panic: kernel diagnostic assertion "l->l_cpu == ci" failed: file "/syzkaller/managers/netbsd/kernel/sys/kern/kern_sync
1 view
Skip to first unread message
syzbot
Dec 9, 2019, 7:00:09 PM12/9/19
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 79bebca3 sys/atomic.h for membar_*
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13a2f42ae00000
kernel config: https://syzkaller.appspot.com/x/.config?x=6e4d6bd2b8e377a2
dashboard link: https://syzkaller.appspot.com/bug?extid=87b88807a7c2b949b75f
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+87b888...@syzkaller.appspotmail.com
[
224. 2740020]
panic: kernel di agnostic assertion "l->l_cpu == ci" failed:
file "/syzkaller/managers/netbsd/kernel/sys/kern/kern_synch.c", li ne 768
[ 224.2851160] cpu1: Begin traceback...
[
224.35207 45]
vpanic() at
n etbsd:vpanic+0x241
[
224.5190852]
_GLOBAL__sub_D_65535_0_cpu_c onfigure() at
netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[
224.6748595]
mi_switch() at
netbsd:mi_switch+0xbfd
[
224.8197630]
sleepq_blo ck() at
n etbsd:sleepq_block+0x2b4
[
224.9755899]
kpause() at
n etbsd:kpause+0x1da
[
225.1315089]
nanosleep1() at
netbsd:nanosleep1+0x289
[
225.2763267]
sys___nanosleep50() at
netbsd:sys___nanosleep50+0xe5
[
225.43 22480]
syscall() at
netbsd:syscall+0x559
[ 225.4656978] --- syscall (number 430) ---
[
225.5324421]
7516b2242a1a:
[ 225.5324421] cpu1: End traceback...
[ 225.5435703] fatal breakpoint trap in supervisor mode
[ 225.5435703] trap type 1 code 0 rip 0xffffffff8021ccb5 cs 0x8 rflags
0x246 cr2 0x7ac62363c000 ilevel 0 rsp 0xffffa601700438c0
[ 225.5547074] curlwp 0xffffa60013cb1280 pid 490.1 lowest kstack
0xffffa6017003c2c0
Stopped in pid 490.1 (syz-executor.4) at netbsd:breakpoint+0x5:
leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xe9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x241 sys/kern/subr_prf.c:336
_GLOBAL__sub_D_65535_0_cpu_configure() at
netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
mi_switch() at netbsd:mi_switch+0xbfd sys/kern/kern_synch.c:768
sleepq_block() at netbsd:sleepq_block+0x2b4 sys/kern/kern_sleepq.c:276
kpause() at netbsd:kpause+0x1da sys/kern/kern_synch.c:235
nanosleep1() at netbsd:nanosleep1+0x289 sys/kern/kern_time.c:355
sys___nanosleep50() at netbsd:sys___nanosleep50+0xe5
sys/kern/kern_time.c:293
syscall() at netbsd:syscall+0x559 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x559 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x559 sys/arch/x86/x86/syscall.c:138
--- syscall (number 430) ---
7516b2242a1a:
ds 4000
es 2000
fs 38b0
gs 2fa7
rdi ffffa6000d92b458
rsi ffffa60013cb1568
rbp ffffa601700438c0
rbx ffffa6016d892000
rdx 2
rcx ffffffff80282fa7 cpu_intr_p+0x6e
rax 0
r8 0
r9 ffffa60013cb1347
r10 1ffff4c002796268
r11 10
r12 ffffa6016d8a4000
r13 ffffffff8219fa20 __func__.12445+0xd40
r14 ffffa60170043950
r15 ffffa6016d892060
rip ffffffff8021ccb5 breakpoint+0x5
cs 8
rflags 246
rsp ffffa601700438c0
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
912 1 2 0 0 ffffa60012d38320 syz-executor.5
805 1 2 1 0 ffffa600121d38c0 syz-executor.0
893 3 2 0 100000 ffffa600122004c0 syz-executor.2
893 1 3 0 10040004 ffffa6001232f6c0 syz-executor.2 lwpwait
734 6 3 1 80 ffffa6001229a140 syz-executor.5 parked
667 4 3 0 80 ffffa6001216cb80 syz-executor.1 parked
667 3 3 0 40080 ffffa6001216c300 syz-executor.1 parked
667 1 2 0 10040000 ffffa6001232f280 syz-executor.1
820 7 3 1 0 ffffa600123216a0 syz-executor.4 tstile
820 6 3 1 0 ffffa60013da8320 syz-executor.4 tstile
820 5 3 1 0 ffffa600122f4200 syz-executor.4 tstile
820 4 3 0 80 ffffa60012314240 syz-executor.4 parked
820 3 2 0 0 ffffa600122f4a80 syz-executor.4
820 1 2 1 10040000 ffffa60012243980 syz-executor.4
671 3 3 0 80 ffffa60012de0100 syz-executor.5 parked
722 4 3 0 80 ffffa60013e630c0 syz-executor.5 parked
880 3 3 1 80 ffffa600121c9780 syz-executor.5 parked
775 3 3 1 80 ffffa60011ee85e0 syz-executor.5 parked
639 3 3 1 80 ffffa6001213d720 syz-executor.5 parked
666 3 3 0 80 ffffa60013ded8e0 syz-executor.5 parked
303 3 3 1 80 ffffa600135cca60 syz-executor.2 parked
524 3 3 1 80 ffffa60012d6d8c0 syz-executor.2 parked
45 1 2 0 0 ffffa60013cb16c0 syz-executor.5
490 > 1 7 1 0 ffffa60013cb1280 syz-executor.4
574 1 2 1 0 ffffa60013c42ae0 syz-executor.3
492 1 2 1 0 ffffa60013c426a0 syz-executor.2
40 1 2 1 0 ffffa60013c42260 syz-executor.1
41 1 2 1 0 ffffa60013b9dac0 syz-executor.0
625 12 3 0 80 ffffa60013b9d680 syz-fuzzer parked
625 11 2 1 0 ffffa60013b9d240 syz-fuzzer
625 10 3 1 80 ffffa60013b19aa0 syz-fuzzer parked
625 9 3 0 80 ffffa600120b4b20 syz-fuzzer parked
625 8 3 1 80 ffffa60013b19220 syz-fuzzer parked
625 7 3 0 80 ffffa600137a5a80 syz-fuzzer parked
625 6 3 1 80 ffffa600137a5640 syz-fuzzer parked
625 5 3 1 80 ffffa60012e22a40 syz-fuzzer parked
625 4 2 1 0 ffffa60012e22600 syz-fuzzer
625 3 3 0 80 ffffa600120b42a0 syz-fuzzer parked
625 2 2 1 0 ffffa60012182ba0 syz-fuzzer
625 1 3 1 80 ffffa60012182760 syz-fuzzer parked
633 1 3 1 80 ffffa60011ee49e0 sshd select
459 1 3 0 80 ffffa60011ee55c0 getty nanoslp
540 1 3 1 80 ffffa60011ee45a0 getty nanoslp
622 1 3 0 80 ffffa60012016680 getty nanoslp
565 1 3 1 80 ffffa60012d4f780 getty ttyraw
507 1 3 1 80 ffffa600137a5200 cron nanoslp
388 1 3 0 80 ffffa60012dc20c0 inetd kqueue
486 1 3 1 80 ffffa60012d784a0 sshd select
471 1 3 0 80 ffffa60012305aa0 powerd kqueue
435 1 2 1 40000 ffffa600122c0a20 makemandb
344 1 2 1 0 ffffa60012d8c900 syslogd
246 1 3 1 80 ffffa60012305660 dhcpcd kqueue
207 1 3 1 80 ffffa6001220d920 dhcpcd kqueue
1 1 3 0 80 ffffa60012004aa0 init wait
0 58 3 0 204 ffffa60012016ac0 physiod physiod
0 57 3 0 204 ffffa60012054280 aiodoned aiodoned
0 > 56 7 0 200 ffffa60012053ae0 ioflush
0 55 3 0 204 ffffa600120536a0 pooldrain pooldrain
0 54 3 0 200 ffffa60012053260 pgdaemon pgdaemon
0 51 2 1 200 ffffa60012016240 npfgc-0
0 50 3 0 204 ffffa60012004660 rt_free rt_free
0 49 3 0 204 ffffa60012004220 unpgc unpgc
0 48 2 1 200 ffffa60011ffca80 key_timehandler
0 47 3 1 204 ffffa60011ffc640 icmp6_wqinput/1
icmp6_wqinput
0 46 3 0 204 ffffa60011ffc200 icmp6_wqinput/0
icmp6_wqinput
0 45 2 1 200 ffffa60011f14a60 nd6_timer
0 44 3 1 204 ffffa60011f14620 carp6_wqinput/1
carp6_wqinput
0 43 3 0 204 ffffa60011f141e0 carp6_wqinput/0
carp6_wqinput
0 42 3 1 204 ffffa60011effa40 carp_wqinput/1
carp_wqinput
0 41 3 0 204 ffffa60011eff600 carp_wqinput/0
carp_wqinput
0 40 3 1 204 ffffa60011eff1c0 icmp_wqinput/1
icmp_wqinput
0 39 3 0 204 ffffa60011ee8a20 icmp_wqinput/0
icmp_wqinput
0 38 2 1 200 ffffa6000f7ca9c0 rt_timer
0 37 2 1 200 ffffa60011ee5180 vmem_rehash
0 27 3 0 204 ffffa6000f7ca580 scsibus0 sccomp
0 26 3 0 200 ffffa6000f7ca140 pms0 pmsreset
0 25 3 1 204 ffffa6000f73c9a0 xcall/1 xcall
0 24 1 1 200 ffffa6000f73c560 softser/1
0 23 1 1 200 ffffa6000f73c120 softclk/1
0 22 1 1 200 ffffa6000f738980 softbio/1
0 21 1 1 200 ffffa6000f738540 softnet/1
0 20 1 1 201 ffffa6000f738100 idle/1
0 19 3 1 204 ffffa6000f66e960 lnxpwrwq lnxpwrwq
0 18 3 1 204 ffffa6000f66e520 lnxlngwq lnxlngwq
0 17 3 0 204 ffffa6000f66e0e0 lnxsyswq lnxsyswq
0 16 3 0 204 ffffa6000de53940 lnxrcugc lnxrcugc
0 15 3 0 204 ffffa6000de53500 sysmon smtaskq
0 14 3 1 204 ffffa6000de530c0 pmfsuspend pmfsuspend
0 13 3 0 204 ffffa6000de44920 pmfevent pmfevent
0 12 3 0 204 ffffa6000de444e0 sopendfree sopendfr
0 11 3 1 204 ffffa6000de440a0 nfssilly nfssilly
0 10 2 1 200 ffffa6000de38900 cachegc
0 9 3 0 204 ffffa6000de384c0 vdrain vdrain
0 8 3 0 200 ffffa6000de38080 modunload mod_unld
0 7 3 0 204 ffffa6000de298e0 xcall/0 xcall
0 6 1 0 200 ffffa6000de294a0 softser/0
0 5 1 0 200 ffffa6000de29060 softclk/0
0 4 1 0 200 ffffa6000de258c0 softbio/0
0 3 1 0 200 ffffa6000de25480 softnet/0
0 2 1 0 201 ffffa6000de25040 idle/0
0 1 2 1 200 ffffffff82b63620 swapper
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor.2):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffa60012066240 type : sleep/adaptive
initialized : 0xffffffff810ea7f3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa6001232f6c0
last locked* : 0xffffffff810cecc4 unlocked : 0xffffffff810cbb5c
owner field : 000000000000000000 wait/spin: 0/0
Turnstile chain at 0xffffffff82d83c88 with mutex 0xffffa6000d940400.
