[ 432.9972686] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/uvm/uvm_page.c:2030:34, member access within misaligned address 0xdeadbeef for type 'struct uvm_object' which requires 8 byte alignment [ 433.0230000] cpu0: Begin traceback... [ 433.0372310] vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:288 [ 433.1171929] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352 [ 433.1771624] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0xfc sys/../common/lib/libc/misc/ubsan.c:432 [ 433.2271336] uvm_page_owner_locked_p() at netbsd:uvm_page_owner_locked_p+0x1f4 sys/uvm/uvm_page.c:2030 [ 433.2871039] uvm_pageunwire() at netbsd:uvm_pageunwire+0x22 sys/uvm/uvm_page.c:1788 [ 433.3370824] uvm_fault_unwire_locked() at netbsd:uvm_fault_unwire_locked+0x3a1 sys/uvm/uvm_fault.c:2729 [ 433.3870572] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0x76c uvm_map_entry_unwire sys/uvm/uvm_map.c:864 [inline] [ 433.3870572] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0x76c sys/uvm/uvm_map.c:2316 [ 433.4370284] uvm_map_enter() at netbsd:uvm_map_enter+0x268 sys/uvm/uvm_map.c:1321 [ 433.4969982] uvm_map() at netbsd:uvm_map+0x135 sys/uvm/uvm_map.c:1084 [ 433.5469753] uvm_mmap.part.0() at netbsd:uvm_mmap.part.0+0x3b0 [ 433.6069485] sys_mmap() at netbsd:sys_mmap+0x9ed uvm_mmap sys/uvm/uvm_mmap.c:421 [inline] [ 433.6069485] sys_mmap() at netbsd:sys_mmap+0x9ed sys/uvm/uvm_mmap.c:421 [ 433.6569178] sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline] [ 433.6569178] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90 [ 433.7068928] syscall() at netbsd:syscall+0x28b sy_call sys/sys/syscallvar.h:65 [inline] [ 433.7068928] syscall() at netbsd:syscall+0x28b sy_invoke sys/sys/syscallvar.h:94 [inline] [ 433.7068928] syscall() at netbsd:syscall+0x28b sys/arch/x86/x86/syscall.c:137 [ 433.7268890] --- syscall (number 197 via SYS_syscall) --- [ 433.7368787] netbsd:syscall+0x28b: [ 433.7490349] cpu0: End traceback... [ 433.7490349] fatal breakpoint trap in supervisor mode [ 433.7576133] trap type 1 code 0 rip 0xffffffff80235475 cs 0x8 rflags 0x246 cr2 0x79f0193a6000 ilevel 0 rsp 0xffffa482481c05a0 [ 433.7675140] curlwp 0xfffff6ca98f46a40 pid 7724.14889 lowest kstack 0xffffa482481bc2c0 Stopped in pid 7724.14889 (syz-executor.0) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:71 vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:288 Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352 HandleTypeMismatch() at netbsd:HandleTypeMismatch+0xfc sys/../common/lib/libc/misc/ubsan.c:432 uvm_page_owner_locked_p() at netbsd:uvm_page_owner_locked_p+0x1f4 sys/uvm/uvm_page.c:2030 uvm_pageunwire() at netbsd:uvm_pageunwire+0x22 sys/uvm/uvm_page.c:1788 