Sun Dec 15 05:49:33 UTC 2019


NetBSD/amd64 (ci2-netbsd-0.c.syzkaller.internal) (console)



login: Dec 15 05:49:36 ci2-netbsd-0 getty[463]: /dev/ttyE1: Device not configured
Dec 15 05:49:36 ci2-netbsd-0 getty[503]: /dev/ttyE3: Device not configured
Dec 15 05:49:36 ci2-netbsd-0 getty[465]: /dev/ttyE2: Device not configured
Warning: Permanently added '10.128.0.68' (ECDSA) to the list of known hosts.
2019/12/15 05:49:48 fuzzer started
2019/12/15 05:49:48 dialing manager at 10.128.0.105:46033
2019/12/15 05:51:00 syscalls: 215
2019/12/15 05:51:00 code coverage: enabled
2019/12/15 05:51:00 comparison tracing: enabled
2019/12/15 05:51:00 extra coverage: support is not implemented in syzkaller
2019/12/15 05:51:00 setuid sandbox: support is not implemented in syzkaller
2019/12/15 05:51:00 namespace sandbox: support is not implemented in syzkaller
2019/12/15 05:51:00 Android sandbox: support is not implemented in syzkaller
2019/12/15 05:51:00 fault injection: support is not implemented in syzkaller
2019/12/15 05:51:00 leak checking: support is not implemented in syzkaller
2019/12/15 05:51:00 net packet injection: support is not implemented in syzkaller
2019/12/15 05:51:00 net device setup: support is not implemented in syzkaller
2019/12/15 05:51:00 concurrency sanitizer: support is not implemented in syzkaller
2019/12/15 05:51:00 devlink PCI setup: support is not implemented in syzkaller
05:51:08 executing program 0:

05:51:08 executing program 1:
shmget(0x3, 0x1000, 0x2a743cf47f32970d, &(0x7f0000fff000/0x1000)=nil)

05:51:08 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:09 executing program 4:
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x201, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="96", 0x1}], 0x1)
pwritev(r0, &(0x7f0000000100)=[{&(0x7f0000000180), 0xff20}], 0x1000000000000002, 0x0)

05:51:09 executing program 3:
r0 = socket(0x2, 0x3, 0x100000001)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0}, 0x10)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000))

05:51:09 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
dup2(r1, r0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)
r2 = dup(r0)
sendto$inet6(r2, &(0x7f0000000040), 0xfcec, 0x0, 0x0, 0x0)

05:51:12 executing program 1:
open$dir(0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x1638463, 0x0)
r0 = open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2850639, 0x0)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013)
r2 = _lwp_self()
_lwp_detach(r2)
open$dir(&(0x7f0000000040)='./file0\x00', 0x2050631, 0x0)
write(r1, &(0x7f0000000000)="06", 0x1)
getgid()
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f0000bfe000/0x400000)=nil)
shmctl$SHM_LOCK(r3, 0x3)
shmctl$IPC_RMID(r3, 0x0)
r4 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r4, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
setsockopt$sock_linger(r4, 0xffff, 0x80, &(0x7f0000000080)={0x40e, 0x6}, 0x8)

05:51:12 executing program 0:
r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x2020231, 0x0)
mkdir(&(0x7f0000000480)='./file0\x00', 0x0)
faccessat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x180)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000000), 0x2cfea}], 0x1000000000000013)
writev(r0, &(0x7f0000000280), 0xd)
write(r0, 0x0, 0x454)
r1 = accept(0xffffffffffffff9c, &(0x7f0000000040)=@un=@abs, &(0x7f0000000100)=0x8)
bind$unix(r1, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x0}, 0x8)

05:51:12 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:12 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
dup2(r1, r0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)
r2 = dup(r0)
sendto$inet6(r2, &(0x7f0000000040), 0xfcec, 0x0, 0x0, 0x0)

05:51:13 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, 0xffffffffffffffff)
r0 = socket(0x2, 0x2, 0x0)
setsockopt(r0, 0x0, 0x19, 0x0, 0x0)
r1 = accept$unix(r0, &(0x7f00000001c0)=@file={0x0, ""/96}, &(0x7f0000000640)=0x62)
connect$unix(r1, &(0x7f0000000680)=@abs={0x1, 0x0, 0x0}, 0x8)
fork()
fork()
r2 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r2, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
preadv(r2, &(0x7f0000000540)=[{&(0x7f0000000040)=""/188}, {&(0x7f00000005c0)=""/127}, {&(0x7f0000000280)=""/23}, {&(0x7f00000002c0)=""/71}, {&(0x7f0000000340)=""/221}, {&(0x7f0000000440)=""/194}], 0x4a0, 0xa38d)
r3 = socket$unix(0x1, 0x1, 0x0)
listen(r3, 0x0)
wait4(0x0, &(0x7f0000000000), 0x10, &(0x7f0000000100))