=> No active turnstile for this lock.
Lock 1 (initialized at uvm_page_init)
lock address : 0xffffffff82d7c740 type : sleep/adaptive
initialized : 0xffffffff810ec2f7
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa6001232f6c0
last locked* : 0xffffffff810cef4a unlocked : 0xffffffff810cef5e
owner field : 000000000000000000 wait/spin: 0/0
Turnstile chain at 0xffffffff82d83d28 with mutex 0xffffa6000d940900.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.4):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa600121ece00 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 3
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60012314240
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60012314240 flags : 0x0000000000000007
Turnstile chain at 0xffffffff82d83e00 with mutex 0xffffa6000d940fc0.
=> Turnstile at 0xffffa600123193c0 (wrq=0xffffa600123193e0,
rdq=0xffffa600123193f0).
=> 0 waiting readers:
=> 3 waiting writers: 0xffffa600122f4200 0xffffa60013da8320
0xffffa600123216a0
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa60011e8a700 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60012314240
last locked* : 0xffffffff812d3b58 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60012314240 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d20 with mutex 0xffffa6000d9408c0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.4):
Lock 0 (initialized at amap_alloc)
lock address : 0xffffa60013aeeb80 type : sleep/adaptive
initialized : 0xffffffff810bdd21
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa60013cb1280 last held: 0xffffa60012243980
last locked* : 0xffffffff810cd854 unlocked : 000000000000000000
owner field : 0xffffa60012243980 wait/spin: 0/0
Turnstile chain at 0xffffffff82d83db0 with mutex 0xffffa6000d940d40.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.5):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa60013b22700 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013cb16c0
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60013cb16c0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d20 with mutex 0xffffa6000d9408c0.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa60013e57300 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013cb16c0
last locked* : 0xffffffff812d3c10 unlocked : 000000000000000000
owner/count : 0xffffa60013cb16c0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83ea0 with mutex 0xffffa6000de1c500.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.3):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa60013b22680 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013c42ae0
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60013c42ae0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d10 with mutex 0xffffa6000d940840.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa60013830600 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013c42ae0
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60013c42ae0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d00 with mutex 0xffffa6000d9407c0.
=> No active turnstile for this lock.
[Locks tracked through CPUs]
Locks held on CPU 0:
Lock 0 (initialized at com_attach_subr)
lock address : 0xffffa60011e92888 type : spin
initialized : 0xffffffff80a07b8d
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa6001232f6c0
last locked* : 0xffffffff80a05c87 unlocked : 0xffffffff80a06db3
owner field : 0x0000000000000800 wait/spin: 0/1
PAGE FLAG PQ UOBJECT UANON
0xffffa60000014180 0048 0000 0x0 0x0
0xffffa600000141f8 0048 0000 0x0 0x0
0xffffa60000014270 0048 0000 0x0 0x0
0xffffa600000142e8 0048 0000 0x0 0x0
0xffffa60000014360 0048 0000 0x0 0x0
0xffffa600000143d8 0048 0000 0x0 0x0
0xffffa60000014450 0040 0000 0x0 0x0
0xffffa600000144c8 0048 0000 0x0 0x0
0xffffa60000014540 0040 0000 0x0 0x0
0xffffa600000145b8 0048 0000 0x0 0x0
0xffffa60000014630 0048 0000 0x0 0x0
0xffffa600000146a8 0048 0000 0x0 0x0
0xffffa60000014720 0048 0000 0x0 0x0
0xffffa60000014798 0048 0000 0x0 0x0
0xffffa60000014810 0048 0000 0x0 0x0
0xffffa60000014888 0040 0000 0x0 0x0
0xffffa60000014900 0048 0000 0x0 0x0
0xffffa60000014978 0040 0000 0x0 0x0
0xffffa600000149f0 0040 0000 0x0 0x0
0xffffa60000014a68 0040 0000 0x0 0x0
0xffffa60000014ae0 0040 0000 0x0 0x0
0xffffa60000014b58 0040 0000 0x0 0x0
0xffffa60000014bd0 0040 0000 0x0 0x0
0xffffa60000014c48 0048 0000 0x0 0x0
0xffffa60000014cc0 0048 0000 0x0 0x0
0xffffa60000014d38 0048 0000 0x0 0x0
0xffffa60000014db0 0048 0000 0x0 0x0
0xffffa60000014e28 0048 0000 0x0 0x0
0xffffa60000014ea0 0048 0000 0x0 0x0
0xffffa60000014f18 0048 0000 0x0 0x0
0xffffa60000014f90 0048 0000 0x0 0x0
0xffffa60000015008 0048 0000 0x0 0x0
0xffffa60000015080 0048 0000 0x0 0x0
0xffffa600000150f8 0048 0000 0x0 0x0
0xffffa60000015170 0048 0000 0x0 0x0
0xffffa600000151e8 0048 0000 0x0 0x0
0xffffa60000015260 0048 0000 0x0 0x0
0xffffa600000152d8 0048 0000 0x0 0x0
0xffffa60000015350 0048 0000 0x0 0x0
0xffffa600000153c8 0048 0000 0x0 0x0
0xffffa60000015440 0048 0000 0x0 0x0
0xffffa600000154b8 0048 0000 0x0 0x0
0xffffa60000015530 0048 0000 0x0 0x0
0xffffa600000155a8 0048 0000 0x0 0x0
0xffffa60000015620 0048 0000 0x0 0x0
0xffffa60000015698 0048 0000 0x0 0x0
0xffffa60000015710 0048 0000 0x0 0x0
0xffffa60000015788 0048 0000 0x0 0x0
0xffffa60000015800 0048 0000 0x0 0x0
0xffffa60000015878 0048 0000 0x0 0x0
0xffffa600000158f0 0048 0000 0x0 0x0
0xffffa60000015968 0048 0000 0x0 0x0
0xffffa600000159e0 0048 0000 0x0 0x0
0xffffa60000015a58 0048 0000 0x0 0x0
0xffffa60000015ad0 0048 0000 0x0 0x0
0xffffa60000015b48 0048 0000 0x0 0x0
0xffffa60000015bc0 0048 0000 0x0 0x0
0xffffa60000015c38 0048 0000 0x0 0x0
0xffffa60000015cb0 0048 0000 0x0 0x0
0xffffa60000015d28 0048 0000 0x0 0x0
0xffffa60000015da0 0048 0000 0x0 0x0
0xffffa60000015e18 0048 0000 0x0 0x0
0xffffa60000015e90 0048 0000 0x0 0x0
0xffffa60000015f08 0048 0000 0x0 0x0
0xffffa60000015f80 0048 0000 0x0 0x0
0xffffa60000015ff8 0048 0000 0x0 0x0
0xffffa60000016070 0048 0000 0x0 0x0
0xffffa600000160e8 0040 0000 0x0 0x0
0xffffa60000016160 0041 0000 0x0 0x0
0xffffa600000161d8 0041 0000 0x0 0x0
0xffffa60000016250 0048 0000 0x0 0x0
0xffffa600000162c8 0048 0000 0x0 0x0
0xffffa60000016340 0048 0000 0x0 0x0
0xffffa600000163b8 0048 0000 0x0 0x0
0xffffa60000016430 0040 0000 0x0 0x0
0xffffa600000164a8 0041 0000 0x0 0x0
0xffffa60000016520 0041 0000 0x0 0x0
0xffffa60000016598 0041 0000 0x0 0x0
0xffffa60000016610 0048 0000 0x0 0x0
0xffffa60000016688 0040 0000 0x0 0x0
0xffffa60000016700 0040 0000 0x0 0x0
0xffffa60000016778 0048 0000 0x0 0x0
0xffffa600000167f0 0041 0000 0x0 0x0
0xffffa60000016868 0041 0000 0x0 0x0
0xffffa600000168e0 0048 0000 0x0 0x0
0xffffa60000016958 0048 0000 0x0 0x0
0xffffa600000169d0 0041 0000 0x0 0x0
0xffffa60000016a48 0041 0000 0x0 0x0
0xffffa60000016ac0 0041 0000 0x0 0x0
0xffffa60000016b38 0040 0000 0x0 0x0
0xffffa60000016bb0 0041 0000 0x0 0x0
0xffffa60000016c28 0048 0000 0x0 0x0
0xffffa60000016ca0 0048 0000 0x0 0x0
0xffffa60000016d18 0048 0000 0x0 0x0
0xffffa60000016d90 0041 0000 0x0 0x0
0xffffa60000016e08 0041 0000 0x0 0x0
0xffffa60000016e80 0041 0000 0x0 0x0
0xffffa60000016ef8 0041 0000 0x0 0x0
0xffffa60000016f70 0048 0000 0x0 0x0
0xffffa60000016fe8 0048 0000 0x0 0x0
0xffffa60000017060 0048 0000 0x0 0x0
0xffffa600000170d8 0048 0000 0x0 0x0
0xffffa60000017150 0048 0000 0x0 0x0
0xffffa600000171c8 0048 0000 0x0 0x0
0xffffa60000017240 0048 0000 0x0 0x0
0xffffa600000172b8 0041 0000 0x0 0x0
0xffffa60000017330 0048 0000 0x0 0x0
