Warning: Permanently added '10.128.0.204' (ECDSA) to the list of known hosts. 2020/01/12 21:48:56 parsed 1 programs 2020/01/12 21:48:56 executed programs: 0 2020/01/12 21:49:01 executed programs: 64 2020/01/12 21:49:06 executed programs: 132 2020/01/12 21:49:12 executed programs: 198 login: [ 71.8768855] panic: fatal page fault in supervisor mode [ 71.8768855] ASan: Unauthorized Access In 0xffffffff811784c5: Addr 0xffffbc0011cd16f8 [8 bytes, read, PoolUseAfterFree] [ 71.8768855] trap type 6 code 0 rip 0xffffffff811db8d4 cs 0x8 rflags 0x10283 cr2 0xffff900000000007 ilevel 0x8 rsp 0xffffbc016da97d20 [ 71.8768855] curlwp 0xffffbc000de1f8c0 pid 0.4 lowest kstack 0xffffbc016da902c0 k[ e rn71e.l8:7 p68a8g5e 5]fa fualtt alt rappa,g ec fodaeu=lt0 [Stopped in pid 0.4 (system) at netbsd:__asan_load8+0x62: movzbl 0(%rax),%r8d ? __asan_load8() at netbsd:__asan_load8+0x62 sleepq_remove() at netbsd:sleepq_remove+0x262 cv_wakeup_one() at netbsd:cv_wakeup_one+0xfc cv_signal() at netbsd:cv_signal+0x88 workqueue_enqueue() at netbsd:workqueue_enqueue+0x158 biodone2() at netbsd:biodone2+0x17e biointr() at netbsd:biointr+0xe6 softint_dispatch() at netbsd:softint_dispatch+0x264 DDB lost frame for netbsd:Xsoftintr+0x5a, trying 0xffffbc016da97ff0 Xsoftintr() at netbsd:Xsoftintr+0x5a --- interrupt --- 0: ds 7d30 es cbea fs 3060 gs 2bb4 rdi 38 rsi 7 rbp ffffbc016da97d30 rbx ffffbc0011c52ae0 rdx 800000000000 rcx ffffffff811a8477 sleepq_remove+0x262 rax ffff900000000007 r8 0 r9 3f r10 7 r11 1ffff7802db126f0 r12 0 r13 38 r14 1b4f r15 ffffbc0011c52b34 rip ffffffff811db8d4 __asan_load8+0x62 cs 8 rflags 10283 rsp ffffbc016da97d20 ss 10 netbsd:__asan_load8+0x62: movzbl 0(%rax),%r8d PID LID S CPU FLAGS STRUCT LWP * NAME WAIT 1401 4 3 1 80 ffffbc001299b780 syz-executor.0 parked 1401 3 3 0 80 ffffbc0012a5fa20 syz-executor.0 parked 1401 1 2 0 10000000 ffffbc00129aa480 syz-executor.0 1364 > 1 7 1 20000000 ffffbc0011c81b00 syz-executor.4 1451 1 2 0 40000 ffffbc001297b320 syz-executor.1 1487 1 2 0 40000 ffffbc0011fb96e0 syz-executor.3 607 1 3 1 80 ffffbc00137d6280 syz-executor.4 nanoslp 497 1 2 1 0 ffffbc00137a66a0 syz-executor.5 600 1 3 -1 0 ffffbc00137a6260 syz-executor.1 45 1 3 1 4 ffffbc0013785ac0 syz-executor.2 biowait 357 1 3 1 80 ffffbc0013785680 syz-executor.3 nanoslp 533 1 3 1 80 ffffbc0013785240 syz-executor.0 nanoslp 594 10 3 0 80 ffffbc001377caa0 syz-execprog parked 594 9 3 1 80 ffffbc001377c660 syz-execprog parked 594 8 3 1 80 ffffbc001377c220 syz-execprog kqueue 594 7 3 1 80 ffffbc0013777a80 syz-execprog parked 594 6 3 1 80 ffffbc000f3c49c0 syz-execprog parked 594 5 3 0 80 ffffbc0013777200 syz-execprog parked 594 4 3 0 80 ffffbc0012a52a00 syz-execprog parked 594 3 3 1 80 ffffbc0012a52180 syz-execprog parked 594 2 3 0 80 ffffbc0012a455a0 syz-execprog nanoslp 594 1 3 1 80 ffffbc001295f300 syz-execprog parked 41 1 3 1 80 ffffbc0011ae2160 sshd select 496 1 3 1 80 ffffbc0012a2e120 getty nanoslp 535 1 3 0 80 ffffbc0012a3c580 getty nanoslp 510 1 3 1 80 ffffbc0012a3c140 getty nanoslp 558 1 3 1 80 ffffbc0012a26540 getty ttyraw 539 1 3 0 80 