UBSan: Undefined Behavior in route_output

3 views
Skip to first unread message

syzbot

unread,
May 24, 2020, 10:36:16 PM5/24/20
to syzkaller-...@googlegroups.com
Hello,

syzbot found the following crash on:

HEAD commit: ed9d23d2 fix KASAN PoolUseAfterFree for async write - can'..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=157481e2100000
kernel config: https://syzkaller.appspot.com/x/.config?x=f96f14247a94bfe
dashboard link: https://syzkaller.appspot.com/bug?extid=d0a8c987d70b55e46d22
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d0a8c9...@syzkaller.appspotmail.com

[ 55.0646617] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/rtsock_shared.c:667:41, member access within misaligned address 0xffff8465bb2515cc for type 'struct rt_msghdr' which requires 8 byte alignment

[ 55.0846504] cpu1: Begin traceback...
[ 55.1046533] vpanic() at netbsd:vpanic+0x287 sys/kern/subr_prf.c:290
[ 55.1646533] isAlreadyReported() at netbsd:isAlreadyReported
[ 55.2046530] HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xae
[ 55.2446533] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
[ 55.2846535] route_output() at netbsd:route_output+0x1676 sys/net/rtsock_shared.c:667
[ 55.3246536] raw_send() at netbsd:raw_send+0x1c9 sys/net/raw_usrreq.c:182
[ 55.3546538] route_send_wrapper() at netbsd:route_send_wrapper+0x9f route_send sys/net/rtsock_shared.c:500 [inline]
[ 55.3546538] route_send_wrapper() at netbsd:route_send_wrapper+0x9f sys/net/rtsock_shared.c:1738
[ 55.3946537] sosend() at netbsd:sosend+0x1554 sys/kern/uipc_socket.c:1059
[ 55.4346561] soo_write() at netbsd:soo_write+0x75 sys/kern/sys_socket.c:122
[ 55.4646545] do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x3f9
[ 55.5046537] sys_writev() at netbsd:sys_writev+0x54 do_filewritev sys/kern/sys_generic.c:381 [inline]
[ 55.5046537] sys_writev() at netbsd:sys_writev+0x54 sys/kern/sys_generic.c:381
[ 55.5446528] sys___syscall() at netbsd:sys___syscall+0x1b5 sy_call sys/sys/syscallvar.h:65 [inline]
[ 55.5446528] sys___syscall() at netbsd:sys___syscall+0x1b5 sys/kern/sys_syscall.c:77
[ 55.5846549] syscall() at netbsd:syscall+0x287 sy_call sys/sys/syscallvar.h:65 [inline]
[ 55.5846549] syscall() at netbsd:syscall+0x287 sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 55.5846549] syscall() at netbsd:syscall+0x287 sys/arch/x86/x86/syscall.c:138
[ 55.5946532] --- syscall (number 198) ---
[ 55.6046526] netbsd:syscall+0x287:
[ 55.6046526] cpu1: End traceback...
[ 55.6146611] fatal breakpoint trap in supervisor mode
[ 55.6146611] trap type 1 code 0 rip 0xffffffff80221a45 cs 0x8 rflags 0x246 cr2 0x20019600 ilevel 0x4 rsp 0xffff8600c44674c0
[ 55.6246497] curlwp 0xffff8465cfa09780 pid 2365.3358 lowest kstack 0xffff8600c44642c0
Stopped in pid 2365.3358 (syz-executor.0) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xd1 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x287 sys/kern/subr_prf.c:290
isAlreadyReported() at netbsd:isAlreadyReported
HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xae
HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
route_output() at netbsd:route_output+0x1676 sys/net/rtsock_shared.c:667
raw_send() at netbsd:raw_send+0x1c9 sys/net/raw_usrreq.c:182
route_send_wrapper() at netbsd:route_send_wrapper+0x9f route_send sys/net/rtsock_shared.c:500 [inline]
route_send_wrapper() at netbsd:route_send_wrapper+0x9f sys/net/rtsock_shared.c:1738
sosend() at netbsd:sosend+0x1554 sys/kern/uipc_socket.c:1059
soo_write() at netbsd:soo_write+0x75 sys/kern/sys_socket.c:122
do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x3f9
sys_writev() at netbsd:sys_writev+0x54 do_filewritev sys/kern/sys_generic.c:381 [inline]
sys_writev() at netbsd:sys_writev+0x54 sys/kern/sys_generic.c:381
sys___syscall() at netbsd:sys___syscall+0x1b5 sy_call sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0x1b5 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x287 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x287 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x287 sys/arch/x86/x86/syscall.c:138
--- syscall (number 198) ---
netbsd:syscall+0x287:
ds dd
es 7480
fs 74d0
gs 10
rdi 4
rsi 2d5
rbp ffff8600c44674c0
rbx ffff8600a65b9000
rdx ffff8465baad4bb8
rcx 4
rax ffffffff
r8 ffff8600a65b9000
r9 0
r10 ffff8600c44673f0
r11 10
r12 ffffffff83c727f8
r13 ffff8600c4467538
r14 104
r15 ffffffff85b9d5a0 pool_head+0x560
rip ffffffff80221a45 breakpoint+0x5
cs 8
rflags 246
rsp ffff8600c44674c0
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
3390 2904 2 0 0 ffff8465cbd65a00 syz-executor.1
3390 3390 3 0 80 ffff8465cc27e4c0 syz-executor.1 parked
2890 2258 3 0 80 ffff8465cbf07a80 syz-executor.3 parked
2890 2890 2 0 0 ffff8465cfa09340 syz-executor.3
2381 3704 2 0 100000 ffff8465cc127ac0 syz-executor.2
2381 2381 3 1 0 ffff8465cddfa740 syz-executor.2 lwpwait
2365 >3358 7 1 0 ffff8465cfa09780 syz-executor.0
2365 2365 3 1 80 ffff8465cddfa300 syz-executor.0 parked
2229 2229 3 0 80 ffff8465c15b78c0 syz-executor.3 parked
1971 1971 3 1 80 ffff8465cd53a6c0 syz-executor.5 parked
1693 1693 3 1 80 ffff8465cce5c040 syz-executor.5 parked
1951 1951 3 0 80 ffff8465cc0ac100 syz-executor.5 parked
2003 2003 3 0 80 ffff8465cce5c480 syz-executor.3 parked
2743 2743 3 0 80 ffff8465cbd65180 syz-executor.3 parked
2490 2490 3 0 80 ffff8465cbd655c0 syz-executor.5 parked
1871 1871 3 0 80 ffff8465cd53ab00 syz-executor.1 parked
2239 2239 3 1 80 ffff8465cddfab80 syz-executor.3 parked
1870 1870 3 1 80 ffff8465cc127680 syz-executor.3 parked
2142 2142 3 0 80 ffff8465cf0c1700 syz-executor.5 parked
1757 1757 3 1 80 ffff8465cd53a280 syz-executor.5 parked
1586 1586 3 0 80 ffff8465cc0ac540 syz-executor.1 parked
886 886 3 1 80 ffff8465ceed1a40 syz-executor.1 parked
1849 1849 3 0 80 ffff8465ca9ba500 syz-executor.1 parked
1332 1332 3 0 80 ffff8465cbf07640 syz-executor.5 parked
1360 1360 3 0 80 ffff8465c8c74080 syz-executor.5 parked
1786 1786 3 0 80 ffff8465cbf07200 syz-executor.5 parked
950 950 3 0 80 ffff8465cb71e9c0 syz-executor.2 parked
987 987 3 0 80 ffff8465cb71e580 syz-executor.2 parked
578 578 2 0 40 ffff8465c15b7040 syz-executor.5
705 705 3 0 c0 ffff8465c0ddd780 syz-executor.4 pipe_rd
686 686 2 0 40 ffff8465c0ddd340 syz-executor.3
685 > 685 7 0 40 ffff8465bb92a680 syz-executor.2
688 688 2 0 40 ffff8465bba2a6c0 syz-executor.1
681 681 2 0 40 ffff8465bb92aac0 syz-executor.0
674 687 3 1 c0 ffff8465c0dddbc0 syz-fuzzer parked
674 684 3 0 80 ffff8465bba2ab00 syz-fuzzer kqueue
674 683 3 0 80 ffff8465bba2a280 syz-fuzzer parked
674 676 3 1 c0 ffff8465bac6a200 syz-fuzzer parked
674 678 3 1 80 ffff8465bb92a240 syz-fuzzer parked
674 716 3 0 80 ffff8465bc1f6b40 syz-fuzzer parked
674 679 3 1 80 ffff8465bac6aa80 syz-fuzzer parked
674 680 3 1 80 ffff8465baa3ea40 syz-fuzzer parked
674 675 3 1 c0 ffff8465bc672740 syz-fuzzer parked
674 673 3 1 80 ffff8465ba7aa9c0 syz-fuzzer parked
674 674 3 0 80 ffff8465ba7aa140 syz-fuzzer parked
729 729 3 1 80 ffff8465bc672300 sshd select
727 727 3 0 80 ffff8465ba927180 getty nanoslp
726 726 3 1 80 ffff8465bc1f62c0 getty nanoslp
725 725 3 1 80 ffff8465ba7aa580 getty nanoslp
881 881 3 1 c0 ffff8465ba379500 getty ttyraw
711 711 3 0 80 ffff8465baa3e1c0 cron nanoslp
708 708 3 0 80 ffff8465ba927a00 inetd kqueue
602 602 3 0 80 ffff8465bc1f6700 sshd select
593 593 3 0 80 ffff8465bc672b80 powerd kqueue
451 451 3 1 80 ffff8465baa3e600 syslogd kqueue
293 293 3 0 80 ffff8465ba9275c0 dhcpcd kqueue
326 326 3 0 80 ffff8465bac6a640 dhcpcd kqueue
1 1 3 0 80 ffff8465b92e5080 init wait
0 1023 3 0 200 ffff8465ba379940 physiod physiod
0 117 3 0 200 ffff8465ba3bd980 pooldrain pooldrain
0 116 3 0 200 ffff8465ba3bd540 ioflush syncer
0 115 3 1 200 ffff8465ba3bd100 pgdaemon pgdaemon
0 112 3 1 200 ffff8465ba3790c0 usb0 usbevt
0 111 3 1 200 ffff8465b92e5900 usbtask-dr usbtsk
0 110 3 1 200 ffff8465b92e54c0 usbtask-hc usbtsk
0 109 3 0 200 ffff8465b672cac0 npfgc-0 npfgccv
0 108 3 1 200 ffff8465b926e8c0 rt_free rt_free
0 107 3 1 200 ffff8465b926e480 unpgc unpgc
0 106 3 0 200 ffff8465b926e040 key_timehandler key_timehandler
0 105 3 1 200 ffff8465b92afbc0 icmp6_wqinput/1 icmp6_wqinput
0 104 3 0 200 ffff8465b92af780 icmp6_wqinput/0 icmp6_wqinput
0 103 3 0 200 ffff8465b92af340 nd6_timer nd6_timer
0 102 3 1 200 ffff8465b9298b80 carp6_wqinput/1 carp6_wqinput
0 101 3 0 200 ffff8465b9298740 carp6_wqinput/0 carp6_wqinput
0 100 3 1 200 ffff8465b924a280 carp_wqinput/1 carp_wqinput
0 99 3 0 200 ffff8465b924a6c0 carp_wqinput/0 carp_wqinput
0 98 3 1 200 ffff8465b924ab00 icmp_wqinput/1 icmp_wqinput
0 97 3 0 200 ffff8465b92412c0 icmp_wqinput/0 icmp_wqinput
0 96 3 0 200 ffff8465b9298300 rt_timer rt_timer
0 125 3 0 200 ffff8465b9241b40 vmem_rehash vmem_rehash
0 95 3 0 200 ffff8465b9241700 entbutler entropy
0 27 3 0 200 ffff8465b672c680 scsibus0 sccomp
0 26 3 0 200 ffff8465b672c240 pms0 pmsreset
0 25 3 1 200 ffff8465b6697a80 xcall/1 xcall
0 24 1 1 200 ffff8465b6697640 softser/1
0 23 1 1 200 ffff8465b6697200 softclk/1
0 22 1 1 200 ffff8465b6667a40 softbio/1
0 21 1 1 200 ffff8465b6667600 softnet/1
0 20 1 1 201 ffff8465b66671c0 idle/1
0 19 3 0 200 ffff8466c6586a00 lnxpwrwq lnxpwrwq
0 18 3 1 200 ffff8466c65865c0 lnxlngwq lnxlngwq
0 17 3 1 200 ffff8466c6586180 lnxsyswq lnxsyswq
0 16 3 0 200 ffff8466c65a19c0 lnxrcugc lnxrcugc
0 15 3 0 200 ffff8466c65a1580 sysmon smtaskq
0 14 3 0 200 ffff8466c65a1140 pmfsuspend pmfsuspend
0 13 3 1 200 ffff8466c65b0980 pmfevent pmfevent
0 12 3 0 200 ffff8466c65b0540 sopendfree sopendfr
0 11 3 0 200 ffff8466c65b0100 iflnkst iflnkst
0 10 3 0 200 ffff8466c75dd940 nfssilly nfssilly
0 9 3 1 200 ffff8466c75dd500 vdrain vdrain
0 8 3 0 200 ffff8466c75dd0c0 modunload mod_unld
0 7 3 0 200 ffff8466c760c900 xcall/0 xcall
0 6 1 0 200 ffff8466c760c4c0 softser/0
0 > 5 7 0 200 ffff8466c760c080 softclk/0
0 4 1 0 200 ffff8466c76398c0 softbio/0
0 3 1 0 200 ffff8466c7639480 softnet/0
0 2 1 0 201 ffff8466c7639040 idle/0
0 0 3 0 200 ffffffff85af1480 swapper uvm
[Locks tracked through LWPs]

****** LWP 3390.3390 (syz-executor.1) @ 0xffff8465cc27e4c0, l_stat=3

*** Locks held:

* Lock 0 (initialized at amap_alloc1)
lock address : 0xffff8465be100880 type : sleep/adaptive
initialized : 0xffffffff82edf05b
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8465cc27e4c0 last held: 0xffff8465cc27e4c0
last locked* : 0xffffffff82f00fea unlocked : 0xffffffff82efd85d
owner/count : 000000000000000000 flags : 000000000000000000
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 2365.3358 (syz-executor.0) @ 0xffff8465cfa09780, l_stat=7