0xffffa600000173a8 0048 0000 0x0 0x0
0xffffa60000017420 0048 0000 0x0 0x0
0xffffa60000017498 0048 0000 0x0 0x0
0xffffa60000017510 0048 0000 0x0 0x0
0xffffa60000017588 0048 0000 0x0 0x0
0xffffa60000017600 0048 0000 0x0 0x0
0xffffa60000017678 0048 0000 0x0 0x0
0xffffa600000176f0 0048 0000 0x0 0x0
0xffffa60000017768 0048 0000 0x0 0x0
0xffffa600000177e0 0048 0000 0x0 0x0
0xffffa60000017858 0048 0000 0x0 0x0
0xffffa600000178d0 0048 0000 0x0 0x0
0xffffa60000017948 0048 0000 0x0 0x0
0xffffa600000179c0 0048 0000 0x0 0x0
0xffffa60000017a38 0048 0000 0x0 0x0
0xffffa60000017ab0 0048 0000 0x0 0x0
0xffffa60000017b28 0048 0000 0x0 0x0
0xffffa60000017ba0 0048 0000 0x0 0x0
0xffffa60000017c18 0048 0000 0x0 0x0
0xffffa60000017c90 0048 0000 0x0 0x0
0xffffa60000017d08 0048 0000 0x0 0x0
0xffffa60000017d80 0048 0000 0x0 0x0
0xffffa60000017df8 0048 0000 0x0 0x0
0xffffa60000017e70 0048 0000 0x0 0x0
0xffffa60000017ee8 0048 0000 0x0 0x0
0xffffa60000017f60 0048 0000 0x0 0x0
0xffffa60000017fd8 0048 0000 0x0 0x0
0xffffa60000018050 0048 0000 0x0 0x0
0xffffa600000180c8 0048 0000 0x0 0x0
0xffffa60000018140 0048 0000 0x0 0x0
0xffffa600000181b8 0048 0000 0x0 0x0
0xffffa60000018230 0048 0000 0x0 0x0
0xffffa600000182a8 0048 0000 0x0 0x0
0xffffa60000018320 0048 0000 0x0 0x0
0xffffa60000018398 0048 0000 0x0 0x0
0xffffa60000018410 0048 0000 0x0 0x0
0xffffa60000018488 0048 0000 0x0 0x0
0xffffa60000018500 0048 0000 0x0 0x0
0xffffa60000018578 0048 0000 0x0 0x0
0xffffa600000185f0 0048 0000 0x0 0x0
0xffffa60000018668 0048 0000 0x0 0x0
0xffffa600000186e0 0048 0000 0x0 0x0
0xffffa60000018758 0048 0000 0x0 0x0
0xffffa600000187d0 0048 0000 0x0 0x0
0xffffa60000018848 0048 0000 0x0 0x0
0xffffa600000188c0 0048 0000 0x0 0x0
0xffffa60000018938 0048 0000 0x0 0x0
0xffffa600000189b0 0048 0000 0x0 0x0
0xffffa60000018a28 0048 0000 0x0 0x0
0xffffa60000018aa0 0048 0000 0x0 0x0
0xffffa60000018b18 0048 0000 0x0 0x0
0xffffa60000018b90 0048 0000 0x0 0x0
0xffffa60000018c08 0048 0000 0x0 0x0
0xffffa60000018c80 0048 0000 0x0 0x0
0xffffa60000018cf8 0048 0000 0x0 0x0
0xffffa60000018d70 0048 0000 0x0 0x0
0xffffa60000018de8 0048 0000 0x0 0x0
0xffffa60000018e60 0048 0000 0x0 0x0
0xffffa60000018ed8 0048 0000 0x0 0x0
0xffffa60000018f50 0048 0000 0x0 0x0
0xffffa60000018fc8 0048 0000 0x0 0x0
0xffffa60000019040 0048 0000 0x0 0x0
0xffffa600000190b8 0048 0000 0x0 0x0
0xffffa60000019130 0048 0000 0x0 0x0
0xffffa600000191a8 0048 0000 0x0 0x0
0xffffa60000019220 0048 0000 0x0 0x0
0xffffa60000019298 0048 0000 0x0 0x0
0xffffa60000019310 0048 0000 0x0 0x0
0xffffa60000019388 0048 0000 0x0 0x0
0xffffa60000019400 0048 0000 0x0 0x0
0xffffa60000019478 0048 0000 0x0 0x0
0xffffa600000194f0 0048 0000 0x0 0x0
0xffffa60000019568 0048 0000 0x0 0x0
0xffffa600000195e0 0048 0000 0x0 0x0
0xffffa60000019658 0048 0000 0x0 0x0
0xffffa600000196d0 0048 0000 0x0 0x0
0xffffa60000019748 0048 0000 0x0 0x0
0xffffa600000197c0 0048 0000 0x0 0x0
0xffffa60000019838 0048 0000 0x0 0x0
0xffffa600000198b0 0048 0000 0x0 0x0
0xffffa60000019928 0048 0000 0x0 0x0
0xffffa600000199a0 0048 0000 0x0 0x0
0xffffa60000019a18 0048 0000 0x0 0x0
0xffffa60000019a90 0048 0000 0x0 0x0
0xffffa60000019b08 0048 0000 0x0 0x0
0xffffa60000019b80 0048 0000 0x0 0x0
0xffffa60000019bf8 0048 0000 0x0 0x0
0xffffa60000019c70 0048 0000 0x0 0x0
0xffffa60000019ce8 0048 0000 0x0 0x0
0xffffa60000019d60 0048 0000 0x0 0x0
0xffffa60000019dd8 0048 0000 0x0 0x0
0xffffa60000019e50 0048 0000 0x0 0x0
0xffffa60000019ec8 0048 0000 0x0 0x0
0xffffa60000019f40 0048 0000 0x0 0x0
0xffffa60000019fb8 0048 0000 0x0 0x0
0xffffa6000001a030 0048 0000 0x0 0x0
0xffffa6000001a0a8 0048 0000 0x0 0x0
0xffffa6000001a120 0048 0000 0x0 0x0
0xffffa6000001a198 0048 0000 0x0 0x0
0xffffa6000001a210 0048 0000 0x0 0x0
0xffffa6000001a288 0048 0000 0x0 0x0
0xffffa6000001a300 0048 0000 0x0 0x0
0xffffa6000001a378 0048 0000 0x0 0x0
0xffffa6000001a3f0 0048 0000 0x0 0x0
0xffffa6000001a468 0048 0000 0x0 0x0
0xffffa6000001a4e0 0048 0000 0x0 0x0
0xffffa6000001a558 0048 0000 0x0 0x0
0xffffa6000001a5d0 0048 0000 0x0 0x0
0xffffa6000001a648 0048 0000 0x0 0x0
0xffffa6000001a6c0 0048 0000 0x0 0x0
0xffffa6000001a738 0048 0000 0x0 0x0
0xffffa6000001a7b0 0048 0000 0x0 0x0
0xffffa6000001a828 0048 0000 0x0 0x0
0xffffa6000001a8a0 0048 0000 0x0 0x0
0xffffa6000001a918 0048 0000 0x0 0x0
0xffffa6000001a990 0048 0000 0x0 0x0
0xffffa6000001aa08 0048 0000 0x0 0x0
0xffffa6000001aa80 0048 0000 0x0 0x0
0xffffa6000001aaf8 0048 0000 0x0 0x0
0xffffa6000001ab70 0048 0000 0x0 0x0
0xffffa6000001abe8 0048 0000 0x0 0x0
0xffffa6000001ac60 0048 0000 0x0 0x0
0xffffa6000001acd8 0048 0000 0x0 0x0
0xffffa6000001ad50 0048 0000 0x0 0x0
0xffffa6000001adc8 0048 0000 0x0 0x0
0xffffa6000001ae40 0048 0000 0x0 0x0
0xffffa6000001aeb8 0048 0000 0x0 0x0
0xffffa6000001af30 0008 0000 0x0 0x0
0xffffa6000001afa8 0008 0000 0x0 0x0
0xffffa6000001b020 0008 0000 0x0 0x0
0xffffa6000001b098 0008 0000 0x0 0x0
0xffffa6000001b110 0008 0000 0x0 0x0
0xffffa6000001b188 0008 0000 0x0 0x0
0xffffa6000001b200 0008 0000 0x0 0x0
0xffffa6000001b278 0008 0000 0x0 0x0
0xffffa6000001b2f0 0008 0000 0x0 0x0
0xffffa6000001b368 0008 0000 0x0 0x0
0xffffa6000001b3e0 0008 0000 0x0 0x0
0xffffa6000001b458 0008 0000 0x0 0x0
0xffffa6000001b4d0 0008 0000 0x0 0x0
0xffffa6000001b548 0008 0000 0x0 0x0
0xffffa6000001b5c0 0008 0000 0x0 0x0
0xffffa6000001b638 0008 0000 0x0 0x0
0xffffa6000001b6b0 0008 0000 0x0 0x0
0xffffa6000001b728 0008 0000 0x0 0x0
0xffffa6000001b7a0 0008 0000 0x0 0x0
0xffffa6000001b818 0008 0000 0x0 0x0
0xffffa6000001b890 0008 0000 0x0 0x0
0xffffa6000001b908 0008 0000 0x0 0x0
0xffffa6000001b980 0008 0000 0x0 0x0
0xffffa6000001b9f8 0008 0000 0x0 0x0
0xffffa6000001ba70 0008 0000 0x0 0x0
0xffffa6000001bae8 0008 0000 0x0 0x0
0xffffa6000001bb60 0008 0000 0x0 0x0
0xffffa6000001bbd8 0008 0000 0x0 0x0
0xffffa6000001bc50 0008 0000 0x0 0x0
0xffffa6000001bcc8 0008 0000 0x0 0x0
0xffffa6000001bd40 0008 0000 0x0 0x0
0xffffa6000001bdb8 0008 0000 0x0 0x0
0xffffa6000001be30 0008 0000 0x0 0x0
0xffffa6000001bea8 0008 0000 0x0 0x0
0xffffa6000001bf20 0008 0000 0x0 0x0
0xffffa6000001bf98 0008 0000 0x0 0x0
0xffffa6000001c010 0008 0000 0x0 0x0
0xffffa6000001c088 0008 0000 0x0 0x0
0xffffa6000001c100 0008 0000 0x0 0x0
0xffffa6000001c178 0008 0000 0x0 0x0
0xffffa6000001c1f0 0008 0000 0x0 0x0
0xffffa6000001c268 0008 0000 0x0 0x0
0xffffa6000001c2e0 0008 0000 0x0 0x0
0xffffa6000001c358 0008 0000 0x0 0x0
0xffffa6000001c3d0 0008 0000 0x0 0x0
0xffffa6000001c448 0008 0000 0x0 0x0
0xffffa6000001c4c0 0008 0000 0x0 0x0
0xffffa6000001c538 0008 0000 0x0 0x0
0xffffa6000001c5b0 0008 0000 0x0 0x0
0xffffa6000001c628 0008 0000 0x0 0x0
0xffffa6000001c6a0 0008 0000 0x0 0x0
0xffffa6000001c718 0008 0000 0x0 0x0
0xffffa6000001c790 0008 0000 0x0 0x0
0xffffa6000001c808 0008 0000 0x0 0x0
0xffffa6000001c880 0048 0000 0x0 0x0
0xffffa6000001c8f8 0048 0000 0x0 0x0
0xffffa6000001c970 0048 0000 0x0 0x0
0xffffa6000001c9e8 0048 0000 0x0 0x0
0xffffa6000001ca60 0048 0000 0x0 0x0
0xffffa6000001cad8 0048 0000 0x0 0x0
0xffffa6000001cb50 0048 0000 0x0 0x0
0xffffa6000001cbc8 0048 0000 0x0 0x0
0xffffa6000001cc40 0048 0000 0x0 0x0
0xffffa6000001ccb8 0048 0000 0x0 0x0
0xffffa6000001cd30 0048 0000 0x0 0x0
0xffffa6000001cda8 0048 0000 0x0 0x0
0xffffa6000001ce20 0048 0000 0x0 0x0
0xffffa6000001ce98 0048 0000 0x0 0x0
0xffffa6000001cf10 0048 0000 0x0 0x0
0xffffa6000001cf88 0048 0000 0x0 0x0
0xffffa6000001d000 0048 0000 0x0 0x0
0xffffa6000001d078 0048 0000 0x0 0x0
0xffffa6000001d0f0 0048 0000 0x0 0x0
0xffffa6000001d168 0048 0000 0x0 0x0
