[ 98.7395941] panic: kernel diagnostic assertion "ret == 0" failed: file "/syzkaller/managers/ci2-netbsd-kmsan/kernel/sys/dev/usb/vhci.c", line 1054 uhub1: device problem, disabling port 1 [ 98.7642244] cpu1: Begin traceback... [ 98.7795748] vpanic() at netbsd:vpanic+0x9ec [ 98.8295787] kern_assert() at netbsd:kern_assert+0x228 [ 98.8895760] vhci_fd_close() at netbsd:vhci_fd_close+0x31d [ 98.9295869] uhub3: port 1, set config at addr 2 failed [ 98.9295869] uhub3: device problem, disabling port 1 [ 98.9420930] uhub0: device problem, disabling port 1 [ 98.9420930] closef() at netbsd:closef+0x4e5 sys/kern/kern_descrip.c:832 [ 98.9695981] fd_close() at netbsd:fd_close+0xd29 sys/kern/kern_descrip.c:715 [ 98.9996155] sys_close() at netbsd:sys_close+0xc0 sys/kern/sys_descrip.c:516 [ 99.0296040] syscall() at netbsd:syscall+0x60c sy_invoke sys/sys/syscallvar.h:94 [inline] [ 99.0296040] syscall() at netbsd:syscall+0x60c sys/arch/x86/x86/syscall.c:138 [ 99.0395987] --- syscall (number 6) --- [ 99.0496022] netbsd:syscall+0x60c: [ 99.0496022] cpu1: End traceback... [ 99.0596019] fatal breakpoint trap in supervisor mode [ 99.0596019] trap type 1 code 0 rip 0xffffffff8022288d cs 0x8 rflags 0x286 cr2 0x605000 ilevel 0 rsp 0xffffa70087abda50 [ 99.0696045] curlwp 0xffffa7001348da80 pid 1839.1843 lowest kstack 0xffffa70087ab62c0 Stopped in pid 1839.1843 (syz-executor7809) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 vpanic() at netbsd:vpanic+0x9ec kern_assert() at netbsd:kern_assert+0x228 vhci_fd_close() at netbsd:vhci_fd_close+0x31d closef() at netbsd:closef+0x4e5 sys/kern/kern_descrip.c:832 fd_close() at netbsd:fd_close+0xd29 sys/kern/kern_descrip.c:715 sys_close() at netbsd:sys_close+0xc0 sys/kern/sys_descrip.c:516 syscall() at netbsd:syscall+0x60c sy_invoke sys/sys/syscallvar.h:94 [inline] syscall() at netbsd:syscall+0x60c sys/arch/x86/x86/syscall.c:138 --- syscall (number 6) --- netbsd:syscall+0x60c: Panic string: kernel diagnostic assertion "ret == 0" failed: file "/syzkaller/managers/ci2-netbsd-kmsan/kernel/sys/dev/usb/vhci.c", line 1054 PID LID S CPU FLAGS STRUCT LWP * NAME WAIT 1839 >1843 7 1 0 ffffa7001348da80 syz-executor7809 1839 1836 2 1 0 ffffa70012bad4c0 syz-executor7809 1839 1839 2 1 140 ffffa7001347b5c0 syz-executor7809 1869 1988 3 0 180 ffffa700134669c0 syz-executor7809 parked 1869 1586 3 0 180 ffffa70013466580 syz-executor7809 parked 1869 1869 2 1 40140 ffffa7001336e500 syz-executor7809 1849 1848 3 0 40180 ffffa70013382540 syz-executor7809 parked 1849 2004 3 0 40180 ffffa70013382100 syz-executor7809 parked 1849 1849 2 1 10000140 ffffa7001348a1c0 syz-executor7809 1840 1854 2 1 140100 ffffa70013466140 syz-executor7809 1840 1875 2 1 140100 ffffa70013382980 syz-executor7809 1840 1840 2 1 40 ffffa7001347ba00 syz-executor7809 1852 1999 2 1 140100 ffffa7001348d200 syz-executor7809 1852 1756 2 1 140100 ffffa7001336e940 syz-executor7809 1852 1852 2 1 40 ffffa7001347b180 syz-executor7809 421 421 2 1 140 ffffa7001336e0c0 syz-executor7809 1130 1130 2 1 140 ffffa70012bad900 