*** Locks held:

* Lock 0 (initialized at soinit)
lock address : 0xffff8466c7abc080 type : sleep/adaptive
initialized : 0xffffffff8321b08f
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff8465cfa09780 last held: 0xffff8465cfa09780
last locked* : 0xffffffff83218ea4 unlocked : 0xffffffff83218f3f
owner field : 0xffff8465cfa09780 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 578.578 (syz-executor.5) @ 0xffff8465c15b7040, l_stat=2

*** Locks held:

* Lock 0 (initialized at uvm_map_setup)
lock address : 0xffff8465bab3a890 type : sleep/adaptive
initialized : 0xffffffff82f21e05
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8465c15b7040 last held: 0xffff8465c15b7040
last locked* : 0xffffffff82f15247 unlocked : 0xffffffff82efd87c
owner/count : 0xffff8465c15b7040 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

* Lock 1 (initialized at pmap_ctor)
lock address : 0xffff8465ba93e380 type : sleep/adaptive
initialized : 0xffffffff80eee3c3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8465c15b7040 last held: 0xffff8465c15b7040
last locked* : 0xffffffff80eefb1c unlocked : 0xffffffff80ef0d28
owner field : 0xffff8465c15b7040 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 0.11 (iflnkst) @ 0xffff8466c65b0100, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff85eee340 type : sleep/adaptive
initialized : 0xffffffff8301bc2f
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8466c65b0100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

****** LWP 0.5 (softclk/0) @ 0xffff8466c760c080, l_stat=7

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff85eee340 type : sleep/adaptive
initialized : 0xffffffff8301bc2f
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffff8466c760c080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

[Locks tracked through CPUs]

******* Locks held on cpu1:

* Lock 0 (initialized at main)
lock address : 0xffffffff85eee240 type : spin
initialized : 0xffffffff83799cf0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffff8465cfa09780 last held: 0xffff8465cfa09780
last locked* : 0xffffffff834d2e1a unlocked : 0xffffffff80ec0b25
curcpu holds : 1 wanted by: 000000000000000000