05:51:13 executing program 4:
write(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000026ff8)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000026ff8)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000080)="87", 0x100000111)
writev(r1, &(0x7f0000000540)=[{&(0x7f0000000140)="19ab", 0x2}], 0x1)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)=""/122, &(0x7f00000000c0)=0x7a)
fcntl$dupfd(r0, 0xa, 0xffffffffffffffff)

05:51:13 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:13 executing program 1:
open$dir(0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x1638463, 0x0)
r0 = open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2850639, 0x0)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013)
r2 = _lwp_self()
_lwp_detach(r2)
open$dir(&(0x7f0000000040)='./file0\x00', 0x2050631, 0x0)
write(r1, &(0x7f0000000000)="06", 0x1)
getgid()
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f0000bfe000/0x400000)=nil)
shmctl$SHM_LOCK(r3, 0x3)
shmctl$IPC_RMID(r3, 0x0)
r4 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r4, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
setsockopt$sock_linger(r4, 0xffff, 0x80, &(0x7f0000000080)={0x40e, 0x6}, 0x8)

05:51:13 executing program 3:
r0 = socket(0x2, 0x3, 0x100000001)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0}, 0x10)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000))

05:51:14 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:14 executing program 4:
open$dir(0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x1638463, 0x0)
r0 = open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2850639, 0x0)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013)
r2 = _lwp_self()
_lwp_detach(r2)
open$dir(&(0x7f0000000040)='./file0\x00', 0x2050631, 0x0)
write(r1, &(0x7f0000000000)="06", 0x1)
getgid()
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f0000bfe000/0x400000)=nil)
shmctl$SHM_LOCK(r3, 0x3)
shmctl$IPC_RMID(r3, 0x0)
r4 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r4, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
setsockopt$sock_linger(r4, 0xffff, 0x80, &(0x7f0000000080)={0x40e, 0x6}, 0x8)

05:51:14 executing program 3:
r0 = socket(0x2, 0x3, 0x100000001)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0}, 0x10)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000))

05:51:14 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
dup2(r1, r0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)
r2 = dup(r0)
sendto$inet6(r2, &(0x7f0000000040), 0xfcec, 0x0, 0x0, 0x0)

05:51:14 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:14 executing program 0:
open$dir(0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x1638463, 0x0)
r0 = open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2850639, 0x0)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013)
r2 = _lwp_self()
_lwp_detach(r2)
open$dir(&(0x7f0000000040)='./file0\x00', 0x2050631, 0x0)
write(r1, &(0x7f0000000000)="06", 0x1)
getgid()
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f0000bfe000/0x400000)=nil)
shmctl$SHM_LOCK(r3, 0x3)
shmctl$IPC_RMID(r3, 0x0)
r4 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r4, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
setsockopt$sock_linger(r4, 0xffff, 0x80, &(0x7f0000000080)={0x40e, 0x6}, 0x8)

05:51:14 executing program 3:
r0 = socket(0x2, 0x3, 0x100000001)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0}, 0x10)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000))

05:51:14 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
dup2(r1, r0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)
r2 = dup(r0)
sendto$inet6(r2, &(0x7f0000000040), 0xfcec, 0x0, 0x0, 0x0)

05:51:14 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:15 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
dup2(r1, r0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)
dup(r0)

05:51:16 executing program 3:
r0 = socket(0x2, 0x3, 0x100000001)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0}, 0x10)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0}, 0x10)

05:51:16 executing program 1:
open$dir(0x0, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x1638463, 0x0)
r0 = open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2850639, 0x0)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013)
r2 = _lwp_self()
_lwp_detach(r2)
open$dir(&(0x7f0000000040)='./file0\x00', 0x2050631, 0x0)
write(r1, &(0x7f0000000000)="06", 0x1)
getgid()
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f0000bfe000/0x400000)=nil)
shmctl$SHM_LOCK(r3, 0x3)
shmctl$IPC_RMID(r3, 0x0)
r4 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r4, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
setsockopt$sock_linger(r4, 0xffff, 0x80, &(0x7f0000000080)={0x40e, 0x6}, 0x8)