ffffbc0011eb19a0 cron nanoslp 484 1 3 1 80 ffffbc00129aa8c0 inetd kqueue 317 1 3 0 80 ffffbc0011fb92a0 sshd select 442 1 3 1 80 ffffbc0011eff600 powerd kqueue 327 > 1 7 0 20040000 ffffbc0011e9d540 makemandb 278 1 3 1 80 ffffbc001297bba0 syslogd kqueue 268 1 3 0 80 ffffbc0011f111e0 dhcpcd kqueue 220 1 3 0 80 ffffbc0011e25080 dhcpcd kqueue 1 1 3 0 80 ffffbc0011bfcaa0 init wait 0 58 3 0 204 ffffbc0011c12680 physiod physiod 0 57 3 -1 200 ffffbc0011c52ae0 aiodoned 0 56 3 0 204 ffffbc0011c526a0 pooldrain pooldrain 0 55 3 1 200 ffffbc0011c52260 ioflush syncer 0 54 3 1 200 ffffbc0011c12ac0 pgdaemon pgdaemon 0 51 3 1 200 ffffbc0011c12240 npfgc-0 npfgccv 0 50 3 1 204 ffffbc0011bfc660 rt_free rt_free 0 49 3 1 204 ffffbc0011bfc220 unpgc unpgc 0 48 3 0 204 ffffbc0011bf5a80 key_timehandler key_timehandler 0 47 3 1 204 ffffbc0011bf5640 icmp6_wqinput/1 icmp6_wqinput 0 46 3 0 204 ffffbc0011bf5200 icmp6_wqinput/0 icmp6_wqinput 0 45 3 1 204 ffffbc0011b0ca60 nd6_timer nd6_timer 0 44 3 1 204 ffffbc0011b0c620 carp6_wqinput/1 carp6_wqinput 0 43 3 0 204 ffffbc0011b0c1e0 carp6_wqinput/0 carp6_wqinput 0 42 3 1 204 ffffbc0011af7a40 carp_wqinput/1 carp_wqinput 0 41 3 0 204 ffffbc0011af7600 carp_wqinput/0 carp_wqinput 0 40 3 1 204 ffffbc0011af71c0 icmp_wqinput/1 icmp_wqinput 0 39 3 0 204 ffffbc0011ae7a20 icmp_wqinput/0 icmp_wqinput 0 38 3 1 204 ffffbc0011ae75e0 rt_timer rt_timer 0 37 3 0 204 ffffbc0011ae4a00 vmem_rehash vmem_rehash 0 27 3 0 204 ffffbc000f3c4580 scsibus0 sccomp 0 26 3 0 200 ffffbc000f3c4140 pms0 pmsreset 0 25 3 1 204 ffffbc000f3359a0 xcall/1 xcall 0 24 1 1 200 ffffbc000f335560 softser/1 0 > 23 7 1 20000200 ffffbc000f335120 softclk/1 0 22 1 1 200 ffffbc000f331980 softbio/1 0 21 1 1 200 ffffbc000f331540 softnet/1 0 20 1 1 201 ffffbc000f331100 idle/1 0 19 3 0 204 ffffbc000de52960 lnxpwrwq lnxpwrwq 0 18 3 0 204 ffffbc000de52520 lnxlngwq lnxlngwq 0 17 3 0 204 ffffbc000de520e0 lnxsyswq lnxsyswq 0 16 3 0 204 ffffbc000de4d940 lnxrcugc lnxrcugc 0 15 3 0 204 ffffbc000de4d500 sysmon smtaskq 0 14 3 0 204 ffffbc000de4d0c0 pmfsuspend pmfsuspend 0 13 3 0 204 ffffbc000de3e920 pmfevent pmfevent 0 12 3 0 204 ffffbc000de3e4e0 sopendfree sopendfr 0 11 3 0 204 ffffbc000de3e0a0 nfssilly nfssilly 0 10 3 0 200 ffffbc000de32900 cachegc cachegc 0 9 3 0 204 ffffbc000de324c0 vdrain vdrain 0 8 3 1 200 ffffbc000de32080 modunload mod_unld 0 7 3 0 204 ffffbc000de228e0 xcall/0 xcall 0 6 1 0 200 ffffbc000de224a0 softser/0 0 5 1 0 200 ffffbc000de22060 softclk/0 0 > 4 7 0 20000200 ffffbc000de1f8c0 softbio/0 0 3 1 0 200 ffffbc000de1f480 softnet/0 0 2 1 0 201 ffffbc000de1f040 idle/0 0 1 3 0 200 ffffffff82b66bc0 swapper uvm [Locks tracked through LWPs] Locks held by an LWP (syz-executor.1): Lock 0 (initialized at amap_ctor) lock address : 0xffffbc0013795ac0 type : sleep/adaptive initialized : 0xffffffff810de605 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc001297b320 last locked* : 0xffffffff810ed1a4 unlocked : 0xffffffff810eb24c owner field : 0xffffbc001297b320 wait/spin: 0/0 Turnstile chain at 0xffffffff82d8ca18 with mutex 0xffffffff82d8c180. => No active