[ 579.5346644] panic: kernel diagnostic assertion "dev->ud_ifaces == NULL" failed: file "/syzkaller/managers/ci2-netbsd/kernel/sys/dev/usb/usb_subr.c", line 870 ud_ifaces=0xffffa580143c7d00 [ 579.5539107] cpu0: Begin traceback... [ 579.6046275] vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:292 [ 579.7446281] _sub_D_65535_0() at netbsd:_sub_D_65535_0+-0x6b9c [ 579.8746284] usbd_set_config_index() at netbsd:usbd_set_config_index+0xcba sys/dev/usb/usb_subr.c:870 [ 580.0046303] ugenif_attach() at netbsd:ugenif_attach+0x404 sys/dev/usb/ugen.c:433 [ 580.1546336] ugen_attach() at netbsd:ugen_attach+0x16d sys/dev/usb/ugen.c:376 [ 580.2946341] config_attach_internal() at netbsd:config_attach_internal+0x349 sys/kern/subr_autoconf.c:1832 [ 580.4346303] config_found_acquire() at netbsd:config_found_acquire+0x1e2 sys/kern/subr_autoconf.c:1275 [ 580.5646282] config_found() at netbsd:config_found+0x4e sys/kern/subr_autoconf.c:1317 [ 580.7046303] usbd_attachwholedevice() at netbsd:usbd_attachwholedevice+0x371 sys/dev/usb/usb_subr.c:1139 [ 580.8346304] usbd_probe_and_attach() at netbsd:usbd_probe_and_attach+0x2d6 sys/dev/usb/usb_subr.c:1312 [ 580.9646355] usbd_new_device() at netbsd:usbd_new_device+0xaf7 sys/dev/usb/usb_subr.c:1589 [ 581.0946364] uhub_explore() at netbsd:uhub_explore+0xc29 sys/dev/usb/uhub.c:847 [ 581.2346319] usb_discover() at netbsd:usb_discover+0x117 sys/dev/usb/usb.c:1200 [ 581.3746328] usb_event_thread() at netbsd:usb_event_thread+0x127 sys/dev/usb/usb.c:755 [ 581.4046318] cpu0: End traceback... [ 581.4171669] fatal breakpoint trap in supervisor mode [ 581.4171669] trap type 1 code 0 rip 0xffffffff8023241d cs 0x8 rflags 0x286 cr2 0xc0003e22c0 ilevel 0 rsp 0xffffa582431674a0 [ 581.4327860] curlwp 0xffffa58012914200 pid 0.165 lowest kstack 0xffffa582431602c0 Stopped in pid 0.165 (system) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:69 vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:292 _sub_D_65535_0() at netbsd:_sub_D_65535_0+-0x6b9c usbd_set_config_index() at netbsd:usbd_set_config_index+0xcba sys/dev/usb/usb_subr.c:870 ugenif_attach() at netbsd:ugenif_attach+0x404 sys/dev/usb/ugen.c:433 ugen_attach() at netbsd:ugen_attach+0x16d sys/dev/usb/ugen.c:376 config_attach_internal() at netbsd:config_attach_internal+0x349 sys/kern/subr_autoconf.c:1832 config_found_acquire() at netbsd:config_found_acquire+0x1e2 sys/kern/subr_autoconf.c:1275 config_found() at netbsd:config_found+0x4e sys/kern/subr_autoconf.c:1317 usbd_attachwholedevice() at netbsd:usbd_attachwholedevice+0x371 sys/dev/usb/usb_subr.c:1139 usbd_probe_and_attach() at netbsd:usbd_probe_and_attach+0x2d6 sys/dev/usb/usb_subr.c:1312 usbd_new_device() at netbsd:usbd_new_device+0xaf7 sys/dev/usb/usb_subr.c:1589 uhub_explore() at netbsd:uhub_explore+0xc29 sys/dev/usb/uhub.c:847 usb_discover() at netbsd:usb_discover+0x117 sys/dev/usb/usb.c:1200 usb_event_thread() at netbsd:usb_event_thread+0x127 sys/dev/usb/usb.c:755 Panic string: kernel diagnostic assertion "dev->ud_ifaces == NULL" failed: file "/syzkaller/managers/ci2-netbsd/kernel/sys/dev/usb/usb_subr.c", line 870 ud_ifaces=0xffffa580143c7d00 PID LID S CPU FLAGS STRUCT LWP * NAME WAIT 2944 2944 2 0 0 ffffa580133bfa80 syz-fuzzer 2970 3803 2 0 0 ffffa58012a6e8c0 syz-executor.2 2970 15438 3 1 1c0 ffffa580141b91c0 syz-executor.2 parked 2970 3066 3 1 1c0 ffffa58012b79980 syz-executor.2 parked 2970 3063 2 1 0 ffffa58012b79100 syz-executor.2 2970 2970 2 1 10000000 ffffa5801432e580 syz-executor.2 2972 2972 3 1 180 ffffa5801345b040 syz-executor.3 parked 3839 3839 2 1 40 ffffa5801430e0c0 syz-executor.1 3069 2949 2 1 1000040 ffffa58012d45740 syz-executor.3 