0xffffa6000001d1e0 0048 0000 0x0 0x0
0xffffa6000001d258 0048 0000 0x0 0x0
0xffffa6000001d2d0 0048 0000 0x0 0x0
0xffffa6000001d348 0048 0000 0x0 0x0
0xffffa6000001d3c0 0048 0000 0x0 0x0
0xffffa6000001d438 0048 0000 0x0 0x0
0xffffa6000001d4b0 0048 0000 0x0 0x0
0xffffa6000001d528 0048 0000 0x0 0x0
0xffffa6000001d5a0 0048 0000 0x0 0x0
0xffffa6000001d618 0048 0000 0x0 0x0
0xffffa6000001d690 0048 0000 0x0 0x0
0xffffa6000001d708 0048 0000 0x0 0x0
0xffffa6000001d780 0048 0000 0x0 0x0
0xffffa6000001d7f8 0048 0000 0x0 0x0
0xffffa6000001d870 0048 0000 0x0 0x0
0xffffa6000001d8e8 0048 0000 0x0 0x0
0xffffa6000001d960 0048 0000 0x0 0x0
0xffffa6000001d9d8 0048 0000 0x0 0x0
0xffffa6000001da50 0048 0000 0x0 0x0
0xffffa6000001dac8 0048 0000 0x0 0x0
0xffffa6000001db40 0048 0000 0x0 0x0
0xffffa6000001dbb8 0048 0000 0x0 0x0
0xffffa6000001dc30 0008 0000 0x0 0x0
0xffffa6000001dca8 0008 0000 0x0 0x0
0xffffa6000001dd20 0008 0000 0x0 0x0
0xffffa6000001dd98 0008 0000 0x0 0x0
0xffffa6000001de10 0008 0000 0x0 0x0
0xffffa6000001de88 0008 0000 0x0 0x0
0xffffa6000001df00 0008 0000 0x0 0x0
0xffffa6000001df78 0008 0000 0x0 0x0
0xffffa6000001dff0 0008 0000 0x0 0x0
0xffffa6000001e068 0008 0000 0x0 0x0
0xffffa6000001e0e0 0008 0000 0x0 0x0
0xffffa6000001e158 0008 0000 0x0 0x0
0xffffa6000001e1d0 0008 0000 0x0 0x0
0xffffa6000001e248 0008 0000 0x0 0x0
0xffffa6000001e2c0 0008 0000 0x0 0x0
0xffffa6000001e338 0008 0000 0x0 0x0
0xffffa6000001e3b0 0008 0000 0x0 0x0
0xffffa6000001e428 0008 0000 0x0 0x0
0xffffa6000001e4a0 0008 0000 0x0 0x0
0xffffa6000001e518 0008 0000 0x0 0x0
0xffffa6000001e590 0008 0000 0x0 0x0
0xffffa6000001e608 0008 0000 0x0 0x0
0xffffa6000001e680 0008 0000 0x0 0x0
0xffffa6000001e6f8 0008 0000 0x0 0x0
0xffffa6000001e770 0008 0000 0x0 0x0
0xffffa6000001e7e8 0008 0000 0x0 0x0
0xffffa6000001e860 0008 0000 0x0 0x0
0xffffa6000001e8d8 0008 0000 0x0 0x0
0xffffa6000001e950 0008 0000 0x0 0x0
0xffffa6000001e9c8 0008 0000 0x0 0x0
0xffffa6000001ea40 0008 0000 0x0 0x0
0xffffa6000001eab8 0008 0000 0x0 0x0
0xffffa6000001eb30 0008 0000 0x0 0x0
0xffffa6000001eba8 0008 0000 0x0 0x0
0xffffa6000001ec20 0008 0000 0x0 0x0
0xffffa6000001ec98 0008 0000 0x0 0x0
0xffffa6000001ed10 0008 0000 0x0 0x0
0xffffa6000001ed88 0008 0000 0x0 0x0
0xffffa6000001ee00 0008 0000 0x0 0x0
0xffffa6000001ee78 0008 0000 0x0 0x0
0xffffa6000001eef0 0008 0000 0x0 0x0
0xffffa6000001ef68 0008 0000 0x0 0x0
0xffffa6000001efe0 0008 0000 0x0 0x0
0xffffa6000001f058 0008 0000 0x0 0x0
0xffffa6000001f0d0 0008 0000 0x0 0x0
0xffffa6000001f148 0008 0000 0x0 0x0
0xffffa6000001f1c0 0008 0000 0x0 0x0
0xffffa6000001f238 0008 0000 0x0 0x0
0xffffa6000001f2b0 0008 0000 0x0 0x0
0xffffa6000001f328 0008 0000 0x0 0x0
0xffffa6000001f3a0 0008 0000 0x0 0x0
0xffffa6000001f418 0008 0000 0x0 0x0
0xffffa6000001f490 0008 0000 0x0 0x0
0xffffa6000001f508 0008 0000 0x0 0x0
0xffffa6000001f580 0048 0000 0x0 0x0
0xffffa6000001f5f8 0048 0000 0x0 0x0
0xffffa6000001f670 0048 0000 0x0 0x0
0xffffa6000001f6e8 0048 0000 0x0 0x0
0xffffa6000001f760 0048 0000 0x0 0x0
0xffffa6000001f7d8 0048 0000 0x0 0x0
0xffffa6000001f850 0048 0000 0x0 0x0
0xffffa6000001f8c8 0048 0000 0x0 0x0
0xffffa6000001f940 0048 0000 0x0 0x0
0xffffa6000001f9b8 0048 0000 0x0 0x0
0xffffa6000001fa30 0048 0000 0x0 0x0
0xffffa6000001faa8 0048 0000 0x0 0x0
0xffffa6000001fb20 0048 0000 0x0 0x0
0xffffa6000001fb98 0048 0000 0x0 0x0
0xffffa6000001fc10 0048 0000 0x0 0x0
0xffffa6000001fc88 0048 0000 0x0 0x0
0xffffa6000001fd00 0048 0000 0x0 0x0
0xffffa6000001fd78 0048 0000 0x0 0x0
0xffffa6000001fdf0 0048 0000 0x0 0x0
0xffffa6000001fe68 0048 0000 0x0 0x0
0xffffa6000001fee0 0048 0000 0x0 0x0
0xffffa6000001ff58 0048 0000 0x0 0x0
0xffffa6000001ffd0 0048 0000 0x0 0x0
0xffffa60000020048 0048 0000 0x0 0x0
0xffffa600000200c0 0048 0000 0x0 0x0
0xffffa60000020138 0048 0000 0x0 0x0
0xffffa600000201b0 0048 0000 0x0 0x0
0xffffa60000020228 0048 0000 0x0 0x0
0xffffa600000202a0 0040 0000 0x0 0x0
0xffffa60000020318 0040 0000 0x0 0x0
0xffffa60000020390 0048 0000 0x0 0x0
0xffffa60000020408 0040 0000 0x0 0x0
0xffffa60000020480 0040 0000 0x0 0x0
0xffffa600000204f8 0048 0000 0x0 0x0
0xffffa60000020570 0048 0000 0x0 0x0
0xffffa600000205e8 0048 0000 0x0 0x0
0xffffa60000020660 0040 0000 0x0 0x0
0xffffa600000206d8 0040 0000 0x0 0x0
0xffffa60000020750 0040 0000 0x0 0x0
0xffffa600000207c8 0040 0000 0x0 0x0
0xffffa60000020840 0040 0000 0x0 0x0
0xffffa600000208b8 0048 0000 0x0 0x0
0xffffa60000020930 0048 0000 0x0 0x0
0xffffa600000209a8 0008 0000 0x0 0x0
0xffffa60000020a20 0008 0000 0x0 0x0
0xffffa60000020a98 0008 0000 0x0 0x0
0xffffa60000020b10 0008 0000 0x0 0x0
0xffffa60000020b88 0008 0000 0x0 0x0
0xffffa60000020c00 0008 0000 0x0 0x0
0xffffa60000020c78 0008 0000 0x0 0x0
0xffffa60000020cf0 0008 0000 0x0 0x0
0xffffa60000020d68 0008 0000 0x0 0x0
0xffffa60000020de0 0008 0000 0x0 0x0
0xffffa60000020e58 0008 0000 0x0 0x0
0xffffa60000020ed0 0008 0000 0x0 0x0
0xffffa60000020f48 0008 0000 0x0 0x0
0xffffa60000020fc0 0008 0000 0x0 0x0
0xffffa60000021038 0008 0000 0x0 0x0
0xffffa600000210b0 0008 0000 0x0 0x0
0xffffa60000021128 0008 0000 0x0 0x0
0xffffa600000211a0 0008 0000 0x0 0x0
0xffffa60000021218 0008 0000 0x0 0x0
0xffffa60000021290 0008 0000 0x0 0x0
0xffffa60000021308 0008 0000 0x0 0x0
0xffffa60000021380 0008 0000 0x0 0x0
0xffffa600000213f8 0008 0000 0x0 0x0
0xffffa60000021470 0008 0000 0x0 0x0
0xffffa600000214e8 0008 0000 0x0 0x0
0xffffa60000021560 0008 0000 0x0 0x0
0xffffa600000215d8 0008 0000 0x0 0x0
0xffffa60000021650 0008 0000 0x0 0x0
0xffffa600000216c8 0008 0000 0x0 0x0
0xffffa60000021740 0008 0000 0x0 0x0
0xffffa600000217b8 0008 0000 0x0 0x0
0xffffa60000021830 0008 0000 0x0 0x0
0xffffa600000218a8 0008 0000 0x0 0x0
0xffffa60000021920 0008 0000 0x0 0x0
0xffffa60000021998 0008 0000 0x0 0x0
0xffffa60000021a10 0008 0000 0x0 0x0
0xffffa60000021a88 0008 0000 0x0 0x0
0xffffa60000021b00 0008 0000 0x0 0x0
0xffffa60000021b78 0008 0000 0x0 0x0
0xffffa60000021bf0 0008 0000 0x0 0x0
0xffffa60000021c68 0008 0000 0x0 0x0
0xffffa60000021ce0 0008 0000 0x0 0x0
0xffffa60000021d58 0008 0000 0x0 0x0
0xffffa60000021dd0 0008 0000 0x0 0x0
0xffffa60000021e48 0008 0000 0x0 0x0
0xffffa60000021ec0 0008 0000 0x0 0x0
0xffffa60000021f38 0008 0000 0x0 0x0
0xffffa60000021fb0 0008 0000 0x0 0x0
0xffffa60000022028 0008 0000 0x0 0x0
0xffffa600000220a0 0008 0000 0x0 0x0
0xffffa60000022118 0008 0000 0x0 0x0
0xffffa60000022190 0008 0000 0x0 0x0
0xffffa60000022208 0008 0000 0x0 0x0
0xffffa60000022280 0008 0000 0x0 0x0
0xffffa600000222f8 0040 0000 0x0 0x0
0xffffa60000022370 0040 0000 0x0 0x0
0xffffa600000223e8 0040 0000 0x0 0x0
0xffffa60000022460 0040 0000 0x0 0x0
0xffffa600000224d8 0040 0000 0x0 0x0
0xffffa60000022550 0040 0000 0x0 0x0
0xffffa600000225c8 0040 0000 0x0 0x0
0xffffa60000022640 0040 0000 0x0 0x0
0xffffa600000226b8 0040 0000 0x0 0x0
0xffffa60000022730 0040 0000 0x0 0x0
0xffffa600000227a8 0040 0000
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 79bebca3 sys/atomic.h for membar_*
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13a2f42ae00000
kernel config: https://syzkaller.appspot.com/x/.config?x=6e4d6bd2b8e377a2
dashboard link: https://syzkaller.appspot.com/bug?extid=87b88807a7c2b949b75f
compiler: g++ (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+87b888...@syzkaller.appspotmail.com
[
224. 2740020]
panic: kernel di agnostic assertion "l->l_cpu == ci" failed:
file "/syzkaller/managers/netbsd/kernel/sys/kern/kern_synch.c", li ne 768
[ 224.2851160] cpu1: Begin traceback...