uvm_fault_unwire_locked() at netbsd:uvm_fault_unwire_locked+0x3a1 sys/uvm/uvm_fault.c:2729 uvm_unmap_remove() at netbsd:uvm_unmap_remove+0x76c uvm_map_entry_unwire sys/uvm/uvm_map.c:864 [inline] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0x76c sys/uvm/uvm_map.c:2316 uvm_map_enter() at netbsd:uvm_map_enter+0x268 sys/uvm/uvm_map.c:1321 uvm_map() at netbsd:uvm_map+0x135 sys/uvm/uvm_map.c:1084 uvm_mmap.part.0() at netbsd:uvm_mmap.part.0+0x3b0 sys_mmap() at netbsd:sys_mmap+0x9ed uvm_mmap sys/uvm/uvm_mmap.c:421 [inline] sys_mmap() at netbsd:sys_mmap+0x9ed sys/uvm/uvm_mmap.c:421 sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90 syscall() at netbsd:syscall+0x28b sy_call sys/sys/syscallvar.h:65 [inline] syscall() at netbsd:syscall+0x28b sy_invoke sys/sys/syscallvar.h:94 [inline] syscall() at netbsd:syscall+0x28b sys/arch/x86/x86/syscall.c:137 --- syscall (number 197 via SYS_syscall) --- netbsd:syscall+0x28b: Panic string: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/uvm/uvm_page.c:2030:34, member access within misaligned address 0xdeadbeef for type 'struct uvm_object' which requires 8 byte alignment PID LID S CPU FLAGS STRUCT LWP * NAME WAIT 12584 12584 2 0 0 fffff6ca95dfaa00 syz-executor.3 6702 6702 2 0 40000 fffff6ca95dfa180 syz-executor.1 7724 5428 3 0 180 fffff6caa2c31680 syz-executor.0 parked 7724 >14889 7 0 40000 fffff6ca98f46a40 syz-executor.0 7724 7724 2 0 10000000 fffff6ca81785a40 syz-executor.0 1570 1570 3 0 180 fffff6caa46312c0 syz-executor.4 parked 1793 1793 2 1 0 fffff6ca9ab93640 syz-executor.0 15512 15512 2 1 0 fffff6ca696b8180 syz-executor.3 6854 6854 3 0 180 fffff6ca79a6e480 syz-executor.0 parked 13497 13497 3 0 180 fffff6ca94906140 syz-executor.0 parked 15152 15152 3 1 180 fffff6ca84ab6340 syz-executor.1 parked 13566 13566 3 0 180 fffff6ca8d9420c0 syz-executor.1 parked 12683 12683 3 0 180 fffff6ca84ab6780 syz-executor.0 parked 10888 10888 3 0 180 fffff6ca898ffb40 syz-executor.1 parked 13241 13241 3 0 180 fffff6ca8c6e7040 syz-executor.3 parked 13472 12185 3 1 11100000 fffff6ca83bac5c0 syz-executor.3 vfork 13472 13472 3 1 11000000 fffff6ca7ff5c080 syz-executor.3 lwpwait 12019 12019 3 1 180 fffff6ca76582640 syz-executor.0 parked 8694 8694 3 1 180 fffff6ca8fbab980 syz-executor.4 parked 10236 10236 3 1 180 fffff6ca8c6e7480 syz-executor.1 parked 9712 9712 3 0 180 fffff6ca84ab6bc0 syz-executor.1 parked 10115> 8076 7 1 1140000 fffff6ca53a37b80 syz-executor.4 10115 10115 2 0 11000040 fffff6ca82797140 syz-executor.4 10420 10420 3 0 180 fffff6ca55aa0280 syz-executor.3 parked 10913 10913 3 1 180 fffff6ca7b827980 syz-executor.1 parked 1881 1881 3 1 180 fffff6ca7f30f680 syz-executor.0 parked 9104 9104 3 1 180 fffff6ca83bac180 