3069 2802 3 1 1100000 ffffa58012a48780 syz-executor.3 vfork 2445 2445 2 1 140 ffffa580133a7600 syz-executor.2 2037 2037 3 1 1c0 ffffa58013e25ac0 syz-executor.3 wait 15057 15057 2 0 40 ffffa58012c5a700 syz-executor.0 3362 3362 3 0 180 ffffa5801430e940 syz-executor.5 parked 2299 2299 3 1 180 ffffa580133d2680 syz-executor.5 parked 2348 2348 3 0 180 ffffa580141af180 syz-executor.5 parked 13253 13253 3 1 180 ffffa580126eb340 syz-executor.3 parked 1785 1922 3 1 1100000 ffffa5801347c980 syz-executor.3 vfork 1785 1785 2 1 11000040 ffffa58014006900 syz-executor.3 1175 1175 3 0 180 ffffa5801432e140 syz-executor.5 parked 1161 1159 3 0 11100000 ffffa5801406f540 syz-executor.5 vfork 1161 1161 2 1 11000040 ffffa58013dfaa80 syz-executor.5 1006 1006 3 1 180 ffffa580142f2080 syz-executor.2 parked 12235 12235 3 1 0 ffffa58012ca28c0 syz-executor.2 vfork 1005 1005 3 0 0 ffffa580142e3040 syz-executor.2 vfork 2028 2028 3 0 0 ffffa580142d8bc0 syz-executor.2 vfork 14045 14045 3 0 0 ffffa580142d8780 syz-executor.2 vfork 993 993 3 0 0 ffffa580142d8340 syz-executor.2 vfork 2272 2272 3 1 0 ffffa580142cfb80 syz-executor.2 vfork 13240 13240 3 1 0 ffffa580142cf740 syz-executor.2 vfork 1125 1125 3 1 0 ffffa580142cf300 syz-executor.2 vfork 994 994 3 1 0 ffffa580142c5b40 syz-executor.2 vfork 13545 13545 3 1 0 ffffa580142c5700 syz-executor.2 vfork 1127 1127 3 1 0 ffffa580142c52c0 syz-executor.2 vfork 995 995 3 1 0 ffffa580142bbb00 syz-executor.2 vfork 1126 1126 3 1 0 ffffa580142bb6c0 syz-executor.2 vfork 1887 1887 3 1 0 ffffa580142bb280 syz-executor.2 vfork 996 996 3 1 0 ffffa580142b3ac0 syz-executor.2 vfork 13518 13518 3 1 0 ffffa580142b3680 syz-executor.2 vfork 1128 1128 3 1 0 ffffa580142b3240 syz-executor.2 vfork 12634 12634 3 1 0 ffffa58012d55bc0 syz-executor.2 vfork 13393 13393 3 1 0 ffffa58012aa3080 syz-executor.2 vfork 2003 2003 3 1 0 ffffa58012cd6540 syz-executor.2 vfork 1876 1876 3 1 0 ffffa58012b98580 syz-executor.2 vfork 1880 1880 3 1 0 ffffa5801429ea80 syz-executor.2 vfork 13015 13015 3 1 0 ffffa5801429e640 syz-executor.2 vfork 1877 1877 3 1 0 ffffa58014292a40 syz-executor.2 vfork 1883 1883 3 1 0 ffffa58014292600 syz-executor.2 vfork 1500 1500 3 1 0 ffffa580142921c0 syz-executor.2 vfork 1497 1497 3 1 0 ffffa58014289a00 syz-executor.2 vfork 12620 12620 3 1 0 ffffa580142895c0 syz-executor.2 vfork 13257 13257 3 1 0 ffffa58014289180 syz-executor.2 vfork 13142 13142 3 1 0 ffffa5801427f9c0 syz-executor.2 vfork 13263 13263 3 1 0 ffffa5801427f580 syz-executor.2 vfork 908 908 3 1 0 ffffa5801427f140 syz-executor.2 vfork 1151 1151 3 1 0 ffffa58014275980 syz-executor.2 vfork 12357 12357 3 1 0 ffffa58014275540 syz-executor.2 vfork 14026 14026 3 1 0 ffffa58014275100 syz-executor.2 vfork 13754 13754 3 1 0 ffffa5801426a940 syz-executor.2 vfork 834 834 3 1 0 ffffa5801426a500 syz-executor.2 vfork 11856 11856 3 1 0 ffffa5801426a0c0 syz-executor.2 vfork 900 900 3 1 0 ffffa5801425f900 syz-executor.2 vfork 1589 1589 3 1 0 ffffa5801425f4c0 syz-executor.2 vfork 1864 1864 3 1 0 ffffa5801425f080 syz-executor.2 vfork 835 835 3 1 0 ffffa580142568c0 syz-executor.2 vfork 836 836 3 1 0 ffffa58014256480 syz-executor.2 vfork 1847 1847 3 1 0 ffffa58014256040 syz-executor.2 vfork 12877 12877 3 1 0 ffffa5801424cbc0 syz-executor.2 vfork 12860 12860 3 1 0 ffffa5801424c780 syz-executor.2 vfork 1977 1977 3 1 0 ffffa5801424c340 syz-executor.2 vfork 13766 13766 3 1 0 ffffa58014239b80 syz-executor.2 vfork 1854 1854 3 1 0 ffffa58014239740 syz-executor.2 vfork 959 959 3 1 0 ffffa58014239300 syz-executor.2 vfork 1981 1981 3 1 0 ffffa5801422ab40 syz-executor.2 vfork 805 805 3 1 0 ffffa5801422a700 syz-executor.2 vfork 1600 1600 3 1 