05:51:16 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
dup2(r1, r0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)

05:51:17 executing program 4:
r0 = open(&(0x7f0000000180)='./file0\x00', 0x82ce, 0x0)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000004180)='%', 0x1}], 0x1)
open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x112)
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x4, 0xa10, r0, 0x0, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fsync(r1)
r2 = accept$inet(r0, &(0x7f0000000000), &(0x7f00000001c0)=0x9c)
r3 = socket(0x2, 0x2, 0x0)
setsockopt(r3, 0x0, 0x19, 0x0, 0x0)
r4 = accept$unix(r3, &(0x7f0000000200)=@abs, &(0x7f0000000240)=0x8)
pwritev(r4, &(0x7f00000002c0)=[{&(0x7f0000000280)="dbc72edd5680324e47a9aee69e0a1cf3e6effbc2c075866857024c8fe056c7e03b019102671700389f334584d123f988776ddd008f1c65a99c46dc", 0x3b}], 0x1, 0x450c)
getpeername(r2, &(0x7f0000000100)=@in, &(0x7f0000000140)=0xc)
fchownat(0xffffffffffffffff, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x0, 0x400)
setitimer(0x2, &(0x7f0000000340)={{0xbf17, 0x43}, {0x1, 0x4}}, &(0x7f0000000380))
mlock(&(0x7f0000e00000/0x200000)=nil, 0x200000)
pwritev(r1, &(0x7f0000000500)=[{&(0x7f00000003c0)="59c244f216c6bd5669868088d60cc46f027bfa898e67e55e7e38fd61d31a331a1a00335d3bfca51823829eedf2fc61922a72166ec7ae412737fb48b915050f0e53e0e2bfcefa110c8067fb32ecdad3a018703ff456950d385c4ee134cadc1018c832c17e713c2613869541e752b9e05903635d5346955e594518e739b67634a3f8f3ea38501bcc46eb4831216324d925b2c6ee1f585edd6bc76970a63da4983b548b5917bbccfedb4670b472c3e7ff6894a5f237d6fcddef73e093172f40", 0xbe}, {&(0x7f0000000480)="c5d1db53714bef6f84d4b9e927f9451f190485530bf627d739a0e5199ccc953124f6", 0x22}, {&(0x7f00000004c0)="c9db1dd029e98198327e0b17949b23ea015e7ae6861541e66b119699d8164b2d8b3a9c8785b2ba3d79ac5ef8257941ee3f5235ce", 0x34}], 0x3, 0x5)

05:51:17 executing program 3:
r0 = socket(0x2, 0x3, 0x100000001)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0}, 0x10)
connect$inet(r0, &(0x7f0000000540)={0x2, 0x0}, 0x10)