turnstile for this lock. Lock 1 (initialized at pmap_ctor) lock address : 0xffffbc0011ef8f80 type : sleep/adaptive initialized : 0xffffffff80276a34 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc001297b320 last locked* : 0xffffffff80278fdc unlocked : 0xffffffff802799e8 owner field : 0xffffbc001297b320 wait/spin: 0/0 Turnstile chain at 0xffffffff82d8c8b0 with mutex 0xffffffff82d8b640. => No active turnstile for this lock. Locks held by an LWP (syz-executor.3): Lock 0 (initialized at amap_ctor) lock address : 0xffffbc00137954c0 type : sleep/adaptive initialized : 0xffffffff810de605 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc0011fb96e0 last locked* : 0xffffffff810ed1a4 unlocked : 0xffffffff810e19d7 owner field : 0xffffbc0011fb96e0 wait/spin: 0/0 Turnstile chain at 0xffffffff82d8c958 with mutex 0xffffffff82d8bb80. => No active turnstile for this lock. Lock 1 (initialized at pmap_ctor) lock address : 0xffffbc0011fbed80 type : sleep/adaptive initialized : 0xffffffff80276a34 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc0011fb96e0 last locked* : 0xffffffff80278fdc unlocked : 0xffffffff802799e8 owner field : 0xffffbc0011fb96e0 wait/spin: 0/0 Turnstile chain at 0xffffffff82d8c870 with mutex 0xffffffff82d8b440. => No active turnstile for this lock. Locks held by an LWP (syz-executor.5): Lock 0 (initialized at vcache_alloc) lock address : 0xffffbc0013776f80 type : sleep/adaptive initialized : 0xffffffff812c7fb2 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 1 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc00137a66a0 last locked* : 0xffffffff812f4ad0 unlocked : 0xffffffff812f498d owner/count : 0xffffbc00137a66a0 flags : 0x0000000000000004 Turnstile chain at 0xffffffff82d8c8b0 with mutex 0xffffffff82d8b640. => No active turnstile for this lock. Lock 1 (initialized at vcache_alloc) lock address : 0xffffbc00138be1c0 type : sleep/adaptive initialized : 0xffffffff812c7fb2 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 1 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc00137a66a0 last locked* : 0xffffffff812f4ad0 unlocked : 0xffffffff812f498d owner/count : 0xffffbc00137a66a0 flags : 0x0000000000000004 Turnstile chain at 0xffffffff82d8c6f8 with mutex 0xffffffff82d8a880. => No active turnstile for this lock. Locks held by an LWP (syz-executor.2): Lock 0 (initialized at vcache_alloc) lock address : 0xffffbc0013776880 type : sleep/adaptive initialized : 0xffffffff812c7fb2 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 1 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc0013785ac0 last locked* : 0xffffffff812f4ad0 unlocked : 0xffffffff812f498d owner/count : 0xffffbc0013785ac0 flags : 0x0000000000000004 Turnstile chain at 0xffffffff82d8c7d0 with mutex 0xffffffff82d8af40. => No active turnstile for this lock. Lock 1 (initialized at vcache_alloc) lock address : 0xffffbc0013776ec0 type : sleep/adaptive initialized : 0xffffffff812c7fb2 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 1 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc0013785ac0 last locked* : 0xffffffff812f4ad0 