
last locked* : 0xffffffff831b0e5b unlocked : 000000000000000000
owner/count : 0xffff89130546d580 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff891304f36a00 type : sleep/adaptive
initialized : 0xffffffff830a032c
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 1 last held: 1
relevant lwp : 0xffff89130546d580 last held: 000000000000000000
last locked : 0xffffffff830c3cec unlocked*: 0xffffffff830c0228
owner/count : 000000000000000000 flags : 000000000000000000
Turnstile: no active turnstile for this lock.
****** LWP 1073.1073 (syz-executor5939) @ 0xffff89130573a180, l_stat=3
*** Locks held:
* Lock 0 (initialized at fork1)
lock address : 0xffff891305b99390 type : sleep/adaptive
initialized : 0xffffffff831b8bb0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff89130573a180 last held: 0xffff89130573a180
last locked* : 0xffffffff831b0e5b unlocked : 000000000000000000
owner/count : 0xffff89130573a180 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff891304f36d80 type : sleep/adaptive
initialized : 0xffffffff830a032c
shared holds : 1 exclusive: 0
shares wanted: 0 exclusive: 2
relevant cpu : 1 last held: 0
relevant lwp : 0xffff89130573a180 last held: 0xffff8913029e7980
last locked : 0xffffffff830e751e unlocked*: 0xffffffff830d6c3a
owner/count : 0x0000000000000020 flags : 0x0000000000000003
Turnstile:
=> 0 waiting readers:
=> 3 waiting writers: 0xffff89130573a180 0xffff891304bcf600 0xffff89130546d580
****** LWP 1069.1069 (syz-executor5939) @ 0xffff8913029e7980, l_stat=2
*** Locks held:
* Lock 0 (initialized at uvm_map_setup)
lock address : 0xffff8912fa4e0460 type : sleep/adaptive
initialized : 0xffffffff830e6ecc
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8913029e7980 last held: 0xffff8913029e7980
last locked* : 0xffffffff830d9291 unlocked : 0xffffffff830c0247
owner/count : 0xffff8913029e7980 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted:
* Lock 0 (initialized at pmap_ctor)
lock address : 0xffff891302d20980 type : sleep/adaptive
initialized : 0xffffffff80f2dea3
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8913029e7980 last held: 000000000000000000
last locked : 0xffffffff80f30557 unlocked*: 0xffffffff80f30c4c
owner field : 0xffff8913029e7980 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 590.590 (dhcpcd) @ 0xffff891302f21280, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891302f21280 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 589.589 (dhcpcd) @ 0xffff891302d962c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891302d962c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 346.346 (dhcpcd) @ 0xffff891302d96b40, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891302d96b40 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 345.345 (dhcpcd) @ 0xffff891302f216c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffff891302f216c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.11 (iflnkst) @ 0xffff8914077bb100, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xffff8914077bb100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.5 (softclk/0) @ 0xffff891408815080, l_stat=1
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff860cc2c0 type : sleep/adaptive
initialized : 0xffffffff831ed180
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff891408815080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
[Locks tracked through CPUs]
PAGE FLAG PQ UOBJECT UANON
0xffff998000007180 0045 00000000 0x0 0x0
0xffff998000007200 0045 00000000 0x0 0x0
0xffff998000007280 0045 00000000 0x0 0x0
0xffff998000007300 0045 00000000 0x0 0x0
0xffff998000007380 0045 00000000 0x0 0x0
0xffff998000007400 0045 00000000 0x0 0x0
0xffff998000007480 0045 00000000 0x0 0x0
0xffff998000007500 0045 00000000 0x0 0x0
0xffff998000007580 0041 00000000 0x0 0x0
0xffff998000007600 0041 00000000 0x0 0x0
0xffff998000007680 0041 00000000 0x0 0x0