syz-executor.0 parked 10334 10462 3 1 11100000 fffff6ca86dee280 syz-executor.0 vfork 10334 10311 3 1 11100000 fffff6ca86deeb00 syz-executor.0 vfork 10334 10334 2 0 11000040 fffff6ca71bb8500 syz-executor.0 8011 8011 3 1 180 fffff6ca82b7c300 syz-executor.5 parked 8043 8043 3 1 180 fffff6ca76582200 syz-executor.5 parked 8160 8160 3 0 180 fffff6ca6b2d2780 syz-executor.5 parked 8117 7812 3 1 100000 fffff6ca7f30fac0 syz-executor.5 vfork 8117 7571 3 1 100000 fffff6ca898ff2c0 syz-executor.5 vfork 8117 8117 3 1 10000000 fffff6ca7b827100 syz-executor.5 lwpwait 7385 7385 3 0 180 fffff6ca82797580 syz-executor.3 parked 7723 7723 3 1 180 fffff6ca898ff700 syz-executor.0 parked 6715 6715 3 1 180 fffff6ca83baca00 syz-executor.0 parked 6286 6286 3 0 180 fffff6ca539562c0 syz-executor.3 parked 6603 6603 3 0 180 fffff6ca817851c0 syz-executor.5 parked 5724 5724 3 1 180 fffff6ca7b827540 syz-executor.5 parked 4994 4994 3 1 180 fffff6ca61c4d540 syz-executor.3 parked 6598 6598 3 1 180 fffff6ca71bb80c0 syz-executor.4 parked 4857 4857 3 1 180 fffff6ca5b303500 syz-executor.4 parked 4645 4855 2 0 1000040 fffff6ca71bb8940 syz-executor.4 4645 4906 3 1 11100000 fffff6ca6b5eba80 syz-executor.4 vfork 4645 4489 3 1 11100000 fffff6ca76b97b80 syz-executor.4 vfork 5422 5422 3 1 180 fffff6ca7ff5c900 syz-executor.0 parked 4391 4391 3 1 180 fffff6ca79a6e8c0 syz-executor.0 parked 6444 6601 3 1 11100000 fffff6ca79a6e040 syz-executor.0 vfork 6444 6444 2 0 11000040 fffff6ca6853e1c0 syz-executor.0 4493 4493 2 0 0 fffff6ca6153b040 ndp 4065 4065 3 1 180 fffff6ca53746b40 syz-executor.1 parked 3994 3994 3 0 180 fffff6ca76b97740 syz-executor.0 parked 5050 5050 3 1 180 fffff6ca6b5eb200 syz-executor.3 parked 5042 5042 3 1 180 fffff6ca5a89e900 syz-executor.5 parked 4949 5077 3 1 11100000 fffff6ca5b3030c0 syz-executor.5 vfork 4949 4949 2 0 11000040 fffff6ca6153b8c0 syz-executor.5 4440 4440 3 1 180 fffff6ca6167c780 syz-executor.0 parked 4424 4424 3 1 180 fffff6ca542cca00 syz-executor.0 parked 4663 4663 3 0 180 fffff6ca6153b480 syz-executor.2 parked 4298 4174 3 1 0 fffff6ca6d86c280 syz-executor.2 lwpwait 4298 3310 3 0 10100000 fffff6ca6aeb5b40 syz-executor.2 vfork 3053 3053 3 0 180 fffff6ca6aeb52c0 syz-executor.1 parked 3789 3789 3 0 180 fffff6ca6d237680 syz-executor.3 parked 3667 3667 3 0 180 fffff6ca6aeb5700 syz-executor.4 parked 2546 2546 3 1 180 fffff6ca542cc180 syz-executor.5 parked 2296 2296 3 0 180 fffff6ca6d86cb00 syz-executor.1 parked 2176 2176 3 1 180 fffff6ca5a89e080 syz-executor.2 parked 3295 3295 3 0 180 fffff6ca6d237240 syz-executor.0 parked 3564 3564 3 0 180 fffff6ca5447b940 syz-executor.0 parked 2508 2508 3 0 180 fffff6ca6d86c6c0 syz-executor.0 parked 3071 3071 3 1 180 