05:51:17 executing program 0:
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x1090, 0xffffffffffffffff, 0x0, 0x0)
r0 = __clone(0x0, 0x0)
ptrace(0x9, r0, 0x0, 0x0)
ptrace(0x5, r0, &(0x7f0000001180), 0x0)
r1 = getuid()
r2 = getegid()
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r4, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
r5 = accept$unix(0xffffffffffffff9c, &(0x7f0000000140)=ANY=[@ANYBLOB='\x00'/108], &(0x7f00000001c0)=0x6e)
r6 = __clone(0x0, 0x0)
ptrace(0x9, r6, 0x0, 0x0)
ptrace(0x5, r6, &(0x7f0000001180), 0x0)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x60e, 0x0)
dup(r7)
r8 = getuid()
setreuid(0x0, r8)
r9 = getgid()
r10 = semget$private(0x0, 0x4, 0x400)
semctl$GETPID(r10, 0x4, 0x4, &(0x7f00000002c0)=""/116)
semctl$IPC_SET(r10, 0x0, 0x1, &(0x7f0000000080)={{0x7fffff, 0x0, 0xffffffffffffffff, 0x0, r9, 0x1, 0x7}, 0xf157, 0x9})
setgid(r9)
fchownat(r7, &(0x7f0000000080)='./file0/file0\x00', r8, r9, 0x400)
r11 = open(&(0x7f0000000040)='./file0\x00', 0x60e, 0x0)
dup(r11)
r12 = getuid()
setreuid(0x0, r12)
r13 = getgid()
r14 = semget$private(0x0, 0x4, 0x400)
semctl$GETPID(r14, 0x4, 0x4, &(0x7f00000002c0)=""/116)
semctl$IPC_SET(r14, 0x0, 0x1, &(0x7f0000000080)={{0x7fffff, 0x0, 0xffffffffffffffff, 0x0, r13, 0x1, 0x7}, 0xf157, 0x9})
setgid(r13)
fchownat(r11, &(0x7f0000000080)='./file0/file0\x00', r12, r13, 0x400)
getgroups(0x7, &(0x7f0000000200)=[r9, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, <r15=>r13])
r16 = fcntl$dupfd(0xffffffffffffff9c, 0x6, 0xffffffffffffffff)
pipe(&(0x7f0000000240)={<r17=>0xffffffffffffffff})
r18 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r18, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
r19 = socket$inet6(0x18, 0x2, 0x2)
r20 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r20, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
r21 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c)
r22 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r22, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
r23 = accept$inet(0xffffffffffffff9c, 0x0, &(0x7f0000000280))
r24 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r24, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
r25 = fcntl$dupfd(0xffffffffffffffff, 0xc, r24)
r26 = socket$inet6(0x18, 0x1, 0x0)
setsockopt(r26, 0x29, 0x4, &(0x7f0000000240)="1900b882", 0x4)
r27 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
r28 = paccept(0xffffffffffffff9c, 0x0, &(0x7f0000000300), 0x10000000)
sendmsg$unix(0xffffffffffffff9c, &(0x7f0000000440)={&(0x7f0000000000)=@abs={0x0, 0x0, 0x3}, 0x8, &(0x7f00000000c0)=[{&(0x7f0000000040)="260501389d801349bc0051aec559f9f383d51d259b6c494e4ba1c53ffaf6a90a6f3cb7fe073d4835d45d7f23d31247a323474c0b74b9928f18085d1c93ed915a796a65b62568126f58ca6ad64a75b3bffe63fead09b7fe6900fe24ae8f4ce10ae8d1bd155ef5c4338844be657903d95fa358c4e6f0ca07f13c94", 0x7a}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="2000000000000000ffff000002000000", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000002000000000000000ffff000001000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="000000002000000000000000ffff000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=r15, @ANYBLOB="000000001800000000000000ffff000001000000", @ANYRES32=r16, @ANYRES32=r17, @ANYBLOB="2800000000000000ffff000001000000", @ANYRES32=r18, @ANYRES32=r19, @ANYRES32=r20, @ANYRES32=r21, @ANYRES32=r22, @ANYRES32=r23, @ANYBLOB="2800000000000000ffff000001000000", @ANYRES32=r25, @ANYRES32=r26, @ANYRES32=r27, @ANYRES32=0xffffffffffffff9c, @ANYRES32=r28, @ANYBLOB='\x00$\x00\x00'], 0xc8, 0x2}, 0x1)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
__clone(0x0, 0x0)

05:51:17 executing program 2:
sendmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:17 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8202adfdffffffffffffff6530130fb9aa23d0571454d78a2a197a386207000000008295955984c87910bf093f68c11700287ead4bcb777fa69dfceac2a84e6abca64896bc5e57c6388bbd2ad88b2951b15801360bcd4c0a162b58b55c62bffa4d012ae4474748c02f6ac41e6bf3bf554799b9b800ed52beb85a85e25bfb258557d60f13ad30505e8f53f8a4aeef9d612f871f4385f04157795ea4a5c59a3a9fa202361ca1d8cac7dbbc5b65c6593d2870b4122cd235000000000000000000001c6300000000d134349c92587ca1306c5219c5c44c8b322d3d26ae6fcd1936c087f1f7972d5a8e624a3a72010f52ad90e078dc622e34457b2237db8ee3a23e332f14dfcf8317205a265910bf87fde7edb31618844cfe8a7b1748179bd9d2e35ba9f078f1592d274ffa6df1449a29c1436c99c810938f716f74ef27864c74cd47bc415c77e78091045293d3582008d257c543d5b73a4e5c77de"], 0x10)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)