0 ffffa5801422a2c0 syz-executor.2 vfork 12731 12731 3 1 0 ffffa580142176c0 syz-executor.2 vfork 1089 1089 3 1 0 ffffa58013fb3480 syz-executor.2 vfork 12975 12975 3 1 0 ffffa58014217280 syz-executor.2 vfork 1841 1841 3 1 0 ffffa58014212ac0 syz-executor.2 vfork 12340 12340 3 1 0 ffffa58014212680 syz-executor.2 vfork 13229 13229 3 1 0 ffffa58014209a80 syz-executor.2 vfork 809 809 3 0 0 ffffa58014209640 syz-executor.2 vfork 914 914 3 0 0 ffffa58014209200 syz-executor.2 vfork 808 808 3 0 0 ffffa58012c6cb80 syz-executor.2 vfork 1843 1843 3 0 0 ffffa58012c6c740 syz-executor.2 vfork 13735 13735 3 0 0 ffffa58012bcd180 syz-executor.2 vfork 915 915 3 0 180 ffffa580126ebbc0 syz-executor.2 parked 926 1572 3 0 1100000 ffffa58012c6c300 syz-executor.2 vfork 926 13739 3 0 1100000 ffffa580141b9a40 syz-executor.2 vfork 926 926 2 1 11000040 ffffa58013470500 syz-executor.2 12963 12963 3 1 180 ffffa58012d2bb00 syz-executor.3 parked 12579 12579 3 1 180 ffffa580133d2240 syz-executor.3 parked 1328 1328 3 1 180 ffffa580126e8740 syz-executor.2 parked 667 1202 3 1 11100000 ffffa580133bf640 syz-executor.2 vfork 667 667 2 1 11000040 ffffa580133dd280 syz-executor.2 671 671 3 0 180 ffffa5801344fbc0 syz-executor.5 parked 661 1440 2 1 1000040 ffffa58012dab4c0 syz-executor.5 661 660 3 0 11100000 ffffa58012bf5a40 syz-executor.5 vfork 12502 12502 3 1 180 ffffa58012b79540 syz-executor.5 parked 11216 11700 3 1 11100000 ffffa580126e8b80 syz-executor.5 vfork 11216 11216 2 1 11000040 ffffa58012aa34c0 syz-executor.5 11339 11339 3 0 180 ffffa580133d2ac0 syz-executor.2 parked 12237 11994 3 0 11100000 ffffa58012c2b680 syz-executor.2 vfork 12237 12237 2 1 11000040 ffffa58012d382c0 syz-executor.2 1085 2478 2 0 1000000 ffffa580126eb780 syz-fuzzer 1085 1351 3 0 1c0 ffffa58013f1f2c0 syz-fuzzer wait 1085 1247 3 1 180 ffffa58013ea0b00 syz-fuzzer wait 1085 1201 3 1 180 ffffa58013e25680 syz-fuzzer wait 1085 944 3 0 180 ffffa58013e25240 syz-fuzzer parked 1085 932 3 0 180 ffffa58013dfa200 syz-fuzzer parked 1085 1387 2 0 140 ffffa58013cf9600 syz-fuzzer 1085 1246 3 0 180 ffffa58013cf91c0 syz-fuzzer pipe_rd 1085 1376 3 1 180 ffffa58013469900 syz-fuzzer parked 1085 449 3 1 180 ffffa580134694c0 syz-fuzzer parked 1085 1234 3 1 180 ffffa58013469080 syz-fuzzer wait 1085 1186 3 1 180 ffffa5801344f780 syz-fuzzer parked 1085 1081 2 1 140 ffffa580134879c0 syz-fuzzer 1085 1085 3 1 0 ffffa58012c10200 syz-fuzzer tstile 1240 1240 3 0 180 ffffa58012a15b80 sshd select 1107 1107 3 0 180 ffffa58012aa3900 getty nanoslp 1237 1237 3 1 180 ffffa58012ad3940 getty nanoslp 949 949 3 0 180 ffffa58012ad3500 getty nanoslp 1236 1236 3 0 1c0 ffffa58012a48340 getty ttyraw 801 801 3 0 180 ffffa58013408b80 sshd select 1132 1132 3 0 180 ffffa58013367580 powerd kqueue 800 800 3 1 180 ffffa5801345b8c0 syslogd kqueue 566 566 3 0 180 ffffa58012c97780 dhcpcd poll 601 601 3 0 180 ffffa58012cef180 dhcpcd poll 746 746 3 0 180 ffffa58012cb74c0 dhcpcd poll 604 604 3 0 180 ffffa58012cb7080 dhcpcd poll 487 487 3 0 180 ffffa58012dbe940 dhcpcd poll 488 488 3 1 180 ffffa58012dbe500 dhcpcd poll 485 485 3 0 180 ffffa58012dbe0c0 dhcpcd poll 1 1 3 0 180 ffffa58012878180 init wait 0 15160 3 0 200 ffffa58012cd6980 ktrace ktrwait 0 2961 5 0 200 ffffa580133dd6c0 (zombie) 0 2294 3 0 200 ffffa580143a0a40 ktrace ktrwait 0 12119 3 0 200 ffffa580126ec480 swapiod swapiod 0 960 3 0 200 ffffa580129a26c0 physiod physiod 0 196 3 0 200 ffffa580129a4700 pooldrain pooldrain 0 195 2 0 240 ffffa580129a42c0 ioflush 0 194 3 1 200 ffffa580129a2b00 pgdaemon pgdaemon 0 169 3 1 200 ffffa58012962ac0 usb7 usbevt 0 172 3 0 200 ffffa58012962680 usb6 usbevt 0 170 3 1 200 ffffa58012962240 usb5 usbevt 0 168 3 