fffff6ca5d1a4140 syz-executor.0 parked 3360 3385 2 0 1000040 fffff6ca544744c0 syz-executor.0 3360 2183 3 0 1100000 fffff6ca6853e600 syz-executor.0 vfork 3360 2019 3 0 15100000 fffff6ca53746700 syz-executor.0 vfork 3360 2493 3 1 5100000 fffff6ca6d237ac0 syz-executor.0 vfork 2906 2906 3 1 180 fffff6ca5d1a4580 syz-executor.0 parked 1381 1381 3 0 180 fffff6ca539d7bc0 syz-executor.5 parked 2383 2383 3 0 180 fffff6ca53956b40 syz-executor.1 parked 1382 1382 3 0 180 fffff6ca5a89e4c0 syz-executor.1 parked 2227 2227 3 0 180 fffff6ca537462c0 syz-executor.5 parked 1186 1186 3 0 180 fffff6ca545cb140 syz-executor.4 parked 1188 1188 3 0 180 fffff6ca542ee480 syz-executor.4 parked 2156 2156 3 1 180 fffff6ca61c4d980 syz-executor.2 parked 578 578 3 0 180 fffff6ca5447b0c0 syz-executor.2 parked 1084 1084 3 0 180 fffff6ca6181f300 syz-executor.2 parked 550 550 3 1 180 fffff6ca5d1a49c0 syz-executor.2 parked 662 662 3 1 180 fffff6ca61c4d100 syz-executor.4 parked 645 645 3 0 180 fffff6ca6167cbc0 syz-executor.2 parked 1569 1569 3 0 180 fffff6ca53956700 syz-executor.2 parked 1230 1426 3 1 180 fffff6ca6181f740 syz-fuzzer parked 1230 464 3 0 180 fffff6ca5447b500 syz-fuzzer wait 1230 573 3 1 180 fffff6ca542cc5c0 syz-fuzzer parked 1230 1074 3 0 180 fffff6ca547a7a40 syz-fuzzer wait 1230 1383 3 1 180 fffff6ca547a7600 syz-fuzzer parked 1230 1240 3 1 180 fffff6ca550ee200 syz-fuzzer wait 1230 1199 2 0 0 fffff6ca550ee640 syz-fuzzer 1230 1223 3 1 180 fffff6ca550eea80 syz-fuzzer wait 1230 1098 3 1 180 fffff6ca547a71c0 syz-fuzzer parked 1230 1120 3 1 180 fffff6ca55aa06c0 syz-fuzzer parked 1230 942 3 1 180 fffff6ca545cb580 syz-fuzzer wait 1230 1235 3 1 180 fffff6ca532d7200 syz-fuzzer parked 1230 1082 3 0 180 fffff6ca53a37740 syz-fuzzer parked 1230 1230 3 1 180 fffff6ca53be7980 syz-fuzzer parked 1080 1080 3 0 180 fffff6ca550bb240 sshd select 1000 1000 3 1 180 fffff6ca550bbac0 getty nanoslp 1224 1224 3 1 180 fffff6ca535a46c0 getty nanoslp 1151 1151 3 1 180 fffff6ca535a4280 getty nanoslp 1216 1216 3 0 180 fffff6ca532acac0 getty ttyraw 1101 1101 3 0 180 fffff6ca550bb680 sshd select 685 685 3 1 180 fffff6ca55aa0b00 powerd kqueue 700 700 3 0 180 fffff6ca545cb9c0 syslogd kqueue 746 746 3 0 180 fffff6ca53a37300 dhcpcd poll 747 747 3 0 180 fffff6ca53be7100 dhcpcd poll 742 742 2 0 0 fffff6ca53be7540 dhcpcd 292 292 3 0 180 fffff6ca535a4b00 dhcpcd poll 485 485 3 1 180 fffff6ca539d7340 dhcpcd poll 291 291 2 0 0 fffff6ca539d7780 dhcpcd 1 1 3 0 180 fffff6ca4b097100 init wait 0 10564 5 0 200 fffff6ca94906580 (zombie) 0 12441 3 0 200 fffff6ca6181fb80 ktrace ktrwait 0 9027 3 0 200 fffff6ca7f30f240 acctwatch actwat 0 7887 3 0 200 fffff6ca542ee8c0 swapiod swapiod 0 2641 3 0 200 fffff6ca54474900 ktrace ktrwait 