05:51:17 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000010000000100000003000000030000005f08757ff8d53d298caf7a8aaf62fb280ba6115d9f005561166f09a337ed654788c8dcd0917edecc73dbd5b1577716ebd67e80f5f1de5b1711b8d367485344a3d93ec5755c9e0764d6d95e1f9ea8e68806"], 0x18}, 0x0)

05:51:17 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
socket(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4)

[ 149.9070788] panic: kernel diagnostic assertion "ci->ci_tlbstate != TLBSTATE_VALID" failed: file "/syzkaller/managers/netbsd/kernel/sys/arch/x86/x86/pmap.c", line 2790 
[ 149.9181954] cpu1: Begin traceback...
[ 149.9404488] vpanic() at netbsd:vpanic+0x241
[ 149.9738302] _GLOBAL__sub_D_65535_0_cpu_configure() at netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[ 150.0183384] pmap_activate() at netbsd:pmap_activate+0x179
[ 150.0628508] mi_switch() at netbsd:mi_switch+0x5bc
[ 150.1073564] sleepq_block() at netbsd:sleepq_block+0x2b4
[ 150.1407374] lwp_park() at netbsd:lwp_park+0x264
[ 150.1852495] sys____lwp_park60() at netbsd:sys____lwp_park60+0x11e
[ 150.2297547] syscall() at netbsd:syscall+0x559
[ 150.2408836] --- syscall (number 478) ---
[ 150.2520126] 459233:
[ 150.2631359] cpu1: End traceback...
[ 150.2631359] fatal breakpoint trap in supervisor mode
[ 150.2631359] trap type 1 code 0 rip 0xffffffff8021ccb5 cs 0x8 rflags 0x246 cr2 0x624f5c ilevel 0x8 rsp 0xffffad016cf919d0
[ 150.2853848] curlwp 0xffffad0011ff2540 pid 602.2 lowest kstack 0xffffad016cf8a2c0
Stopped in pid 602.2 (syz-fuzzer) at    netbsd:breakpoint+0x5:  leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xe9
vpanic() at netbsd:vpanic+0x241
_GLOBAL__sub_D_65535_0_cpu_configure() at netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
pmap_activate() at netbsd:pmap_activate+0x179
mi_switch() at netbsd:mi_switch+0x5bc
sleepq_block() at netbsd:sleepq_block+0x2b4
lwp_park() at netbsd:lwp_park+0x264
sys____lwp_park60() at netbsd:sys____lwp_park60+0x11e
syscall() at netbsd:syscall+0x559
--- syscall (number 478) ---
459233:
ds          360
es          2cb
fs          19b0
gs          1a00
rdi         ffffad000cb1a458
rsi         ffffad0011ff2828
rbp         ffffad016cf919d0
rbx         ffffad016ca80000
rdx         2
rcx         ffffffff80d00841    db_panic+0xd5
rax         0
r8          4
r9          1ffffffff0553818
r10         ffffffff82a9c0c3    db_onpanic+0x3
r11         8000000000
r12         ffffad016ca92000
r13         ffffffff81c22540    platform_private_nodes+0x140
r14         ffffad016cf91a60
r15         ffffad016ca80060
rip         ffffffff8021ccb5    breakpoint+0x5
cs          8
rflags      246
rsp         ffffad016cf919d0
ss          10
netbsd:breakpoint+0x5:  leave
PID    LID S CPU     FLAGS       STRUCT LWP *               NAME WAIT
97       1 2   1  10000000   ffffad0011f7e480     syz-executor.2
96       3 3   1        80   ffffad0011f7e040     syz-executor.0 parked
613      5 2   0         0   ffffad00130e7480     syz-executor.3
613      4 2   0         0   ffffad00114dc600     syz-executor.3
613      3 2   0         0   ffffad0011461100     syz-executor.3
613      1 2   0         0   ffffad00115cdb60     syz-executor.3
716      1 2   0         0   ffffad00114af5a0     syz-executor.4
519      4 3   1        80   ffffad0011f72780     syz-executor.0 parked
519      3 3   1        80   ffffad00115cd2e0     syz-executor.0 parked
519      1 2   1  10000000   ffffad0011f4f320     syz-executor.0
747      5 3   1        80   ffffad001149a140     syz-executor.1 parked
747      4 3   0        80   ffffad00114fa640     syz-executor.1 parked
747      3 3   0     40080   ffffad00115a42a0     syz-executor.1 lockf
747      1 2   1  10040000   ffffad001151a240     syz-executor.1
598      5 3   1        80   ffffad00130db340     syz-executor.0 parked
639      4 3   1        80   ffffad00113d7480     syz-executor.0 parked
537      3 3   1        80   ffffad001148c560     syz-executor.0 parked
580      3 3   1        80   ffffad001138c760     syz-executor.0 parked
560      1 2   0         0   ffffad0012ed2ae0     syz-executor.5
45   >   1 7   0         0   ffffad0012ed26a0     syz-executor.3
600      1 2   0         0   ffffad0012ed2260     syz-executor.4
531      1 3   1        80   ffffad0012e9e680     syz-executor.2 nanoslp
40       1 3   1        80   ffffad0012e9e240     syz-executor.1 nanoslp
41       1 3   1        80   ffffad0012d33aa0     syz-executor.0 nanoslp
602     11 3   0        80   ffffad0012e9eac0         syz-fuzzer parked
602     10 3   0        80   ffffad00112af6e0         syz-fuzzer parked
602      9 3   1        80   ffffad00110d45c0         syz-fuzzer parked
602      8 3   1        80   ffffad0012d33220         syz-fuzzer parked
602      7 3   0        80   ffffad0012911a80         syz-fuzzer kqueue
602      6 3   0        80   ffffad0012911640         syz-fuzzer parked
602      5 3   0        80   ffffad0011fe7520         syz-fuzzer parked
602      4 3   0        80   ffffad00120271a0         syz-fuzzer parked