0xffff998000007700 0045 00000000 0x0 0x0
0xffff998000007780 0045 00000000 0x0 0x0
0xffff998000007800 0045 00000000 0x0 0x0
0xffff998000007880 0041 00000000 0x0 0x0
0xffff998000007900 0041 00000000 0x0 0x0
0xffff998000007980 0041 00000000 0x0 0x0
0xffff998000007a00 0041 00000000 0x0 0x0
0xffff998000007a80 0041 00000000 0x0 0x0
0xffff998000007b00 0041 00000000 0x0 0x0
0xffff998000007b80 0041 00000000 0x0 0x0
0xffff998000007c00 0041 00000000 0x0 0x0
0xffff998000007c80 0041 00000000 0x0 0x0
0xffff998000007d00 0041 00000000 0x0 0x0
0xffff998000007d80 0041 00000000 0x0 0x0
0xffff998000007e00 0041 00000000 0x0 0x0
0xffff998000007e80 0041 00000000 0x0 0x0
0xffff998000007f00 0041 00000000 0x0 0x0
0xffff998000007f80 0041 00000000 0x0 0x0
0xffff998000008000 0041 00000000 0x0 0x0
0xffff998000008080 0041 00000000 0x0 0x0
0xffff998000008100 0041 00000000 0x0 0x0
0xffff998000008180 0041 00000000 0x0 0x0
0xffff998000008200 0041 00000000 0x0 0x0
0xffff998000008280 0041 00000000 0x0 0x0
0xffff998000008300 0041 00000000 0x0 0x0
0xffff998000008380 0041 00000000 0x0 0x0
0xffff998000008400 0041 00000000 0x0 0x0
0xffff998000008480 0041 00000000 0x0 0x0
0xffff998000008500 0041 00000000 0x0 0x0
0xffff998000008580 0041 00000000 0x0 0x0
0xffff998000008600 0041 00000000 0x0 0x0
0xffff998000008680 0045 00000000 0x0 0x0
0xffff998000008700 0041 00000000 0x0 0x0
0xffff998000008780 0041 00000000 0x0 0x0
0xffff998000008800 0041 00000000 0x0 0x0
0xffff998000008880 0041 00000000 0x0 0x0
0xffff998000008900 0041 00000000 0x0 0x0
0xffff998000008980 0041 00000000 0x0 0x0
0xffff998000008a00 0041 00000000 0x0 0x0
0xffff998000008a80 0041 00000000 0x0 0x0
0xffff998000008b00 0041 00000000 0x0 0x0
0xffff998000008b80 0041 00000000 0x0 0x0
0xffff998000008c00 0041 00000000 0x0 0x0
0xffff998000008c80 0041 00000000 0x0 0x0
0xffff998000008d00 0041 00000000 0x0 0x0
0xffff998000008d80 0041 00000000 0x0 0x0
0xffff998000008e00 0041 00000000 0x0 0x0
0xffff998000008e80 0041 00000000 0x0 0x0
0xffff998000008f00 0045 00000000 0x0 0x0
0xffff998000008f80 0041 00000000 0x0 0x0
0xffff998000009000 0041 00000000 0x0 0x0
0xffff998000009080 0041 00000000 0x0 0x0
0xffff998000009100 0041 00000000 0x0 0x0
0xffff998000009180 0041 00000000 0x0 0x0
0xffff998000009200 0041 00000000 0x0 0x0
0xffff998000009280 0041 00000000 0x0 0x0
0xffff998000009300 0041 00000000 0x0 0x0
0xffff998000009380 0041 00000000 0x0 0x0
0xffff998000009400 0041 00000000 0x0 0x0
0xffff998000009480 0041 00000000 0x0 0x0
0xffff998000009500 0041 00000000 0x0 0x0
0xffff998000009580 0045 00000000 0x0 0x0
0xffff998000009600 0041 00000000 0x0 0x0
0xffff998000009680 0041 00000000 0x0 0x0
0xffff998000009700 0041 00000000 0x0 0x0
0xffff998000009780 0041 00000000 0x0 0x0
0xffff998000009800 0041 00000000 0x0 0x0
0xffff998000009880 0041 00000000 0x0 0x0
0xffff998000009900 0041 00000000 0x0 0x0
0xffff998000009980 0041 00000000 0x0 0x0
0xffff998000009a00 0041 00000000 0x0 0x0
0xffff998000009a80 0041 00000000 0x0 0x0
0xffff998000009b00 0041 00000000 0x0 0x0
0xffff998000009b80 0041 00000000 0x0 0x0
0xffff998000009c00 0041 00000000 0x0 0x0
0xffff998000009c80 0041 00000000 0x0 0x0
0xffff998000009d00 0041 00000000 0x0 0x0
0xffff998000009d80 0041 00000000 0x0 0x0
0xffff998000009e00 0041 00000000 0x0 0x0
0xffff998000009e80 0041 00000000 0x0 0x0
0xffff998000009f00 0041 00000000 0x0 0x0
0xffff998000009f80 0041 00000000 0x0 0x0
0xffff99800000a000 0041 00000000 0x0 0x0
0xffff99800000a080 0041 00000000 0x0 0x0
0xffff99800000a100 0045 00000000 0x0 0x0
0xffff99800000a180 0041 00000000 0x0 0x0
0xffff99800000a200 0041 00000000 0x0 0x0
0xffff99800000a280 0041 00000000 0x0 0x0
0xffff99800000a300 0041 00000000 0x0 0x0
0xffff99800000a380 0041 00000000 0x0 0x0
0xffff99800000a400 0041 00000000 0x0 0x0
0xffff99800000a480 0041 00000000 0x0 0x0
0xffff99800000a500 0041 00000000 0x0 0x0
0xffff99800000a580 0041 00000000 0x0 0x0