PAGE FLAG PQ UOBJECT UANON
0xffff860000006180 0045 00000000 0x0 0x0
0xffff860000006200 0045 00000000 0x0 0x0
0xffff860000006280 0045 00000000 0x0 0x0
0xffff860000006300 0045 00000000 0x0 0x0
0xffff860000006380 0045 00000000 0x0 0x0
0xffff860000006400 0045 00000000 0x0 0x0
0xffff860000006480 0045 00000000 0x0 0x0
0xffff860000006500 0045 00000000 0x0 0x0
0xffff860000006580 0041 00000000 0x0 0x0
0xffff860000006600 0041 00000000 0x0 0x0
0xffff860000006680 0041 00000000 0x0 0x0
0xffff860000006700 0041 00000000 0x0 0x0
0xffff860000006780 0041 00000000 0x0 0x0
0xffff860000006800 0045 00000000 0x0 0x0
0xffff860000006880 0041 00000000 0x0 0x0
0xffff860000006900 0041 00000000 0x0 0x0
0xffff860000006980 0041 00000000 0x0 0x0
0xffff860000006a00 0041 00000000 0x0 0x0
0xffff860000006a80 0041 00000000 0x0 0x0
0xffff860000006b00 0041 00000000 0x0 0x0
0xffff860000006b80 0041 00000000 0x0 0x0
0xffff860000006c00 0041 00000000 0x0 0x0
0xffff860000006c80 0041 00000000 0x0 0x0
0xffff860000006d00 0041 00000000 0x0 0x0
0xffff860000006d80 0041 00000000 0x0 0x0
0xffff860000006e00 0041 00000000 0x0 0x0
0xffff860000006e80 0041 00000000 0x0 0x0
0xffff860000006f00 0041 00000000 0x0 0x0
0xffff860000006f80 0041 00000000 0x0 0x0
0xffff860000007000 0041 00000000 0x0 0x0
0xffff860000007080 0041 00000000 0x0 0x0
0xffff860000007100 0041 00000000 0x0 0x0
0xffff860000007180 0041 00000000 0x0 0x0
0xffff860000007200 0041 00000000 0x0 0x0
0xffff860000007280 0041 00000000 0x0 0x0
0xffff860000007300 0041 00000000 0x0 0x0
0xffff860000007380 0041 00000000 0x0 0x0
0xffff860000007400 0041 00000000 0x0 0x0
0xffff860000007480 0041 00000000 0x0 0x0
0xffff860000007500 0041 00000000 0x0 0x0
0xffff860000007580 0041 00000000 0x0 0x0
0xffff860000007600 0041 00000000 0x0 0x0
0xffff860000007680 0041 00000000 0x0 0x0
0xffff860000007700 0045 00000000 0x0 0x0
0xffff860000007780 0045 00000000 0x0 0x0
0xffff860000007800 0041 00000000 0x0 0x0
0xffff860000007880 0041 00000000 0x0 0x0
0xffff860000007900 0041 00000000 0x0 0x0
0xffff860000007980 0041 00000000 0x0 0x0
0xffff860000007a00 0041 00000000 0x0 0x0
0xffff860000007a80 0041 00000000 0x0 0x0
0xffff860000007b00 0041 00000000 0x0 0x0
0xffff860000007b80 0041 00000000 0x0 0x0
0xffff860000007c00 0041 00000000 0x0 0x0
0xffff860000007c80 0041 00000000 0x0 0x0
0xffff860000007d00 0041 00000000 0x0 0x0
0xffff860000007d80 0041 00000000 0x0 0x0
0xffff860000007e00 0041 00000000 0x0 0x0
0xffff860000007e80 0041 00000000 0x0 0x0
0xffff860000007f00 0041 00000000 0x0 0x0
0xffff860000007f80 0041 00000000 0x0 0x0
0xffff860000008000 0041 00000000 0x0 0x0
0xffff860000008080 0041 00000000 0x0 0x0
0xffff860000008100 0041 00000000 0x0 0x0
0xffff860000008180 0041 00000000 0x0 0x0
0xffff860000008200 0041 00000000 0x0 0x0
0xffff860000008280 0041 00000000 0x0 0x0
0xffff860000008300 0041 00000000 0x0 0x0
0xffff860000008380 0041 00000000 0x0 0x0
0xffff860000008400 0041 00000000 0x0 0x0
0xffff860000008480 0041 00000000 0x0 0x0
0xffff860000008500 0041 00000000 0x0 0x0
0xffff860000008580 0041 00000000 0x0 0x0
0xffff860000008600 0041 00000000 0x0 0x0
0xffff860000008680 0041 00000000 0x0 0x0
0xffff860000008700 0041 00000000 0x0 0x0
0xffff860000008780 0041 00000000 0x0 0x0
0xffff860000008800 0041 00000000 0x0 0x0
0xffff860000008880 0041 00000000 0x0 0x0
0xffff860000008900 0041 00000000 0x0 0x0
0xffff860000008980 0041 00000000 0x0 0x0
0xffff860000008a00 0041 00000000 0x0 0x0
0xffff860000008a80 0041 00000000 0x0 0x0
0xffff860000008b00 0041 00000000 0x0 0x0
0xffff860000008b80 0041 00000000 0x0 0x0
0xffff860000008c00 0041 00000000 0x0 0x0
0xffff860000008c80 0045 00000000 0x0 0x0
0xffff860000008d00 0041 00000000 0x0 0x0
0xffff860000008d80 0041 00000000 0x0 0x0
0xffff860000008e00 0041 00000000 0x0 0x0
0xffff860000008e80 0041 00000000 0x0 0x0
0xffff860000008f00 0045 00000000 0x0 0x0
0xffff860000008f80 0041 00000000 0x0 0x0
0xffff860000009000 0041 00000000 0x0 0x0
0xffff860000009080 0041 00000000 0x0 0x0
0xffff860000009100 0041 00000000 0x0 0x0
0xffff860000009180 0041 00000000 0x0 0x0
0xffff860000009200 0041 00000000 0x0 0x0
0xffff860000009280 0041 00000000 0x0 0x0
0xffff860000009300 0041 00000000 0x0 0x0
0xffff860000009380 0041 00000000 0x0 0x0
0xffff860000009400 0041 00000000 0x0 0x0
0xffff860000009480 0041 00000000 0x0 0x0
0xffff860000009500 0041 00000000 0x0 0x0
0xffff860000009580 0041 00000000 0x0 0x0
0xffff860000009600 0041 00000000 0x0 0x0
0xffff860000009680 0041 00000000 0x0 0x0
0xffff860000009700 0041 00000000 0x0 0x0
0xffff860000009780 0041 00000000 0x0 0x0
0xffff860000009800 0041 00000000 0x0 0x0
0xffff860000009880 0041 00000000 0x0 0x0
0xffff860000009900 0041 00000000 0x0 0x0
0xffff860000009980 0041 00000000 0x0 0x0
0xffff860000009a00 0045 00000000 0x0 0x0
0xffff860000009a80 0041 00000000 0x0 0x0
0xffff860000009b00 0041 00000000 0x0 0x0
0xffff860000009b80 0041 00000000 0x0 0x0
0xffff860000009c00 0041 00000000 0x0 0x0
0xffff860000009c80 0041 00000000 0x0 0x0
0xffff860000009d00 0041 00000000 0x0 0x0
0xffff860000009d80 0045 00000000 0x0 0x0
0xffff860000009e00 0045 00000000 0x0 0x0
0xffff860000009e80 0045 00000000 0x0 0x0
0xffff860000009f00 0041 00000000 0x0 0x0
0xffff860000009f80 0041 00000000 0x0 0x0
0xffff86000000a000 0041 00000000 0x0 0x0
0xffff86000000a080 0041 00000000 0x0 0x0
0xffff86000000a100 0045 00000000 0x0 0x0
0xffff86000000a180 0045 00000000 0x0 0x0
0xffff86000000a200 0045 00000000 0x0 0x0
0xffff86000000a280 0045 00000000 0x0 0x0
0xffff86000000a300 0041 00000000 0x0 0x0
0xffff86000000a380 0041 00000000 0x0 0x0
0xffff86000000a400 0041 00000000 0x0 0x0
0xffff86000000a480 0041 00000000 0x0 0x0
0xffff86000000a500 0045 00000000 0x0 0x0
0xffff86000000a580 0045 00000000 0x0 0x0
0xffff86000000a600 0045 00000000 0x0 0x0
0xffff86000000a680 0045 00000000 0x0 0x0
0xffff86000000a700 0045 00000000 0x0 0x0
0xffff86000000a780 0045 00000000 0x0 0x0
0xffff86000000a800 0045 00000000 0x0 0x0
0xffff86000000a880 0041 00000000 0x0 0x0
0xffff86000000a900 0045 00000000 0x0 0x0
0xffff86000000a980 0045 00000000 0x0 0x0
0xffff86000000aa00 0041 00000000 0x0 0x0
0xffff86000000aa80 0045 00000000 0x0 0x0
0xffff86000000ab00 0045 00000000 0x0 0x0
0xffff86000000ab80 0045 00000000 0x0 0x0
0xffff86000000ac00 0045 00000000 0x0 0x0
0xffff86000000ac80 0045 00000000 0x0 0x0
0xffff86000000ad00 0045 00000000 0x0 0x0
0xffff86000000ad80 0041 00000000 0x0 0x0
0xffff86000000ae00 0041 00000000 0x0 0x0
0xffff86000000ae80 0041 00000000 0x0 0x0
0xffff86000000af00 0045 00000000 0x0 0x0
0xffff86000000af80 0045 00000000 0x0 0x0
0xffff86000000b000 0045 00000000 0x0 0x0
0xffff86000000b080 0045 00000000 0x0 0x0
0xffff86000000b100 0041 00000000 0x0 0x0
0xffff86000000b180 0041 00000000 0x0 0x0
0xffff86000000b200 0041 00000000 0x0 0x0
0xffff86000000b280 0041 00000000 0x0 0x0
0xffff86000000b300 0045 00000000 0x0 0x0
0xffff86000000b380 0045 00000000 0x0 0x0
0xffff86000000b400 0045 00000000 0x0 0x0
0xffff86000000b480 0045 00000000 0x0 0x0
0xffff86000000b500 0041 00000000 0x0 0x0
0xffff86000000b580 0041 00000000 0x0 0x0
0xffff86000000b600 0041 00000000 0x0 0x0
0xffff86000000b680 0041 00000000 0x0 0x0
0xffff86000000b700 0041 00000000 0x0 0x0
0xffff86000000b780 0041 00000000 0x0 0x0
0xffff86000000b800 0045 00000000 0x0 0x0
0xffff86000000b880 0045 00000000 0x0 0x0
0xffff86000000b900 0041 00000000 0x0 0x0
0xffff86000000b980 0041 00000000 0x0 0x0
0xffff86000000ba00 0041 00000000 0x0 0x0
0xffff86000000ba80 0045 00000000 0x0 0x0
0xffff86000000bb00 0041 00000000 0x0 0x0
0xffff86000000bb80 0041 00000000 0x0 0x0
0xffff86000000bc00 0041 00000000 0x0 0x0
0xffff86000000bc80 0045 00000000 0x0 0x0
0xffff86000000bd00 0041 00000000 0x0 0x0
0xffff86000000bd80 0041 00000000 0x0 0x0
0xffff86000000be00 0045 00000000 0x0 0x0
0xffff86000000be80 0041 00000000 0x0 0x0
0xffff86000000bf00 0041 00000000 0x0 0x0
0xffff86000000bf80 0041 00000000 0x0 0x0
0xffff86000000c000 0041 00000000 0x0 0x0
0xffff86000000c080 0041 00000000 0x0 0x0
0xffff86000000c100 0041 00000000 0x0 0x0
0xffff86000000c180 0045 00000000 0x0 0x0
0xffff86000000c200 0045 00000000 0x0 0x0
0xffff86000000c280 0041 00000000 0x0 0x0
0xffff86000000c300 0045 00000000 0x0 0x0
0xffff86000000c380 0041 00000000 0x0 0x0
0xffff86000000c400 0041 00000000 0x0 0x0
0xffff86000000c480 0041 00000000 0x0 0x0
0xffff86000000c500 0045 00000000 0x0 0x0
0xffff86000000c580 0045 00000000 0x0 0x0
0xffff86000000c600 0045 00000000 0x0 0x0
0xffff86000000c680 0045 00000000 0x0 0x0
0xffff86000000c700 0041 00000000 0x0 0x0
0xffff86000000c780 0041 00000000 0x0 0x0
0xffff86000000c800 0041 00000000 0x0 0x0
0xffff86000000c880 0041 00000000 0x0 0x0
0xffff86000000c900 0045 00000000 0x0 0x0
0xffff86000000c980 0045 00000000 0x0 0x0
0xffff86000000ca00 0041 00000000 0x0 0x0
0xffff86000000ca80 0045 00000000 0x0 0x0
0xffff86000000cb00 0045 00000000 0x0 0x0
0xffff86000000cb80 0045 00000000 0x0 0x0
0xffff86000000cc00 0045 00000000 0x0 0x0
0xffff86000000cc80 0041 00000000 0x0 0x0
0xffff86000000cd00 0045 00000000 0x0 0x0
0xffff86000000cd80 0041 00000000 0x0 0x0
0xffff86000000ce00 0041 00000000 0x0 0x0
0xffff86000000ce80 0045 00000000 0x0 0x0
0xffff86000000cf00 0045 00000000 0x0 0x0
0xffff86000000cf80 0045 00000000 0x0 0x0
0xffff86000000d000 0045 00000000 0x0 0x0
0xffff86000000d080 0045 00000000 0x0 0x0
0xffff86000000d100 0041 00000000 0x0 0x0
0xffff86000000d180 0041 00000000 0x0 0x0
0xffff86000000d200 0041 00000000 0x0 0x0
0xffff86000000d280 0041 00000000 0x0 0x0
0xffff86000000d300 0045 00000000 0x0 0x0
0xffff86000000d380 0045 00000000 0x0 0x0
0xffff86000000d400 0045 00000000 0x0 0x0
0xffff86000000d480 0045 00000000 0x0 0x0
0xffff86000000d500 0041 00000000 0x0 0x0
0xffff86000000d580 0041 00000000 0x0 0x0
0xffff86000000d600 0041 00000000 0x0 0x0
0xffff86000000d680 0045 00000000 0x0 0x0
0xffff86000000d700 0045 00000000 0x0 0x0
0xffff86000000d780 0045 00000000 0x0 0x0
0xffff86000000d800 0045 00000000 0x0 0x0
0xffff86000000d880 0045 00000000 0x0 0x0
0xffff86000000d900 0041 00000000 0x0 0x0
0xffff86000000d980 0045 00000000 0x0 0x0
0xffff86000000da00 0041 00000000 0x0 0x0
0xffff86000000da80 0041 00000000 0x0 0x0
0xffff86000000db00 0045 00000000 0x0 0x0
0xffff86000000db80 0045 00000000 0x0 0x0
0xffff86000000dc00 0045 00000000 0x0 0x0
0xffff86000000dc80 0041 00000000 0x0 0x0
0xffff86000000dd00 0045 00000000 0x0 0x0
0xffff86000000dd80 0041 00000000 0x0 0x0
0xffff86000000de00 0045 00000000 0x0 0x0
0xffff86000000de80 0041 00000000 0x0 0x0
0xffff86000000df00 0041 00000000 0x0 0x0
0xffff86000000df80 0041 00000000 0x0 0x0
0xffff86000000e000 0041 00000000 0x0 0x0
0xffff86000000e080 0045 00000000 0x0 0x0
0xffff86000000e100 0041 00000000 0x0 0x0
0xffff86000000e180 0041 00000000 0x0 0x0
0xffff86000000e200 0041 00000000 0x0 0x0
0xffff86000000e280 0041 00000000 0x0 0x0
0xffff86000000e300 0041 00000000 0x0 0x0
0xffff86000000e380 0045 00000000 0x0 0x0
0xffff86000000e400 0045 00000000 0x0 0x0
0xffff86000000e480 0041 00000000 0x0 0x0
0xffff86000000e500 0041 00000000 0x0 0x0
0xffff86000000e580 0045 00000000 0x0 0x0
0xffff86000000e600 0041 00000000 0x0 0x0
0xffff86000000e680 0041 00000000 0x0 0x0
0xffff86000000e700 0041 00000000 0x0 0x0
0xffff86000000e780 0041 00000000 0x0 0x0
0xffff86000000e800 0041 00000000 0x0 0x0
0xffff86000000e880 0041 00000000 0x0 0x0
0xffff86000000e900 0045 00000000 0x0 0x0
0xffff86000000e980 0041 00000000 0x0 0x0
0xffff86000000ea00 0041 00000000 0x0 0x0
0xffff86000000ea80 0041 00000000 0x0 0x0
0xffff86000000eb00 0041 00000000 0x0 0x0
0xffff86000000eb80 0041 00000000 0x0 0x0
0xffff86000000ec00 0041 00000000 0x0 0x0
0xffff86000000ec80 0041 00000000 0x0 0x0
0xffff86000000ed00 0041 00000000 0x0 0x0
0xffff86000000ed80 0041 00000000 0x0 0x0
0xffff86000000ee00 0041 00000000 0x0 0x0
0xffff86000000ee80 0045 00000000 0x0 0x0
0xffff86000000ef00 0041 00000000 0x0 0x0
0xffff86000000ef80 0041 00000000 0x0 0x0
0xffff86000000f000 0041 00000000 0x0 0x0
0xffff86000000f080 0041 00000000 0x0 0x0
0xffff86000000f100 0041 00000000 0x0 0x0
0xffff86000000f180 0041 00000000 0x0 0x0
0xffff86000000f200 0041 00000000 0x0 0x0
0xffff86000000f280 0041 00000000 0x0 0x0
0xffff86000000f300 0041 00000000 0x0 0x0
0xffff86000000f380 0041 00000000 0x0 0x0
0xffff86000000f400 0041 00000000 0x0 0x0
0xffff86000000f480 0041 00000000 0x0 0x0
0xffff86000000f500 0041 00000000 0x0 0x0
0xffff86000000f580 0041 00000000 0x0 0x0
0xffff86000000f600 0041 00000000 0x0 0x0
0xffff86000000f680 0041 00000000 0x0 0x0
0xffff86000000f700 0041 00000000 0x0 0x0
0xffff86000000f780 0041 00000000 0x0 0x0
0xffff86000000f800 0041 00000000 0x0 0x0
0xffff86000000f880 0045 00000000 0x0 0x0
0xffff86000000f900 0041 00000000 0x0 0x0
0xffff86000000f980 0041 00000000 0x0 0x0
0xffff86000000fa00 0041 00000000 0x0 0x0
0xffff86000000fa80 0041 00000000 0x0 0x0
0xffff86000000fb00 0045 00000000 0x0 0x0
0xffff86000000fb80 0041 00000000 0x0 0x0
0xffff86000000fc00 0001 00000000 0x0 0x0
0xffff86000000fc80 0001 00000000 0x0 0x0
0xffff86000000fd00 0001 00000000 0x0 0x0
0xffff86000000fd80 0001 00000000 0x0 0x0
0xffff86000000fe00 0001 00000000 0x0 0x0
0xffff86000000fe80 0001 00000000 0x0 0x0
0xffff86000000ff00 0001 00000000 0x0 0x0
0xffff86000000ff80 0001 00000000 0x0 0x0
0xffff860000010000 0001 00000000 0x0 0x0
0xffff860000010080 0001 00000000 0x0 0x0
0xffff860000010100 0001 00000000 0x0 0x0
0xffff860000010180 0001 00000000 0x0 0x0
0xffff860000010200 0001 00000000 0x0 0x0
0xffff860000010280 0001 00000000 0x0 0x0
0xffff860000010300 0001 00000000 0x0 0x0
0xffff860000010380 0001 00000000 0x0 0x0
0xffff860000010400 0001 00000000 0x0 0x0
0xffff860000010480 0001 00000000 0x0 0x0
0xffff860000010500 0001 00000000 0x0 0x0
0xffff860000010580 0001 00000000 0x0 0x0
0xffff860000010600 0001 00000000 0x0 0x0
0xffff860000010680 0001 00000000 0x0 0x0
0xffff860000010700 0001 00000000 0x0 0x0
0xffff860000010780 0001 00000000 0x0 0x0
0xffff860000010800 0001 00000000 0x0 0x0
0xffff860000010880 0001 00000000 0x0 0x0
0xffff860000010900 0001 00000000 0x0 0x0
0xffff860000010980 0001 00000000 0x0 0x0
0xffff860000010a00 0001 00000000 0x0 0x0
0xffff860000010a80 0001 00000000 0x0 0x0
0xffff860000010b00 0001 00000000 0x0 0x0
0xffff860000010b80 0001 00000000 0x0 0x0
0xffff860000010c00 0001 00000000 0x0 0x0
0xffff860000010c80 0001 00000000 0x0 0x0