602      3 3   0        80   ffffad00120351c0         syz-fuzzer parked
602  >   2 7   1         0   ffffad0011ff2540         syz-fuzzer
602      1 3   1        80   ffffad00110d4a00         syz-fuzzer parked
558      1 3   0        80   ffffad00110d4180               sshd select
503      1 3   1        80   ffffad001201b5c0              getty nanoslp
465      1 3   0        80   ffffad001201b180              getty nanoslp
463      1 3   1        80   ffffad0012010160              getty nanoslp
586      1 3   0        80   ffffad0011f33740              getty ttyraw
562      1 3   0        80   ffffad0012911200               cron nanoslp
539      1 3   0        80   ffffad0011f8c4a0              inetd kqueue
317      1 3   0        80   ffffad00115a46e0               sshd select
478      1 3   0        80   ffffad00114fa200             powerd kqueue
195      1 3   1        80   ffffad0011f4fba0            syslogd kqueue
276      1 3   1        80   ffffad00114ed1e0             dhcpcd kqueue
220      1 3   0        80   ffffad00113f58e0             dhcpcd kqueue
1        1 3   0        80   ffffad00111fb240               init wait
0       58 3   0       204   ffffad00111fbac0            physiod physiod
0       57 3   1       204   ffffad0011242280           aiodoned aiodoned
0       56 3   1       200   ffffad0011241ae0            ioflush syncer
0       55 3   0       204   ffffad00112416a0          pooldrain pooldrain
0       54 3   0       200   ffffad0011241260           pgdaemon pgdaemon
0       51 3   1       200   ffffad00111fb680            npfgc-0 npfgccv
0       50 3   0       204   ffffad00111edaa0            rt_free rt_free
0       49 3   0       204   ffffad00111ed660              unpgc unpgc
0       48 3   1       204   ffffad00111ed220    key_timehandler key_timehandler
0       47 3   1       204   ffffad00111e5a80    icmp6_wqinput/1 icmp6_wqinput
0       46 3   0       204   ffffad00111e5640    icmp6_wqinput/0 icmp6_wqinput
0       45 3   1       204   ffffad00111e5200          nd6_timer nd6_timer
0       44 3   1       204   ffffad00110fca60    carp6_wqinput/1 carp6_wqinput
0       43 3   0       204   ffffad00110fc620    carp6_wqinput/0 carp6_wqinput
0       42 3   1       204   ffffad00110fc1e0     carp_wqinput/1 carp_wqinput
0       41 3   0       204   ffffad00110e9a40     carp_wqinput/0 carp_wqinput
0       40 3   1       204   ffffad00110e9600     icmp_wqinput/1 icmp_wqinput
0       39 3   0       204   ffffad00110e91c0     icmp_wqinput/0 icmp_wqinput
0       38 3   0       204   ffffad00110d7a20           rt_timer rt_timer
0       37 3   1       204   ffffad00110d35a0        vmem_rehash vmem_rehash
0       27 3   0       204   ffffad000e9b9580           scsibus0 sccomp
0       26 3   0       200   ffffad000e9b9140               pms0 pmsreset
0       25 3   1       204   ffffad000e92b9a0            xcall/1 xcall
0       24 1   1       200   ffffad000e92b560          softser/1
0       23 1   1       200   ffffad000e92b120          softclk/1
0       22 1   1       200   ffffad000e927980          softbio/1
0       21 1   1       200   ffffad000e927540          softnet/1
0       20 1   1       201   ffffad000e927100             idle/1
0       19 3   0       204   ffffad000e85d960           lnxpwrwq lnxpwrwq
0       18 3   1       204   ffffad000e85d520           lnxlngwq lnxlngwq
0       17 3   0       204   ffffad000e85d0e0           lnxsyswq lnxsyswq
0       16 3   0       204   ffffad000d042940           lnxrcugc lnxrcugc
0       15 3   0       204   ffffad000d042500             sysmon smtaskq
0       14 3   0       204   ffffad000d0420c0         pmfsuspend pmfsuspend
0       13 3   0       204   ffffad000d033920           pmfevent pmfevent
0       12 3   0       204   ffffad000d0334e0         sopendfree sopendfr
0       11 3   1       204   ffffad000d0330a0           nfssilly nfssilly
0       10 3   0       200   ffffad000d027900            cachegc cachegc
0        9 3   1       204   ffffad000d0274c0             vdrain vdrain
0        8 3   0       200   ffffad000d027080          modunload mod_unld
0        7 3   0       204   ffffad000d0188e0            xcall/0 xcall
0        6 1   0       200   ffffad000d0184a0          softser/0
0        5 1   0       200   ffffad000d018060          softclk/0
0        4 1   0       200   ffffad000d0148c0          softbio/0
0        3 1   0       200   ffffad000d014480          softnet/0
0        2 1   0       201   ffffad000d014040             idle/0
0        1 3   1       200   ffffffff82b62fa0            swapper uvm
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor.2):
Lock 0 (initialized at fork1)
lock address : 0xffffad00114156b0 type     :     sleep/adaptive
initialized  : 0xffffffff8114751c
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  1
current lwp  : 0xffffad0011ff2540 last held: 0xffffad0011f7e480
last locked* : 0xffffffff81143c0d unlocked : 000000000000000000
owner/count  : 0xffffad0011f7e480 flags    : 0x0000000000000004