1 200 ffffa58012914a80 usb4 usbevt 0 166 3 0 200 ffffa58012914640 usb3 usbevt 0 > 165 7 0 240 ffffa58012914200 usb2 0 31 3 1 200 ffffa580128daa40 usb1 usbevt 0 63 3 1 200 ffffa580128da600 usb0 usbevt 0 126 3 1 200 ffffa580128da1c0 usbtask-dr usbtsk 0 125 3 1 200 ffffa58012878a00 usbtask-hc usbtsk 0 124 3 0 200 ffffa58010d77b00 swwreboot swwreboot 0 123 3 1 200 ffffa580128785c0 npfgc0 npfgcw 0 122 3 1 200 ffffa5801286b9c0 rt_free rt_free 0 121 3 1 200 ffffa5801286b580 unpgc unpgc 0 120 2 0 200 ffffa5801286b140 key_timehandler 0 119 3 1 200 ffffa5801271c980 icmp6_wqinput/1 icmp6_wqinput 0 118 3 0 200 ffffa5801271c540 icmp6_wqinput/0 icmp6_wqinput 0 117 2 0 200 ffffa5801271c100 nd6_timer 0 116 3 1 200 ffffa58012713940 carp6_wqinput/1 carp6_wqinput 0 115 3 0 200 ffffa58012713500 carp6_wqinput/0 carp6_wqinput 0 114 3 1 200 ffffa580127130c0 carp_wqinput/1 carp_wqinput 0 113 3 0 200 ffffa58012705900 carp_wqinput/0 carp_wqinput 0 112 3 1 200 ffffa580127054c0 icmp_wqinput/1 icmp_wqinput 0 111 3 0 200 ffffa58012705080 icmp_wqinput/0 icmp_wqinput 0 110 2 0 200 ffffa580126ec8c0 rt_timer 0 109 3 0 200 ffffa580126ec040 vmem_rehash vmem_rehash 0 100 3 0 200 ffffa580126e8300 entbutler entropy 0 99 3 1 200 ffffa580120beb40 viomb balloon 0 98 3 1 200 ffffa580120be700 vioif0_txrx/1 vioif0_txrx 0 97 3 0 200 ffffa580120be2c0 vioif0_txrx/0 vioif0_txrx 0 30 3 0 200 ffffa58010d776c0 scsibus0 sccomp 0 29 3 0 200 ffffa58010d77280 pms0 pmsreset 0 28 3 1 200 ffffa58010cbdac0 xcall/1 xcall 0 27 1 1 200 ffffa58010cbd680 softser/1 0 26 1 1 200 ffffa58010cbd240 softclk/1 0 25 1 1 200 ffffa58010cb9a80 softbio/1 0 24 1 1 200 ffffa58010cb9640 softnet/1 0 23 1 1 201 ffffa58010cb9200 idle/1 0 22 3 1 200 ffffa5800f756a40 lnxsyswq lnxsyswq 0 21 3 1 200 ffffa5800f756600 lnxubdwq lnxubdwq 0 20 3 1 200 ffffa5800f7561c0 lnxpwrwq lnxpwrwq 0 19 3 1 200 ffffa5800f755a00 lnxlngwq lnxlngwq 0 18 3 1 200 ffffa5800f7555c0 lnxhipwq lnxhipwq 0 17 3 1 200 ffffa5800f755180 lnxrcugc lnxrcugc 0 16 3 0 200 ffffa5800f74e9c0 sysmon smtaskq 0 15 3 1 200 ffffa5800f74e580 pmfsuspend pmfsuspend 0 14 3 1 200 ffffa5800f74e140 pmfevent pmfevent 0 13 3 0 200 ffffa5800f74b980 sopendfree sopendfr 0 12 3 0 200 ffffa5800f74b540 ifwdog ifwdog 0 11 3 1 200 ffffa5800f74b100 iflnkst iflnkst 0 10 3 0 200 ffffa5800f73e940 nfssilly nfssilly 0 9 3 0 200 ffffa5800f73e500 vdrain vdrain 0 8 3 1 200 ffffa5800f73e0c0 modunload mod_unld 0 7 3 0 200 ffffa5800f733900 xcall/0 xcall 0 6 1 0 200 ffffa5800f7334c0 softser/0 0 5 1 0 200 ffffa5800f733080 softclk/0 0 4 1 0 200 ffffa5800f7318c0 softbio/0 0 3 1 0 200 ffffa5800f731480 softnet/0 0 2 1 0 201 ffffa5800f731040 idle/0 0 > 0 7 1 240 ffffffff83343700 swapper [Locks tracked through LWPs] ****** LWP 2944.2944 (syz-fuzzer) @ 0xffffa580133bfa80, l_stat=2 *** Locks held: * Lock 0 (initialized at netbsd:fork1+0x392 sys/kern/kern_fork.c:366) lock address : ffffa58012b29ed0 type : sleep/adaptive initialized : netbsd:fork1+0x392 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa580133bfa80 last held: 0xffffa580133bfa80 last locked* : netbsd:execve_loadvm+0x308 unlocked : 0 owner/count : 0xffffa580133bfa80 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. *** Locks wanted: none ****** LWP 3839.3839 (syz-executor.1) @ 0xffffa5801430e0c0, l_stat=2 *** Locks held: * Lock 0 (initialized at netbsd:fork1+0x392 sys/kern/kern_fork.c:366) lock address : ffffa5801436ae90 type : sleep/adaptive initialized : netbsd:fork1+0x392 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 1 relevant lwp : 0xffffa5801430e0c0 last held: 0xffffa5801430e0c0 last locked* : netbsd:exit1+0x2f2 unlocked : netbsd:execve_runproc+0x22c1 