0xffff860000010d00 0001 00000000 0x0 0x0
0xffff860000010d80 0001 00000000 0x0 0x0
0xffff860000010e00 0001 00000000 0x0 0x0
0xffff860000010e80 0001 00000000 0x0 0x0
0xffff860000010f00 0001 00000000 0x0 0x0
0xffff860000010f80 0001 00000000 0x0 0x0
0xffff860000011000 0001 00000000 0x0 0x0
0xffff860000011080 0001 00000000 0x0 0x0
0xffff860000011100 0001 00000000 0x0 0x0
0xffff860000011180 0001 00000000 0x0 0x0
0xffff860000011200 0001 00000000 0x0 0x0
0xffff860000011280 0001 00000000 0x0 0x0
0xffff860000011300 0001 00000000 0x0 0x0
0xffff860000011380 0001 00000000 0x0 0x0
0xffff860000011400 0001 00000000 0x0 0x0
0xffff860000011480 0001 00000000 0x0 0x0
0xffff860000011500 0001 00000000 0x0 0x0
0xffff860000011580 0001 00000000 0x0 0x0
0xffff860000011600 0001 00000000 0x0 0x0
0xffff860000011680 0001 00000000 0x0 0x0
0xffff860000011700 0041 00000000 0x0 0x0
0xffff860000011780 0045 00000000 0x0 0x0
0xffff860000011800 0041 00000000 0x0 0x0
0xffff860000011880 0041 00000000 0x0 0x0
0xffff860000011900 0041 00000000 0x0 0x0
0xffff860000011980 0041 00000000 0x0 0x0
0xffff860000011a00 0041 00000000 0x0 0x0
0xffff860000011a80 0041 00000000 0x0 0x0
0xffff860000011b00 0041 00000000 0x0 0x0
0xffff860000011b80 0041 00000000 0x0 0x0
0xffff860000011c00 0041 00000000 0x0 0x0
0xffff860000011c80 0041 00000000 0x0 0x0
0xffff860000011d00 0041 00000000 0x0 0x0
0xffff860000011d80 0041 00000000 0x0 0x0
0xffff860000011e00 0041 00000000 0x0 0x0
0xffff860000011e80 0041 00000000 0x0 0x0
0xffff860000011f00 0041 00000000 0x0 0x0
0xffff860000011f80 0041 00000000 0x0 0x0
0xffff860000012000 0041 00000000 0x0 0x0
0xffff860000012080 0041 00000000 0x0 0x0
0xffff860000012100 0041 00000000 0x0 0x0
0xffff860000012180 0041 00000000 0x0 0x0
0xffff860000012200 0041 00000000 0x0 0x0
0xffff860000012280 0041 00000000 0x0 0x0
0xffff860000012300 0041 00000000 0x0 0x0
0xffff860000012380 0041 00000000 0x0 0x0
0xffff860000012400 0041 00000000 0x0 0x0
0xffff860000012480 0041 00000000 0x0 0x0
0xffff860000012500 0041 00000000 0x0 0x0
0xffff860000012580 0041 00000000 0x0 0x0
0xffff860000012600 0041 00000000 0x0 0x0
0xffff860000012680 0041 00000000 0x0 0x0
0xffff860000012700 0041 00000000 0x0 0x0
0xffff860000012780 0041 00000000 0x0 0x0
0xffff860000012800 0041 00000000 0x0 0x0
0xffff860000012880 0041 00000000 0x0 0x0
0xffff860000012900 0041 00000000 0x0 0x0
0xffff860000012980 0041 00000000 0x0 0x0
0xffff860000012a00 0041 00000000 0x0 0x0
0xffff860000012a80 0041 00000000 0x0 0x0
0xffff860000012b00 0041 00000000 0x0 0x0
0xffff860000012b80 0041 00000000 0x0 0x0
0xffff860000012c00 0041 00000000 0x0 0x0
0xffff860000012c80 0041 00000000 0x0 0x0
0xffff860000012d00 0041 00000000 0x0 0x0
0xffff860000012d80 0041 00000000 0x0 0x0
0xffff860000012e00 0041 00000000 0x0 0x0
0xffff860000012e80 0041 00000000 0x0 0x0
0xffff860000012f00 0041 00000000 0x0 0x0
0xffff860000012f80 0041 00000000 0x0 0x0
0xffff860000013000 0001 00000000 0x0 0x0
0xffff860000013080 0001 00000000 0x0 0x0
0xffff860000013100 0001 00000000 0x0 0x0
0xffff860000013180 0001 00000000 0x0 0x0
0xffff860000013200 0001 00000000 0x0 0x0
0xffff860000013280 0001 00000000 0x0 0x0
0xffff860000013300 0001 00000000 0x0 0x0
0xffff860000013380 0001 00000000 0x0 0x0
0xffff860000013400 0001 00000000 0x0 0x0
0xffff860000013480 0001 00000000 0x0 0x0
0xffff860000013500 0001 00000000 0x0 0x0
0xffff860000013580 0001 00000000 0x0 0x0
0xffff860000013600 0001 00000000 0x0 0x0
0xffff860000013680 0001 00000000 0x0 0x0
0xffff860000013700 0001 00000000 0x0 0x0
0xffff860000013780 0001 00000000 0x0 0x0
0xffff860000013800 0001 00000000 0x0 0x0
0xffff860000013880 0001 00000000 0x0 0x0
0xffff860000013900 0001 00000000 0x0 0x0
0xffff860000013980 0001 00000000 0x0 0x0
0xffff860000013a00 0001 00000000 0x0 0x0
0xffff860000013a80 0001 00000000 0x0 0x0
0xffff860000013b00 0001 00000000 0x0 0x0
0xffff860000013b80 0001 00000000 0x0 0x0
0xffff860000013c00 0001 00000000 0x0 0x0
0xffff860000013c80 0001 00000000 0x0 0x0
0xffff860000013d00 0001 00000000 0x0 0x0
0xffff860000013d80 0001 00000000 0x0 0x0
0xffff860000013e00 0001 00000000 0x0 0x0
0xffff860000013e80 0001 00000000 0x0 0x0
0xffff860000013f00 0001 00000000 0x0 0x0
0xffff860000013f80 0001 00000000 0x0 0x0
0xffff860000014000 0001 00000000 0x0 0x0
0xffff860000014080 0001 00000000 0x0 0x0
0xffff860000014100 0001 00000000 0x0 0x0
0xffff860000014180 0001 00000000 0x0 0x0
0xffff860000014200 0001 00000000 0x0 0x0
0xffff860000014280 0001 00000000 0x0 0x0
0xffff860000014300 0001 00000000 0x0 0x0
0xffff860000014380 0001 00000000 0x0 0x0
0xffff860000014400 0001 00000000 0x0 0x0
0xffff860000014480 0001 00000000 0x0 0x0
0xffff860000014500 0001 00000000 0x0 0x0
0xffff860000014580 0001 00000000 0x0 0x0
0xffff860000014600 0001 00000000 0x0 0x0
0xffff860000014680 0001 00000000 0x0 0x0
0xffff860000014700 0001 00000000 0x0 0x0
0xffff860000014780 0001 00000000 0x0 0x0
0xffff860000014800 0001 00000000 0x0 0x0
0xffff860000014880 0001 00000000 0x0 0x0
0xffff860000014900 0001 00000000 0x0 0x0
0xffff860000014980 0001 00000000 0x0 0x0
0xffff860000014a00 0001 00000000 0x0 0x0
0xffff860000014a80 0001 00000000 0x0 0x0
0xffff860000014b00 0041 00000000 0x0 0x0
0xffff860000014b80 0041 00000000 0x0 0x0
0xffff860000014c00 0041 00000000 0x0 0x0
0xffff860000014c80 0041 00000000 0x0 0x0
0xffff860000014d00 0041 00000000 0x0 0x0
0xffff860000014d80 0041 00000000 0x0 0x0
0xffff860000014e00 0041 00000000 0x0 0x0
0xffff860000014e80 0041 00000000 0x0 0x0
0xffff860000014f00 0041 00000000 0x0 0x0
0xffff860000014f80 0041 00000000 0x0 0x0
0xffff860000015000 0041 00000000 0x0 0x0
0xffff860000015080 0041 00000000 0x0 0x0
0xffff860000015100 0041 00000000 0x0 0x0
0xffff860000015180 0041 00000000 0x0 0x0
0xffff860000015200 0041 00000000 0x0 0x0
0xffff860000015280 0041 00000000 0x0 0x0
0xffff860000015300 0041 00000000 0x0 0x0
0xffff860000015380 0041 00000000 0x0 0x0
0xffff860000015400 0041 00000000 0x0 0x0
0xffff860000015480 0041 00000000 0x0 0x0
0xffff860000015500 0041 00000000 0x0 0x0
0xffff860000015580 0041 00000000 0x0 0x0
0xffff860000015600 0041 00000000 0x0 0x0
0xffff860000015680 0041 00000000 0x0 0x0
0xffff860000015700 0041 00000000 0x0 0x0
0xffff860000015780 0041 00000000 0x0 0x0
0xffff860000015800 0041 00000000 0x0 0x0
0xffff860000015880 0041 00000000 0x0 0x0
0xffff860000015900 0041 00000000 0x0 0x0
0xffff860000015980 0041 00000000 0x0 0x0
0xffff860000015a00 0041 00000000 0x0 0x0
0xffff860000015a80 0041 00000000 0x0 0x0
0xffff860000015b00 0041 00000000 0x0 0x0
0xffff860000015b80 0041 00000000 0x0 0x0
0xffff860000015c00 0041 00000000 0x0 0x0
0xffff860000015c80 0041 00000000 0x0 0x0
0xffff860000015d00 0041 00000000 0x0 0x0
0xffff860000015d80 0041 00000000 0x0 0x0
0xffff860000015e00 0041 00000000 0x0 0x0
0xffff860000015e80 0041 00000000 0x0 0x0
0xffff860000015f00 0041 00000000 0x0 0x0
0xffff860000015f80 0041 00000000 0x0 0x0
0xffff860000016000 0041 00000000 0x0 0x0
0xffff860000016080 0041 00000000 0x0 0x0
0xffff860000016100 0001 00000000 0x0 0x0
0xffff860000016180 0001 00000000 0x0 0x0
0xffff860000016200 0001 00000000 0x0 0x0
0xffff860000016280 0001 00000000 0x0 0x0
0xffff860000016300 0001 00000000 0x0 0x0
0xffff860000016380 0001 00000000 0x0 0x0
0xffff860000016400 0001 00000000 0x0 0x0
0xffff860000016480 0001 00000000 0x0 0x0
0xffff860000016500 0001 00000000 0x0 0x0
0xffff860000016580 0001 00000000 0x0 0x0
0xffff860000016600 0001 00000000 0x0 0x0
0xffff860000016680 0001 00000000 0x0 0x0
0xffff860000016700 0001 00000000 0x0 0x0
0xffff860000016780 0001 00000000 0x0 0x0
0xffff860000016800 0001 00000000 0x0 0x0
0xffff860000016880 0001 00000000 0x0 0x0
0xffff860000016900 0001 00000000 0x0 0x0
0xffff860000016980 0001 00000000 0x0 0x0
0xffff860000016a00 0001 00000000 0x0 0x0
0xffff860000016a80 0001 00000000 0x0 0x0
0xffff860000016b00 0001 00000000 0x0 0x0
0xffff860000016b80 0001 00000000 0x0 0x0
0xffff860000016c00 0001 00000000 0x0 0x0
0xffff860000016c80 0001 00000000 0x0 0x0
0xffff860000016d00 0001 00000000 0x0 0x0
0xffff860000016d80 0001 00000000 0x0 0x0
0xffff860000016e00 0001 00000000 0x0 0x0
0xffff860000016e80 0001 00000000 0x0 0x0
0xffff860000016f00 0001 00000000 0x0 0x0
0xffff860000016f80 0001 00000000 0x0 0x0
0xffff860000017000 0001 00000000 0x0 0x0
0xffff860000017080 0001 00000000 0x0 0x0
0xffff860000017100 0001 00000000 0x0 0x0
0xffff860000017180 0001 00000000 0x0 0x0
0xffff860000017200 0001 00000000 0x0 0x0
0xffff860000017280 0001 00000000 0x0 0x0
0xffff860000017300 0001 00000000 0x0 0x0
0xffff860000017380 0001 00000000 0x0 0x0
0xffff860000017400 0001 00000000 0x0 0x0
0xffff860000017480 0001 00000000 0x0 0x0
0xffff860000017500 0001 00000000 0x0 0x0
0xffff860000017580 0001 00000000 0x0 0x0
0xffff860000017600 0001 00000000 0x0 0x0
0xffff860000017680 0001 00000000 0x0 0x0
0xffff860000017700 0001 00000000 0x0 0x0
0xffff860000017780 0001 00000000 0x0 0x0
0xffff860000017800 0001 00000000 0x0 0x0
0xffff860000017880 0001 00000000 0x0 0x0
0xffff860000017900 0001 00000000 0x0 0x0
0xffff860000017980 0001 00000000 0x0 0x0
0xffff860000017a00 0001 00000000 0x0 0x0
0xffff860000017a80 0001 00000000 0x0 0x0
0xffff860000017b00 0001 00000000 0x0 0x0
0xffff860000017b80 0001 00000000 0x0 0x0
0xffff860000017c00 0041 00000000 0x0 0x0
0xffff860000017c80 0041 00000000 0x0 0x0
0xffff860000017d00 0041 00000000 0x0 0x0
0xffff860000017d80 0041 00000000 0x0 0x0
0xffff860000017e00 0045 00000000 0x0 0x0
0xffff860000017e80 0041 00000000 0x0 0x0
0xffff860000017f00 0041 00000000 0x0 0x0
0xffff860000017f80 0041 00000000 0x0 0x0
0xffff860000018000 0041 00000000 0x0 0x0
0xffff860000018080 0041 00000000 0x0 0x0
0xffff860000018100 0041 00000000 0x0 0x0
0xffff860000018180 0041 00000000 0x0 0x0
0xffff860000018200 0045 00000000 0x0 0x0
0xffff860000018280 0041 00000000 0x0 0x0
0xffff860000018300 0041 00000000 0x0 0x0
0xffff860000018380 0041 00000000 0x0 0x0
0xffff860000018400 0041 00000000 0x0 0x0
0xffff860000018480 0041 00000000 0x0 0x0
0xffff860000018500 0041 00000000 0x0 0x0
0xffff860000018580 0045 00000000 0x0 0x0
0xffff860000018600 0045 00000000 0x0 0x0
0xffff860000018680 0041 00000000 0x0 0x0
0xffff860000018700 0041 00000000 0x0 0x0
0xffff860000018780 0041 00000000 0x0 0x0
0xffff860000018800 0041 00000000 0x0 0x0
0xffff860000018880 0041 00000000 0x0 0x0
0xffff860000018900 0045 00000000 0x0 0x0
0xffff860000018980 0045 00000000 0x0 0x0
0xffff860000018a00 0045 00000000 0x0 0x0
0xffff860000018a80 0041 00000000 0x0 0x0
0xffff860000018b00 0041 00000000 0x0 0x0
0xffff860000018b80 0041 00000000 0x0 0x0
0xffff860000018c00 0041 00000000 0x0 0x0
0xffff860000018c80 0041 00000000 0x0 0x0
0xffff860000018d00 0045 00000000 0x0 0x0
0xffff860000018d80 0045 00000000 0x0 0x0
0xffff860000018e00 0045 00000000 0x0 0x0
0xffff860000018e80 0045 00000000 0x0 0x0
0xffff860000018f00 0041 00000000 0x0 0x0
0xffff860000018f80 0041 00000000 0x0 0x0
0xffff860000019000 0041 00000000 0x0 0x0
0xffff860000019080 0041 00000000 0x0 0x0
0xffff860000019100 0045 00000000 0x0 0x0
0xffff860000019180 0045 00000000 0x0 0x0
0xffff860000019200 0045 00000000 0x0 0x0
0xffff860000019280 0045 00000000 0x0 0x0
0xffff860000019300 0045 00000000 0x0 0x0
0xffff860000019380 0041 00000000 0x0 0x0
0xffff860000019400 0001 00000000 0x0 0x0
0xffff860000019480 0001 00000000 0x0 0x0
0xffff860000019500 0001 00000000 0x0 0x0
0xffff860000019580 0001 00000000 0x0 0x0
0xffff860000019600 0001 00000000 0x0 0x0
0xffff860000019680 0001 00000000 0x0 0x0
0xffff860000019700 0001 00000000 0x0 0x0
0xffff860000019780 0001 00000000 0x0 0x0
0xffff860000019800 0001 00000000 0x0 0x0
0xffff860000019880 0001 00000000 0x0 0x0
0xffff860000019900 0001 00000000 0x0 0x0
0xffff860000019980 0001 00000000 0x0 0x0
0xffff860000019a00 0001 00000000 0x0 0x0
0xffff860000019a80 0001 00000000 0x0 0x0
0xffff860000019b00 0001 00000000 0x0 0x0
0xffff860000019b80 0001 00000000 0x0 0x0
0xffff860000019c00 0001 00000000 0x0 0x0
0xffff860000019c80 0001 00000000 0x0 0x0
0xffff860000019d00 0001 00000000 0x0 0x0
0xffff860000019d80 0001 00000000 0x0 0x0
0xffff860000019e00 0001 00000000 0x0 0x0
0xffff860000019e80 0001 00000000 0x0 0x0
0xffff860000019f00 0001 00000000 0x0 0x0
0xffff860000019f80 0001 00000000 0x0 0x0
0xffff86000001a000 0001 00000000 0x0 0x0
0xffff86000001a080 0001 00000000 0x0 0x0
0xffff86000001a100 0001 00000000 0x0 0x0
0xffff86000001a180 0001 00000000 0x0 0x0
0xffff86000001a200 0001 00000000 0x0 0x0
0xffff86000001a280 0001 00000000 0x0 0x0
0xffff86000001a300 0001 00000000 0x0 0x0
0xffff86000001a380 0001 00000000 0x0 0x0
0xffff86000001a400 0001 00000000 0x0 0x0
0xffff86000001a480 0001 00000000 0x0 0x0
0xffff86000001a500 0001 00000000 0x0 0x0
0xffff86000001a580 0001 00000000 0x0 0x0
0xffff86000001a600 0001 00000000 0x0 0x0
0xffff86000001a680 0001 00000000 0x0 0x0
0xffff86000001a700 0001 00000000 0x0 0x0
0xffff86000001a780 0001 00000000 0x0 0x0
0xffff86000001a800 0001 00000000 0x0 0x0
0xffff86000001a880 0001 00000000 0x0 0x0
0xffff86000001a900 0001 00000000 0x0 0x0
0xffff86000001a980 0001 00000000 0x0 0x0
0xffff86000001aa00 0001 00000000 0x0 0x0
0xffff86000001aa80 0001 00000000 0x0 0x0
0xffff86000001ab00 0001 00000000 0x0 0x0
0xffff86000001ab80 0001 00000000 0x0 0x0
0xffff86000001ac00 0001 00000000 0x0 0x0
0xffff86000001ac80 0001 00000000 0x0 0x0
0xffff86000001ad00 0001 00000000 0x0 0x0
0xffff86000001ad80 0001 00000000 0x0 0x0
0xffff86000001ae00 0001 00000000 0x0 0x0
0xffff86000001ae80 0001 00000000 0x0 0x0
0xffff86000001af00 0001 00000000 0x0 0x0
0xffff86000001af80 0001 00000000 0x0 0x0
0xffff86000001b000 0001 00000000 0x0 0x0
0xffff86000001b080 0001 00000000 0x0 0x0
0xffff86000001b100 0001 00000000 0x0 0x0
0xffff86000001b180 0001 00000000 0x0 0x0
0xffff86000001b200 0001 00000000 0x0 0x0
0xffff86000001b280 0001 00000000 0x0 0x0
0xffff86000001b300 0001 00000000 0x0 0x0
0xffff86000001b380 0001 00000000 0x0 0x0
0xffff86000001b400 0001 00000000 0x0 0x0
0xffff86000001b480 0001 00000000 0x0 0x0
0xffff86000001b500 0001 00000000 0x0 0x0
0xffff86000001b580 0001 00000000 0x0 0x0
0xffff86000001b600 0001 00000000 0x0 0x0
0xffff86000001b680 0001 00000000 0x0 0x0
0xffff86000001b700 0001 00000000 0x0 0x0
0xffff86000001b780 0001 00000000 0x0 0x0
0xffff86000001b800 0001 00000000 0x0 0x0
0xffff86000001b880 0001 00000000 0x0