unlocked : 0xffffffff812f498d owner/count : 0xffffbc0013785ac0 flags : 0x0000000000000004 Turnstile chain at 0xffffffff82d8c898 with mutex 0xffffffff82d8b580. => No active turnstile for this lock. Locks held by an LWP (softbio/0): Lock 0 (initialized at workqueue_initqueue) lock address : 0xffffbc0011c45cc0 type : sleep/adaptive initialized : 0xffffffff8122496e shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc000de1f8c0 last locked* : 0xffffffff81225a50 unlocked : 0xffffffff8114090a owner field : 0xffffbc000de1f8c0 wait/spin: 0/0 Turnstile chain at 0xffffffff82d8ca58 with mutex 0xffffffff82d8c380. => No active turnstile for this lock. [Locks tracked through CPUs] Locks held on CPU 0: Lock 0 (initialized at main) lock address : 0xffffffff82d83240 type : spin initialized : 0xffffffff81a4aae5 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc0011e9d540 last locked* : 0xffffffff802a24d9 unlocked : 0xffffffff802a24ec curcpu holds : 2 wanted by: 000000000000000000 Lock 1 (initialized at sleeptab_init) lock address : 0xffffffff82d852c0 type : spin initialized : 0xffffffff811a81c8 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 current cpu : 0 last held: 0 current lwp : 0xffffbc000de1f8c0 last held: 0xffffbc000de1f8c0 last locked* : 0xffffffff8114009a unlocked : 0xffffffff811ae468 owner field : 0x0000000000010700 wait/spin: 0/1 PAGE FLAG PQ UOBJECT UANON 0xffffbc0000014180 0048 00000000 0x0 0x0 0xffffbc00000141f8 0048 00000000 0x0 0x0 0xffffbc0000014270 0048 00000000 0x0 0x0 0xffffbc00000142e8 0048 00000000 0x0 0x0 0xffffbc0000014360 0048 00000000 0x0 0x0 0xffffbc00000143d8 0048 00000000 0x0 0x0 0xffffbc0000014450 0048 00000000 0x0 0x0 0xffffbc00000144c8 0040 00000000 0x0 0x0 0xffffbc0000014540 0040 00000000 0x0 0x0 0xffffbc00000145b8 0040 00000000 0x0 0x0 0xffffbc0000014630 0048 00000000 0x0 0x0 0xffffbc00000146a8 0048 00000000 0x0 0x0 0xffffbc0000014720 0048 00000000 0x0 0x0 0xffffbc0000014798 0048 00000000 0x0 0x0 0xffffbc0000014810 0048 00000000 0x0 0x0 0xffffbc0000014888 0048 00000000 0x0 0x0 0xffffbc0000014900 0048 00000000 0x0 0x0 0xffffbc0000014978 0048 00000000 0x0 0x0 0xffffbc00000149f0 0040 00000000 0x0 0x0 0xffffbc0000014a68 0040 00000000 0x0 0x0 0xffffbc0000014ae0 0040 00000000 0x0 0x0 0xffffbc0000014b58 0040 00000000 0x0 0x0 0xffffbc0000014bd0 0040 00000000 0x0 0x0 0xffffbc0000014c48 0040 00000000 0x0 0x0 0xffffbc0000014cc0 0048 00000000 0x0 0x0 0xffffbc0000014d38 0048 00000000 0x0 0x0 0xffffbc0000014db0 0048 00000000 0x0 0x0 0xffffbc0000014e28 0048 00000000 0x0 0x0 0xffffbc0000014ea0 0048 00000000 0x0 0x0 0xffffbc0000014f18 0048 00000000 0x0 0x0 0xffffbc0000014f90 0048 00000000 0x0 0x0 0xffffbc0000015008 0048 00000000 0x0 0x0 0xffffbc0000015080 0048 00000000 0x0 0x0 0xffffbc00000150f8 0048 00000000 0x0 0x0 0xffffbc0000015170 0048 00000000 0x0 0x0 0xffffbc00000151e8 0048 00000000 0x0 0x0 0xffffbc0000015260 0048 00000000 0x0 0x0 0xffffbc00000152d8 0048 00000000 0x0 0x0 0xffffbc0000015350 0048 00000000 0x0 0x0 0xffffbc00000153c8 0048 00000000 0x0 0x0 0xffffbc0000015440 0048 00000000 0x0 