owner/count : 0xffffa5801430e0c0 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. * Lock 1 (initialized at netbsd:uvm_map_setup+0x11c sys/uvm/uvm_map.c:4794) lock address : netbsd:kernel_map_store+0x8 type : sleep/adaptive initialized : netbsd:uvm_map_setup+0x11c shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 1 relevant lwp : 0xffffa5801430e0c0 last held: 0xffffa5801430e0c0 last locked* : netbsd:vm_map_lock+0x8f unlocked : netbsd:uvm_map_enter+0x1017 owner/count : 0xffffa5801430e0c0 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. * Lock 2 (initialized at netbsd:uvm_obj_init+0x9a sys/uvm/uvm_object.c:70) lock address : ffffa58014346200 type : sleep/adaptive initialized : netbsd:uvm_obj_init+0x9a shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 1 relevant lwp : 0xffffa5801430e0c0 last held: 0xffffa5801430e0c0 last locked* : netbsd:uvm_map_lock_entry+0x9d unlocked : netbsd:uvm_fault_lower_enter+0x579 owner/count : 0x0000000000000020 flags : 000000000000000000 Turnstile: no active turnstile for this lock. * Lock 3 (initialized at netbsd:pmap_bootstrap+0xc3 sys/arch/x86/x86/pmap.c:1237) lock address : netbsd:kernel_pmap_store+0x180 type : sleep/adaptive initialized : netbsd:pmap_bootstrap+0xc3 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 1 relevant lwp : 0xffffa5801430e0c0 last held: 0xffffa5801430e0c0 last locked* : netbsd:pmap_unwire+0xb8 unlocked : netbsd:pmap_unwire+0x32c owner field : 0xffffa5801430e0c0 wait/spin: 0/0 Turnstile: no active turnstile for this lock. *** Locks wanted: none ****** LWP 15057.15057 (syz-executor.0) @ 0xffffa58012c5a700, l_stat=2 *** Locks held: * Lock 0 (initialized at netbsd:filedesc_ctor+0x37 sys/kern/kern_descrip.c:1355) lock address : ffffa58012d21680 type : sleep/adaptive initialized : netbsd:filedesc_ctor+0x37 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa58012c5a700 last held: 0xffffa58012c5a700 last locked* : netbsd:fd_copy+0x2e1 unlocked : netbsd:fd_close+0x33c owner field : 0xffffa58012c5a700 wait/spin: 0/0 Turnstile: no active turnstile for this lock. *** Locks wanted: none ****** LWP 1085.2478 (syz-fuzzer) @ 0xffffa580126eb780, l_stat=2 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:uvmspace_alloc+0x174 uvm_map_setup sys/uvm/uvm_map.c:4794 [inline]) * Lock 0 (initialized at netbsd:uvmspace_alloc+0x174 uvmspace_init sys/uvm/uvm_map.c:4137 [inline]) * Lock 0 (initialized at netbsd:uvmspace_alloc+0x174 sys/uvm/uvm_map.c:4116) lock address : ffffa58012bb09f0 type : sleep/adaptive initialized : netbsd:uvmspace_alloc+0x174 shared holds : 0 exclusive: 0 shares wanted: 1 exclusive: 1 relevant cpu : 0 last held: 65535 relevant lwp : 0xffffa580126eb780 last held: 000000000000000000 last locked : netbsd:uvm_fault_internal+0x344 unlocked* : netbsd:uvm_fault_internal+0x31e0 owner/count : 0x0000000000000020 flags : 0x0000000000000003 Turnstile: => 0 waiting readers: => 1 waiting writers: 0xffffa58012c10200 ****** LWP 1085.1085 (syz-fuzzer) @ 0xffffa58012c10200, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:uvmspace_alloc+0x174 uvm_map_setup sys/uvm/uvm_map.c:4794 [inline]) * Lock 0 (initialized at netbsd:uvmspace_alloc+0x174 uvmspace_init sys/uvm/uvm_map.c:4137 [inline]) * Lock 0 (initialized at netbsd:uvmspace_alloc+0x174 sys/uvm/uvm_map.c:4116) lock address : ffffa58012bb09f0 type : sleep/adaptive initialized : netbsd:uvmspace_alloc+0x174 shared holds : 0 exclusive: 0 shares wanted: 1 exclusive: 1 relevant cpu : 1 last held: 65535 relevant lwp : 0xffffa58012c10200 last held: 000000000000000000 last locked : netbsd:uvm_fault_internal+0x344 unlocked* : netbsd:uvm_fault_internal+0x31e0 