---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

syzbot

unread,
May 24, 2020, 10:56:16 PM5/24/20
to syzkaller-...@googlegroups.com
syzbot has found a reproducer for the following crash on:

HEAD commit: ed9d23d2 fix KASAN PoolUseAfterFree for async write - can'..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=16e2d016100000
kernel config: https://syzkaller.appspot.com/x/.config?x=f96f14247a94bfe
dashboard link: https://syzkaller.appspot.com/bug?extid=d0a8c987d70b55e46d22
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12c3d53c100000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=164f4441100000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d0a8c9...@syzkaller.appspotmail.com

login: [ 46.2464993] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/rtsock_shared.c:667:41, member access within misaligned address 0xffffbae87037670c for type 'struct rt_msghdr' which requires 8 byte alignment

[ 46.2464993] cpu1: Begin traceback...
[ 46.2564886] vpanic() at netbsd:vpanic+0x287 sys/kern/subr_prf.c:290
[ 46.2864951] isAlreadyReported() at netbsd:isAlreadyReported
[ 46.3064900] HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xae
[ 46.3364882] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
[ 46.3564881] route_output() at netbsd:route_output+0x1676 sys/net/rtsock_shared.c:667
[ 46.3864914] raw_send() at netbsd:raw_send+0x1c9 sys/net/raw_usrreq.c:182
[ 46.4164896] route_send_wrapper() at netbsd:route_send_wrapper+0x9f route_send sys/net/rtsock_shared.c:500 [inline]
[ 46.4164896] route_send_wrapper() at netbsd:route_send_wrapper+0x9f sys/net/rtsock_shared.c:1738
[ 46.4364896] sosend() at netbsd:sosend+0x1554 sys/kern/uipc_socket.c:1059
[ 46.4564888] soo_write() at netbsd:soo_write+0x75 sys/kern/sys_socket.c:122
[ 46.4864893] do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x3f9
[ 46.5064902] sys_writev() at netbsd:sys_writev+0x54 do_filewritev sys/kern/sys_generic.c:381 [inline]
[ 46.5064902] sys_writev() at netbsd:sys_writev+0x54 sys/kern/sys_generic.c:381
[ 46.5364891] sys_syscall() at netbsd:sys_syscall+0x1b5 sy_call sys/sys/syscallvar.h:65 [inline]
[ 46.5364891] sys_syscall() at netbsd:sys_syscall+0x1b5 sys/kern/sys_syscall.c:77
[ 46.5564960] syscall() at netbsd:syscall+0x287 sy_call sys/sys/syscallvar.h:65 [inline]
[ 46.5564960] syscall() at netbsd:syscall+0x287 sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 46.5564960] syscall() at netbsd:syscall+0x287 sys/arch/x86/x86/syscall.c:138
[ 46.5664911] --- syscall (number 0) ---
[ 46.5764886] netbsd:syscall+0x287:
[ 46.5764886] cpu1: End traceback...
[ 46.5864906] fatal breakpoint trap in supervisor mode
[ 46.5864906] trap type 1 code 0 rip 0xffffffff80221a45 cs 0x8 rflags 0x246 cr2 0x20000100 ilevel 0x4 rsp 0xffff9180b80a84c0
[ 46.5964920] curlwp 0xffffbae86ff0fa80 pid 1073.1073 lowest kstack 0xffff9180b80a52c0
Stopped in pid 1073.1073 (syz-executor8172) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xd1 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x287 sys/kern/subr_prf.c:290
isAlreadyReported() at netbsd:isAlreadyReported
HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xae
HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x63 sys/../common/lib/libc/misc/ubsan.c:434
route_output() at netbsd:route_output+0x1676 sys/net/rtsock_shared.c:667
raw_send() at netbsd:raw_send+0x1c9 sys/net/raw_usrreq.c:182
route_send_wrapper() at netbsd:route_send_wrapper+0x9f route_send sys/net/rtsock_shared.c:500 [inline]
route_send_wrapper() at netbsd:route_send_wrapper+0x9f sys/net/rtsock_shared.c:1738
sosend() at netbsd:sosend+0x1554 sys/kern/uipc_socket.c:1059
soo_write() at netbsd:soo_write+0x75 sys/kern/sys_socket.c:122
do_filewritev.part.1() at netbsd:do_filewritev.part.1+0x3f9
sys_writev() at netbsd:sys_writev+0x54 do_filewritev sys/kern/sys_generic.c:381 [inline]
sys_writev() at netbsd:sys_writev+0x54 sys/kern/sys_generic.c:381
sys_syscall() at netbsd:sys_syscall+0x1b5 sy_call sys/sys/syscallvar.h:65 [inline]
sys_syscall() at netbsd:sys_syscall+0x1b5 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x287 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x287 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x287 sys/arch/x86/x86/syscall.c:138
--- syscall (number 0) ---
netbsd:syscall+0x287:
ds dd
es 8480
fs 84d0
gs 10
rdi 4
rsi 2d5
rbp ffff9180b80a84c0
rbx ffff9180a65b9000
rdx ffffbae86ff0fe88
rcx 4
rax ffffffff
r8 ffff9180a65b9000
r9 0
r10 ffff9180b80a83f0
r11 10
r12 ffffffff83c727f8
r13 ffff9180b80a8538
r14 104
r15 ffffffff85b9d5a0 pool_head+0x560
rip ffffffff80221a45 breakpoint+0x5
cs 8
rflags 246
rsp ffff9180b80a84c0
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
692 692 2 0 0 ffffbae870c49680 syz-executor8172
1399 1399 2 0 0 ffffbae86f9c6180 syz-executor8172
688 688 2 0 0 ffffbae870ba66c0 syz-executor8172
691 691 2 0 0 ffffbae86ff0f640 syz-executor8172
690 690 2 0 0 ffffbae870c49ac0 syz-executor8172
1073 >1073 7 1 0 ffffbae86ff0fa80 syz-executor8172
683 683 2 0 0 ffffbae86ff0f200 syz-executor8172
685 685 3 1 80 ffffbae86f9c65c0 syz-executor8172 nanoslp
723 723 3 0 80 ffffbae86f5d5100 syz-executor8172 nanoslp
686 686 3 1 80 ffffbae870b532c0 syz-executor8172 nanoslp
687 687 3 0 80 ffffbae871689bc0 syz-executor8172 nanoslp
680 > 680 7 0 0 ffffbae871689780 sshd
1310 1310 3 1 80 ffffbae870ba6b00 getty nanoslp
861 861 3 1 80 ffffbae86e44a280 getty nanoslp
668 668 3 1 80 ffffbae871437040 getty nanoslp
881 881 3 1 c0 ffffbae86f5fc580 getty ttyraw
718 718 3 1 80 ffffbae870b53700 cron nanoslp
715 715 3 0 80 ffffbae870b53b40 inetd kqueue
545 545 3 0 80 ffffbae871437480 sshd select
600 600 3 0 80 ffffbae871689340 powerd kqueue
458 458 3 0 80 ffffbae86fb6da40 syslogd kqueue
300 300 3 0 80 ffffbae86f9c6a00 dhcpcd kqueue
333 333 3 0 80 ffffbae86fb6d600 dhcpcd kqueue
1 1 3 0 80 ffffbae86e4ed900 init wait
0 448 3 0 200 ffffbae86f5d5540 physiod physiod
0 117 3 0 200 ffffbae86f5fc140 ioflush syncer
0 116 3 0 200 ffffbae86e44a6c0 pooldrain pooldrain
0 115 3 1 200 ffffbae86f5d5980 pgdaemon pgdaemon
0 112 3 1 200 ffffbae86f58b940 usb0 usbevt
0 111 3 1 200 ffffbae86f58b500 usbtask-dr usbtsk
0 110 3 1 200 ffffbae86f58b0c0 usbtask-hc usbtsk
0 109 3 0 200 ffffbae86b92cac0 npfgc-0 npfgccv
0 108 3 1 200 ffffbae86e4ed4c0 rt_free rt_free
0 107 3 1 200 ffffbae86e4ed080 unpgc unpgc
0 106 3 0 200 ffffbae86e4ee8c0 key_timehandler key_timehandler
0 105 3 1 200 ffffbae86e4ee480 icmp6_wqinput/1 icmp6_wqinput
0 104 3 0 200 ffffbae86e4ee040 icmp6_wqinput/0 icmp6_wqinput
0 103 3 0 200 ffffbae86e4afbc0 nd6_timer nd6_timer
0 102 3 1 200 ffffbae86e4af780 carp6_wqinput/1 carp6_wqinput
0 101 3 0 200 ffffbae86e4af340 carp6_wqinput/0 carp6_wqinput
0 100 3 1 200 ffffbae86e498b80 carp_wqinput/1 carp_wqinput
0 99 3 0 200 ffffbae86e498740 carp_wqinput/0 carp_wqinput
0 98 3 1 200 ffffbae86e44ab00 icmp_wqinput/1 icmp_wqinput
0 97 3 0 200 ffffbae86e4412c0 icmp_wqinput/0 icmp_wqinput
0 96 3 0 200 ffffbae86e498300 rt_timer rt_timer
0 125 3 0 200 ffffbae86e441b40 vmem_rehash vmem_rehash
0 95 3 1 200 ffffbae86e441700 entbutler entropy
0 27 3 0 200 ffffbae86b92c680 scsibus0 sccomp
0 26 3 1 200 ffffbae86b92c240 pms0 pmsreset
0 25 3 1 200 ffffbae86b897a80 xcall/1 xcall
0 24 1 1 200 ffffbae86b897640 softser/1
0 23 1 1 200 ffffbae86b897200 softclk/1
0 22 1 1 200 ffffbae86b867a40 softbio/1
0 21 1 1 200 ffffbae86b867600 softnet/1
0 20 1 1 201 ffffbae86b8671c0 idle/1
0 19 3 0 200 ffffbae97b786a00 lnxpwrwq lnxpwrwq
0 18 3 0 200 ffffbae97b7865c0 lnxlngwq lnxlngwq
0 17 3 0 200 ffffbae97b786180 lnxsyswq lnxsyswq
0 16 3 0 200 ffffbae97b7a19c0 lnxrcugc lnxrcugc
0 15 3 1 200 ffffbae97b7a1580 sysmon smtaskq
0 14 3 0 200 ffffbae97b7a1140 pmfsuspend pmfsuspend
0 13 3 1 200 ffffbae97b7b0980 pmfevent pmfevent
0 12 3 1 200 ffffbae97b7b0540 sopendfree sopendfr
0 11 3 0 200 ffffbae97b7b0100 iflnkst iflnkst
0 10 3 0 200 ffffbae97c7dd940 nfssilly nfssilly
0 9 3 0 200 ffffbae97c7dd500 vdrain vdrain
0 8 3 1 200 ffffbae97c7dd0c0 modunload mod_unld
0 7 3 0 200 ffffbae97c80c900 xcall/0 xcall
0 6 1 0 200 ffffbae97c80c4c0 softser/0
0 5 1 0 200 ffffbae97c80c080 softclk/0
0 4 1 0 200 ffffbae97c8398c0 softbio/0
0 > 3 7 0 200 ffffbae97c839480 softnet/0
0 2 1 0 201 ffffbae97c839040 idle/0
0 0 3 0 200 ffffffff85af1480 swapper uvm
[Locks tracked through LWPs]

****** LWP 1073.1073 (syz-executor8172) @ 0xffffbae86ff0fa80, l_stat=7

*** Locks held:

* Lock 0 (initialized at soinit)
lock address : 0xffffbae97ccbc080 type : sleep/adaptive
initialized : 0xffffffff8321b08f
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 1
relevant lwp : 0xffffbae86ff0fa80 last held: 0xffffbae86ff0fa80
last locked* : 0xffffffff83218ea4 unlocked : 0xffffffff83218f3f
owner field : 0xffffbae86ff0fa80 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 683.683 (syz-executor8172) @ 0xffffbae86ff0f200, l_stat=2

*** Locks held:

* Lock 0 (initialized at amap_alloc1)
lock address : 0xffffbae871672680 type : sleep/adaptive
initialized : 0xffffffff82edf05b
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffbae86ff0f200 last held: 0xffffbae86ff0f200
last locked* : 0xffffffff82f00fea unlocked : 0xffffffff82efd85d
owner/count : 0xffffbae86ff0f200 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.

*** Locks wanted: none

****** LWP 0.11 (iflnkst) @ 0xffffbae97b7b0100, l_stat=3

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff85eee340 type : sleep/adaptive
initialized : 0xffffffff8301bc2f
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffbae97b7b0100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

****** LWP 0.5 (softclk/0) @ 0xffffbae97c80c080, l_stat=1

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff85eee340 type : sleep/adaptive
initialized : 0xffffffff8301bc2f
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xffffbae97c80c080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.