0xffff99800000a600 0041 00000000 0x0 0x0
0xffff99800000a680 0041 00000000 0x0 0x0
0xffff99800000a700 0041 00000000 0x0 0x0
0xffff99800000a780 0041 00000000 0x0 0x0
0xffff99800000a800 0041 00000000 0x0 0x0
0xffff99800000a880 0041 00000000 0x0 0x0
0xffff99800000a900 0041 00000000 0x0 0x0
0xffff99800000a980 0041 00000000 0x0 0x0
0xffff99800000aa00 0045 00000000 0x0 0x0
0xffff99800000aa80 0041 00000000 0x0 0x0
0xffff99800000ab00 0041 00000000 0x0 0x0
0xffff99800000ab80 0041 00000000 0x0 0x0
0xffff99800000ac00 0041 00000000 0x0 0x0
0xffff99800000ac80 0041 00000000 0x0 0x0
0xffff99800000ad00 0041 00000000 0x0 0x0
0xffff99800000ad80 0045 00000000 0x0 0x0
0xffff99800000ae00 0045 00000000 0x0 0x0
0xffff99800000ae80 0045 00000000 0x0 0x0
0xffff99800000af00 0041 00000000 0x0 0x0
0xffff99800000af80 0041 00000000 0x0 0x0
0xffff99800000b000 0041 00000000 0x0 0x0
0xffff99800000b080 0041 00000000 0x0 0x0
0xffff99800000b100 0041 00000000 0x0 0x0
0xffff99800000b180 0045 00000000 0x0 0x0
0xffff99800000b200 0045 00000000 0x0 0x0
0xffff99800000b280 0045 00000000 0x0 0x0
0xffff99800000b300 0041 00000000 0x0 0x0
0xffff99800000b380 0041 00000000 0x0 0x0
0xffff99800000b400 0041 00000000 0x0 0x0
0xffff99800000b480 0041 00000000 0x0 0x0
0xffff99800000b500 0041 00000000 0x0 0x0
0xffff99800000b580 0045 00000000 0x0 0x0
0xffff99800000b600 0045 00000000 0x0 0x0
0xffff99800000b680 0045 00000000 0x0 0x0
0xffff99800000b700 0041 00000000 0x0 0x0
0xffff99800000b780 0045 00000000 0x0 0x0
0xffff99800000b800 0045 00000000 0x0 0x0
0xffff99800000b880 0041 00000000 0x0 0x0
0xffff99800000b900 0045 00000000 0x0 0x0
0xffff99800000b980 0045 00000000 0x0 0x0
0xffff99800000ba00 0045 00000000 0x0 0x0
0xffff99800000ba80 0045 00000000 0x0 0x0
0xffff99800000bb00 0045 00000000 0x0 0x0
0xffff99800000bb80 0045 00000000 0x0 0x0
0xffff99800000bc00 0045 00000000 0x0 0x0
0xffff99800000bc80 0045 00000000 0x0 0x0
0xffff99800000bd00 0045 00000000 0x0 0x0
0xffff99800000bd80 0045 00000000 0x0 0x0
0xffff99800000be00 0041 00000000 0x0 0x0
0xffff99800000be80 0041 00000000 0x0 0x0
0xffff99800000bf00 0045 00000000 0x0 0x0
0xffff99800000bf80 0045 00000000 0x0 0x0
0xffff99800000c000 0045 00000000 0x0 0x0
0xffff99800000c080 0045 00000000 0x0 0x0
0xffff99800000c100 0045 00000000 0x0 0x0
0xffff99800000c180 0041 00000000 0x0 0x0
0xffff99800000c200 0041 00000000 0x0 0x0
0xffff99800000c280 0041 00000000 0x0 0x0
0xffff99800000c300 0045 00000000 0x0 0x0
0xffff99800000c380 0045 00000000 0x0 0x0
0xffff99800000c400 0045 00000000 0x0 0x0
0xffff99800000c480 0045 00000000 0x0 0x0
0xffff99800000c500 0045 00000000 0x0 0x0
0xffff99800000c580 0041 00000000 0x0 0x0
0xffff99800000c600 0041 00000000 0x0 0x0
0xffff99800000c680 0041 00000000 0x0 0x0
0xffff99800000c700 0045 00000000 0x0 0x0
0xffff99800000c780 0041 00000000 0x0 0x0
0xffff99800000c800 0045 00000000 0x0 0x0
0xffff99800000c880 0045 00000000 0x0 0x0
0xffff99800000c900 0045 00000000 0x0 0x0
0xffff99800000c980 0041 00000000 0x0 0x0
0xffff99800000ca00 0041 00000000 0x0 0x0
0xffff99800000ca80 0041 00000000 0x0 0x0
0xffff99800000cb00 0041 00000000 0x0 0x0
0xffff99800000cb80 0041 00000000 0x0 0x0
0xffff99800000cc00 0041 00000000 0x0 0x0
0xffff99800000cc80 0045 00000000 0x0 0x0
0xffff99800000cd00 0041 00000000 0x0 0x0
0xffff99800000cd80 0041 00000000 0x0 0x0
0xffff99800000ce00 0041 00000000 0x0 0x0
0xffff99800000ce80 0041 00000000 0x0 0x0
0xffff99800000cf00 0041 00000000 0x0 0x0
0xffff99800000cf80 0041 00000000 0x0 0x0
0xffff99800000d000 0041 00000000 0x0 0x0
0xffff99800000d080 0041 00000000 0x0 0x0
0xffff99800000d100 0041 00000000 0x0 0x0
0xffff99800000d180 0041 00000000 0x0 0x0
0xffff99800000d200 0045 00000000 0x0 0x0
0xffff99800000d280 0045 00000000 0x0 0x0
0xffff99800000d300 0041 00000000 0x0 0x0
0xffff99800000d380 0045 00000000 0x0 0x0
0xffff99800000d400 0041 00000000 0x0 0x0