owner/count : 0x0000000000000020 flags : 0x0000000000000003 Turnstile: => 0 waiting readers: => 1 waiting writers: 0xffffa58012c10200 ****** LWP 601.601 (dhcpcd) @ 0xffffa58012cef180, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa58012cef180 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 746.746 (dhcpcd) @ 0xffffa58012cb74c0, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa58012cb74c0 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 488.488 (dhcpcd) @ 0xffffa58012dbe500, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffa58012dbe500 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 485.485 (dhcpcd) @ 0xffffa58012dbe0c0, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa58012dbe0c0 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.11 (iflnkst) @ 0xffffa5800f74b100, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffa5800f74b100 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.5 (softclk/0) @ 0xffffa5800f733080, l_stat=1 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa5800f733080 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.0 (swapper) @ 0xffffffff83343700, l_stat=7 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at netbsd:module_hook_init+0x1c sys/kern/kern_module_hook.c:132) lock address : netbsd:module_hook type : sleep/adaptive initialized : netbsd:module_hook_init+0x1c shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffffff83343700 last held: 000000000000000000 last locked : 0 unlocked* : 0 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. [Locks tracked through CPUs] ******* Locks held on cpu0: * Lock 0 (initialized at netbsd:main+0x133 sys/kern/init_main.c:305) lock address : netbsd:kernel_lock type : spin initialized : netbsd:main+0x133 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa58012914200 last held: 0xffffa58012914200 last locked* : netbsd:sleepq_block+0x4a6 unlocked : netbsd:cv_enter+0x20e curcpu holds : 3 wanted by: 000000000000000000 * Lock 1 (initialized at netbsd:kprintf_init+0x61 sys/kern/subr_prf.c:156) lock address : netbsd:kprintf_mtx type : spin initialized : netbsd:kprintf_init+0x61 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa58012914200 last held: 0xffffa58012914200 last locked* : netbsd:kprintf_lock+0x33 unlocked : netbsd:kprintf_unlock+0x53 owner field : 0x0000000000000800 wait/spin: 0/1 PAGE FLAG PQ UOBJECT UANON 0xffffa58000017180 0041 00000000 0x0 0x0 0xffffa58000017200 0041 00000000 0x0 0x0 0xffffa58000017280 0041 00000000 0x0 0x0 0xffffa58000017300 0041 00000000 0x0 0x0 0xffffa58000017380 0041 00000000 0x0 0x0 0xffffa58000017400 0041 00000000 0x0 0x0 0xffffa58000017480 0041 00000000 0x0 0x0 0xffffa58000017500 0041 00000000 0x0 0x0 0xffffa58000017580 0041 00000000 0x0 0x0 0xffffa58000017600 0041 00000000 0x0 0x0 0xffffa58000017680 0041 00000000 0x0 0x0 0xffffa58000017700 0041 00000000 0x0 0x0 0xffffa58000017780 0041 00000000 0x0 0x0 0xffffa58000017800 0041 00000000 0x0 0x0 0xffffa58000017880 0041 00000000 0x0 0x0 0xffffa58000017900 0041 00000000 0x0 0x0 0xffffa58000017980 0041 00000000 0x0 0x0 0xffffa58000017a00 0041 00000000 0x0 0x0 0xffffa58000017a80 0041 00000000 0x0 0x0 0xffffa58000017b00 0041 00000000 0x0 0x0 0xffffa58000017b80 0041 00000000 0x0 0x0 0xffffa58000017c00 0041 00000000 0x0 0x0 0xffffa58000017c80 0041 00000000 0x0 0x0 0xffffa58000017d00 0041 00000000 0x0 0x0 0xffffa58000017d80 0041 00000000 0x0 0x0 0xffffa58000017e00 0041 00000000 0x0 0x0 0xffffa58000017e80 0041 00000000 0x0 0x0 0xffffa58000017f00 0041 00000000 0x0 0x0 0xffffa58000017f80 0041 00000000 0x0 0x0 0xffffa58000018000 0041 00000000 0x0 0x0 0xffffa58000018080 0041 