syz-executor7809 1194 1194 2 1 140 ffffa70012bad080 syz-executor7809 1191 1191 2 1 140 ffffa70012ae0bc0 syz-executor7809 1223 1223 2 1 140 ffffa70012b948c0 syz-executor7809 1222 1222 2 1 140 ffffa70012293ac0 syz-executor7809 1115 1115 3 0 180 ffffa700124242c0 syz-executor7809 nanoslp 1082 1082 3 1 180 ffffa700122c0280 sshd select 1069 1069 3 0 180 ffffa70012b94480 getty nanoslp 1000 1000 3 1 180 ffffa70012293680 getty nanoslp 1070 1070 3 1 180 ffffa70012293240 getty nanoslp 1067 1067 3 1 1c0 ffffa700121a2600 getty ttyraw 1093 1093 3 1 180 ffffa70012b94040 sshd select 949 949 3 0 180 ffffa700122c06c0 powerd kqueue 689 689 3 1 180 ffffa70012506b80 syslogd kqueue 739 739 3 1 180 ffffa70012ae0780 dhcpcd poll 546 546 3 1 180 ffffa70012424700 dhcpcd poll 600 600 3 1 180 ffffa70012ae0340 dhcpcd poll 587 587 3 1 180 ffffa70012424b40 dhcpcd poll 289 289 3 0 180 ffffa70012506740 dhcpcd poll 288 288 3 0 180 ffffa700122c0b00 dhcpcd poll 351 351 3 1 180 ffffa70012506300 dhcpcd poll 1 1 3 0 180 ffffa70011e32940 init wait 0 968 3 0 200 ffffa700121a2a40 physiod physiod 0 194 3 1 200 ffffa700121ada80 pooldrain pooldrain 0 193 3 0 200 ffffa700121ad640 ioflush syncer 0 192 3 0 200 ffffa700121ad200 pgdaemon pgdaemon 0 168 3 1 200 ffffa700121a21c0 usb7 usbevt 0 166 3 1 200 ffffa7001210ba00 usb6 usbevt 0 164 3 0 200 ffffa7001210b5c0 usb5 usbevt 0 163 3 0 200 ffffa7001210b180 usb4 usbevt 0 31 3 0 200 ffffa700120599c0 usb3 usbevt 0 63 2 1 240 ffffa70012059580 usb2 0 126 3 0 200 ffffa70012059140 usb1 usbevt 0 125 3 0 200 ffffa70011e45980 usb0 usbevt 0 124 3 1 200 ffffa70011e45540 usbtask-dr usbtsk 0 123 3 1 200 ffffa700117ff6c0 usbtask-hc usbtsk 0 122 3 0 200 ffffa70011e45100 npfgc0 npfgcw 0 121 3 1 200 ffffa70011e32500 rt_free rt_free 0 120 3 1 200 ffffa70011e320c0 unpgc unpgc 0 119 3 0 200 ffffa70011e2f900 key_timehandler key_timehandler 0 118 3 1 200 ffffa70011e2f4c0 icmp6_wqinput/1 icmp6_wqinput 0 117 3 0 200 ffffa70011e2f080 icmp6_wqinput/0 icmp6_wqinput 0 116 3 0 200 ffffa70011e298c0 nd6_timer nd6_timer 0 115 3 1 200 ffffa70011e29480 carp6_wqinput/1 carp6_wqinput 0 114 3 0 200 ffffa70011e29040 carp6_wqinput/0 carp6_wqinput 0 113 3 1 200 ffffa70011cbbb80 carp_wqinput/1 carp_wqinput 0 112 3 0 200 ffffa70011cbb740 carp_wqinput/0 carp_wqinput 0 111 3 1 200 ffffa70011cbb300 icmp_wqinput/1 icmp_wqinput 0 110 3 0 200 ffffa70011803b40 icmp_wqinput/0 icmp_wqinput 0 109 3 0 200 ffffa70011cbcbc0 rt_timer rt_timer 0 108 3 0 200 ffffa70011cbc340 vmem_rehash vmem_rehash 0 107 3 0 200 ffffa70011cbc780 entbutler entropy 0 98 3 1 200 ffffa70011803700 viomb balloon 0 97 3 1 200 ffffa700118032c0 vioif0_txrx/1 vioif0_txrx 0 96 3 0 200 ffffa700117ffb00 vioif0_txrx/0 vioif0_txrx 0 29 3 0 200 ffffa700117ff280 scsibus0 sccomp 0 28 3 0 200 ffffa700103aeac0 pms0 pmsreset 0 27 3 1 200 ffffa700103ae680 xcall/1 xcall 0 26 1 1 200 ffffa700103ae240 softser/1 0 25 1 1 200 ffffa700103aca80 softclk/1 0 24 1 1 200 ffffa700103ac640 softbio/1 0 23 1 1 200 ffffa700103ac200 softnet/1 0 22 1 1 201 ffffa7000f1f1a40 idle/1 0 21 3 0 