Turnstile chain at 0xffffffff82d83a50 with mutex 0xffffad000d00b880.
=> No active turnstile for this lock.
Lock 1 (initialized at amap_alloc)
lock address : 0xffffad0012eb1700 type     :     sleep/adaptive
initialized  : 0xffffffff810c6fb1
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  1
current lwp  : 0xffffad0011ff2540 last held: 0xffffad0011f7e480
last locked* : 0xffffffff810e7bd1 unlocked : 0xffffffff810d42b8
owner field  : 0xffffad0011f7e480 wait/spin:                0/0

Turnstile chain at 0xffffffff82d83a60 with mutex 0xffffad000d00b900.
=> No active turnstile for this lock.
Lock 2 (initialized at pmap_create)
lock address : 0xffffad001133fe40 type     :     sleep/adaptive
initialized  : 0xffffffff80272166
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  1
current lwp  : 0xffffad0011ff2540 last held: 0xffffad0011f7e480
last locked* : 0xffffffff80274a67 unlocked : 0xffffffff80274456
owner field  : 0xffffad0011f7e480 wait/spin:                0/0

Turnstile chain at 0xffffffff82d83b48 with mutex 0xffffad000d00c080.
=> No active turnstile for this lock.

Locks held by an LWP (syz-executor.3):
Lock 0 (initialized at kcov_open)
lock address : 0xffffad0012f500c8 type     :     sleep/adaptive
initialized  : 0xffffffff811e1f3f
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  0
current lwp  : 0xffffad0011ff2540 last held: 0xffffad0011461100
last locked* : 0xffffffff811e2102 unlocked : 0xffffffff811e22e7
owner field  : 0xffffad0011461100 wait/spin:                0/0

Turnstile chain at 0xffffffff82d83798 with mutex 0xffffad000cb2f280.
=> No active turnstile for this lock.
Lock 1 (initialized at specificdata_domain_create)
lock address : 0xffffad000cb1a458 type     :     sleep/adaptive
initialized  : 0xffffffff811fe7eb
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  0
current lwp  : 0xffffad0011ff2540 last held: 0xffffad0011461100
last locked* : 0xffffffff811feafb unlocked : 0xffffffff811fea14
owner field  : 0xffffad0011461100 wait/spin:                0/0

Turnstile chain at 0xffffffff82d83808 with mutex 0xffffad000cb2f600.
=> No active turnstile for this lock.