0 987 3 0 200 fffff6ca532d7640 physiod physiod 0 196 3 0 200 fffff6ca532ac680 pooldrain pooldrain 0 195 3 0 200 fffff6ca532ac240 ioflush syncer 0 194 3 0 200 fffff6ca532d7a80 pgdaemon pgdaemon 0 170 3 1 200 fffff6ca511d6a40 usb7 usbevt 0 169 3 1 200 fffff6ca511d6600 usb6 usbevt 0 168 3 1 200 fffff6ca511d61c0 usb5 usbevt 0 167 3 1 200 fffff6ca4e149a00 usb4 usbevt 0 166 3 1 200 fffff6ca4e1495c0 usb3 usbevt 0 165 3 1 200 fffff6ca4e149180 usb2 usbevt 0 31 3 0 200 fffff6ca4c0fc9c0 usb1 usbevt 0 63 3 0 200 fffff6ca4c0fc580 usb0 usbevt 0 126 3 1 200 fffff6ca4c0fc140 usbtask-dr usbtsk 0 125 3 1 200 fffff6ca4b097980 usbtask-hc usbtsk 0 124 3 0 200 fffff6ca49495b00 swwreboot swwreboot 0 123 3 1 200 fffff6ca4b097540 npfgc0 npfgcw 0 122 3 1 200 fffff6ca4b05a940 rt_free rt_free 0 121 3 0 200 fffff6ca4b05a500 unpgc unpgc 0 120 3 0 200 fffff6ca4b05a0c0 key_timehandler key_timehandler 0 119 3 1 200 fffff6ca4b04f900 icmp6_wqinput/1 icmp6_wqinput 0 118 3 0 200 fffff6ca4b04f4c0 icmp6_wqinput/0 icmp6_wqinput 0 117 3 1 200 fffff6ca4b04f080 nd6_timer nd6_timer 0 116 3 1 200 fffff6ca4b02b8c0 carp6_wqinput/1 carp6_wqinput 0 115 3 0 200 fffff6ca4b02b480 carp6_wqinput/0 carp6_wqinput 0 114 3 1 200 fffff6ca4b02b040 carp_wqinput/1 carp_wqinput 0 113 3 0 200 fffff6ca4afdebc0 carp_wqinput/0 carp_wqinput 0 112 3 1 200 fffff6ca4aeff740 icmp_wqinput/1 icmp_wqinput 0 111 3 0 200 fffff6ca4aeffb80 icmp_wqinput/0 icmp_wqinput 0 110 3 0 200 fffff6ca4afde340 rt_timer rt_timer 0 109 3 0 200 fffff6ca4afde780 vmem_rehash vmem_rehash 0 100 3 1 200 fffff6ca4aeff300 entbutler entropy 0 99 3 0 200 fffff6ca4a93eb40 viomb balloon 0 98 3 1 200 fffff6ca4a93e700 vioif0_txrx/1 vioif0_txrx 0 97 3 0 200 fffff6ca4a93e2c0 vioif0_txrx/0 vioif0_txrx 0 30 3 1 200 fffff6ca494956c0 scsibus0 sccomp 0 29 3 0 200 fffff6ca49495280 pms0 pmsreset 0 28 3 1 200 fffff6ca493b5ac0 xcall/1 xcall 0 27 1 1 200 fffff6ca493b5680 softser/1 0 26 1 1 200 fffff6ca493b5240 softclk/1 0 25 1 1 200 fffff6ca49398a80 softbio/1 0 24 1 1 200 fffff6ca49398640 softnet/1 0 23 1 1 201 fffff6ca49398200 idle/1 0 22 3 1 200 fffff6cb77733a40 lnxsyswq lnxsyswq 0 21 3 0 200 fffff6cb77733600 lnxubdwq lnxubdwq 0 20 3 0 200 fffff6cb777331c0 lnxpwrwq lnxpwrwq 0 19 3 0 200 fffff6cb77742a00 lnxlngwq lnxlngwq 0 18 3 0 200 fffff6cb777425c0 lnxhipwq lnxhipwq 0 17 3 0 200 fffff6cb77742180 lnxrcugc lnxrcugc 0 16 3 0 200 fffff6cb777599c0 sysmon smtaskq 0 15 3 1 200 fffff6cb77759580 pmfsuspend pmfsuspend 0 14 3 0 200 fffff6cb77759140 pmfevent pmfevent 0 13 3 0 200 fffff6cb7776c980 sopendfree sopendfr 0 12 3 0 200 fffff6cb7776c540 ifwdog ifwdog 0 11 3 1 200 fffff6cb7776c100 iflnkst iflnkst 0 10 3 1 200 fffff6cb78797940 nfssilly nfssilly 0 9 3 1 200 