[  59.2591201] panic: kernel diagnostic assertion "lwp_locked(l, l->l_cpu->ci_schedstate.spc_lwplock)" failed: file "/syzkaller/managers/netbsd-kubsan/kernel/sys/kern/kern_synch.c", line 910 
[  59.2591201] cpu0: Begin traceback...
[  59.2591201] vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336
[  59.2591201] kern_assert() at netbsd:kern_assert+0x63
[  59.2591201] setrunnable() at netbsd:setrunnable+0x788 sys/kern/kern_synch.c:910
[  59.2591201] lwp_start() at netbsd:lwp_start+0x28b sys/kern/kern_lwp.c:1007
[  59.2591201] do_lwp_create() at netbsd:do_lwp_create+0x12f sys/kern/sys_lwp.c:123
[  59.2591201] sys__lwp_create() at netbsd:sys__lwp_create+0x202 sys/kern/sys_lwp.c:156
[  59.2591201] syscall() at netbsd:syscall+0x29a sy_call sys/sys/syscallvar.h:65 [inline]
[  59.2591201] syscall() at netbsd:syscall+0x29a sy_invoke sys/sys/syscallvar.h:94 [inline]
[  59.2591201] syscall() at netbsd:syscall+0x29a sys/arch/x86/x86/syscall.c:138
[  59.2591201] --- syscall (number 309) ---
[  59.2591201] 7557bfa4333a:
[  59.2591201] cpu0: End traceback...
[  59.2591201] fatal breakpoint trap in supervisor mode
[  59.2591201] trap type 1 code 0 rip 0xffffffff8021ddbd cs 0x8 rflags 0x286 cr2 0x7557bfa07d78 ilevel 0x8 rsp 0xffffd380a6dedd50
[  59.2591201] curlwp 0xfffff9c73d93b2e0 pid 2854.1 lowest kstack 0xffffd380a6dea2c0
Stopped in pid 2854.1 (syz-executor7826) at     netbsd:breakpoint+0x5:  leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0x109 sys/ddb/db_panic.c:67
vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336
kern_assert() at netbsd:kern_assert+0x63
setrunnable() at netbsd:setrunnable+0x788 sys/kern/kern_synch.c:910
lwp_start() at netbsd:lwp_start+0x28b sys/kern/kern_lwp.c:1007
do_lwp_create() at netbsd:do_lwp_create+0x12f sys/kern/sys_lwp.c:123
sys__lwp_create() at netbsd:sys__lwp_create+0x202 sys/kern/sys_lwp.c:156
syscall() at netbsd:syscall+0x29a sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x29a sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x29a sys/arch/x86/x86/syscall.c:138
--- syscall (number 309) ---
7557bfa4333a:
ds          dd50
es          402e
fs          dd40
gs          7168
rdi         fffff9c84bcb34e0
rsi         fffff9c73d93b5c8
rbp         ffffd380a6dedd50
rbx         ffffffff84027e40    cpu_info_primary
rdx         2
rcx         ffffffff82487afa    kprintf_unlock+0x4e
rax         0
r8          0
r9          0
r10         ffffd380a6dedd40
r11         10
r12         ffffffff83b37168    ostype+0xc70
r13         ffffd380a6deddc8
r14         104
r15         ffffffff853dd960    pool_head+0x560
rip         ffffffff8021ddbd    breakpoint+0x5
cs          8
rflags      286
rsp         ffffd380a6dedd50
ss          10
netbsd:breakpoint+0x5:  leave
PID    LID S CPU     FLAGS       STRUCT LWP *               NAME WAIT
2854     3 1   0         0   fffff9c740d46520   syz-executor7826
2854 >   1 7   0         0   fffff9c73d93b2e0   syz-executor7826
2759     3 3   0        80   fffff9c74151c560   syz-executor7826 parked
2759     1 3   0        80   fffff9c74151c9a0   syz-executor7826 nanoslp
483      1 3   0        80   fffff9c740695ba0   syz-executor7826 nanoslp
524      1 3   0        80   fffff9c740695760   syz-executor7826 nanoslp
607      1 3   0        80   fffff9c73f3d8b80   syz-executor7826 nanoslp
537      1 3   0        80   fffff9c73cb1d700   syz-executor7826 nanoslp
603      1 3   0        80   fffff9c73c8b86a0   syz-executor7826 nanoslp
45       1 3   0        80   fffff9c73c8b8260   syz-executor7826 nanoslp
491      1 3   0        80   fffff9c73cb1db40   syz-executor7826 nanoslp
40       1 3   0        80   fffff9c73f3d8740               sshd select
567      1 3   0        80   fffff9c73caf66e0              getty nanoslp
561      1 3   1        80   fffff9c73c6c9680              getty nanoslp
381      1 3   0        80   fffff9c73c6c9ac0              getty nanoslp
462      1 3   1        80   fffff9c73c6c9240              getty ttyraw
538      1 3   0        80   fffff9c73cb9b6c0               cron nanoslp
304      1 3   0        80   fffff9c73f3d8300              inetd kqueue
357      1 3   0        80   fffff9c73d93bb60               sshd select
490      1 3   1        80   fffff9c73c4b0200             powerd kqueue