00000000 0x0 0x0 0xffffa58000018100 0041 00000000 0x0 0x0 0xffffa58000018180 0041 00000000 0x0 0x0 0xffffa58000018200 0041 00000000 0x0 0x0 0xffffa58000018280 0041 00000000 0x0 0x0 0xffffa58000018300 0041 00000000 0x0 0x0 0xffffa58000018380 0041 00000000 0x0 0x0 0xffffa58000018400 0041 00000000 0x0 0x0 0xffffa58000018480 0041 00000000 0x0 0x0 0xffffa58000018500 0041 00000000 0x0 0x0 0xffffa58000018580 0041 00000000 0x0 0x0 0xffffa58000018600 0041 00000000 0x0 0x0 0xffffa58000018680 0041 00000000 0x0 0x0 0xffffa58000018700 0041 00000000 0x0 0x0 0xffffa58000018780 0041 00000000 0x0 0x0 0xffffa58000018800 0041 00000000 0x0 0x0 0xffffa58000018880 0041 00000000 0x0 0x0 0xffffa58000018900 0041 00000000 0x0 0x0 0xffffa58000018980 0041 00000000 0x0 0x0 0xffffa58000018a00 0041 00000000 0x0 0x0 0xffffa58000018a80 0041 00000000 0x0 0x0 0xffffa58000018b00 0041 00000000 0x0 0x0 0xffffa58000018b80 0041 00000000 0x0 0x0 0xffffa58000018c00 0041 00000000 0x0 0x0 0xffffa58000018c80 0041 00000000 0x0 0x0 0xffffa58000018d00 0041 00000000 0x0 0x0 0xffffa58000018d80 0041 00000000 0x0 0x0 0xffffa58000018e00 0041 00000000 0x0 0x0 0xffffa58000018e80 0041 00000000 0x0 0x0 0xffffa58000018f00 0041 00000000 0x0 0x0 0xffffa58000018f80 0041 00000000 0x0 0x0 0xffffa58000019000 0041 00000000 0x0 0x0 0xffffa58000019080 0041 00000000 0x0 0x0 0xffffa58000019100 0041 00000000 0x0 0x0 0xffffa58000019180 0041 00000000 0x0 0x0 0xffffa58000019200 0041 00000000 0x0 0x0 0xffffa58000019280 0041 00000000 0x0 0x0 0xffffa58000019300 0041 00000000 0x0 0x0 0xffffa58000019380 0041 00000000 0x0 0x0 0xffffa58000019400 0041 00000000 0x0 0x0 0xffffa58000019480 0041 00000000 0x0 0x0 0xffffa58000019500 0041 00000000 0x0 0x0 0xffffa58000019580 0041 00000000 0x0 0x0 0xffffa58000019600 0041 00000000 0x0 0x0 0xffffa58000019680 0041 00000000 0x0 0x0 0xffffa58000019700 0041 00000000 0x0 0x0 0xffffa58000019780 0041 00000000 0x0 0x0 0xffffa58000019800 0041 00000000 0x0 0x0 0xffffa58000019880 0041 00000000 0x0 0x0 0xffffa58000019900 0041 00000000 0x0 0x0 0xffffa58000019980 0041 00000000 0x0 0x0 0xffffa58000019a00 0041 00000000 0x0 0x0 0xffffa58000019a80 0041 00000000 0x0 0x0 0xffffa58000019b00 0041 00000000 0x0 0x0 0xffffa58000019b80 0041 00000000 0x0 0x0 0xffffa58000019c00 0041 00000000 0x0 0x0 0xffffa58000019c80 0041 00000000 0x0 0x0 0xffffa58000019d00 0041 00000000 0x0 0x0 0xffffa58000019d80 0041 00000000 0x0 0x0 0xffffa58000019e00 0041 00000000 0x0 0x0 0xffffa58000019e80 0041 00000000 0x0 0x0 0xffffa58000019f00 0041 00000000 0x0 0x0 0xffffa58000019f80 0041 00000000 0x0 0x0 0xffffa5800001a000 0041 00000000 0x0 0x0 0xffffa5800001a080 0041 00000000 0x0 0x0 0xffffa5800001a100 0041 00000000 0x0 0x0 0xffffa5800001a180 0041 00000000 0x0 0x0 0xffffa5800001a200 0041 00000000 0x0 0x0 0xffffa5800001a280 0041 00000000 0x0 0x0 0xffffa5800001a300 0041 00000000 0x0 0x0 0xffffa5800001a380 0041 00000000 0x0 0x0 0xffffa5800001a400 0041 00000000 0x0 0x0 0xffffa5800001a480 0041 00000000 0x0 0x0 0xffffa5800001a500 0041 00000000 0x0 0x0 0xffffa5800001a580 0041 00000000 0x0 0x0 0xffffa5800001a600 0041 00000000 0x0 0x0 0xffffa5800001a680 0041 00000000 0x0 0x0 0xffffa5800001a700 0041 00000000 0x0 0x0 0xffffa5800001a780 0041 00000000 0x0 0x0 0xffffa5800001a800 0041 00000000 0x0 0x0 0xffffa5800001a880 0041 00000000 0x0 0x0 0xffffa5800001a900 0041 00000000 0x0 0x0 0xffffa5800001a980 0041 00000000 0x0 0x0 0xffffa5800001aa00 0041 00000000 0x0 0x0 0xffffa5800001aa80 0041 00000000 0x0 0x0 0xffffa5800001ab00 0041 00000000 0x0 0x0 0xffffa5800001ab80 0041 00000000 0x0 0x0 0xffffa5800001ac00 0041 00000000 0x0 0x0 0xffffa5800001ac80 0041 00000000 0x0 0x0 0xffffa5800001ad00 