fffff6cb78797500 pooldisp pooldisp 0 8 3 1 200 fffff6cb787970c0 modunload mod_unld 0 7 3 0 200 fffff6cb787c2900 xcall/0 xcall 0 6 1 0 200 fffff6cb787c24c0 softser/0 0 5 1 0 200 fffff6cb787c2080 softclk/0 0 4 1 0 200 fffff6cb787ed8c0 softbio/0 0 3 1 0 200 fffff6cb787ed480 softnet/0 0 2 1 0 201 fffff6cb787ed040 idle/0 0 0 2 0 240 ffffffff86795cc0 swapper [Locks tracked through LWPs] ****** LWP 7724.14889 (syz-executor.0) @ 0xfffff6ca98f46a40, l_stat=7 *** Locks held: * Lock 0 (initialized at netbsd:uvmspace_alloc+0x335 uvm_map_setup sys/uvm/uvm_map.c:4786 [inline]) * Lock 0 (initialized at netbsd:uvmspace_alloc+0x335 uvmspace_init sys/uvm/uvm_map.c:4129 [inline]) * Lock 0 (initialized at netbsd:uvmspace_alloc+0x335 sys/uvm/uvm_map.c:4108) lock address : fffff6ca61fc0c88 type : sleep/adaptive initialized : netbsd:uvmspace_alloc+0x335 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xfffff6ca98f46a40 last held: 0xfffff6ca98f46a40 last locked* : netbsd:uvm_map_prepare+0x11d unlocked : netbsd:uvm_map_pageable_all+0x725 owner/count : 0xfffff6ca98f46a40 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. * Lock 1 (initialized at netbsd:uvm_obj_init+0xee sys/uvm/uvm_object.c:70) lock address : fffff6ca9f3a71c0 type : sleep/adaptive initialized : netbsd:uvm_obj_init+0xee shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xfffff6ca98f46a40 last held: 0xfffff6ca98f46a40 last locked* : netbsd:uvm_map_lock_entry+0xe5 unlocked : netbsd:udv_attach+0x4e3 owner/count : 0xfffff6ca98f46a40 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. *** Locks wanted: none ****** LWP 0.1601004916 () @ 0xffffffff845c1158, l_stat=1074030203 *** Locks held: [ 433.7675140] Skipping crash dump on recursive panic [ 433.7675140] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/kern/subr_lockdebug.c:874:43, member access within misaligned address 0x75 for type 'volatile struct lockdebug_t' which requires 8 byte alignment [ 433.7675140] cpu0: Begin traceback... [ 433.7675140] vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:288 [ 433.7675140] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352 [ 433.7675140] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0xfc sys/../common/lib/libc/misc/ubsan.c:432 [ 433.7675140] lockdebug_show_all_locks() at netbsd:lockdebug_show_all_locks+0x459 lockdebug_show_one sys/kern/subr_lockdebug.c:874 [inline] [ 433.7675140] lockdebug_show_all_locks() at netbsd:lockdebug_show_all_locks+0x459 lockdebug_show_all_locks_lwp sys/kern/subr_lockdebug.c:912 [inline] [ 433.7675140] lockdebug_show_all_locks() at netbsd:lockdebug_show_all_locks+0x459 sys/kern/subr_lockdebug.c:974 [ 433.7675140] db_command() at netbsd:db_command+0x240 