Locks held by an LWP (syz-executor.0):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffad0012cfac00 type     :     sleep/adaptive
initialized  : 0xffffffff810f33bc
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  1
current lwp  : 0xffffad0011ff2540 last held: 0xffffad0011f4f320
last locked* : 0xffffffff810d79ce unlocked : 0xffffffff810d4872
owner field  : 0xffffad0011f4f320 wait/spin:                0/0

Turnstile chain at 0xffffffff82d83900 with mutex 0xffffad000cb2fdc0.
=> No active turnstile for this lock.

Locks held by an LWP (syz-executor.1):
Lock 0 (initialized at uvm_obj_init)
lock address : 0xffffad00126f5e00 type     :     sleep/adaptive
initialized  : 0xffffffff810f33bc
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  1 last held:                  0
current lwp  : 0xffffad0011ff2540 last held: 0xffffad00114fa640
last locked* : 0xffffffff810cf65d unlocked : 0xffffffff810f3a6b
[ 150.2853848] Skipping crash dump on recursive panic
[ 150.2853848] panic: ASan: Unauthorized Access In 0xffffffff8115fa1e: Addr 0xffffad00126f5e00 [8 bytes, read, PoolUseAfterFree]

[ 150.2853848] cpu1: Begin traceback...
[ 150.2853848] vpanic() at netbsd:vpanic+0x241
[ 150.2853848] snprintf() at netbsd:snprintf
[ 150.2853848] kasan_report() at netbsd:kasan_report+0x8f
[ 150.2853848] __asan_load8() at netbsd:__asan_load8+0x294
[ 150.2853848] mutex_dump() at netbsd:mutex_dump+0x1e
[ 150.2853848] lockdebug_dump() at netbsd:lockdebug_dump+0x281
[ 150.2853848] lockdebug_show_one() at netbsd:lockdebug_show_one+0xb9
[ 150.2853848] lockdebug_show_all_locks() at netbsd:lockdebug_show_all_locks+0x12f
[ 150.2853848] db_command() at netbsd:db_command+0x2c0
[ 150.2853848] db_command_loop() at netbsd:db_command_loop+0x26c
[ 150.2853848] db_trap() at netbsd:db_trap+0x219
[ 150.2853848] kdb_trap() at netbsd:kdb_trap+0x1ce
[ 150.2853848] trap() at netbsd:trap+0x650
[ 150.2853848] --- trap (number 1) ---
[ 150.2853848] breakpoint() at netbsd:breakpoint+0x5
[ 150.2853848] db_panic() at netbsd:db_panic+0xe9
[ 150.2853848] vpanic() at netbsd:vpanic+0x241
[ 150.2853848] _GLOBAL__sub_D_65535_0_cpu_configure() at netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[ 150.2853848] pmap_activate() at netbsd:pmap_activate+0x179
[ 150.2853848] mi_switch() at netbsd:mi_switch+0x5bc
[ 150.2853848] sleepq_block() at netbsd:sleepq_block+0x2b4
[ 150.2853848] lwp_park() at netbsd:lwp_park+0x264
[ 150.2853848] sys____lwp_park60() at netbsd:sys____lwp_park60+0x11e
[ 150.2853848] syscall() at netbsd:syscall+0x559
[ 150.2853848] --- syscall (number 478) ---
[ 150.2853848] 459233:
[ 150.2853848] cpu1: End traceback...
[ 150.2853848] fatal breakpoint trap in supervisor mode
[ 150.2853848] trap type 1 code 0 rip 0xffffffff8021ccb5 cs 0x8 rflags 0x246 cr2 0x624f5c ilevel 0x8 rsp 0xffffad016cf90f90
[ 150.2853848] curlwp 0xffffad0011ff2540 pid 602.2 lowest kstack 0xffffad016cf8a2c0
Stopped in pid 602.2 (syz-fuzzer) at    netbsd:breakpoint+0x5:  leave