****** LWP 0.3 (softnet/0) @ 0xffffbae97c839480, l_stat=7

*** Locks held: none

*** Locks wanted:

* Lock 0 (initialized at main)
lock address : 0xffffffff85eee240 type : spin
initialized : 0xffffffff83799cf0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
relevant cpu : 0 last held: 1
relevant lwp : 0xffffbae97c839480 last held: 0xffffbae86ff0fa80
last locked* : 0xffffffff834d2e1a unlocked : 0xffffffff80ec0b25
curcpu holds : 1 wanted by: 000000000000000000

[Locks tracked through CPUs]

******* Locks held on cpu1:

* Lock 0 (initialized at main)
lock address : 0xffffffff85eee240 type : spin
initialized : 0xffffffff83799cf0
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
relevant cpu : 1 last held: 1
relevant lwp : 0xffffbae86ff0fa80 last held: 0xffffbae86ff0fa80
last locked* : 0xffffffff834d2e1a unlocked : 0xffffffff80ec0b25
curcpu holds : 1 wanted by: 000000000000000000

PAGE FLAG PQ UOBJECT UANON
0xffff918000006180 0045 00000000 0x0 0x0
0xffff918000006200 0045 00000000 0x0 0x0
0xffff918000006280 0045 00000000 0x0 0x0
0xffff918000006300 0045 00000000 0x0 0x0
0xffff918000006380 0045 00000000 0x0 0x0
0xffff918000006400 0045 00000000 0x0 0x0
0xffff918000006480 0045 00000000 0x0 0x0
0xffff918000006500 0045 00000000 0x0 0x0
0xffff918000006580 0041 00000000 0x0 0x0
0xffff918000006600 0041 00000000 0x0 0x0
0xffff918000006680 0041 00000000 0x0 0x0
0xffff918000006700 0041 00000000 0x0 0x0
0xffff918000006780 0041 00000000 0x0 0x0
0xffff918000006800 0045 00000000 0x0 0x0
0xffff918000006880 0041 00000000 0x0 0x0
0xffff918000006900 0041 00000000 0x0 0x0
0xffff918000006980 0041 00000000 0x0 0x0
0xffff918000006a00 0041 00000000 0x0 0x0
0xffff918000006a80 0041 00000000 0x0 0x0
0xffff918000006b00 0041 00000000 0x0 0x0
0xffff918000006b80 0041 00000000 0x0 0x0
0xffff918000006c00 0041 00000000 0x0 0x0
0xffff918000006c80 0041 00000000 0x0 0x0
0xffff918000006d00 0041 00000000 0x0 0x0
0xffff918000006d80 0041 00000000 0x0 0x0
0xffff918000006e00 0041 00000000 0x0 0x0
0xffff918000006e80 0041 00000000 0x0 0x0
0xffff918000006f00 0041 00000000 0x0 0x0
0xffff918000006f80 0041 00000000 0x0 0x0
0xffff918000007000 0041 00000000 0x0 0x0
0xffff918000007080 0041 00000000 0x0 0x0
0xffff918000007100 0041 00000000 0x0 0x0
0xffff918000007180 0041 00000000 0x0 0x0
0xffff918000007200 0041 00000000 0x0 0x0
0xffff918000007280 0041 00000000 0x0 0x0
0xffff918000007300 0041 00000000 0x0 0x0
0xffff918000007380 0041 00000000 0x0 0x0
0xffff918000007400 0041 00000000 0x0 0x0
0xffff918000007480 0041 00000000 0x0 0x0
0xffff918000007500 0041 00000000 0x0 0x0
0xffff918000007580 0041 00000000 0x0 0x0
0xffff918000007600 0041 00000000 0x0 0x0
0xffff918000007680 0041 00000000 0x0 0x0
0xffff918000007700 0045 00000000 0x0 0x0
0xffff918000007780 0045 00000000 0x0 0x0
0xffff918000007800 0041 00000000 0x0 0x0
0xffff918000007880 0041 00000000 0x0 0x0
0xffff918000007900 0041 00000000 0x0 0x0
0xffff918000007980 0041 00000000 0x0 0x0
0xffff918000007a00 0041 00000000 0x0 0x0
0xffff918000007a80 0041 00000000 0x0 0x0
0xffff918000007b00 0041 00000000 0x0 0x0
0xffff918000007b80 0041 00000000 0x0 0x0
0xffff918000007c00 0041 00000000 0x0 0x0
0xffff918000007c80 0041 00000000 0x0 0x0
0xffff918000007d00 0041 00000000 0x0 0x0
0xffff918000007d80 0041 00000000 0x0 0x0
0xffff918000007e00 0041 00000000 0x0 0x0
0xffff918000007e80 0041 00000000 0x0 0x0
0xffff918000007f00 0041 00000000 0x0 0x0
0xffff918000007f80 0041 00000000 0x0 0x0
0xffff918000008000 0041 00000000 0x0 0x0
0xffff918000008080 0041 00000000 0x0 0x0
0xffff918000008100 0041 00000000 0x0 0x0
0xffff918000008180 0041 00000000 0x0 0x0
0xffff918000008200 0041 00000000 0x0 0x0
0xffff918000008280 0041 00000000 0x0 0x0
0xffff918000008300 0041 00000000 0x0 0x0
0xffff918000008380 0041 00000000 0x0 0x0
0xffff918000008400 0041 00000000 0x0 0x0
0xffff918000008480 0041 00000000 0x0 0x0
0xffff918000008500 0041 00000000 0x0 0x0
0xffff918000008580 0041 00000000 0x0 0x0
0xffff918000008600 0041 00000000 0x0 0x0
0xffff918000008680 0041 00000000 0x0 0x0
0xffff918000008700 0041 00000000 0x0 0x0
0xffff918000008780 0041 00000000 0x0 0x0
0xffff918000008800 0041 00000000 0x0 0x0
0xffff918000008880 0041 00000000 0x0 0x0
0xffff918000008900 0041 00000000 0x0 0x0
0xffff918000008980 0041 00000000 0x0 0x0
0xffff918000008a00 0041 00000000 0x0 0x0
0xffff918000008a80 0041 00000000 0x0 0x0
0xffff918000008b00 0041 00000000 0x0 0x0
0xffff918000008b80 0041 00000000 0x0 0x0
0xffff918000008c00 0041 00000000 0x0 0x0
0xffff918000008c80 0045 00000000 0x0 0x0
0xffff918000008d00 0041 00000000 0x0 0x0
0xffff918000008d80 0041 00000000 0x0 0x0
0xffff918000008e00 0041 00000000 0x0 0x0
0xffff918000008e80 0041 00000000 0x0 0x0
0xffff918000008f00 0045 00000000 0x0 0x0
0xffff918000008f80 0041 00000000 0x0 0x0
0xffff918000009000 0041 00000000 0x0 0x0
0xffff918000009080 0041 00000000 0x0 0x0
0xffff918000009100 0041 00000000 0x0 0x0
0xffff918000009180 0041 00000000 0x0 0x0
0xffff918000009200 0041 00000000 0x0 0x0
0xffff918000009280 0041 00000000 0x0 0x0
0xffff918000009300 0041 00000000 0x0 0x0
0xffff918000009380 0041 00000000 0x0 0x0
0xffff918000009400 0041 00000000 0x0 0x0
0xffff918000009480 0041 00000000 0x0 0x0
0xffff918000009500 0041 00000000 0x0 0x0
0xffff918000009580 0041 00000000 0x0 0x0
0xffff918000009600 0041 00000000 0x0 0x0
0xffff918000009680 0041 00000000 0x0 0x0
0xffff918000009700 0041 00000000 0x0 0x0
0xffff918000009780 0041 00000000 0x0 0x0
0xffff918000009800 0041 00000000 0x0 0x0
0xffff918000009880 0041 00000000 0x0 0x0
0xffff918000009900 0041 00000000 0x0 0x0
0xffff918000009980 0041 00000000 0x0 0x0
0xffff918000009a00 0045 00000000 0x0 0x0
0xffff918000009a80 0041 00000000 0x0 0x0
0xffff918000009b00 0041 00000000 0x0 0x0
0xffff918000009b80 0041 00000000 0x0 0x0
0xffff918000009c00 0041 00000000 0x0 0x0
0xffff918000009c80 0041 00000000 0x0 0x0
0xffff918000009d00 0041 00000000 0x0 0x0
0xffff918000009d80 0045 00000000 0x0 0x0
0xffff918000009e00 0045 00000000 0x0 0x0
0xffff918000009e80 0045 00000000 0x0 0x0
0xffff918000009f00 0041 00000000 0x0 0x0
0xffff918000009f80 0041 00000000 0x0 0x0
0xffff91800000a000 0041 00000000 0x0 0x0
0xffff91800000a080 0041 00000000 0x0 0x0
0xffff91800000a100 0045 00000000 0x0 0x0
0xffff91800000a180 0045 00000000 0x0 0x0
0xffff91800000a200 0045 00000000 0x0 0x0
0xffff91800000a280 0045 00000000 0x0 0x0
0xffff91800000a300 0041 00000000 0x0 0x0
0xffff91800000a380 0041 00000000 0x0 0x0
0xffff91800000a400 0041 00000000 0x0 0x0
0xffff91800000a480 0041 00000000 0x0 0x0
0xffff91800000a500 0045 00000000 0x0 0x0
0xffff91800000a580 0045 00000000 0x0 0x0
0xffff91800000a600 0045 00000000 0x0 0x0
0xffff91800000a680 0045 00000000 0x0 0x0
0xffff91800000a700 0045 00000000 0x0 0x0
0xffff91800000a780 0045 00000000 0x0 0x0
0xffff91800000a800 0045 00000000 0x0 0x0
0xffff91800000a880 0041 00000000 0x0 0x0
0xffff91800000a900 0045 00000000 0x0 0x0
0xffff91800000a980 0045 00000000 0x0 0x0
0xffff91800000aa00 0041 00000000 0x0 0x0
0xffff91800000aa80 0045 00000000 0x0 0x0
0xffff91800000ab00 0045 00000000 0x0 0x0
0xffff91800000ab80 0045 00000000 0x0 0x0
0xffff91800000ac00 0045 00000000 0x0 0x0
0xffff91800000ac80 0045 00000000 0x0 0x0
0xffff91800000ad00 0045 00000000 0x0 0x0
0xffff91800000ad80 0041 00000000 0x0 0x0
0xffff91800000ae00 0041 00000000 0x0 0x0
0xffff91800000ae80 0041 00000000 0x0 0x0
0xffff91800000af00 0045 00000000 0x0 0x0
0xffff91800000af80 0045 00000000 0x0 0x0
0xffff91800000b000 0045 00000000 0x0 0x0
0xffff91800000b080 0045 00000000 0x0 0x0
0xffff91800000b100 0041 00000000 0x0 0x0
0xffff91800000b180 0041 00000000 0x0 0x0
0xffff91800000b200 0041 00000000 0x0 0x0
0xffff91800000b280 0041 00000000 0x0 0x0
0xffff91800000b300 0045 00000000 0x0 0x0
0xffff91800000b380 0045 00000000 0x0 0x0
0xffff91800000b400 0045 00000000 0x0 0x0
0xffff91800000b480 0045 00000000 0x0 0x0
0xffff91800000b500 0041 00000000 0x0 0x0
0xffff91800000b580 0041 00000000 0x0 0x0
0xffff91800000b600 0041 00000000 0x0 0x0
0xffff91800000b680 0041 00000000 0x0 0x0
0xffff91800000b700 0041 00000000 0x0 0x0
0xffff91800000b780 0041 00000000 0x0 0x0
0xffff91800000b800 0045 00000000 0x0 0x0
0xffff91800000b880 0045 00000000 0x0 0x0
0xffff91800000b900 0041 00000000 0x0 0x0
0xffff91800000b980 0041 00000000 0x0 0x0
0xffff91800000ba00 0041 00000000 0x0 0x0
0xffff91800000ba80 0045 00000000 0x0 0x0
0xffff91800000bb00 0041 00000000 0x0 0x0
0xffff91800000bb80 0041 00000000 0x0 0x0
0xffff91800000bc00 0041 00000000 0x0 0x0
0xffff91800000bc80 0045 00000000 0x0 0x0
0xffff91800000bd00 0041 00000000 0x0 0x0
0xffff91800000bd80 0041 00000000 0x0 0x0
0xffff91800000be00 0045 00000000 0x0 0x0
0xffff91800000be80 0041 00000000 0x0 0x0
0xffff91800000bf00 0041 00000000 0x0 0x0
0xffff91800000bf80 0041 00000000 0x0 0x0
0xffff91800000c000 0041 00000000 0x0 0x0
0xffff91800000c080 0041 00000000 0x0 0x0
0xffff91800000c100 0041 00000000 0x0 0x0
0xffff91800000c180 0045 00000000 0x0 0x0
0xffff91800000c200 0045 00000000 0x0 0x0
0xffff91800000c280 0041 00000000 0x0 0x0
0xffff91800000c300 0045 00000000 0x0 0x0
0xffff91800000c380 0041 00000000 0x0 0x0
0xffff91800000c400 0041 00000000 0x0 0x0
0xffff91800000c480 0041 00000000 0x0 0x0
0xffff91800000c500 0045 00000000 0x0 0x0
0xffff91800000c580 0045 00000000 0x0 0x0
0xffff91800000c600 0045 00000000 0x0 0x0
0xffff91800000c680 0045 00000000 0x0 0x0
0xffff91800000c700 0041 00000000 0x0 0x0
0xffff91800000c780 0041 00000000 0x0 0x0
0xffff91800000c800 0041 00000000 0x0 0x0
0xffff91800000c880 0041 00000000 0x0 0x0
0xffff91800000c900 0045 00000000 0x0 0x0
0xffff91800000c980 0045 00000000 0x0 0x0
0xffff91800000ca00 0041 00000000 0x0 0x0
0xffff91800000ca80 0045 00000000 0x0 0x0
0xffff91800000cb00 0045 00000000 0x0 0x0
0xffff91800000cb80 0045 00000000 0x0 0x0
0xffff91800000cc00 0045 00000000 0x0 0x0
0xffff91800000cc80 0041 00000000 0x0 0x0
0xffff91800000cd00 0045 00000000 0x0 0x0
0xffff91800000cd80 0041 00000000 0x0 0x0
0xffff91800000ce00 0041 00000000 0x0 0x0
0xffff91800000ce80 0045 00000000 0x0 0x0
0xffff91800000cf00 0045 00000000 0x0 0x0
0xffff91800000cf80 0045 00000000 0x0 0x0
0xffff91800000d000 0045 00000000 0x0 0x0
0xffff91800000d080 0045 00000000 0x0 0x0
0xffff91800000d100 0041 00000000 0x0 0x0
0xffff91800000d180 0041 00000000 0x0 0x0
0xffff91800000d200 0041 00000000 0x0 0x0
0xffff91800000d280 0041 00000000 0x0 0x0
0xffff91800000d300 0045 00000000 0x0 0x0
0xffff91800000d380 0045 00000000 0x0 0x0
