[ 111.5894545] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/dev/wscons/wskbd.c:1020:48, member access within null pointer of type 'struct pgrp'

[ 111.6068051] cpu0: Begin traceback...
[ 111.6294332] vpanic() at netbsd:vpanic+0x2f2 sys/kern/subr_prf.c:293
[ 111.7394348] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
[ 111.8194326] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x1fb sys/../common/lib/libc/misc/ubsan.c:429
[ 111.9094345] wskbd_do_ioctl() at netbsd:wskbd_do_ioctl+0x77b wskbd_do_ioctl_sc sys/dev/wscons/wskbd.c:1020 [inline]
[ 111.9094345] wskbd_do_ioctl() at netbsd:wskbd_do_ioctl+0x77b sys/dev/wscons/wskbd.c:993
[ 111.9894331] cdev_ioctl() at netbsd:cdev_ioctl+0x18d sys/kern/subr_devsw.c:1248
[ 112.0594323] spec_ioctl() at netbsd:spec_ioctl+0xf2 sys/miscfs/specfs/spec_vnops.c:1294
[ 112.1394370] VOP_IOCTL() at netbsd:VOP_IOCTL+0x147 sys/kern/vnode_if.c:934
[ 112.2194331] vn_ioctl() at netbsd:vn_ioctl+0x195 sys/kern/vfs_vnops.c:865
[ 112.2994323] sys_ioctl() at netbsd:sys_ioctl+0xd88 sys/kern/sys_generic.c:675
[ 112.3694323] sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline]
[ 112.3694323] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90
[ 112.4494335] syscall() at netbsd:syscall+0x2da sy_call sys/sys/syscallvar.h:65 [inline]
[ 112.4494335] syscall() at netbsd:syscall+0x2da sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 112.4494335] syscall() at netbsd:syscall+0x2da sys/arch/x86/x86/syscall.c:138
[ 112.4694327] --- syscall (number 54 via SYS_syscall) ---
[ 112.4994328] netbsd:syscall+0x2da:
[ 112.4994328] cpu0: End traceback...
[ 112.4994328] fatal breakpoint trap in supervisor mode
[ 112.5107379] trap type 1 code 0 rip 0xffffffff80221ab5 cs 0x8 rflags 0x246 cr2 0x7ce44f23a000 ilevel 0 rsp 0xffff9100cee64660
[ 112.5237348] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
[ 112.5314453] Skipping crash dump on recursive panic
[ 112.5314453] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/dev/wsfb/genfb.c:988:28, member access within null pointer of type 'struct genfb_private'

[ 112.5314453] cpu0: Begin traceback...
[ 112.5314453] vpanic() at netbsd:vpanic+0x2f2 sys/kern/subr_prf.c:293
[ 112.5314453] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
[ 112.5314453] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x1fb sys/../common/lib/libc/misc/ubsan.c:429
[ 112.5314453] genfb_enable_polling() at netbsd:genfb_enable_polling+0x17e sys/dev/wsfb/genfb.c:988
[ 112.5314453] x86_genfb_ddb_trap_callback() at netbsd:x86_genfb_ddb_trap_callback+0x39 sys/arch/x86/x86/genfb_machdep.c:97
[ 112.5314453] db_trap() at netbsd:db_trap+0x68 sys/ddb/db_trap.c:73
[ 112.5314453] kdb_trap() at netbsd:kdb_trap+0x1aa sys/arch/amd64/amd64/db_interface.c:251
[ 112.5314453] trap() at netbsd:trap+0x5b2 sys/arch/amd64/amd64/trap.c:315
[ 112.5314453] --- trap (number 1) ---
[ 112.5314453] breakpoint() at netbsd:breakpoint+0x5
[ 112.5314453] db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:69
[ 112.5314453] vpanic() at netbsd:vpanic+0x2f2 sys/kern/subr_prf.c:293
[ 112.5314453] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
[ 112.5314453] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x1fb sys/../common/lib/libc/misc/ubsan.c:429
[ 112.5314453] wskbd_do_ioctl() at netbsd:wskbd_do_ioctl+0x77b wskbd_do_ioctl_sc sys/dev/wscons/wskbd.c:1020 [inline]
[ 112.5314453] wskbd_do_ioctl() at netbsd:wskbd_do_ioctl+0x77b sys/dev/wscons/wskbd.c:993
[ 112.5314453] cdev_ioctl() at netbsd:cdev_ioctl+0x18d sys/kern/subr_devsw.c:1248
[ 112.5314453] spec_ioctl() at netbsd:spec_ioctl+0xf2 sys/miscfs/specfs/spec_vnops.c:1294
[ 112.5314453] VOP_IOCTL() at netbsd:VOP_IOCTL+0x147 sys/kern/vnode_if.c:934
[ 112.5314453] vn_ioctl() at netbsd:vn_ioctl+0x195 sys/kern/vfs_vnops.c:865
[ 112.5314453] sys_ioctl() at netbsd:sys_ioctl+0xd88 sys/kern/sys_generic.c:675
[ 112.5314453] sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline]
[ 112.5314453] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90
[ 112.5314453] syscall() at netbsd:syscall+0x2da sy_call sys/sys/syscallvar.h:65 [inline]
[ 112.5314453] syscall() at netbsd:syscall+0x2da sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 112.5314453] syscall() at netbsd:syscall+0x2da sys/arch/x86/x86/syscall.c:138
[ 112.5314453] --- syscall (number 54 via SYS_syscall) ---
[ 112.5314453] netbsd:syscall+0x2da:
[ 112.5314453] cpu0: End traceback...
[ 112.5314453] fatal breakpoint trap in supervisor mode
[ 112.5314453] trap type 1 code 0 rip 0xffffffff80221ab5 cs 0x8 rflags 0x246 cr2 0x7ce44f23a000 ilevel 0x8 rsp 0xffff9100cee63d30
[ 112.5314453] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
[ 112.5314453] uvm_fault(0xffffd03b57710880, 0x0, 1) -> e
[ 112.5314453] fatal page fault in supervisor mode
[ 112.5314453] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffff9100cee63960
[ 112.5314453] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
kernel: page fault trap, code=0
[ 112.5314453] uvm_fault(0xffffd03b57710880, 0x0, 1) -> e
[ 112.5314453] fatal page fault in supervisor mode
[ 112.5314453] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffff9100cee63590
[ 112.5314453] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
kernel: page fault trap, code=0
[ 112.5314453] uvm_fault(0xffffd03b57710880, 0x0, 1) -> e
[ 112.5314453] fatal page fault in supervisor mode
[ 112.5314453] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffff9100cee631c0
[ 112.5314453] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
kernel: page fault trap, code=0
[ 112.5314453] uvm_fault(0xffffd03b57710880, 0x0, 1) -> e
[ 112.5314453] fatal page fault in supervisor mode
[ 112.5314453] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffff9100cee62df0
[ 112.5314453] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
kernel: page fault trap, code=0
[ 112.5314453] uvm_fault(0xffffd03b57710880, 0x0, 1) -> e
[ 112.5314453] fatal page fault in supervisor mode
[ 112.5314453] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffff9100cee62a20
[ 112.5314453] curlwp 0xffffd03b64530080 pid 9301.9390 lowest kstack 0xffff9100cee602c0
kernel: page fault trap, code=0
[ 112.5314453] uvm_fault(0xffffd03b57710880, 0x0, 1) -> e