0xffff99800000d480 0041 00000000 0x0 0x0
0xffff99800000d500 0041 00000000 0x0 0x0
0xffff99800000d580 0045 00000000 0x0 0x0
0xffff99800000d600 0041 00000000 0x0 0x0
0xffff99800000d680 0041 00000000 0x0 0x0
0xffff99800000d700 0045 00000000 0x0 0x0
0xffff99800000d780 0041 00000000 0x0 0x0
0xffff99800000d800 0045 00000000 0x0 0x0
0xffff99800000d880 0041 00000000 0x0 0x0
0xffff99800000d900 0041 00000000 0x0 0x0
0xffff99800000d980 0045 00000000 0x0 0x0
0xffff99800000da00 0041 00000000 0x0 0x0
0xffff99800000da80 0041 00000000 0x0 0x0
0xffff99800000db00 0041 00000000 0x0 0x0
0xffff99800000db80 0045 00000000 0x0 0x0
0xffff99800000dc00 0041 00000000 0x0 0x0
0xffff99800000dc80 0041 00000000 0x0 0x0
0xffff99800000dd00 0045 00000000 0x0 0x0
0xffff99800000dd80 0041 00000000 0x0 0x0
0xffff99800000de00 0041 00000000 0x0 0x0
0xffff99800000de80 0041 00000000 0x0 0x0
0xffff99800000df00 0041 00000000 0x0 0x0
0xffff99800000df80 0045 00000000 0x0 0x0
0xffff99800000e000 0045 00000000 0x0 0x0
0xffff99800000e080 0045 00000000 0x0 0x0
0xffff99800000e100 0045 00000000 0x0 0x0
0xffff99800000e180 0041 00000000 0x0 0x0
0xffff99800000e200 0041 00000000 0x0 0x0
0xffff99800000e280 0041 00000000 0x0 0x0
0xffff99800000e300 0045 00000000 0x0 0x0
0xffff99800000e380 0045 00000000 0x0 0x0
0xffff99800000e400 0045 00000000 0x0 0x0
0xffff99800000e480 0045 00000000 0x0 0x0
0xffff99800000e500 0041 00000000 0x0 0x0
0xffff99800000e580 0041 00000000 0x0 0x0
0xffff99800000e600 0041 00000000 0x0 0x0
0xffff99800000e680 0041 00000000 0x0 0x0
0xffff99800000e700 0041 00000000 0x0 0x0
0xffff99800000e780 0041 00000000 0x0 0x0
0xffff99800000e800 0045 00000000 0x0 0x0
0xffff99800000e880 0045 00000000 0x0 0x0
0xffff99800000e900 0041 00000000 0x0 0x0
0xffff99800000e980 0041 00000000 0x0 0x0
0xffff99800000ea00 0041 00000000 0x0 0x0
0xffff99800000ea80 0041 00000000 0x0 0x0
0xffff99800000eb00 0045 00000000 0x0 0x0
0xffff99800000eb80 0041 00000000 0x0 0x0
0xffff99800000ec00 0041 00000000 0x0 0x0
0xffff99800000ec80 0041 00000000 0x0 0x0
0xffff99800000ed00 0045 00000000 0x0 0x0
0xffff99800000ed80 0041 00000000 0x0 0x0
0xffff99800000ee00 0041 00000000 0x0 0x0
0xffff99800000ee80 0041 00000000 0x0 0x0
0xffff99800000ef00 0041 00000000 0x0 0x0
0xffff99800000ef80 0041 00000000 0x0 0x0
0xffff99800000f000 0045 00000000 0x0 0x0
0xffff99800000f080 0045 00000000 0x0 0x0
0xffff99800000f100 0041 00000000 0x0 0x0
0xffff99800000f180 0041 00000000 0x0 0x0
0xffff99800000f200 0041 00000000 0x0 0x0
0xffff99800000f280 0045 00000000 0x0 0x0
0xffff99800000f300 0041 00000000 0x0 0x0
0xffff99800000f380 0041 00000000 0x0 0x0
0xffff99800000f400 0041 00000000 0x0 0x0
0xffff99800000f480 0041 00000000 0x0 0x0
0xffff99800000f500 0041 00000000 0x0 0x0
0xffff99800000f580 0041 00000000 0x0 0x0
0xffff99800000f600 0045 00000000 0x0 0x0
0xffff99800000f680 0041 00000000 0x0 0x0
0xffff99800000f700 0041 00000000 0x0 0x0
0xffff99800000f780 0041 00000000 0x0 0x0
0xffff99800000f800 0041 00000000 0x0 0x0
0xffff99800000f880 0041 00000000 0x0 0x0
0xffff99800000f900 0041 00000000 0x0 0x0
0xffff99800000f980 0041 00000000 0x0 0x0
0xffff99800000fa00 0041 00000000 0x0 0x0
0xffff99800000fa80 0041 00000000 0x0 0x0
0xffff99800000fb00 0041 00000000 0x0 0x0
0xffff99800000fb80 0045 00000000 0x0 0x0
0xffff99800000fc00 0041 00000000 0x0 0x0
0xffff99800000fc80 0041 00000000 0x0 0x0
0xffff99800000fd00 0041 00000000 0x0 0x0
0xffff99800000fd80 0045 00000000 0x0 0x0
0xffff99800000fe00 0041 00000000 0x0 0x0
0xffff99800000fe80 0041 00000000 0x0 0x0
0xffff99800000ff00 0041 00000000 0x0 0x0
0xffff99800000ff80 0041 00000000 0x0 0x0
0xffff998000010000 0041 00000000 0x0 0x0
0xffff998000010080 0041 00000000 0x0 0x0
0xffff998000010100 0041 00000000 0x0 0x0
0xffff998000010180 0041 00000000 0x0 0x0
0xffff998000010200 0041 00000000 0x0 0x0
0xffff998000010280 0041 00000000 0x0 0x0
0xffff998000010300 0041 00000000 0x0 0x0