0x0 0xffffbc00000154b8 0048 00000000 0x0 0x0 0xffffbc0000015530 0048 00000000 0x0 0x0 0xffffbc00000155a8 0048 00000000 0x0 0x0 0xffffbc0000015620 0048 00000000 0x0 0x0 0xffffbc0000015698 0048 00000000 0x0 0x0 0xffffbc0000015710 0048 00000000 0x0 0x0 0xffffbc0000015788 0048 00000000 0x0 0x0 0xffffbc0000015800 0048 00000000 0x0 0x0 0xffffbc0000015878 0048 00000000 0x0 0x0 0xffffbc00000158f0 0048 00000000 0x0 0x0 0xffffbc0000015968 0048 00000000 0x0 0x0 0xffffbc00000159e0 0048 00000000 0x0 0x0 0xffffbc0000015a58 0048 00000000 0x0 0x0 0xffffbc0000015ad0 0048 00000000 0x0 0x0 0xffffbc0000015b48 0048 00000000 0x0 0x0 0xffffbc0000015bc0 0048 00000000 0x0 0x0 0xffffbc0000015c38 0048 00000000 0x0 0x0 0xffffbc0000015cb0 0048 00000000 0x0 0x0 0xffffbc0000015d28 0048 00000000 0x0 0x0 0xffffbc0000015da0 0048 00000000 0x0 0x0 0xffffbc0000015e18 0048 00000000 0x0 0x0 0xffffbc0000015e90 0048 00000000 0x0 0x0 0xffffbc0000015f08 0048 00000000 0x0 0x0 0xffffbc0000015f80 0048 00000000 0x0 0x0 0xffffbc0000015ff8 0048 00000000 0x0 0x0 0xffffbc0000016070 0048 00000000 0x0 0x0 0xffffbc00000160e8 0040 00000000 0x0 0x0 0xffffbc0000016160 0040 00000000 0x0 0x0 0xffffbc00000161d8 0041 00000000 0x0 0x0 0xffffbc0000016250 0048 00000000 0x0 0x0 0xffffbc00000162c8 0048 00000000 0x0 0x0 0xffffbc0000016340 0048 00000000 0x0 0x0 0xffffbc00000163b8 0048 00000000 0x0 0x0 0xffffbc0000016430 0040 00000000 0x0 0x0 0xffffbc00000164a8 0041 00000000 0x0 0x0 0xffffbc0000016520 0041 00000000 0x0 0x0 0xffffbc0000016598 0041 00000000 0x0 0x0 0xffffbc0000016610 0041 00000000 0x0 0x0 0xffffbc0000016688 0048 00000000 0x0 0x0 0xffffbc0000016700 0040 00000000 0x0 0x0 0xffffbc0000016778 0040 00000000 0x0 0x0 0xffffbc00000167f0 0048 00000000 0x0 0x0 0xffffbc0000016868 0041 00000000 0x0 0x0 0xffffbc00000168e0 0041 00000000 0x0 0x0 0xffffbc0000016958 0048 00000000 0x0 0x0 0xffffbc00000169d0 0041 00000000 0x0 0x0 0xffffbc0000016a48 0048 00000000 0x0 0x0 0xffffbc0000016ac0 0041 00000000 0x0 0x0 0xffffbc0000016b38 0041 00000000 0x0 0x0 0xffffbc0000016bb0 0041 00000000 0x0 0x0 0xffffbc0000016c28 0048 00000000 0x0 0x0 0xffffbc0000016ca0 0048 00000000 0x0 0x0 0xffffbc0000016d18 0048 00000000 0x0 0x0 0xffffbc0000016d90 0048 00000000 0x0 0x0 0xffffbc0000016e08 0041 00000000 0x0 0x0 0xffffbc0000016e80 0041 00000000 0x0 0x0 0xffffbc0000016ef8 0041 00000000 0x0 0x0 0xffffbc0000016f70 0041 00000000 0x0 0x0 0xffffbc0000016fe8 0048 00000000 0x0 0x0 0xffffbc0000017060 0048 00000000 0x0 0x0 0xffffbc00000170d8 0048 00000000 0x0 0x0 0xffffbc0000017150 0048 00000000 0x0 0x0 0xffffbc00000171c8 0041 00000000 0x0 0x0 0xffffbc0000017240 0048 00000000 0x0 0x0 0xffffbc00000172b8 0048 00000000 0x0 0x0 0xffffbc0000017330 0048 00000000 0x0 0x0 0xffffbc00000173a8 0048 00000000 0x0 0x0 0xffffbc0000017420 0048 00000000 0x0 0x0 0xffffbc0000017498 0048 00000000 0x0 0x0 0xffffbc0000017510 0048 00000000 0x0 0x0 0xffffbc0000017588 0048 00000000 0x0 0x0 0xffffbc0000017600 0048 00000000 0x0 0x0 0xffffbc0000017678 0048 00000000 0x0 0x0 0xffffbc00000176f0 0048 00000000 0x0 0x0 0xffffbc0000017768 0048 00000