0041 00000000 0x0 0x0 0xffffa5800001ad80 0041 00000000 0x0 0x0 0xffffa5800001ae00 0041 00000000 0x0 0x0 0xffffa5800001ae80 0041 00000000 0x0 0x0 0xffffa5800001af00 0041 00000000 0x0 0x0 0xffffa5800001af80 0041 00000000 0x0 0x0 0xffffa5800001b000 0041 00000000 0x0 0x0 0xffffa5800001b080 0041 00000000 0x0 0x0 0xffffa5800001b100 0041 00000000 0x0 0x0 0xffffa5800001b180 0041 00000000 0x0 0x0 0xffffa5800001b200 0041 00000000 0x0 0x0 0xffffa5800001b280 0041 00000000 0x0 0x0 0xffffa5800001b300 0041 00000000 0x0 0x0 0xffffa5800001b380 0041 00000000 0x0 0x0 0xffffa5800001b400 0041 00000000 0x0 0x0 0xffffa5800001b480 0041 00000000 0x0 0x0 0xffffa5800001b500 0041 00000000 0x0 0x0 0xffffa5800001b580 0041 00000000 0x0 0x0 0xffffa5800001b600 0041 00000000 0x0 0x0 0xffffa5800001b680 0041 00000000 0x0 0x0 0xffffa5800001b700 0041 00000000 0x0 0x0 0xffffa5800001b780 0041 00000000 0x0 0x0 0xffffa5800001b800 0041 00000000 0x0 0x0 0xffffa5800001b880 0041 00000000 0x0 0x0 0xffffa5800001b900 0041 00000000 0x0 0x0 0xffffa5800001b980 0041 00000000 0x0 0x0 0xffffa5800001ba00 0041 00000000 0x0 0x0 0xffffa5800001ba80 0041 00000000 0x0 0x0 0xffffa5800001bb00 0041 00000000 0x0 0x0 0xffffa5800001bb80 0001 00000000 0x0 0x0 0xffffa5800001bc00 0001 00000000 0x0 0x0 0xffffa5800001bc80 0001 00000000 0x0 0x0 0xffffa5800001bd00 0001 00000000 0x0 0x0 0xffffa5800001bd80 0001 00000000 0x0 0x0 0xffffa5800001be00 0001 00000000 0x0 0x0 0xffffa5800001be80 0001 00000000 0x0 0x0 0xffffa5800001bf00 0001 00000000 0x0 0x0 0xffffa5800001bf80 0001 00000000 0x0 0x0 0xffffa5800001c000 0001 00000000 0x0 0x0 0xffffa5800001c080 0001 00000000 0x0 0x0 0xffffa5800001c100 0001 00000000 0x0 0x0 0xffffa5800001c180 0001 00000000 0x0 0x0 0xffffa5800001c200 0001 00000000 0x0 0x0 0xffffa5800001c280 0001 00000000 0x0 0x0 0xffffa5800001c300 0001 00000000 0x0 0x0 0xffffa5800001c380 0001 00000000 0x0 0x0 0xffffa5800001c400 0001 00000000 0x0 0x0 0xffffa5800001c480 0001 00000000 0x0 0x0 0xffffa5800001c500 0001 00000000 0x0 0x0 0xffffa5800001c580 0001 00000000 0x0 0x0 0xffffa5800001c600 0001 00000000 0x0 0x0 0xffffa5800001c680 0001 00000000 0x0 0x0 0xffffa5800001c700 0001 00000000 0x0 0x0 0xffffa5800001c780 0001 00000000 0x0 0x0 0xffffa5800001c800 0001 00000000 0x0 0x0 0xffffa5800001c880 0001 00000000 0x0 0x0 0xffffa5800001c900 0001 00000000 0x0 0x0 0xffffa5800001c980 0001 00000000 0x0 0x0 0xffffa5800001ca00 0001 00000000 0x0 0x0 0xffffa5800001ca80 0001 00000000 0x0 0x0 0xffffa5800001cb00 0001 00000000 0x0 0x0 0xffffa5800001cb80 0001 00000000 0x0 0x0 0xffffa5800001cc00 0001 00000000 0x0 0x0 0xffffa5800001cc80 0001 00000000 0x0 0x0 0xffffa5800001cd00 0001 00000000 0x0 0x0 0xffffa5800001cd80 0001 00000000 0x0 0x0 0xffffa5800001ce00 0001 00000000 0x0 0x0 0xffffa5800001ce80 0001 00000000 0x0 0x0 0xffffa5800001cf00 0001 00000000 0x0 0x0 0xffffa5800001cf80 0001 00000000 0x0 0x0 0xffffa5800001d000 0001 00000000 0x0 0x0 0xffffa5800001d080 0001 00000000 0x0 0x0 0xffffa5800001d100 0001 00000000 0x0 0x0 0xffffa5800001d180 0001 00000000 0x0 0x0 0xffffa5800001d200 0001 00000000 0x0 0x0 0xffffa5800001d280 0001 00000000 0x0 0x0 0xffffa5800001d300 0001 00000000 0x0 0x0 0xffffa5800001d380 0001 00000000 0x0 0x0 0xffffa5800001d400 0001 00000000 0x0 0x0 0xffffa5800001d480 0001 00000000 0x0 0x0 0xffffa5800001d500 0001 00000000 0x0 0x0 0xffffa5800001d580 0001 00000000 0x0 0x0 0xffffa5800001d600 0001 00000000 0x0 0x0 0xffffa5800001d680 0001 00000000 0x0 0x0 0xffffa5800001d700 0001 00000000 0x0 0x0 0xffffa5800001d780 0001 00000000 0x0 0x0 0xffffa5800001d800 0001 00000000 0x0 0x0 0xffffa5800001d880 0001 00000000 0x0 0x0 0xffffa5800001d900 0001 00000000 0x0 0x0