0xffff91800000d400 0045 00000000 0x0 0x0
0xffff91800000d480 0045 00000000 0x0 0x0
0xffff91800000d500 0041 00000000 0x0 0x0
0xffff91800000d580 0041 00000000 0x0 0x0
0xffff91800000d600 0041 00000000 0x0 0x0
0xffff91800000d680 0045 00000000 0x0 0x0
0xffff91800000d700 0045 00000000 0x0 0x0
0xffff91800000d780 0045 00000000 0x0 0x0
0xffff91800000d800 0045 00000000 0x0 0x0
0xffff91800000d880 0045 00000000 0x0 0x0
0xffff91800000d900 0041 00000000 0x0 0x0
0xffff91800000d980 0045 00000000 0x0 0x0
0xffff91800000da00 0041 00000000 0x0 0x0
0xffff91800000da80 0041 00000000 0x0 0x0
0xffff91800000db00 0045 00000000 0x0 0x0
0xffff91800000db80 0045 00000000 0x0 0x0
0xffff91800000dc00 0045 00000000 0x0 0x0
0xffff91800000dc80 0041 00000000 0x0 0x0
0xffff91800000dd00 0045 00000000 0x0 0x0
0xffff91800000dd80 0041 00000000 0x0 0x0
0xffff91800000de00 0045 00000000 0x0 0x0
0xffff91800000de80 0041 00000000 0x0 0x0
0xffff91800000df00 0041 00000000 0x0 0x0
0xffff91800000df80 0041 00000000 0x0 0x0
0xffff91800000e000 0041 00000000 0x0 0x0
0xffff91800000e080 0045 00000000 0x0 0x0
0xffff91800000e100 0041 00000000 0x0 0x0
0xffff91800000e180 0041 00000000 0x0 0x0
0xffff91800000e200 0041 00000000 0x0 0x0
0xffff91800000e280 0041 00000000 0x0 0x0
0xffff91800000e300 0041 00000000 0x0 0x0
0xffff91800000e380 0045 00000000 0x0 0x0
0xffff91800000e400 0045 00000000 0x0 0x0
0xffff91800000e480 0041 00000000 0x0 0x0
0xffff91800000e500 0041 00000000 0x0 0x0
0xffff91800000e580 0045 00000000 0x0 0x0
0xffff91800000e600 0041 00000000 0x0 0x0
0xffff91800000e680 0041 00000000 0x0 0x0
0xffff91800000e700 0041 00000000 0x0 0x0
0xffff91800000e780 0041 00000000 0x0 0x0
0xffff91800000e800 0041 00000000 0x0 0x0
0xffff91800000e880 0041 00000000 0x0 0x0
0xffff91800000e900 0045 00000000 0x0 0x0
0xffff91800000e980 0041 00000000 0x0 0x0
0xffff91800000ea00 0041 00000000 0x0 0x0
0xffff91800000ea80 0041 00000000 0x0 0x0
0xffff91800000eb00 0041 00000000 0x0 0x0
0xffff91800000eb80 0041 00000000 0x0 0x0
0xffff91800000ec00 0041 00000000 0x0 0x0
0xffff91800000ec80 0041 00000000 0x0 0x0
0xffff91800000ed00 0041 00000000 0x0 0x0
0xffff91800000ed80 0041 00000000 0x0 0x0
0xffff91800000ee00 0041 00000000 0x0 0x0
0xffff91800000ee80 0045 00000000 0x0 0x0
0xffff91800000ef00 0041 00000000 0x0 0x0
0xffff91800000ef80 0041 00000000 0x0 0x0
0xffff91800000f000 0041 00000000 0x0 0x0
0xffff91800000f080 0041 00000000 0x0 0x0
0xffff91800000f100 0041 00000000 0x0 0x0
0xffff91800000f180 0041 00000000 0x0 0x0
0xffff91800000f200 0041 00000000 0x0 0x0
0xffff91800000f280 0041 00000000 0x0 0x0
0xffff91800000f300 0041 00000000 0x0 0x0
0xffff91800000f380 0041 00000000 0x0 0x0
0xffff91800000f400 0041 00000000 0x0 0x0
0xffff91800000f480 0041 00000000 0x0 0x0
0xffff91800000f500 0041 00000000 0x0 0x0
0xffff91800000f580 0041 00000000 0x0 0x0
0xffff91800000f600 0041 00000000 0x0 0x0
0xffff91800000f680 0041 00000000 0x0 0x0
0xffff91800000f700 0041 00000000 0x0 0x0
0xffff91800000f780 0041 00000000 0x0 0x0
0xffff91800000f800 0041 00000000 0x0 0x0
0xffff91800000f880 0045 00000000 0x0 0x0
0xffff91800000f900 0041 00000000 0x0 0x0
0xffff91800000f980 0041 00000000 0x0 0x0
0xffff91800000fa00 0041 00000000 0x0 0x0
0xffff91800000fa80 0041 00000000 0x0 0x0
0xffff91800000fb00 0045 00000000 0x0 0x0
0xffff91800000fb80 0041 00000000 0x0 0x0
0xffff91800000fc00 0001 00000000 0x0 0x0
0xffff91800000fc80 0001 00000000 0x0 0x0
0xffff91800000fd00 0001 00000000 0x0 0x0
0xffff91800000fd80 0001 00000000 0x0 0x0
0xffff91800000fe00 0001 00000000 0x0 0x0
0xffff91800000fe80 0001 00000000 0x0 0x0
0xffff91800000ff00 0001 00000000 0x0 0x0
0xffff91800000ff80 0001 00000000 0x0 0x0
0xffff918000010000 0001 00000000 0x0 0x0
0xffff918000010080 0001 00000000 0x0 0x0
0xffff918000010100 0001 00000000 0x0 0x0
0xffff918000010180 0001 00000000 0x0 0x0
0xffff918000010200 0001 00000000 0x0 0x0
0xffff918000010280 0001 00000000 0x0 0x0
0xffff918000010300 0001 00000000 0x0 0x0
0xffff918000010380 0001 00000000 0x0 0x0
0xffff918000010400 0001 00000000 0x0 0x0
0xffff918000010480 0001 00000000 0x0 0x0
0xffff918000010500 0001 00000000 0x0 0x0
0xffff918000010580 0001 00000000 0x0 0x0
0xffff918000010600 0001 00000000 0x0 0x0
0xffff918000010680 0001 00000000 0x0 0x0
0xffff918000010700 0001 00000000 0x0 0x0
0xffff918000010780 0001 00000000 0x0 0x0
0xffff918000010800 0001 00000000 0x0 0x0
0xffff918000010880 0001 00000000 0x0 0x0
0xffff918000010900 0001 00000000 0x0 0x0
0xffff918000010980 0001 00000000 0x0 0x0
0xffff918000010a00 0001 00000000 0x0 0x0
0xffff918000010a80 0001 00000000 0x0 0x0
0xffff918000010b00 0001 00000000 0x0 0x0
0xffff918000010b80 0001 00000000 0x0 0x0
0xffff918000010c00 0001 00000000 0x0 0x0
0xffff918000010c80 0001 00000000 0x0 0x0
0xffff918000010d00 0001 00000000 0x0 0x0
0xffff918000010d80 0001 00000000 0x0 0x0
0xffff918000010e00 0001 00000000 0x0 0x0
0xffff918000010e80 0001 00000000 0x0 0x0
0xffff918000010f00 0001 00000000 0x0 0x0
0xffff918000010f80 0001 00000000 0x0 0x0
0xffff918000011000 0001 00000000 0x0 0x0
0xffff918000011080 0001 00000000 0x0 0x0
0xffff918000011100 0001 00000000 0x0 0x0
0xffff918000011180 0001 00000000 0x0 0x0
0xffff918000011200 0001 00000000 0x0 0x0
0xffff918000011280 0001 00000000 0x0 0x0
0xffff918000011300 0001 00000000 0x0 0x0
0xffff918000011380 0001 00000000 0x0 0x0
0xffff918000011400 0001 00000000 0x0 0x0
0xffff918000011480 0001 00000000 0x0 0x0
0xffff918000011500 0001 00000000 0x0 0x0
0xffff918000011580 0001 00000000 0x0 0x0
0xffff918000011600 0001 00000000 0x0 0x0
0xffff918000011680 0001 00000000 0x0 0x0
0xffff918000011700 0041 00000000 0x0 0x0
0xffff918000011780 0045 00000000 0x0 0x0
0xffff918000011800 0041 00000000 0x0 0x0
0xffff918000011880 0041 00000000 0x0 0x0
0xffff918000011900 0041 00000000 0x0 0x0
0xffff918000011980 0041 00000000 0x0 0x0
0xffff918000011a00 0041 00000000 0x0 0x0
0xffff918000011a80 0041 00000000 0x0 0x0
0xffff918000011b00 0041 00000000 0x0 0x0
0xffff918000011b80 0041 00000000 0x0 0x0
0xffff918000011c00 0041 00000000 0x0 0x0
0xffff918000011c80 0041 00000000 0x0 0x0
0xffff918000011d00 0041 00000000 0x0 0x0
0xffff918000011d80 0041 00000000 0x0 0x0
0xffff918000011e00 0041 00000000 0x0 0x0
0xffff918000011e80 0041 00000000 0x0 0x0
0xffff918000011f00 0041 00000000 0x0 0x0
0xffff918000011f80 0041 00000000 0x0 0x0
0xffff918000012000 0041 00000000 0x0 0x0
0xffff918000012080 0041 00000000 0x0 0x0
0xffff918000012100 0041 00000000 0x0 0x0
0xffff918000012180 0041 00000000 0x0 0x0
0xffff918000012200 0041 00000000 0x0 0x0
0xffff918000012280 0041 00000000 0x0 0x0
0xffff918000012300 0041 00000000 0x0 0x0
0xffff918000012380 0041 00000000 0x0 0x0
0xffff918000012400 0041 00000000 0x0 0x0
0xffff918000012480 0041 00000000 0x0 0x0
0xffff918000012500 0041 00000000 0x0 0x0
0xffff918000012580 0041 00000000 0x0 0x0
0xffff918000012600 0041 00000000 0x0 0x0
0xffff918000012680 0041 00000000 0x0 0x0
0xffff918000012700 0041 00000000 0x0 0x0
0xffff918000012780 0041 00000000 0x0 0x0
0xffff918000012800 0041 00000000 0x0 0x0
0xffff918000012880 0041 00000000 0x0 0x0
0xffff918000012900 0041 00000000 0x0 0x0
0xffff918000012980 0041 00000000 0x0 0x0
0xffff918000012a00 0041 00000000 0x0 0x0
0xffff918000012a80 0041 00000000 0x0 0x0
0xffff918000012b00 0041 00000000 0x0 0x0
0xffff918000012b80 0041 00000000 0x0 0x0
0xffff918000012c00 0041 00000000 0x0 0x0
0xffff918000012c80 0041 00000000 0x0 0x0
0xffff918000012d00 0041 00000000 0x0 0x0
0xffff918000012d80 0041 00000000 0x0 0x0
0xffff918000012e00 0041 00000000 0x0 0x0
0xffff918000012e80 0041 00000000 0x0 0x0
0xffff918000012f00 0041 00000000 0x0 0x0
0xffff918000012f80 0041 00000000 0x0 0x0
0xffff918000013000 0001 00000000 0x0 0x0
0xffff918000013080 0001 00000000 0x0 0x0
0xffff918000013100 0001 00000000 0x0 0x0
0xffff918000013180 0001 00000000 0x0 0x0
0xffff918000013200 0001 00000000 0x0 0x0
0xffff918000013280 0001 00000000 0x0 0x0
0xffff918000013300 0001 00000000 0x0 0x0
0xffff918000013380 0001 00000000 0x0 0x0
0xffff918000013400 0001 00000000 0x0 0x0
0xffff918000013480 0001 00000000 0x0 0x0
0xffff918000013500 0001 00000000 0x0 0x0
0xffff918000013580 0001 00000000 0x0 0x0
0xffff918000013600 0001 00000000 0x0 0x0
0xffff918000013680 0001 00000000 0x0 0x0
0xffff918000013700 0001 00000000 0x0 0x0
0xffff918000013780 0001 00000000 0x0 0x0
0xffff918000013800 0001 00000000 0x0 0x0
0xffff918000013880 0001 00000000 0x0 0x0
0xffff918000013900 0001 00000000 0x0 0x0
0xffff918000013980 0001 00000000 0x0 0x0
0xffff918000013a00 0001 00000000 0x0 0x0
0xffff918000013a80 0001 00000000 0x0 0x0
0xffff918000013b00 0001 00000000 0x0 0x0
0xffff918000013b80 0001 00000000 0x0 0x0
0xffff918000013c00 0001 00000000 0x0 0x0
0xffff918000013c80 0001 00000000 0x0 0x0
0xffff918000013d00 0001 00000000 0x0 0x0
0xffff918000013d80 0001 00000000 0x0 0x0
0xffff918000013e00 0001 00000000 0x0 0x0
0xffff918000013e80 0001 00000000 0x0 0x0
0xffff918000013f00 0001 00000000 0x0 0x0
0xffff918000013f80 0001 00000000 0x0 0x0
0xffff918000014000 0001 00000000 0x0 0x0
0xffff918000014080 0001 00000000 0x0 0x0
0xffff918000014100 0001 00000000 0x0 0x0
0xffff918000014180 0001 00000000 0x0 0x0
0xffff918000014200 0001 00000000 0x0 0x0
0xffff918000014280 0001 00000000 0x0 0x0
0xffff918000014300 0001 00000000 0x0 0x0
0xffff918000014380 0001 00000000 0x0 0x0
0xffff918000014400 0001 00000000 0x0 0x0
0xffff918000014480 0001 00000000 0x0 0x0
0xffff918000014500 0001 00000000 0x0 0x0
0xffff918000014580 0001 00000000 0x0 0x0
0xffff918000014600 0001 00000000 0x0 0x0
0xffff918000014680 0001 00000000 0x0 0x0
0xffff918000014700 0001 00000000 0x0 0x0
0xffff918000014780 0001 00000000 0x0 0x0
0xffff918000014800 0001 00000000 0x0 0x0
0xffff918000014880 0001 00000000 0x0 0x0
0xffff918000014900 0001 00000000 0x0 0x0
0xffff918000014980 0001 00000000 0x0 0x0
0xffff918000014a00 0001 00000000 0x0 0x0
0xffff918000014a80 0001 00000000 0x0 0x0
0xffff918000014b00 0041 00000000 0x0 0x0
0xffff918000014b80 0041 00000000 0x0 0x0
0xffff918000014c00 0041 00000000 0x0 0x0
0xffff918000014c80 0041 00000000 0x0 0x0
0xffff918000014d00 0041 00000000 0x0 0x0
0xffff918000014d80 0041 00000000 0x0 0x0
0xffff918000014e00 0041 00000000 0x0 0x0
0xffff918000014e80 0041 00000000 0x0 0x0
0xffff918000014f00 0041 00000000 0x0 0x0
0xffff918000014f80 0041 00000000 0x0 0x0
0xffff918000015000 0041 00000000 0x0 0x0
0xffff918000015080 0041 00000000 0x0 0x0
0xffff918000015100 0041 00000000 0x0 0x0