[
224.35207 45]
vpanic() at
n etbsd:vpanic+0x241
[
224.5190852]
_GLOBAL__sub_D_65535_0_cpu_c onfigure() at
netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[
224.6748595]
mi_switch() at
netbsd:mi_switch+0xbfd
[
224.8197630]
sleepq_blo ck() at
n etbsd:sleepq_block+0x2b4
[
224.9755899]
kpause() at
n etbsd:kpause+0x1da
[
225.1315089]
nanosleep1() at
netbsd:nanosleep1+0x289
[
225.2763267]
sys___nanosleep50() at
netbsd:sys___nanosleep50+0xe5
[
225.43 22480]
syscall() at
netbsd:syscall+0x559
[ 225.4656978] --- syscall (number 430) ---
[
225.5324421]
7516b2242a1a:
[ 225.5324421] cpu1: End traceback...
[ 225.5435703] fatal breakpoint trap in supervisor mode
[ 225.5435703] trap type 1 code 0 rip 0xffffffff8021ccb5 cs 0x8 rflags
0x246 cr2 0x7ac62363c000 ilevel 0 rsp 0xffffa601700438c0
[ 225.5547074] curlwp 0xffffa60013cb1280 pid 490.1 lowest kstack
0xffffa6017003c2c0
Stopped in pid 490.1 (syz-executor.4) at netbsd:breakpoint+0x5:
leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xe9 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x241 sys/kern/subr_prf.c:336
_GLOBAL__sub_D_65535_0_cpu_configure() at
netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
mi_switch() at netbsd:mi_switch+0xbfd sys/kern/kern_synch.c:768
sleepq_block() at netbsd:sleepq_block+0x2b4 sys/kern/kern_sleepq.c:276
kpause() at netbsd:kpause+0x1da sys/kern/kern_synch.c:235
nanosleep1() at netbsd:nanosleep1+0x289 sys/kern/kern_time.c:355
sys___nanosleep50() at netbsd:sys___nanosleep50+0xe5
sys/kern/kern_time.c:293
syscall() at netbsd:syscall+0x559 sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x559 sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x559 sys/arch/x86/x86/syscall.c:138
--- syscall (number 430) ---
7516b2242a1a:
ds 4000
es 2000
fs 38b0
gs 2fa7
rdi ffffa6000d92b458
rsi ffffa60013cb1568
rbp ffffa601700438c0
rbx ffffa6016d892000
rdx 2
rcx ffffffff80282fa7 cpu_intr_p+0x6e
rax 0
r8 0
r9 ffffa60013cb1347
r10 1ffff4c002796268
r11 10
r12 ffffa6016d8a4000
r13 ffffffff8219fa20 __func__.12445+0xd40
r14 ffffa60170043950
r15 ffffa6016d892060
rip ffffffff8021ccb5 breakpoint+0x5
cs 8
rflags 246
rsp ffffa601700438c0
ss 10
netbsd:breakpoint+0x5: leave
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
912 1 2 0 0 ffffa60012d38320 syz-executor.5
805 1 2 1 0 ffffa600121d38c0 syz-executor.0
893 3 2 0 100000 ffffa600122004c0 syz-executor.2
893 1 3 0 10040004 ffffa6001232f6c0 syz-executor.2 lwpwait
734 6 3 1 80 ffffa6001229a140 syz-executor.5 parked
667 4 3 0 80 ffffa6001216cb80 syz-executor.1 parked
667 3 3 0 40080 ffffa6001216c300 syz-executor.1 parked
667 1 2 0 10040000 ffffa6001232f280 syz-executor.1
820 7 3 1 0 ffffa600123216a0 syz-executor.4 tstile
820 6 3 1 0 ffffa60013da8320 syz-executor.4 tstile
820 5 3 1 0 ffffa600122f4200 syz-executor.4 tstile
820 4 3 0 80 ffffa60012314240 syz-executor.4 parked
820 3 2 0 0 ffffa600122f4a80 syz-executor.4
820 1 2 1 10040000 ffffa60012243980 syz-executor.4
671 3 3 0 80 ffffa60012de0100 syz-executor.5 parked
722 4 3 0 80 ffffa60013e630c0 syz-executor.5 parked
880 3 3 1 80 ffffa600121c9780 syz-executor.5 parked
775 3 3 1 80 ffffa60011ee85e0 syz-executor.5 parked
639 3 3 1 80 ffffa6001213d720 syz-executor.5 parked
666 3 3 0 80 ffffa60013ded8e0 syz-executor.5 parked
303 3 3 1 80 ffffa600135cca60 syz-executor.2 parked
524 3 3 1 80 ffffa60012d6d8c0 syz-executor.2 parked
45 1 2 0 0 ffffa60013cb16c0 syz-executor.5
490 > 1 7 1 0 ffffa60013cb1280 syz-executor.4
574 1 2 1 0 ffffa60013c42ae0 syz-executor.3
492 1 2 1 0 ffffa60013c426a0 syz-executor.2
40 1 2 1 0 ffffa60013c42260 syz-executor.1
41 1 2 1 0 ffffa60013b9dac0 syz-executor.0
625 12 3 0 80 ffffa60013b9d680 syz-fuzzer parked
625 11 2 1 0 ffffa60013b9d240 syz-fuzzer
625 10 3 1 80 ffffa60013b19aa0 syz-fuzzer parked
625 9 3 0 80 ffffa600120b4b20 syz-fuzzer parked
625 8 3 1 80 ffffa60013b19220 syz-fuzzer parked
625 7 3 0 80 ffffa600137a5a80 syz-fuzzer parked
625 6 3 1 80 ffffa600137a5640 syz-fuzzer parked
625 5 3 1 80 ffffa60012e22a40 syz-fuzzer parked
625 4 2 1 0 ffffa60012e22600 syz-fuzzer
625 3 3 0 80 ffffa600120b42a0 syz-fuzzer parked
625 2 2 1 0 ffffa60012182ba0 syz-fuzzer
625 1 3 1 80 ffffa60012182760 syz-fuzzer parked
633 1 3 1 80 ffffa60011ee49e0 sshd select
459 1 3 0 80 ffffa60011ee55c0 getty nanoslp
540 1 3 1 80 ffffa60011ee45a0 getty nanoslp
622 1 3 0 80 ffffa60012016680 getty nanoslp
565 1 3 1 80 ffffa60012d4f780 getty ttyraw
507 1 3 1 80 ffffa600137a5200 cron nanoslp
388 1 3 0 80 ffffa60012dc20c0 inetd kqueue
486 1 3 1 80 ffffa60012d784a0 sshd select
471 1 3 0 80 ffffa60012305aa0 powerd kqueue
435 1 2 1 40000 ffffa600122c0a20 makemandb
344 1 2 1 0 ffffa60012d8c900 syslogd
246 1 3 1 80 ffffa60012305660 dhcpcd kqueue
207 1 3 1 80 ffffa6001220d920 dhcpcd kqueue
1 1 3 0 80 ffffa60012004aa0 init wait
0 58 3 0 204 ffffa60012016ac0 physiod physiod
0 57 3 0 204 ffffa60012054280 aiodoned aiodoned
0 > 56 7 0 200 ffffa60012053ae0 ioflush
0 55 3 0 204 ffffa600120536a0 pooldrain pooldrain
0 54 3 0 200 ffffa60012053260 pgdaemon pgdaemon
0 51 2 1 200 ffffa60012016240 npfgc-0
0 50 3 0 204 ffffa60012004660 rt_free rt_free
0 49 3 0 204 ffffa60012004220 unpgc unpgc
0 48 2 1 200 ffffa60011ffca80 key_timehandler
0 47 3 1 204 ffffa60011ffc640 icmp6_wqinput/1
icmp6_wqinput
0 46 3 0 204 ffffa60011ffc200 icmp6_wqinput/0
icmp6_wqinput
0 45 2 1 200 ffffa60011f14a60 nd6_timer
0 44 3 1 204 ffffa60011f14620 carp6_wqinput/1
carp6_wqinput
0 43 3 0 204 ffffa60011f141e0 carp6_wqinput/0
carp6_wqinput
0 42 3 1 204 ffffa60011effa40 carp_wqinput/1
carp_wqinput
0 41 3 0 204 ffffa60011eff600 carp_wqinput/0
carp_wqinput
0 40 3 1 204 ffffa60011eff1c0 icmp_wqinput/1
icmp_wqinput
0 39 3 0 204 ffffa60011ee8a20 icmp_wqinput/0
icmp_wqinput
0 38 2 1 200 ffffa6000f7ca9c0 rt_timer
0 37 2 1 200 ffffa60011ee5180 vmem_rehash
0 27 3 0 204 ffffa6000f7ca580 scsibus0 sccomp
0 26 3 0 200 ffffa6000f7ca140 pms0 pmsreset
0 25 3 1 204 ffffa6000f73c9a0 xcall/1 xcall
0 24 1 1 200 ffffa6000f73c560 softser/1
0 23 1 1 200 ffffa6000f73c120 softclk/1
0 22 1 1 200 ffffa6000f738980 softbio/1
0 21 1 1 200 ffffa6000f738540 softnet/1
0 20 1 1 201 ffffa6000f738100 idle/1
0 19 3 1 204 ffffa6000f66e960 lnxpwrwq lnxpwrwq
0 18 3 1 204 ffffa6000f66e520 lnxlngwq lnxlngwq
0 17 3 0 204 ffffa6000f66e0e0 lnxsyswq lnxsyswq
0 16 3 0 204 ffffa6000de53940 lnxrcugc lnxrcugc
0 15 3 0 204 ffffa6000de53500 sysmon smtaskq
0 14 3 1 204 ffffa6000de530c0 pmfsuspend pmfsuspend
0 13 3 0 204 ffffa6000de44920 pmfevent pmfevent
0 12 3 0 204 ffffa6000de444e0 sopendfree sopendfr
0 11 3 1 204 ffffa6000de440a0 nfssilly nfssilly
0 10 2 1 200 ffffa6000de38900 cachegc
0 9 3 0 204 ffffa6000de384c0 vdrain vdrain
0 8 3 0 200 ffffa6000de38080 modunload mod_unld
0 7 3 0 204 ffffa6000de298e0 xcall/0 xcall
0 6 1 0 200 ffffa6000de294a0 softser/0
0 5 1 0 200 ffffa6000de29060 softclk/0
0 4 1 0 200 ffffa6000de258c0 softbio/0
0 3 1 0 200 ffffa6000de25480 softnet/0
0 2 1 0 201 ffffa6000de25040 idle/0
0 1 2 1 200 ffffffff82b63620 swapper
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor.2):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffa60012066240 type : sleep/adaptive
initialized : 0xffffffff810ea7f3
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa6001232f6c0
last locked* : 0xffffffff810cecc4 unlocked : 0xffffffff810cbb5c
owner field : 000000000000000000 wait/spin: 0/0
Turnstile chain at 0xffffffff82d83c88 with mutex 0xffffa6000d940400.
=> No active turnstile for this lock.