0xffff998000010380 0041 00000000 0x0 0x0
0xffff998000010400 0041 00000000 0x0 0x0
0xffff998000010480 0041 00000000 0x0 0x0
0xffff998000010500 0041 00000000 0x0 0x0
0xffff998000010580 0041 00000000 0x0 0x0
0xffff998000010600 0041 00000000 0x0 0x0
0xffff998000010680 0041 00000000 0x0 0x0
0xffff998000010700 0045 00000000 0x0 0x0
0xffff998000010780 0041 00000000 0x0 0x0
0xffff998000010800 0045 00000000 0x0 0x0
0xffff998000010880 0041 00000000 0x0 0x0
0xffff998000010900 0045 00000000 0x0 0x0
0xffff998000010980 0041 00000000 0x0 0x0
0xffff998000010a00 0041 00000000 0x0 0x0
0xffff998000010a80 0041 00000000 0x0 0x0
0xffff998000010b00 0041 00000000 0x0 0x0
0xffff998000010b80 0045 00000000 0x0 0x0
0xffff998000010c00 0041 00000000 0x0 0x0
0xffff998000010c80 0041 00000000 0x0 0x0
0xffff998000010d00 0041 00000000 0x0 0x0
0xffff998000010d80 0041 00000000 0x0 0x0
0xffff998000010e00 0041 00000000 0x0 0x0
0xffff998000010e80 0041 00000000 0x0 0x0
0xffff998000010f00 0041 00000000 0x0 0x0
0xffff998000010f80 0041 00000000 0x0 0x0
0xffff998000011000 0041 00000000 0x0 0x0
0xffff998000011080 0041 00000000 0x0 0x0
0xffff998000011100 0041 00000000 0x0 0x0
0xffff998000011180 0041 00000000 0x0 0x0
0xffff998000011200 0041 00000000 0x0 0x0
0xffff998000011280 0041 00000000 0x0 0x0
0xffff998000011300 0041 00000000 0x0 0x0
0xffff998000011380 0041 00000000 0x0 0x0
0xffff998000011400 0041 00000000 0x0 0x0
0xffff998000011480 0001 00000000 0x0 0x0
0xffff998000011500 0001 00000000 0x0 0x0
0xffff998000011580 0001 00000000 0x0 0x0
0xffff998000011600 0001 00000000 0x0 0x0
0xffff998000011680 0001 00000000 0x0 0x0
0xffff998000011700 0001 00000000 0x0 0x0
0xffff998000011780 0001 00000000 0x0 0x0
0xffff998000011800 0001 00000000 0x0 0x0
0xffff998000011880 0001 00000000 0x0 0x0
0xffff998000011900 0001 00000000 0x0 0x0
0xffff998000011980 0001 00000000 0x0 0x0
0xffff998000011a00 0001 00000000 0x0 0x0
0xffff998000011a80 0001 00000000 0x0 0x0
0xffff998000011b00 0001 00000000 0x0 0x0
0xffff998000011b80 0001 00000000 0x0 0x0
0xffff998000011c00 0001 00000000 0x0 0x0
0xffff998000011c80 0001 00000000 0x0 0x0
0xffff998000011d00 0001 00000000 0x0 0x0
0xffff998000011d80 0001 00000000 0x0 0x0
0xffff998000011e00 0001 00000000 0x0 0x0
0xffff998000011e80 0001 00000000 0x0 0x0
0xffff998000011f00 0001 00000000 0x0 0x0
0xffff998000011f80 0001 00000000 0x0 0x0
0xffff998000012000 0001 00000000 0x0 0x0
0xffff998000012080 0001 00000000 0x0 0x0
0xffff998000012100 0001 00000000 0x0 0x0
0xffff998000012180 0001 00000000 0x0 0x0
0xffff998000012200 0001 00000000 0x0 0x0
0xffff998000012280 0001 00000000 0x0 0x0
0xffff998000012300 0001 00000000 0x0 0x0
0xffff998000012380 0001 00000000 0x0 0x0
0xffff998000012400 0001 00000000 0x0 0x0
0xffff998000012480 0001 00000000 0x0 0x0
0xffff998000012500 0001 00000000 0x0 0x0
0xffff998000012580 0001 00000000 0x0 0x0
0xffff998000012600 0001 00000000 0x0 0x0
0xffff998000012680 0001 00000000 0x0 0x0
0xffff998000012700 0001 00000000 0x0 0x0
0xffff998000012780 0001 00000000 0x0 0x0
0xffff998000012800 0001 00000000 0x0 0x0
0xffff998000012880 0001 00000000 0x0 0x0
0xffff998000012900 0001 00000000 0x0 0x0
0xffff998000012980 0001 00000000 0x0 0x0
0xffff998000012a00 0001 00000000 0x0 0x0
0xffff998000012a80 0001 00000000 0x0 0x0
0xffff998000012b00 0001 00000000 0x0 0x0
0xffff998000012b80 0001 00000000 0x0 0x0
0xffff998000012c00 0001 00000000 0x0 0x0
0xffff998000012c80 0001 00000000 0x0 0x0
0xffff998000012d00 0001 00000000 0x0 0x0
0xffff998000012d80 0001 00000000 0x0 0x0
0xffff998000012e00 0001 00000000 0x0 0x0
0xffff998000012e80 0001 00000000 0x0 0x0
0xffff998000012f00 0001 00000000 0x0 0x0
0xffff998000012f80 0041 00000000 0x0 0x0
0xffff998000013000 0045 00000000 0x0 0x0
0xffff998000013080 0041 00000000 0x0 0x0
0xffff998000013100 0041 00000000 0x0 0x0
0xffff998000013180 0041 00000000 0x0 0x0
0xffff998000013200 0041 00000000 0x0 0x0