309      1 3   1        80   fffff9c73caf6b20            syslogd kqueue
276      1 3   0        80   fffff9c73cb9bb00             dhcpcd kqueue
175      1 3   1        80   fffff9c73caf62a0             dhcpcd kqueue
1        1 3   1        80   fffff9c73c3cf620               init wait
0       58 3   0       204   fffff9c73c4b0640            physiod physiod
0       57 3   0       204   fffff9c73c497220          pooldrain pooldrain
0       56 3   0       204   fffff9c73c497aa0           aiodoned aiodoned
0       55 3   1       200   fffff9c73c497660            ioflush syncer
0       54 3   0       200   fffff9c73c4b0a80           pgdaemon pgdaemon
0       51 3   0       200   fffff9c73c3cfa60            npfgc-0 npfgccv
0       50 3   0       204   fffff9c73c3cf1e0            rt_free rt_free
0       49 3   0       204   fffff9c73c3d8a40              unpgc unpgc
0       48 3   1       204   fffff9c73c3d8600    key_timehandler key_timehandler
0       47 3   1       204   fffff9c73c3d81c0    icmp6_wqinput/1 icmp6_wqinput
0       46 3   0       204   fffff9c73c371a20    icmp6_wqinput/0 icmp6_wqinput
0       45 3   1       204   fffff9c73c364160          nd6_timer nd6_timer
0       44 3   1       204   fffff9c73c3645a0    carp6_wqinput/1 carp6_wqinput
0       43 3   0       204   fffff9c73c3649e0    carp6_wqinput/0 carp6_wqinput
0       42 3   1       204   fffff9c73c36a180     carp_wqinput/1 carp_wqinput
0       41 3   0       204   fffff9c73c36a5c0     carp_wqinput/0 carp_wqinput
0       40 3   1       204   fffff9c73c36aa00     icmp_wqinput/1 icmp_wqinput
0       39 3   0       204   fffff9c73c3711a0     icmp_wqinput/0 icmp_wqinput
0       38 3   1       204   fffff9c739adc9c0           rt_timer rt_timer
0       37 3   0       204   fffff9c73c3715e0        vmem_rehash vmem_rehash
0       27 3   0       204   fffff9c739adc580           scsibus0 sccomp
0       26 3   0       200   fffff9c739adc140               pms0 pmsreset
0       25 3   1       204   fffff9c739a679a0            xcall/1 xcall
0       24 1   1       200   fffff9c739a67560          softser/1
0       23 1   1       200   fffff9c739a67120          softclk/1
0       22 1   1       200   fffff9c739a58980          softbio/1
0       21 1   1       200   fffff9c739a58540          softnet/1
0    >  20 7   1       201   fffff9c739a58100             idle/1
0       19 3   0       204   fffff9c849f7c960           lnxpwrwq lnxpwrwq
0       18 3   0       204   fffff9c849f7c520           lnxlngwq lnxlngwq
0       17 3   0       204   fffff9c849f7c0e0           lnxsyswq lnxsyswq
0       16 3   0       204   fffff9c849fa3940           lnxrcugc lnxrcugc
0       15 3   0       204   fffff9c849fa3500             sysmon smtaskq
0       14 3   0       204   fffff9c849fa30c0         pmfsuspend pmfsuspend
0       13 3   0       204   fffff9c84a3b6920           pmfevent pmfevent
0       12 3   0       204   fffff9c84a3b64e0         sopendfree sopendfr
0       11 3   0       204   fffff9c84a3b60a0           nfssilly nfssilly
0       10 3   0       200   fffff9c84b7df900            cachegc cachegc
0        9 3   1       204   fffff9c84b7df4c0             vdrain vdrain
0        8 3   0       200   fffff9c84b7df080          modunload mod_unld
0        7 3   0       204   fffff9c84b7f88e0            xcall/0 xcall
0        6 1   0       200   fffff9c84b7f84a0          softser/0
0        5 1   0       200   fffff9c84b7f8060          softclk/0
0        4 1   0       200   fffff9c84b8198c0          softbio/0
0        3 1   0       200   fffff9c84b819480          softnet/0
0        2 1   0       201   fffff9c84b819040             idle/0
0        1 3   0       200   ffffffff85333de0            swapper uvm
[Locks tracked through LWPs]
Locks held by an LWP (syz-executor7826):
Lock 0 (initialized at fork1)
lock address : 0xfffff9c73f92bc40 type     :     sleep/adaptive
initialized  : 0xffffffff8232c9e5
shared holds :                  0 exclusive:                  1
shares wanted:                  0 exclusive:                  0
current cpu  :                  0 last held:                  0
current lwp  : 0xfffff9c73d93b2e0 last held: 0xfffff9c73d93b2e0
last locked* : 0xffffffff8234599c unlocked : 0xffffffff82322