Lock 1 (initialized at uvm_page_init)
lock address : 0xffffffff82d7c740 type : sleep/adaptive
initialized : 0xffffffff810ec2f7
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 1
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa6001232f6c0
last locked* : 0xffffffff810cef4a unlocked : 0xffffffff810cef5e
owner field : 000000000000000000 wait/spin: 0/0
Turnstile chain at 0xffffffff82d83d28 with mutex 0xffffa6000d940900.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.4):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa600121ece00 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 3
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60012314240
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60012314240 flags : 0x0000000000000007
Turnstile chain at 0xffffffff82d83e00 with mutex 0xffffa6000d940fc0.
=> Turnstile at 0xffffa600123193c0 (wrq=0xffffa600123193e0,
rdq=0xffffa600123193f0).
=> 0 waiting readers:
=> 3 waiting writers: 0xffffa600122f4200 0xffffa60013da8320
0xffffa600123216a0
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa60011e8a700 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60012314240
last locked* : 0xffffffff812d3b58 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60012314240 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d20 with mutex 0xffffa6000d9408c0.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.4):
Lock 0 (initialized at amap_alloc)
lock address : 0xffffa60013aeeb80 type : sleep/adaptive
initialized : 0xffffffff810bdd21
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa60013cb1280 last held: 0xffffa60012243980
last locked* : 0xffffffff810cd854 unlocked : 000000000000000000
owner field : 0xffffa60012243980 wait/spin: 0/0
Turnstile chain at 0xffffffff82d83db0 with mutex 0xffffa6000d940d40.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.5):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa60013b22700 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013cb16c0
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60013cb16c0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d20 with mutex 0xffffa6000d9408c0.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa60013e57300 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013cb16c0
last locked* : 0xffffffff812d3c10 unlocked : 000000000000000000
owner/count : 0xffffa60013cb16c0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83ea0 with mutex 0xffffa6000de1c500.
=> No active turnstile for this lock.
Locks held by an LWP (syz-executor.3):
Lock 0 (initialized at vcache_alloc)
lock address : 0xffffa60013b22680 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013c42ae0
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60013c42ae0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d10 with mutex 0xffffa6000d940840.
=> No active turnstile for this lock.
Lock 1 (initialized at vcache_alloc)
lock address : 0xffffa60013830600 type : sleep/adaptive
initialized : 0xffffffff812a6359
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 1
current lwp : 0xffffa60013cb1280 last held: 0xffffa60013c42ae0
last locked* : 0xffffffff812d3c10 unlocked : 0xffffffff812d3acd
owner/count : 0xffffa60013c42ae0 flags : 0x0000000000000004
Turnstile chain at 0xffffffff82d83d00 with mutex 0xffffa6000d9407c0.
=> No active turnstile for this lock.
[Locks tracked through CPUs]
Locks held on CPU 0:
Lock 0 (initialized at com_attach_subr)
lock address : 0xffffa60011e92888 type : spin
initialized : 0xffffffff80a07b8d
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 1 last held: 0
current lwp : 0xffffa60013cb1280 last held: 0xffffa6001232f6c0
last locked* : 0xffffffff80a05c87 unlocked : 0xffffffff80a06db3
owner field : 0x0000000000000800 wait/spin: 0/1
PAGE FLAG PQ UOBJECT UANON
0xffffa60000014180 0048 0000 0x0 0x0
0xffffa600000141f8 0048 0000 0x0 0x0
0xffffa60000014270 0048 0000 0x0 0x0
0xffffa600000142e8 0048 0000 0x0 0x0
0xffffa60000014360 0048 0000 0x0 0x0
0xffffa600000143d8 0048 0000 0x0 0x0
0xffffa60000014450 0040 0000 0x0 0x0
0xffffa600000144c8 0048 0000 0x0 0x0
0xffffa60000014540 0040 0000 0x0 0x0
0xffffa600000145b8 0048 0000 0x0 0x0
0xffffa60000014630 0048 0000 0x0 0x0
0xffffa600000146a8 0048 0000 0x0 0x0
0xffffa60000014720 0048 0000 0x0 0x0
0xffffa60000014798 0048 0000 0x0 0x0
0xffffa60000014810 0048 0000 0x0 0x0
0xffffa60000014888 0040 0000 0x0 0x0
0xffffa60000014900 0048 0000 0x0 0x0
0xffffa60000014978 0040 0000 0x0 0x0
0xffffa600000149f0 0040 0000 0x0 0x0
0xffffa60000014a68 0040 0000 0x0 0x0
0xffffa60000014ae0 0040 0000 0x0 0x0
0xffffa60000014b58 0040 0000 0x0 0x0
0xffffa60000014bd0 0040 0000 0x0 0x0
0xffffa60000014c48 0048 0000 0x0 0x0
0xffffa60000014cc0 0048 0000 0x0 0x0
0xffffa60000014d38 0048 0000 0x0 0x0
0xffffa60000014db0 0048 0000 0x0 0x0
0xffffa60000014e28 0048 0000 0x0 0x0
0xffffa60000014ea0 0048 0000 0x0 0x0
0xffffa60000014f18 0048 0000 0x0 0x0
0xffffa60000014f90 0048 0000 0x0 0x0
0xffffa60000015008 0048 0000 0x0 0x0
0xffffa60000015080 0048 0000 0x0 0x0
0xffffa600000150f8 0048 0000 0x0 0x0
0xffffa60000015170 0048 0000 0x0 0x0
0xffffa600000151e8 0048 0000 0x0 0x0
0xffffa60000015260 0048 0000 0x0 0x0
0xffffa600000152d8 0048 0000 0x0 0x0
0xffffa60000015350 0048 0000 0x0 0x0
0xffffa600000153c8 0048 0000 0x0 0x0
0xffffa60000015440 0048 0000 0x0 0x0
0xffffa600000154b8 0048 0000 0x0 0x0
0xffffa60000015530 0048 0000 0x0 0x0
0xffffa600000155a8 0048 0000 0x0 0x0
0xffffa60000015620 0048 0000 0x0 0x0
0xffffa60000015698 0048 0000 0x0 0x0
0xffffa60000015710 0048 0000 0x0 0x0
0xffffa60000015788 0048 0000 0x0 0x0
0xffffa60000015800 0048 0000 0x0 0x0
0xffffa60000015878 0048 0000 0x0 0x0
0xffffa600000158f0 0048 0000 0x0 0x0
0xffffa60000015968 0048 0000 0x0 0x0
0xffffa600000159e0 0048 0000 0x0 0x0
0xffffa60000015a58 0048 0000 0x0 0x0
0xffffa60000015ad0 0048 0000 0x0 0x0
0xffffa60000015b48 0048 0000 0x0 0x0
0xffffa60000015bc0 0048 0000 0x0 0x0
0xffffa60000015c38 0048 0000 0x0 0x0
0xffffa60000015cb0 0048 0000 0x0 0x0
0xffffa60000015d28 0048 0000 0x0 0x0
0xffffa60000015da0 0048 0000 0x0 0x0
0xffffa60000015e18 0048 0000 0x0 0x0
0xffffa60000015e90 0048 0000 0x0 0x0
0xffffa60000015f08 0048 0000 0x0 0x0
0xffffa60000015f80 0048 0000 0x0 0x0
0xffffa60000015ff8 0048 0000 0x0 0x0
0xffffa60000016070 0048 0000 0x0 0x0
0xffffa600000160e8 0040 0000 0x0 0x0
0xffffa60000016160 0041 0000 0x0 0x0
0xffffa600000161d8 0041 0000 0x0 0x0
0xffffa60000016250 0048 0000 0x0 0x0
0xffffa600000162c8 0048 0000 0x0 0x0
0xffffa60000016340 0048 0000 0x0 0x0
0xffffa600000163b8 0048 0000 0x0 0x0
0xffffa60000016430 0040 0000 0x0 0x0
0xffffa600000164a8 0041 0000 0x0 0x0
0xffffa60000016520 0041 0000 0x0 0x0
0xffffa60000016598 0041 0000 0x0 0x0
0xffffa60000016610 0048 0000 0x0 0x0
0xffffa60000016688 0040 0000 0x0 0x0
0xffffa60000016700 0040 0000 0x0 0x0
0xffffa60000016778 0048 0000 0x0 0x0
0xffffa600000167f0 0041 0000 0x0 0x0
0xffffa60000016868 0041 0000 0x0 0x0
0xffffa600000168e0 0048 0000 0x0 0x0
0xffffa60000016958 0048 0000 0x0 0x0
0xffffa600000169d0 0041 0000 0x0 0x0
0xffffa60000016a48 0041 0000 0x0 0x0
0xffffa60000016ac0 0041 0000 0x0 0x0
0xffffa60000016b38 0040 0000 0x0 0x0
0xffffa60000016bb0 0041 0000 0x0 0x0
0xffffa60000016c28 0048 0000 0x0 0x0
0xffffa60000016ca0 0048 0000 0x0 0x0
0xffffa60000016d18 0048 0000 0x0 0x0
0xffffa60000016d90 0041 0000 0x0 0x0
0xffffa60000016e08 0041 0000 0x0 0x0
0xffffa60000016e80 0041 0000 0x0 0x0
0xffffa60000016ef8 0041 0000 0x0 0x0