0xffff998000013280 0041 00000000 0x0 0x0
0xffff998000013300 0041 00000000 0x0 0x0
0xffff998000013380 0041 00000000 0x0 0x0
0xffff998000013400 0041 00000000 0x0 0x0
0xffff998000013480 0041 00000000 0x0 0x0
0xffff998000013500 0041 00000000 0x0 0x0
0xffff998000013580 0041 00000000 0x0 0x0
0xffff998000013600 0041 00000000 0x0 0x0
0xffff998000013680 0041 00000000 0x0 0x0
0xffff998000013700 0041 00000000 0x0 0x0
0xffff998000013780 0041 00000000 0x0 0x0
0xffff998000013800 0041 00000000 0x0 0x0
0xffff998000013880 0041 00000000 0x0 0x0
0xffff998000013900 0041 00000000 0x0 0x0
0xffff998000013980 0041 00000000 0x0 0x0
0xffff998000013a00 0041 00000000 0x0 0x0
0xffff998000013a80 0041 00000000 0x0 0x0
0xffff998000013b00 0041 00000000 0x0 0x0
0xffff998000013b80 0041 00000000 0x0 0x0
0xffff998000013c00 0041 00000000 0x0 0x0
0xffff998000013c80 0041 00000000 0x0 0x0
0xffff998000013d00 0041 00000000 0x0 0x0
0xffff998000013d80 0041 00000000 0x0 0x0
0xffff998000013e00 0041 00000000 0x0 0x0
0xffff998000013e80 0041 00000000 0x0 0x0
0xffff998000013f00 0041 00000000 0x0 0x0
0xffff998000013f80 0041 00000000 0x0 0x0
0xffff998000014000 0041 00000000 0x0 0x0
0xffff998000014080 0041 00000000 0x0 0x0
0xffff998000014100 0041 00000000 0x0 0x0
0xffff998000014180 0041 00000000 0x0 0x0
0xffff998000014200 0041 00000000 0x0 0x0
0xffff998000014280 0041 00000000 0x0 0x0
0xffff998000014300 0041 00000000 0x0 0x0
0xffff998000014380 0041 00000000 0x0 0x0
0xffff998000014400 0041 00000000 0x0 0x0
0xffff998000014480 0041 00000000 0x0 0x0
0xffff998000014500 0041 00000000 0x0 0x0
0xffff998000014580 0041 00000000 0x0 0x0
0xffff998000014600 0041 00000000 0x0 0x0
0xffff998000014680 0041 00000000 0x0 0x0
0xffff998000014700 0041 00000000 0x0 0x0
0xffff998000014780 0041 00000000 0x0 0x0
0xffff998000014800 0041 00000000 0x0 0x0
0xffff998000014880 0001 00000000 0x0 0x0
0xffff998000014900 0001 00000000 0x0 0x0
0xffff998000014980 0001 00000000 0x0 0x0
0xffff998000014a00 0001 00000000 0x0 0x0
0xffff998000014a80 0001 00000000 0x0 0x0
0xffff998000014b00 0001 00000000 0x0 0x0
0xffff998000014b80 0001 00000000 0x0 0x0
0xffff998000014c00 0001 00000000 0x0 0x0
0xffff998000014c80 0001 00000000 0x0 0x0
0xffff998000014d00 0001 00000000 0x0 0x0
0xffff998000014d80 0001 00000000 0x0 0x0
0xffff998000014e00 0001 00000000 0x0 0x0
0xffff998000014e80 0001 00000000 0x0 0x0
0xffff998000014f00 0001 00000000 0x0 0x0
0xffff998000014f80 0001 00000000 0x0 0x0
0xffff998000015000 0001 00000000 0x0 0x0
0xffff998000015080 0001 00000000 0x0 0x0
0xffff998000015100 0001 00000000 0x0 0x0
0xffff998000015180 0001 00000000 0x0 0x0
0xffff998000015200 0001 00000000 0x0 0x0
0xffff998000015280 0001 00000000 0x0 0x0
0xffff998000015300 0001 00000000 0x0 0x0
0xffff998000015380 0001 00000000 0x0 0x0
0xffff998000015400 0001 00000000 0x0 0x0
0xffff998000015480 0001 00000000 0x0 0x0
0xffff998000015500 0001 00000000 0x0 0x0
0xffff998000015580 0001 00000000 0x0 0x0
0xffff998000015600 0001 00000000 0x0 0x0
0xffff998000015680 0001 00000000 0x0 0x0
0xffff998000015700 0001 00000000 0x0 0x0
0xffff998000015780 0001 00000000 0x0 0x0
0xffff998000015800 0001 00000000 0x0 0x0
0xffff998000015880 0001 00000000 0x0 0x0
0xffff998000015900 0001 00000000 0x0 0x0
0xffff998000015980 0001 00000000 0x0 0x0
0xffff998000015a00 0001 00000000 0x0 0x0
0xffff998000015a80 0001 00000000 0x0 0x0
0xffff998000015b00 0001 00000000 0x0 0x0
0xffff998000015b80 0001 00000000 0x0 0x0
0xffff998000015c00 0001 00000000 0x0 0x0
0xffff998000015c80 0001 00000000 0x0 0x0
0xffff998000015d00 0001 00000000 0x0 0x0
0xffff998000015d80 0001 00000000 0x0 0x0
0xffff998000015e00 0001 00000000 0x0 0x0
0xffff998000015e80 0001 00000000 0x0 0x0
0xffff998000015f00 0001 00000000 0x0 0x0
0xffff998000015f80 0001 00000000 0x0 0x0
0xffff998000016000 0001 00000000 0x0 0x0
0xffff998000016080 0001 00000000 0x0 0x0
0xffff998000016100 0001 00000000 0x0 0x0