sys/ddb/db_command.c:972 [ 433.7675140] db_command_loop() at netbsd:db_command_loop+0x221 db_execute_commandlist sys/ddb/db_command.c:468 [inline] [ 433.7675140] db_command_loop() at netbsd:db_command_loop+0x221 sys/ddb/db_command.c:618 [ 433.7675140] db_trap() at netbsd:db_trap+0x261 sys/ddb/db_trap.c:94 [ 433.7675140] kdb_trap() at netbsd:kdb_trap+0x1aa sys/arch/amd64/amd64/db_interface.c:252 [ 433.7675140] trap() at netbsd:trap+0x569 sys/arch/amd64/amd64/trap.c:314 [ 433.7675140] --- trap (number 1) --- [ 433.7675140] breakpoint() at netbsd:breakpoint+0x5 [ 433.7675140] db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:71 [ 433.7675140] vpanic() at netbsd:vpanic+0x2f0 sys/kern/subr_prf.c:288 [ 433.7675140] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352 [ 433.7675140] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0xfc sys/../common/lib/libc/misc/ubsan.c:432 [ 433.7675140] uvm_page_owner_locked_p() at netbsd:uvm_page_owner_locked_p+0x1f4 sys/uvm/uvm_page.c:2030 [ 433.7675140] uvm_pageunwire() at netbsd:uvm_pageunwire+0x22 sys/uvm/uvm_page.c:1788 [ 433.7675140] uvm_fault_unwire_locked() at netbsd:uvm_fault_unwire_locked+0x3a1 sys/uvm/uvm_fault.c:2729 [ 433.7675140] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0x76c uvm_map_entry_unwire sys/uvm/uvm_map.c:864 [inline] [ 433.7675140] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0x76c sys/uvm/uvm_map.c:2316 [ 433.7675140] uvm_map_enter() at netbsd:uvm_map_enter+0x268 sys/uvm/uvm_map.c:1321 [ 433.7675140] uvm_map() at netbsd:uvm_map+0x135 sys/uvm/uvm_map.c:1084 [ 433.7675140] uvm_mmap.part.0() at netbsd:uvm_mmap.part.0+0x3b0 [ 433.7675140] sys_mmap() at netbsd:sys_mmap+0x9ed uvm_mmap sys/uvm/uvm_mmap.c:421 [inline] [ 433.7675140] sys_mmap() at netbsd:sys_mmap+0x9ed sys/uvm/uvm_mmap.c:421 [ 433.7675140] sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline] [ 433.7675140] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90 [ 433.7675140] syscall() at netbsd:syscall+0x28b sy_call sys/sys/syscallvar.h:65 [inline] [ 433.7675140] syscall() at netbsd:syscall+0x28b sy_invoke sys/sys/syscallvar.h:94 [inline] [ 433.7675140] syscall() at netbsd:syscall+0x28b sys/arch/x86/x86/syscall.c:137 [ 433.7675140] --- syscall (number 197 via SYS_syscall) --- [ 433.7675140] netbsd:syscall+0x28b: [ 433.7675140] cpu0: End traceback... [ 433.7675140] fatal breakpoint trap in supervisor mode [ 433.7675140] trap type 1 code 0 rip 0xffffffff80235475 cs 0x8 rflags 0x246 cr2 0x79f0193a6000 ilevel 0x8 rsp 0xffffa482481bfa60 [ 433.7675140] curlwp 0xfffff6ca98f46a40 pid 7724.14889 lowest kstack 0xffffa482481bc2c0 Stopped in pid 7724.14889 (syz-executor.0) at netbsd:breakpoint+0x5: leave