0xffffa60000016f70 0048 0000 0x0 0x0
0xffffa60000016fe8 0048 0000 0x0 0x0
0xffffa60000017060 0048 0000 0x0 0x0
0xffffa600000170d8 0048 0000 0x0 0x0
0xffffa60000017150 0048 0000 0x0 0x0
0xffffa600000171c8 0048 0000 0x0 0x0
0xffffa60000017240 0048 0000 0x0 0x0
0xffffa600000172b8 0041 0000 0x0 0x0
0xffffa60000017330 0048 0000 0x0 0x0
0xffffa600000173a8 0048 0000 0x0 0x0
0xffffa60000017420 0048 0000 0x0 0x0
0xffffa60000017498 0048 0000 0x0 0x0
0xffffa60000017510 0048 0000 0x0 0x0
0xffffa60000017588 0048 0000 0x0 0x0
0xffffa60000017600 0048 0000 0x0 0x0
0xffffa60000017678 0048 0000 0x0 0x0
0xffffa600000176f0 0048 0000 0x0 0x0
0xffffa60000017768 0048 0000 0x0 0x0
0xffffa600000177e0 0048 0000 0x0 0x0
0xffffa60000017858 0048 0000 0x0 0x0
0xffffa600000178d0 0048 0000 0x0 0x0
0xffffa60000017948 0048 0000 0x0 0x0
0xffffa600000179c0 0048 0000 0x0 0x0
0xffffa60000017a38 0048 0000 0x0 0x0
0xffffa60000017ab0 0048 0000 0x0 0x0
0xffffa60000017b28 0048 0000 0x0 0x0
0xffffa60000017ba0 0048 0000 0x0 0x0
0xffffa60000017c18 0048 0000 0x0 0x0
0xffffa60000017c90 0048 0000 0x0 0x0
0xffffa60000017d08 0048 0000 0x0 0x0
0xffffa60000017d80 0048 0000 0x0 0x0
0xffffa60000017df8 0048 0000 0x0 0x0
0xffffa60000017e70 0048 0000 0x0 0x0
0xffffa60000017ee8 0048 0000 0x0 0x0
0xffffa60000017f60 0048 0000 0x0 0x0
0xffffa60000017fd8 0048 0000 0x0 0x0
0xffffa60000018050 0048 0000 0x0 0x0
0xffffa600000180c8 0048 0000 0x0 0x0
0xffffa60000018140 0048 0000 0x0 0x0
0xffffa600000181b8 0048 0000 0x0 0x0
0xffffa60000018230 0048 0000 0x0 0x0
0xffffa600000182a8 0048 0000 0x0 0x0
0xffffa60000018320 0048 0000 0x0 0x0
0xffffa60000018398 0048 0000 0x0 0x0
0xffffa60000018410 0048 0000 0x0 0x0
0xffffa60000018488 0048 0000 0x0 0x0
0xffffa60000018500 0048 0000 0x0 0x0
0xffffa60000018578 0048 0000 0x0 0x0
0xffffa600000185f0 0048 0000 0x0 0x0
0xffffa60000018668 0048 0000 0x0 0x0
0xffffa600000186e0 0048 0000 0x0 0x0
0xffffa60000018758 0048 0000 0x0 0x0
0xffffa600000187d0 0048 0000 0x0 0x0
0xffffa60000018848 0048 0000 0x0 0x0
0xffffa600000188c0 0048 0000 0x0 0x0
0xffffa60000018938 0048 0000 0x0 0x0
0xffffa600000189b0 0048 0000 0x0 0x0
0xffffa60000018a28 0048 0000 0x0 0x0
0xffffa60000018aa0 0048 0000 0x0 0x0
0xffffa60000018b18 0048 0000 0x0 0x0
0xffffa60000018b90 0048 0000 0x0 0x0
0xffffa60000018c08 0048 0000 0x0 0x0
0xffffa60000018c80 0048 0000 0x0 0x0
0xffffa60000018cf8 0048 0000 0x0 0x0
0xffffa60000018d70 0048 0000 0x0 0x0
0xffffa60000018de8 0048 0000 0x0 0x0
0xffffa60000018e60 0048 0000 0x0 0x0
0xffffa60000018ed8 0048 0000 0x0 0x0
0xffffa60000018f50 0048 0000 0x0 0x0
0xffffa60000018fc8 0048 0000 0x0 0x0
0xffffa60000019040 0048 0000 0x0 0x0
0xffffa600000190b8 0048 0000 0x0 0x0
0xffffa60000019130 0048 0000 0x0 0x0
0xffffa600000191a8 0048 0000 0x0 0x0
0xffffa60000019220 0048 0000 0x0 0x0
0xffffa60000019298 0048 0000 0x0 0x0
0xffffa60000019310 0048 0000 0x0 0x0
0xffffa60000019388 0048 0000 0x0 0x0
0xffffa60000019400 0048 0000 0x0 0x0
0xffffa60000019478 0048 0000 0x0 0x0
0xffffa600000194f0 0048 0000 0x0 0x0
0xffffa60000019568 0048 0000 0x0 0x0
0xffffa600000195e0 0048 0000 0x0 0x0
0xffffa60000019658 0048 0000 0x0 0x0
0xffffa600000196d0 0048 0000 0x0 0x0
0xffffa60000019748 0048 0000 0x0 0x0
0xffffa600000197c0 0048 0000 0x0 0x0
0xffffa60000019838 0048 0000 0x0 0x0
0xffffa600000198b0 0048 0000 0x0 0x0
0xffffa60000019928 0048 0000 0x0 0x0
0xffffa600000199a0 0048 0000 0x0 0x0
0xffffa60000019a18 0048 0000 0x0 0x0
0xffffa60000019a90 0048 0000 0x0 0x0
0xffffa60000019b08 0048 0000 0x0 0x0
0xffffa60000019b80 0048 0000 0x0 0x0
0xffffa60000019bf8 0048 0000 0x0 0x0
0xffffa60000019c70 0048 0000 0x0 0x0
0xffffa60000019ce8 0048 0000 0x0 0x0
0xffffa60000019d60 0048 0000 0x0 0x0
0xffffa60000019dd8 0048 0000 0x0 0x0
0xffffa60000019e50 0048 0000 0x0 0x0
0xffffa60000019ec8 0048 0000 0x0 0x0
0xffffa60000019f40 0048 0000 0x0 0x0
0xffffa60000019fb8 0048 0000 0x0 0x0
0xffffa6000001a030 0048 0000 0x0 0x0
0xffffa6000001a0a8 0048 0000 0x0 0x0
0xffffa6000001a120 0048 0000 0x0 0x0
0xffffa6000001a198 0048 0000 0x0 0x0
0xffffa6000001a210 0048 0000 0x0 0x0
0xffffa6000001a288 0048 0000 0x0 0x0
0xffffa6000001a300 0048 0000 0x0 0x0
0xffffa6000001a378 0048 0000 0x0 0x0
0xffffa6000001a3f0 0048 0000 0x0 0x0
0xffffa6000001a468 0048 0000 0x0 0x0
0xffffa6000001a4e0 0048 0000 0x0 0x0
0xffffa6000001a558 0048 0000 0x0 0x0
0xffffa6000001a5d0 0048 0000 0x0 0x0
0xffffa6000001a648 0048 0000 0x0 0x0
0xffffa6000001a6c0 0048 0000 0x0 0x0
0xffffa6000001a738 0048 0000 0x0 0x0
0xffffa6000001a7b0 0048 0000 0x0 0x0
0xffffa6000001a828 0048 0000 0x0 0x0
0xffffa6000001a8a0 0048 0000 0x0 0x0
0xffffa6000001a918 0048 0000 0x0 0x0
0xffffa6000001a990 0048 0000 0x0 0x0
0xffffa6000001aa08 0048 0000 0x0 0x0
0xffffa6000001aa80 0048 0000 0x0 0x0
0xffffa6000001aaf8 0048 0000 0x0 0x0
0xffffa6000001ab70 0048 0000 0x0 0x0
0xffffa6000001abe8 0048 0000 0x0 0x0
0xffffa6000001ac60 0048 0000 0x0 0x0
0xffffa6000001acd8 0048 0000 0x0 0x0
0xffffa6000001ad50 0048 0000 0x0 0x0
0xffffa6000001adc8 0048 0000 0x0 0x0
0xffffa6000001ae40 0048 0000 0x0 0x0
0xffffa6000001aeb8 0048 0000 0x0 0x0
0xffffa6000001af30 0008 0000 0x0 0x0
0xffffa6000001afa8 0008 0000 0x0 0x0
0xffffa6000001b020 0008 0000 0x0 0x0
0xffffa6000001b098 0008 0000 0x0 0x0
0xffffa6000001b110 0008 0000 0x0 0x0
0xffffa6000001b188 0008 0000 0x0 0x0
0xffffa6000001b200 0008 0000 0x0 0x0
0xffffa6000001b278 0008 0000 0x0 0x0
0xffffa6000001b2f0 0008 0000 0x0 0x0
0xffffa6000001b368 0008 0000 0x0 0x0
0xffffa6000001b3e0 0008 0000 0x0 0x0
0xffffa6000001b458 0008 0000 0x0 0x0
0xffffa6000001b4d0 0008 0000 0x0 0x0
0xffffa6000001b548 0008 0000 0x0 0x0
0xffffa6000001b5c0 0008 0000 0x0 0x0
0xffffa6000001b638 0008 0000 0x0 0x0
0xffffa6000001b6b0 0008 0000 0x0 0x0
0xffffa6000001b728 0008 0000 0x0 0x0
0xffffa6000001b7a0 0008 0000 0x0 0x0
0xffffa6000001b818 0008 0000 0x0 0x0
0xffffa6000001b890 0008 0000 0x0 0x0
0xffffa6000001b908 0008 0000 0x0 0x0
0xffffa6000001b980 0008 0000 0x0 0x0
0xffffa6000001b9f8 0008 0000 0x0 0x0
0xffffa6000001ba70 0008 0000 0x0 0x0
0xffffa6000001bae8 0008 0000 0x0 0x0
0xffffa6000001bb60 0008 0000 0x0 0x0
0xffffa6000001bbd8 0008 0000 0x0 0x0
0xffffa6000001bc50 0008 0000 0x0 0x0
0xffffa6000001bcc8 0008 0000 0x0 0x0
0xffffa6000001bd40 0008 0000 0x0 0x0
0xffffa6000001bdb8 0008 0000 0x0 0x0
0xffffa6000001be30 0008 0000 0x0 0x0
0xffffa6000001bea8 0008 0000 0x0 0x0
0xffffa6000001bf20 0008 0000 0x0 0x0
0xffffa6000001bf98 0008 0000 0x0 0x0
0xffffa6000001c010 0008 0000 0x0 0x0
0xffffa6000001c088 0008 0000 0x0 0x0
0xffffa6000001c100 0008 0000 0x0 0x0
0xffffa6000001c178 0008 0000 0x0 0x0
0xffffa6000001c1f0 0008 0000 0x0 0x0
0xffffa6000001c268 0008 0000 0x0 0x0
0xffffa6000001c2e0 0008 0000 0x0 0x0
0xffffa6000001c358 0008 0000 0x0 0x0
0xffffa6000001c3d0 0008 0000 0x0 0x0
0xffffa6000001c448 0008 0000 0x0 0x0
0xffffa6000001c4c0 0008 0000 0x0 0x0
0xffffa6000001c538 0008 0000 0x0 0x0
0xffffa6000001c5b0 0008 0000 0x0 0x0
0xffffa6000001c628 0008 0000 0x0 0x0
0xffffa6000001c6a0 0008 0000 0x0 0x0
0xffffa6000001c718 0008 0000 0x0 0x0
0xffffa6000001c790 0008 0000 0x0 0x0
0xffffa6000001c808 0008 0000 0x0 0x0
0xffffa6000001c880 0048 0000 0x0 0x0
0xffffa6000001c8f8 0048 0000 0x0 0x0
0xffffa6000001c970 0048 0000 0x0 0x0
0xffffa6000001c9e8 0048 0000 0x0 0x0
0xffffa6000001ca60 0048 0000 0x0 0x0
0xffffa6000001cad8 0048 0000 0x0 0x0
0xffffa6000001cb50 0048 0000 0x0 0x0
0xffffa6000001cbc8 0048 0000 0x0 0x0
0xffffa6000001cc40 0048 0000 0x0 0x0
0xffffa6000001ccb8 0048 0000 0x0 0x0