0xffff998000016180 0001 00000000 0x0 0x0
0xffff998000016200 0001 00000000 0x0 0x0
0xffff998000016280 0001 00000000 0x0 0x0
0xffff998000016300 0001 00000000 0x0 0x0
0xffff998000016380 0041 00000000 0x0 0x0
0xffff998000016400 0041 00000000 0x0 0x0
0xffff998000016480 0041 00000000 0x0 0x0
0xffff998000016500 0041 00000000 0x0 0x0
0xffff998000016580 0041 00000000 0x0 0x0
0xffff998000016600 0041 00000000 0x0 0x0
0xffff998000016680 0041 00000000 0x0 0x0
0xffff998000016700 0041 00000000 0x0 0x0
0xffff998000016780 0041 00000000 0x0 0x0
0xffff998000016800 0041 00000000 0x0 0x0
0xffff998000016880 0041 00000000 0x0 0x0
0xffff998000016900 0041 00000000 0x0 0x0
0xffff998000016980 0041 00000000 0x0 0x0
0xffff998000016a00 0041 00000000 0x0 0x0
0xffff998000016a80 0041 00000000 0x0 0x0
0xffff998000016b00 0041 00000000 0x0 0x0
0xffff998000016b80 0041 00000000 0x0 0x0
0xffff998000016c00 0041 00000000 0x0 0x0
0xffff998000016c80 0041 00000000 0x0 0x0
0xffff998000016d00 0041 00000000 0x0 0x0
0xffff998000016d80 0041 00000000 0x0 0x0
0xffff998000016e00 0041 00000000 0x0 0x0
0xffff998000016e80 0041 00000000 0x0 0x0
0xffff998000016f00 0041 00000000 0x0 0x0
0xffff998000016f80 0041 00000000 0x0 0x0
0xffff998000017000 0041 00000000 0x0 0x0
0xffff998000017080 0041 00000000 0x0 0x0
0xffff998000017100 0041 00000000 0x0 0x0
0xffff998000017180 0041 00000000 0x0 0x0
0xffff998000017200 0041 00000000 0x0 0x0
0xffff998000017280 0041 00000000 0x0 0x0
0xffff998000017300 0041 00000000 0x0 0x0
0xffff998000017380 0041 00000000 0x0 0x0
0xffff998000017400 0041 00000000 0x0 0x0
0xffff998000017480 0041 00000000 0x0 0x0
0xffff998000017500 0041 00000000 0x0 0x0
0xffff998000017580 0041 00000000 0x0 0x0
0xffff998000017600 0041 00000000 0x0 0x0
0xffff998000017680 0045 00000000 0x0 0x0
0xffff998000017700 0041 00000000 0x0 0x0
0xffff998000017780 0041 00000000 0x0 0x0
0xffff998000017800 0041 00000000 0x0 0x0
0xffff998000017880 0001 00000000 0x0 0x0
0xffff998000017900 0001 00000000 0x0 0x0
0xffff998000017980 0001 00000000 0x0 0x0
0xffff998000017a00 0001 00000000 0x0 0x0
0xffff998000017a80 0001 00000000 0x0 0x0
0xffff998000017b00 0001 00000000 0x0 0x0
0xffff998000017b80 0001 00000000 0x0 0x0
0xffff998000017c00 0001 00000000 0x0 0x0
0xffff998000017c80 0001 00000000 0x0 0x0
0xffff998000017d00 0001 00000000 0x0 0x0
0xffff998000017d80 0001 00000000 0x0 0x0
0xffff998000017e00 0001 00000000 0x0 0x0
0xffff998000017e80 0001 00000000 0x0 0x0
0xffff998000017f00 0001 00000000 0x0 0x0
0xffff998000017f80 0001 00000000 0x0 0x0
0xffff998000018000 0001 00000000 0x0 0x0
0xffff998000018080 0001 00000000 0x0 0x0
0xffff998000018100 0001 00000000 0x0 0x0
0xffff998000018180 0001 00000000 0x0 0x0
0xffff998000018200 0001 00000000 0x0 0x0
0xffff998000018280 0001 00000000 0x0 0x0
0xffff998000018300 0001 00000000 0x0 0x0
0xffff998000018380 0001 00000000 0x0 0x0
0xffff998000018400 0001 00000000 0x0 0x0
0xffff998000018480 0001 00000000 0x0 0x0
0xffff998000018500 0001 00000000 0x0 0x0
0xffff998000018580 0001 00000000 0x0 0x0
0xffff998000018600 0001 00000000 0x0 0x0
0xffff998000018680 0001 00000000 0x0 0x0
0xffff998000018700 0001 00000000 0x0 0x0
0xffff998000018780 0001 00000000 0x0 0x0
0xffff998000018800 0001 00000000 0x0 0x0
0xffff998000018880 0001 00000000 0x0 0x0
0xffff998000018900 0001 00000000 0x0 0x0
0xffff998000018980 0001 00000000 0x0 0x0
0xffff998000018a00 0001 00000000 0x0 0x0
0xffff998000018a80 0001 00000000 0x0 0x0
0xffff998000018b00 0001 00000000 0x0 0x0
0xffff998000018b80 0001 00000000 0x0 0x0
0xffff998000018c00 0001 00000000 0x0 0x0
0xffff998000018c80 0001 00000000 0x0 0x0
0xffff998000018d00 0001 00000000 0x0 0x0
0xffff998000018d80 0001 00000000 0x0 0x0
0xffff998000018e00 0001 00000000 0x0 0x0
0xffff998000018e80 0001 00000000 0x0 0x0
0xffff998000018f00 0001 00000000 0x0 0x0
0xffff998000018f80 0001 00000000 0x0 0x0
0xffff998000019000 0001 00000000 0x0 0x0