0xffff918000015180 0041 00000000 0x0 0x0
0xffff918000015200 0041 00000000 0x0 0x0
0xffff918000015280 0041 00000000 0x0 0x0
0xffff918000015300 0041 00000000 0x0 0x0
0xffff918000015380 0041 00000000 0x0 0x0
0xffff918000015400 0041 00000000 0x0 0x0
0xffff918000015480 0041 00000000 0x0 0x0
0xffff918000015500 0041 00000000 0x0 0x0
0xffff918000015580 0041 00000000 0x0 0x0
0xffff918000015600 0041 00000000 0x0 0x0
0xffff918000015680 0041 00000000 0x0 0x0
0xffff918000015700 0041 00000000 0x0 0x0
0xffff918000015780 0041 00000000 0x0 0x0
0xffff918000015800 0041 00000000 0x0 0x0
0xffff918000015880 0041 00000000 0x0 0x0
0xffff918000015900 0041 00000000 0x0 0x0
0xffff918000015980 0041 00000000 0x0 0x0
0xffff918000015a00 0041 00000000 0x0 0x0
0xffff918000015a80 0041 00000000 0x0 0x0
0xffff918000015b00 0041 00000000 0x0 0x0
0xffff918000015b80 0041 00000000 0x0 0x0
0xffff918000015c00 0041 00000000 0x0 0x0
0xffff918000015c80 0041 00000000 0x0 0x0
0xffff918000015d00 0041 00000000 0x0 0x0
0xffff918000015d80 0041 00000000 0x0 0x0
0xffff918000015e00 0041 00000000 0x0 0x0
0xffff918000015e80 0041 00000000 0x0 0x0
0xffff918000015f00 0041 00000000 0x0 0x0
0xffff918000015f80 0041 00000000 0x0 0x0
0xffff918000016000 0041 00000000 0x0 0x0
0xffff918000016080 0041 00000000 0x0 0x0
0xffff918000016100 0001 00000000 0x0 0x0
0xffff918000016180 0001 00000000 0x0 0x0
0xffff918000016200 0001 00000000 0x0 0x0
0xffff918000016280 0001 00000000 0x0 0x0
0xffff918000016300 0001 00000000 0x0 0x0
0xffff918000016380 0001 00000000 0x0 0x0
0xffff918000016400 0001 00000000 0x0 0x0
0xffff918000016480 0001 00000000 0x0 0x0
0xffff918000016500 0001 00000000 0x0 0x0
0xffff918000016580 0001 00000000 0x0 0x0
0xffff918000016600 0001 00000000 0x0 0x0
0xffff918000016680 0001 00000000 0x0 0x0
0xffff918000016700 0001 00000000 0x0 0x0
0xffff918000016780 0001 00000000 0x0 0x0
0xffff918000016800 0001 00000000 0x0 0x0
0xffff918000016880 0001 00000000 0x0 0x0
0xffff918000016900 0001 00000000 0x0 0x0
0xffff918000016980 0001 00000000 0x0 0x0
0xffff918000016a00 0001 00000000 0x0 0x0
0xffff918000016a80 0001 00000000 0x0 0x0
0xffff918000016b00 0001 00000000 0x0 0x0
0xffff918000016b80 0001 00000000 0x0 0x0
0xffff918000016c00 0001 00000000 0x0 0x0
0xffff918000016c80 0001 00000000 0x0 0x0
0xffff918000016d00 0001 00000000 0x0 0x0
0xffff918000016d80 0001 00000000 0x0 0x0
0xffff918000016e00 0001 00000000 0x0 0x0
0xffff918000016e80 0001 00000000 0x0 0x0
0xffff918000016f00 0001 00000000 0x0 0x0
0xffff918000016f80 0001 00000000 0x0 0x0
0xffff918000017000 0001 00000000 0x0 0x0
0xffff918000017080 0001 00000000 0x0 0x0
0xffff918000017100 0001 00000000 0x0 0x0
0xffff918000017180 0001 00000000 0x0 0x0
0xffff918000017200 0001 00000000 0x0 0x0
0xffff918000017280 0001 00000000 0x0 0x0
0xffff918000017300 0001 00000000 0x0 0x0
0xffff918000017380 0001 00000000 0x0 0x0
0xffff918000017400 0001 00000000 0x0 0x0
0xffff918000017480 0001 00000000 0x0 0x0
0xffff918000017500 0001 00000000 0x0 0x0
0xffff918000017580 0001 00000000 0x0 0x0
0xffff918000017600 0001 00000000 0x0 0x0
0xffff918000017680 0001 00000000 0x0 0x0
0xffff918000017700 0001 00000000 0x0 0x0
0xffff918000017780 0001 00000000 0x0 0x0
0xffff918000017800 0001 00000000 0x0 0x0
0xffff918000017880 0001 00000000 0x0 0x0
0xffff918000017900 0001 00000000 0x0 0x0
0xffff918000017980 0001 00000000 0x0 0x0
0xffff918000017a00 0001 00000000 0x0 0x0
0xffff918000017a80 0001 00000000 0x0 0x0
0xffff918000017b00 0001 00000000 0x0 0x0
0xffff918000017b80 0001 00000000 0x0 0x0
0xffff918000017c00 0041 00000000 0x0 0x0
0xffff918000017c80 0041 00000000 0x0 0x0
0xffff918000017d00 0041 00000000 0x0 0x0
0xffff918000017d80 0041 00000000 0x0 0x0
0xffff918000017e00 0045 00000000 0x0 0x0
0xffff918000017e80 0041 00000000 0x0 0x0
0xffff918000017f00 0041 00000000 0x0 0x0
0xffff918000017f80 0041 00000000 0x0 0x0
0xffff918000018000 0041 00000000 0x0 0x0
0xffff918000018080 0041 00000000 0x0 0x0
0xffff918000018100 0041 00000000 0x0 0x0
0xffff918000018180 0041 00000000 0x0 0x0
0xffff918000018200 0045 00000000 0x0 0x0
0xffff918000018280 0041 00000000 0x0 0x0
0xffff918000018300 0041 00000000 0x0 0x0
0xffff918000018380 0041 00000000 0x0 0x0
0xffff918000018400 0041 00000000 0x0 0x0
0xffff918000018480 0041 00000000 0x0 0x0
0xffff918000018500 0041 00000000 0x0 0x0
0xffff918000018580 0045 00000000 0x0 0x0
0xffff918000018600 0045 00000000 0x0 0x0
0xffff918000018680 0041 00000000 0x0 0x0
0xffff918000018700 0041 00000000 0x0 0x0
0xffff918000018780 0041 00000000 0x0 0x0
0xffff918000018800 0041 00000000 0x0 0x0
0xffff918000018880 0041 00000000 0x0 0x0
0xffff918000018900 0045 00000000 0x0 0x0
0xffff918000018980 0045 00000000 0x0 0x0
0xffff918000018a00 0045 00000000 0x0 0x0
0xffff918000018a80 0041 00000000 0x0 0x0
0xffff918000018b00 0041 00000000 0x0 0x0
0xffff918000018b80 0041 00000000 0x0 0x0
0xffff918000018c00 0041 00000000 0x0 0x0
0xffff918000018c80 0041 00000000 0x0 0x0
0xffff918000018d00 0045 00000000 0x0 0x0
0xffff918000018d80 0045 00000000 0x0 0x0
0xffff918000018e00 0045 00000000 0x0 0x0
0xffff918000018e80 0045 00000000 0x0 0x0
0xffff918000018f00 0041 00000000 0x0 0x0
0xffff918000018f80 0041 00000000 0x0 0x0
0xffff918000019000 0041 00000000 0x0 0x0
0xffff918000019080 0041 00000000 0x0 0x0
0xffff918000019100 0045 00000000 0x0 0x0
0xffff918000019180 0045 00000000 0x0 0x0
0xffff918000019200 0045 00000000 0x0 0x0
0xffff918000019280 0045 00000000 0x0 0x0
0xffff918000019300 0045 00000000 0x0 0x0
0xffff918000019380 0041 00000000 0x0 0x0
0xffff918000019400 0001 00000000 0x0 0x0
0xffff918000019480 0001 00000000 0x0 0x0
0xffff918000019500 0001 00000000 0x0 0x0
0xffff918000019580 0001 00000000 0x0 0x0
0xffff918000019600 0001 00000000 0x0 0x0
0xffff918000019680 0001 00000000 0x0 0x0
0xffff918000019700 0001 00000000 0x0 0x0
0xffff918000019780 0001 00000000 0x0 0x0
0xffff918000019800 0001 00000000 0x0 0x0
0xffff918000019880 0001 00000000 0x0 0x0
0xffff918000019900 0001 00000000 0x0 0x0
0xffff918000019980 0001 00000000 0x0 0x0
0xffff918000019a00 0001 00000000 0x0 0x0
0xffff918000019a80 0001 00000000 0x0 0x0
0xffff918000019b00 0001 00000000 0x0 0x0
0xffff918000019b80 0001 00000000 0x0 0x0
0xffff918000019c00 0001 00000000 0x0 0x0
0xffff918000019c80 0001 00000000 0x0 0x0
0xffff918000019d00 0001 00000000 0x0 0x0
0xffff918000019d80 0001 00000000 0x0 0x0
0xffff918000019e00 0001 00000000 0x0 0x0
0xffff918000019e80 0001 00000000 0x0 0x0
0xffff918000019f00 0001 00000000 0x0 0x0
0xffff918000019f80 0001 00000000 0x0 0x0
0xffff91800001a000 0001 00000000 0x0 0x0
0xffff91800001a080 0001 00000000 0x0 0x0
0xffff91800001a100 0001 00000000 0x0 0x0
0xffff91800001a180 0001 00000000 0x0 0x0
0xffff91800001a200 0001 00000000 0x0 0x0
0xffff91800001a280 0001 00000000 0x0 0x0
0xffff91800001a300 0001 00000000 0x0 0x0
0xffff91800001a380 0001 00000000 0x0 0x0
0xffff91800001a400 0001 00000000 0x0 0x0
0xffff91800001a480 0001 00000000 0x0 0x0
0xffff91800001a500 0001 00000000 0x0 0x0
0xffff91800001a580 0001 00000000 0x0 0x0
0xffff91800001a600 0001 00000000 0x0 0x0
0xffff91800001a680 0001 00000000 0x0 0x0
0xffff91800001a700 0001 00000000 0x0 0x0
0xffff91800001a780 0001 00000000 0x0 0x0
0xffff91800001a800 0001 00000000 0x0 0x0
0xffff91800001a880 0001 00000000 0x0 0x0
0xffff91800001a900 0001 00000000 0x0 0x0
0xffff91800001a980 0001 00000000 0x0 0x0
0xffff91800001aa00 0001 00000000 0x0 0x0
0xffff91800001aa80 0001 00000000 0x0 0x0
0xffff91800001ab00 0001 00000000 0x0 0x0
0xffff91800001ab80 0001 00000000 0x0 0x0
0xffff91800001ac00 0001 00000000 0x0 0x0
0xffff91800001ac80 0001 00000000 0x0 0x0
0xffff91800001ad00 0001 00000000 0x0 0x0
0xffff91800001ad80 0001 00000000 0x0 0x0
0xffff91800001ae00 0001 00000000 0x0 0x0
0xffff91800001ae80 0001 00000000 0x0 0x0
0xffff91800001af00 0001 00000000 0x0 0x0
0xffff91800001af80 0001 00000000 0x0 0x0
0xffff91800001b000 0001 00000000 0x0 0x0
0xffff91800001b080 0001 00000000 0x0 0x0
0xffff91800001b100 0001 00000000 0x0 0x0
0xffff91800001b180 0001 00000000 0x0 0x0
0xffff91800001b200 0001 00000000 0x0 0x0
0xffff91800001b280 0001 00000000 0x0 0x0
0xffff91800001b300 0001 00000000 0x0 0x0
0xffff91800001b380 0001 00000000 0x0 0x0
0xffff91800001b400 0001 00000000 0x0 0x0
0xffff91800001b480 0001 00000000 0x0 0x0
0xffff91800001b500 0001 00000000 0x0 0x0
0xffff91800001b580 0001 00000000 0x0 0x0
0xffff91800001b600 0001 00000000 0x0 0x0
0xffff91800001b680 0001 00000000 0x0 0x0
0xffff91800001b700 0001 00000000 0x0 0x0
0xffff91800001b780 0001 00000000 0x0 0x0
0xffff91800001b800 0001 00000000 0x0 0x0
0xffff91800001b880 0001 00000000 0x0 0x0
0xffff91800001b900 0001 00000000 0x0 0x0
0xffff91800001b980 0001 00000000 0x0 0x0
0xffff91800001ba00 0001 00000000 0x0 0x0
0xffff91800001ba80 0001 00000000 0x0 0x0
0xffff91800001bb00 0001 00000000 0x0 0x0
0xffff91800001bb80 0001 00000000 0x0 0x0
0xffff91800001bc00 0001 00000000 0x0 0x0
0xffff91800001bc80 0001 00000000 0x0 0x0
0xffff91800001bd00 0001 00000000 0x0 0x0
0xffff91800001bd80 0001 00000000 0x0 0x0
0xffff91800001be00 0001 00000000 0x0 0x0
0xffff91800001be80 0001 00000000 0x0 0x0
0xffff91800001bf00 0001 00000000 0x0 0x0
0xffff91800001bf80 0001 00000000 0x0 0x0
0xffff91800001c000 0001 00000000 0x0 0x0
0xffff91800001c080 0001 00000000 0x0 0x0
0xffff91800001c100 0001 00000000 0x0 0x0
0xffff91800001c180 0001 00000000 0x0 0x0
0xffff91800001c200 0001 00000000 0x0 0x0
0xffff91800001c280 0001 00000000 0x0 0x0
0xffff91800001c300 0001 00000000 0x0 0x0
0xffff91800001c380 0001 00000000 0x0 0x0
0xffff91800001c400 0001 00000000 0x0 0x0
0xffff91800001c480 0001 00000000 0x0 0x0
0xffff91800001c500 0001 00000000 0x0 0x0
0xffff91800001c580 0001 00000000 0x0 0x0
0xffff91800001c600 0001 00000000 0x0 0x0
0xffff91800001c680 0001 00000000 0x0 0x0
0xffff91800001c700 0001 00000000 0x0 0x0
0xffff91800001c780 0001 00000000 0x0 0x0
0xffff91800001c800 0001 00000000 0x0 0x0
0xffff91800001c880 0001 00000000 0x0 0x0
0xffff91800001c900 0001 00000000 0x0 0x0
0xffff91800001c980 0001 00000000 0x0 0x0
0xffff91800001ca00 0001 00000000 0x0 0x0
0xffff91800001ca80 0001 00000000 0x0 0x0
0xffff91800001cb00 0001 00000000 0x0 0x0
0xffff91800001cb80 0001 00000000 0x0 0x0
0xffff91800001cc00 0001 00000000 0x0 0x0
0xffff91800001cc80 0001 00000000 0x0 0x0
0xffff91800001cd00 0001 00000000 0x0 0x0
0xffff91800001cd80 0001 00000000 0x0 0x0
0xffff91800001ce00 0001 00000000 0x0 0x0
0xffff9180
Reply all
Reply to author
Forward
0 new messages