0xffffa6000001cd30 0048 0000 0x0 0x0
0xffffa6000001cda8 0048 0000 0x0 0x0
0xffffa6000001ce20 0048 0000 0x0 0x0
0xffffa6000001ce98 0048 0000 0x0 0x0
0xffffa6000001cf10 0048 0000 0x0 0x0
0xffffa6000001cf88 0048 0000 0x0 0x0
0xffffa6000001d000 0048 0000 0x0 0x0
0xffffa6000001d078 0048 0000 0x0 0x0
0xffffa6000001d0f0 0048 0000 0x0 0x0
0xffffa6000001d168 0048 0000 0x0 0x0
0xffffa6000001d1e0 0048 0000 0x0 0x0
0xffffa6000001d258 0048 0000 0x0 0x0
0xffffa6000001d2d0 0048 0000 0x0 0x0
0xffffa6000001d348 0048 0000 0x0 0x0
0xffffa6000001d3c0 0048 0000 0x0 0x0
0xffffa6000001d438 0048 0000 0x0 0x0
0xffffa6000001d4b0 0048 0000 0x0 0x0
0xffffa6000001d528 0048 0000 0x0 0x0
0xffffa6000001d5a0 0048 0000 0x0 0x0
0xffffa6000001d618 0048 0000 0x0 0x0
0xffffa6000001d690 0048 0000 0x0 0x0
0xffffa6000001d708 0048 0000 0x0 0x0
0xffffa6000001d780 0048 0000 0x0 0x0
0xffffa6000001d7f8 0048 0000 0x0 0x0
0xffffa6000001d870 0048 0000 0x0 0x0
0xffffa6000001d8e8 0048 0000 0x0 0x0
0xffffa6000001d960 0048 0000 0x0 0x0
0xffffa6000001d9d8 0048 0000 0x0 0x0
0xffffa6000001da50 0048 0000 0x0 0x0
0xffffa6000001dac8 0048 0000 0x0 0x0
0xffffa6000001db40 0048 0000 0x0 0x0
0xffffa6000001dbb8 0048 0000 0x0 0x0
0xffffa6000001dc30 0008 0000 0x0 0x0
0xffffa6000001dca8 0008 0000 0x0 0x0
0xffffa6000001dd20 0008 0000 0x0 0x0
0xffffa6000001dd98 0008 0000 0x0 0x0
0xffffa6000001de10 0008 0000 0x0 0x0
0xffffa6000001de88 0008 0000 0x0 0x0
0xffffa6000001df00 0008 0000 0x0 0x0
0xffffa6000001df78 0008 0000 0x0 0x0
0xffffa6000001dff0 0008 0000 0x0 0x0
0xffffa6000001e068 0008 0000 0x0 0x0
0xffffa6000001e0e0 0008 0000 0x0 0x0
0xffffa6000001e158 0008 0000 0x0 0x0
0xffffa6000001e1d0 0008 0000 0x0 0x0
0xffffa6000001e248 0008 0000 0x0 0x0
0xffffa6000001e2c0 0008 0000 0x0 0x0
0xffffa6000001e338 0008 0000 0x0 0x0
0xffffa6000001e3b0 0008 0000 0x0 0x0
0xffffa6000001e428 0008 0000 0x0 0x0
0xffffa6000001e4a0 0008 0000 0x0 0x0
0xffffa6000001e518 0008 0000 0x0 0x0
0xffffa6000001e590 0008 0000 0x0 0x0
0xffffa6000001e608 0008 0000 0x0 0x0
0xffffa6000001e680 0008 0000 0x0 0x0
0xffffa6000001e6f8 0008 0000 0x0 0x0
0xffffa6000001e770 0008 0000 0x0 0x0
0xffffa6000001e7e8 0008 0000 0x0 0x0
0xffffa6000001e860 0008 0000 0x0 0x0
0xffffa6000001e8d8 0008 0000 0x0 0x0
0xffffa6000001e950 0008 0000 0x0 0x0
0xffffa6000001e9c8 0008 0000 0x0 0x0
0xffffa6000001ea40 0008 0000 0x0 0x0
0xffffa6000001eab8 0008 0000 0x0 0x0
0xffffa6000001eb30 0008 0000 0x0 0x0
0xffffa6000001eba8 0008 0000 0x0 0x0
0xffffa6000001ec20 0008 0000 0x0 0x0
0xffffa6000001ec98 0008 0000 0x0 0x0
0xffffa6000001ed10 0008 0000 0x0 0x0
0xffffa6000001ed88 0008 0000 0x0 0x0
0xffffa6000001ee00 0008 0000 0x0 0x0
0xffffa6000001ee78 0008 0000 0x0 0x0
0xffffa6000001eef0 0008 0000 0x0 0x0
0xffffa6000001ef68 0008 0000 0x0 0x0
0xffffa6000001efe0 0008 0000 0x0 0x0
0xffffa6000001f058 0008 0000 0x0 0x0
0xffffa6000001f0d0 0008 0000 0x0 0x0
0xffffa6000001f148 0008 0000 0x0 0x0
0xffffa6000001f1c0 0008 0000 0x0 0x0
0xffffa6000001f238 0008 0000 0x0 0x0
0xffffa6000001f2b0 0008 0000 0x0 0x0
0xffffa6000001f328 0008 0000 0x0 0x0
0xffffa6000001f3a0 0008 0000 0x0 0x0
0xffffa6000001f418 0008 0000 0x0 0x0
0xffffa6000001f490 0008 0000 0x0 0x0
0xffffa6000001f508 0008 0000 0x0 0x0
0xffffa6000001f580 0048 0000 0x0 0x0
0xffffa6000001f5f8 0048 0000 0x0 0x0
0xffffa6000001f670 0048 0000 0x0 0x0
0xffffa6000001f6e8 0048 0000 0x0 0x0
0xffffa6000001f760 0048 0000 0x0 0x0
0xffffa6000001f7d8 0048 0000 0x0 0x0
0xffffa6000001f850 0048 0000 0x0 0x0
0xffffa6000001f8c8 0048 0000 0x0 0x0
0xffffa6000001f940 0048 0000 0x0 0x0
0xffffa6000001f9b8 0048 0000 0x0 0x0
0xffffa6000001fa30 0048 0000 0x0 0x0
0xffffa6000001faa8 0048 0000 0x0 0x0
0xffffa6000001fb20 0048 0000 0x0 0x0
0xffffa6000001fb98 0048 0000 0x0 0x0
0xffffa6000001fc10 0048 0000 0x0 0x0
0xffffa6000001fc88 0048 0000 0x0 0x0
0xffffa6000001fd00 0048 0000 0x0 0x0
0xffffa6000001fd78 0048 0000 0x0 0x0
0xffffa6000001fdf0 0048 0000 0x0 0x0
0xffffa6000001fe68 0048 0000 0x0 0x0
0xffffa6000001fee0 0048 0000 0x0 0x0
0xffffa6000001ff58 0048 0000 0x0 0x0
0xffffa6000001ffd0 0048 0000 0x0 0x0
0xffffa60000020048 0048 0000 0x0 0x0
0xffffa600000200c0 0048 0000 0x0 0x0
0xffffa60000020138 0048 0000 0x0 0x0
0xffffa600000201b0 0048 0000 0x0 0x0
0xffffa60000020228 0048 0000 0x0 0x0
0xffffa600000202a0 0040 0000 0x0 0x0
0xffffa60000020318 0040 0000 0x0 0x0
0xffffa60000020390 0048 0000 0x0 0x0
0xffffa60000020408 0040 0000 0x0 0x0
0xffffa60000020480 0040 0000 0x0 0x0
0xffffa600000204f8 0048 0000 0x0 0x0
0xffffa60000020570 0048 0000 0x0 0x0
0xffffa600000205e8 0048 0000 0x0 0x0
0xffffa60000020660 0040 0000 0x0 0x0
0xffffa600000206d8 0040 0000 0x0 0x0
0xffffa60000020750 0040 0000 0x0 0x0
0xffffa600000207c8 0040 0000 0x0 0x0
0xffffa60000020840 0040 0000 0x0 0x0
0xffffa600000208b8 0048 0000 0x0 0x0
0xffffa60000020930 0048 0000 0x0 0x0
0xffffa600000209a8 0008 0000 0x0 0x0
0xffffa60000020a20 0008 0000 0x0 0x0
0xffffa60000020a98 0008 0000 0x0 0x0
0xffffa60000020b10 0008 0000 0x0 0x0
0xffffa60000020b88 0008 0000 0x0 0x0
0xffffa60000020c00 0008 0000 0x0 0x0
0xffffa60000020c78 0008 0000 0x0 0x0
0xffffa60000020cf0 0008 0000 0x0 0x0
0xffffa60000020d68 0008 0000 0x0 0x0
0xffffa60000020de0 0008 0000 0x0 0x0
0xffffa60000020e58 0008 0000 0x0 0x0
0xffffa60000020ed0 0008 0000 0x0 0x0
0xffffa60000020f48 0008 0000 0x0 0x0
0xffffa60000020fc0 0008 0000 0x0 0x0
0xffffa60000021038 0008 0000 0x0 0x0
0xffffa600000210b0 0008 0000 0x0 0x0
0xffffa60000021128 0008 0000 0x0 0x0
0xffffa600000211a0 0008 0000 0x0 0x0
0xffffa60000021218 0008 0000 0x0 0x0
0xffffa60000021290 0008 0000 0x0 0x0
0xffffa60000021308 0008 0000 0x0 0x0
0xffffa60000021380 0008 0000 0x0 0x0
0xffffa600000213f8 0008 0000 0x0 0x0
0xffffa60000021470 0008 0000 0x0 0x0
0xffffa600000214e8 0008 0000 0x0 0x0
0xffffa60000021560 0008 0000 0x0 0x0
0xffffa600000215d8 0008 0000 0x0 0x0
0xffffa60000021650 0008 0000 0x0 0x0
0xffffa600000216c8 0008 0000 0x0 0x0
0xffffa60000021740 0008 0000 0x0 0x0
0xffffa600000217b8 0008 0000 0x0 0x0
0xffffa60000021830 0008 0000 0x0 0x0
0xffffa600000218a8 0008 0000 0x0 0x0
0xffffa60000021920 0008 0000 0x0 0x0
0xffffa60000021998 0008 0000 0x0 0x0
0xffffa60000021a10 0008 0000 0x0 0x0
0xffffa60000021a88 0008 0000 0x0 0x0
0xffffa60000021b00 0008 0000 0x0 0x0
0xffffa60000021b78 0008 0000 0x0 0x0
0xffffa60000021bf0 0008 0000 0x0 0x0
0xffffa60000021c68 0008 0000 0x0 0x0
0xffffa60000021ce0 0008 0000 0x0 0x0
0xffffa60000021d58 0008 0000 0x0 0x0
0xffffa60000021dd0 0008 0000 0x0 0x0
0xffffa60000021e48 0008 0000 0x0 0x0
0xffffa60000021ec0 0008 0000 0x0 0x0
0xffffa60000021f38 0008 0000 0x0 0x0
0xffffa60000021fb0 0008 0000 0x0 0x0
0xffffa60000022028 0008 0000 0x0 0x0
0xffffa600000220a0 0008 0000 0x0 0x0
0xffffa60000022118 0008 0000 0x0 0x0
0xffffa60000022190 0008 0000 0x0 0x0
0xffffa60000022208 0008 0000 0x0 0x0
0xffffa60000022280 0008 0000 0x0 0x0
0xffffa600000222f8 0040 0000 0x0 0x0
0xffffa60000022370 0040 0000 0x0 0x0
0xffffa600000223e8 0040 0000 0x0 0x0
0xffffa60000022460 0040 0000 0x0 0x0
0xffffa600000224d8 0040 0000 0x0 0x0
0xffffa60000022550 0040 0000 0x0 0x0
0xffffa600000225c8 0040 0000 0x0 0x0
0xffffa60000022640 0040 0000 0x0 0x0
0xffffa600000226b8 0040 0000 0x0 0x0
0xffffa60000022730 0040 0000 0x0 0x0
0xffffa600000227a8 0040 0000
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Maxime Villard
Dec 12, 2019, 4:00:13 AM12/12/19
to syzbot, syzkaller-...@googlegroups.com
dismiss
#syz invalid
#syz invalid
Reply all
Reply to author
Forward
0 new messages