0xffff998000019080 0001 00000000 0x0 0x0
0xffff998000019100 0001 00000000 0x0 0x0
0xffff998000019180 0001 00000000 0x0 0x0
0xffff998000019200 0001 00000000 0x0 0x0
0xffff998000019280 0001 00000000 0x0 0x0
0xffff998000019300 0001 00000000 0x0 0x0
0xffff998000019380 0041 00000000 0x0 0x0
0xffff998000019400 0041 00000000 0x0 0x0
0xffff998000019480 0041 00000000 0x0 0x0
0xffff998000019500 0041 00000000 0x0 0x0
0xffff998000019580 0041 00000000 0x0 0x0
0xffff998000019600 0045 00000000 0x0 0x0
0xffff998000019680 0045 00000000 0x0 0x0
0xffff998000019700 0041 00000000 0x0 0x0
0xffff998000019780 0041 00000000 0x0 0x0
0xffff998000019800 0041 00000000 0x0 0x0
0xffff998000019880 0041 00000000 0x0 0x0
0xffff998000019900 0041 00000000 0x0 0x0
0xffff998000019980 0041 00000000 0x0 0x0
0xffff998000019a00 0045 00000000 0x0 0x0
0xffff998000019a80 0045 00000000 0x0 0x0
0xffff998000019b00 0041 00000000 0x0 0x0
0xffff998000019b80 0041 00000000 0x0 0x0
0xffff998000019c00 0041 00000000 0x0 0x0
0xffff998000019c80 0041 00000000 0x0 0x0
0xffff998000019d00 0041 00000000 0x0 0x0
0xffff998000019d80 0045 00000000 0x0 0x0
0xffff998000019e00 0045 00000000 0x0 0x0
0xffff998000019e80 0045 00000000 0x0 0x0
0xffff998000019f00 0041 00000000 0x0 0x0
0xffff998000019f80 0045 00000000 0x0 0x0
0xffff99800001a000 0041 00000000 0x0 0x0
0xffff99800001a080 0041 00000000 0x0 0x0
0xffff99800001a100 0041 00000000 0x0 0x0
0xffff99800001a180 0045 00000000 0x0 0x0
0xffff99800001a200 0045 00000000 0x0 0x0
0xffff99800001a280 0045 00000000 0x0 0x0
0xffff99800001a300 0041 00000000 0x0 0x0
0xffff99800001a380 0045 00000000 0x0 0x0
0xffff99800001a400 0041 00000000 0x0 0x0
0xffff99800001a480 0041 00000000 0x0 0x0
0xffff99800001a500 0041 00000000 0x0 0x0
0xffff99800001a580 0045 00000000 0x0 0x0
0xffff99800001a600 0045 00000000 0x0 0x0
0xffff99800001a680 0045 00000000 0x0 0x0
0xffff99800001a700 0045 00000000 0x0 0x0
0xffff99800001a780 0045 00000000 0x0 0x0
0xffff99800001a800 0041 00000000 0x0 0x0
0xffff99800001a880 0001 00000000 0x0 0x0
0xffff99800001a900 0001 00000000 0x0 0x0
0xffff99800001a980 0001 00000000 0x0 0x0
0xffff99800001aa00 0001 00000000 0x0 0x0
0xffff99800001aa80 0001 00000000 0x0 0x0
0xffff99800001ab00 0001 00000000 0x0 0x0
0xffff99800001ab80 0001 00000000 0x0 0x0
0xffff99800001ac00 0001 00000000 0x0 0x0
0xffff99800001ac80 0001 00000000 0x0 0x0
0xffff99800001ad00 0001 00000000 0x0 0x0
0xffff99800001ad80 0001 00000000 0x0 0x0
0xffff99800001ae00 0001 00000000 0x0 0x0
0xffff99800001ae80 0001 00000000 0x0 0x0
0xffff99800001af00 0001 00000000 0x0 0x0
0xffff99800001af80 0001 00000000 0x0 0x0
0xffff99800001b000 0001 00000000 0x0 0x0
0xffff99800001b080 0001 00000000 0x0 0x0
0xffff99800001b100 0001 00000000 0x0 0x0
0xffff99800001b180 0001 00000000 0x0 0x0
0xffff99800001b200 0001 00000000 0x0 0x0
0xffff99800001b280 0001 00000000 0x0 0x0
0xffff99800001b300 0001 00000000 0x0 0x0
0xffff99800001b380 0001 00000000 0x0 0x0
0xffff99800001b400 0001 00000000 0x0 0x0
0xffff99800001b480 0001 00000000 0x0 0x0
0xffff99800001b500 0001 00000000 0x0 0x0
0xffff99800001b580 0001 00000000 0x0 0x0
0xffff99800001b600 0001 00000000 0x0 0x0
0xffff99800001b680 0001 00000000 0x0 0x0
0xffff99800001b700 0001 00000000 0x0 0x0
0xffff9980000
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Aug 30, 2020, 3:44:37 AM8/30/20
to Maxime Villard, m...@m00nbsd.net, syzkaller-...@googlegroups.com
> #syz dup: UBSan: Undefined Behavior in tunwrite
Your 'dup:' command is accepted, but please keep syzkaller-...@googlegroups.com mailing list in CC next time. It serves as a history of what happened with each bug report. Thank you.
Your 'dup:' command is accepted, but please keep syzkaller-...@googlegroups.com mailing list in CC next time. It serves as a history of what happened with each bug report. Thank you.
Reply all
Reply to author
Forward
0 new messages