login: [ 798.1062188] panic: kernel diagnostic assertion "l->l_cpu == ci" failed: file "/syzkaller/managers/netbsd-kubsan/kernel/sys/kern/kern_synch.c", line 768 [ 798.1214927] cpu0: Begin traceback... [ 798.1462767] vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336 [ 798.2063869] kern_assert() at netbsd:kern_assert+0x63 [ 798.2564831] mi_switch() at netbsd:mi_switch+0x10e9 sys/kern/kern_synch.c:768 [ 798.3165926] sleepq_block() at netbsd:sleepq_block+0x1c6 sys/kern/kern_sleepq.c:281 [ 798.3767051] cv_timedwait() at netbsd:cv_timedwait+0x279 sys/kern/kern_condvar.c:294 [ 798.4368152] bbusy() at netbsd:bbusy+0x2ba bbusy sys/kern/vfs_bio.c:2161 [inline] [ 798.4368152] bbusy() at netbsd:bbusy+0x2ba sys/kern/vfs_bio.c:2144 [ 798.4969259] getblk() at netbsd:getblk+0x6b sys/kern/vfs_bio.c:1202 [ 798.5570390] bio_doread() at netbsd:bio_doread+0x35 sys/kern/vfs_bio.c:697 [ 798.6171493] bread() at netbsd:bread+0x35 sys/kern/vfs_bio.c:759 [ 798.6672443] Mutex error: mutex_vector_enter,731: assertion failed: MUTEX_OWNER(mtx->mtx_owner) == curthread [ 798.6772614[ ] 7l98oc.k6 7a7d2d6r1e4]ss f:f s_0xufpfdfaftfef()f fa85t eb0f40 type : sleep/adaptive [ 798.6772614] initialized : 0xffffffff82288285 [ 798.6872779] snheatrbesdd :hffolsd_su p:da t e + 0 x 4 6 a [ 798.6872779] 0 exclusive: 0 [ 798.6972965] shares wanted: 0 exclusive: 0 [ 798.7073185] current cpu : 1 last held: 1 [ 798.7073185] current lwp : 0xffffc525dcf0e9a0 last held: 000000000000000000 [ 798.7173357] last locked : 0xffffffff8224fb74 unlocked*: 0xffffffff8224fb88 [ 798.7273526] owner field : 000000000000000000 wait/spin: 0/0 [ 798.7273526] Turnstile chain at 0xffffffff85eb8628 with mutex 0xffffc526e7c32140. [[ 779988..77337733771155]] =u>f sN_mok adcitri(v) e attu rnstile for this lock. [ 798.7574103] netbsd:ufs_mkdir+0xced [ 798.8075035] VOP_MKDIR() at netbsd:VOP_MKDIR+0x123 sys/kern/vnode_if.c:1003 [ 798.8676166] do_sys_mkdirat() at netbsd:do_sys_mkdirat+0x1a4 sys/kern/vfs_syscalls.c:4619 [ 798.9377432] syscall() at netbsd:syscall+0x29a sy_call sys/sys/syscallvar.h:65 [inline] [ 798.9377432] syscall() at netbsd:syscall+0x29a sy_invoke sys/sys/syscallvar.h:94 [inline] [ 798.9377432] syscall() at netbsd:syscall+0x29a sys/arch/x86/x86/syscall.c:138 [ 798.9577808] --- syscall (number 136) --- [ 798.9679977] Skipping crash dump on recursive panic [ 798.9679977] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/amd64/amd64/db_machdep.c:153:24, member access within misaligned address 0xffffffff for type 'struct x86_64_frame' which requires 8 byte alignment [ 798.9943610] Faulted in mid-traceback; aborting... [ 798.9992253] fatal breakpoint trap in supervisor mode [ 798.9992253] trap type 1 code 0 rip 0xffffffff8021dd9d cs 0x8 rflags 0x286 cr2 0x7362627f8a98 ilevel 0 rsp 0xffffa300a6a35b00 [ 799.0153602] curlwp 0xffffc525d94b8b60 pid 620.1 lowest kstack 0xffffa300a6a332c0 Stopped in pid 620.1 (syz-executor2255) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0xd1 sys/ddb/db_panic.c:67 vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336 isAlreadyReported() at netbsd:isAlreadyReported HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xcc HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b sys/../common/lib/libc/misc/ubsan.c:408 db_nextframe() at netbsd:db_nextframe+0x6f6 sys/arch/amd64/amd64/db_machdep.c:153 db_stack_trace_print() at netbsd:db_stack_trace_print+0x2c4 sys/arch/x86/x86/db_trace.c:277 db_panic() at netbsd:db_panic+0x8b x86_curcpu sys/arch/amd64/compile/obj/GENERIC_SYZKALLER/./machine/cpu.h:67 [inline] db_panic() at netbsd:db_panic+0x8b sys/ddb/db_panic.c:57 vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336 kern_assert() at netbsd:kern_assert+0x63 mi_switch() at netbsd:mi_switch+0x10e9 sys/kern/kern_synch.c:768 sleepq_block() at netbsd:sleepq_block+0x1c6 sys/kern/kern_sleepq.c:281 cv_timedwait() at netbsd:cv_timedwait+0x279 sys/kern/kern_condvar.c:294 bbusy() at netbsd:bbusy+0x2ba bbusy sys/kern/vfs_bio.c:2161 [inline] bbusy() at netbsd:bbusy+0x2ba sys/kern/vfs_bio.c:2144 getblk() at netbsd:getblk+0x6b sys/kern/vfs_bio.c:1202 bio_doread() at netbsd:bio_doread+0x35 sys/kern/vfs_bio.c:697 bread() at netbsd:bread+0x35 sys/kern/vfs_bio.c:759 ffs_update() at netbsd:ffs_update+0x46a sys/ufs/ffs/ffs_inode.c:150 ufs_mkdir() at netbsd:ufs_mkdir+0xced sys/ufs/ufs/ufs_vnops.c:1015 VOP_MKDIR() at netbsd:VOP_MKDIR+0x123 sys/kern/vnode_if.c:1003 do_sys_mkdirat() at netbsd:do_sys_mkdirat+0x1a4 sys/kern/vfs_syscalls.c:4619 syscall() at netbsd:syscall+0x29a sy_call sys/sys/syscallvar.h:65 [inline] syscall() at netbsd:syscall+0x29a sy_invoke sys/sys/syscallvar.h:94 [inline] syscall() at netbsd:syscall+0x29a sys/arch/x86/x86/syscall.c:138 --- syscall (number 136) --- [ 799.0227387] Skipping crash dump on recursive panic [ 799.0227387] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/amd64/amd64/db_machdep.c:154:14, member access within misaligned address 0xffffffff for type 'struct x86_64_frame' which requires 8 byte alignment [ 799.0227387] Faulted in mid-traceback; aborting... [ 799.0227387] fatal breakpoint trap in supervisor mode [ 799.0227387] trap type 1 code 0 rip 0xffffffff8021dd9d cs 0x8 rflags 0x286 cr2 0x7362627f8a98 ilevel 0x8 rsp 0xffffa300a6a34800 [ 799.0227387] curlwp 0xffffc525d94b8b60 pid 620.1 lowest kstack 0xffffa300a6a332c0 Stopped in pid 620.1 (syz-executor2255) at netbsd:breakpoint+0x5: leave