200 ffffa7000f1f1600 lnxsyswq lnxsyswq 0 20 3 0 200 ffffa7000f1f11c0 lnxubdwq lnxubdwq 0 19 3 1 200 ffffa7000f1f0a00 lnxpwrwq lnxpwrwq 0 18 3 1 200 ffffa7000f1f05c0 lnxlngwq lnxlngwq 0 17 3 1 200 ffffa7000f1f0180 lnxhipwq lnxhipwq 0 16 3 1 200 ffffa7000f1eb9c0 lnxrcugc lnxrcugc 0 15 3 0 200 ffffa7000f1eb580 sysmon smtaskq 0 14 3 0 200 ffffa7000f1eb140 pmfsuspend pmfsuspend 0 13 3 0 200 ffffa7000f1e7980 pmfevent pmfevent 0 12 3 0 200 ffffa7000f1e7540 sopendfree sopendfr 0 11 3 0 200 ffffa7000f1e7100 iflnkst iflnkst 0 10 3 0 200 ffffa7000f1de940 nfssilly nfssilly 0 9 3 0 200 ffffa7000f1de500 vdrain vdrain 0 8 3 1 200 ffffa7000f1de0c0 modunload mod_unld 0 7 3 0 200 ffffa7000ebda900 xcall/0 xcall 0 6 1 0 200 ffffa7000ebda4c0 softser/0 0 5 1 0 200 ffffa7000ebda080 softclk/0 0 4 1 0 200 ffffa7000ebd88c0 softbio/0 0 3 1 0 200 ffffa7000ebd8480 softnet/0 0 > 2 1 0 201 ffffa7000ebd8040 idle/0 0 0 3 1 200 ffffffff8686ec80 swapper uvm [Locks tracked through LWPs] ****** LWP 1869.1988 (syz-executor7809) @ 0xffffa700134669c0, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at vhci_attach) lock address : 0xffffa7000f0876d8 type : sleep/adaptive initialized : 0xffffffff8222c6d6 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 1 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa700134669c0 last held: 000000000000000000 last locked : 0xffffffff82228647 unlocked*: 0xffffffff822291fd owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 546.546 (dhcpcd) @ 0xffffa70012424700, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffa70012424700 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 600.600 (dhcpcd) @ 0xffffa70012ae0340, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffa70012ae0340 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 288.288 (dhcpcd) @ 0xffffa700122c0b00, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa700122c0b00 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 351.351 (dhcpcd) @ 0xffffa70012506300, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffa70012506300 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.11 (iflnkst) @ 0xffffa7000f1e7100, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa7000f1e7100 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.5 (softclk/0) @ 0xffffa7000ebda080, l_stat=1 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffa7000ebda080 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.0 (swapper) @ 0xffffffff8686ec80, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff868eee80 type : sleep/adaptive initialized : 0xffffffff85251613 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 1 last held: 0 relevant lwp : 0xffffffff8686ec80 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. [Locks tracked through CPUs] PAGE FLAG PQ UOBJECT UANON 0xffffa70000017180 0041 00000000 0x0 0x0 0xffffa70000017200 0041 00000000 0x0 0x0 0xffffa70000017280 0041 00000000 0x0 0x0 0xffffa70000017300 0041 00000000 0x0 0x0 0xffffa70000017380 0041 00000000 0x0 0x0 0xffffa70000017400 0041 00000000 0x0 0x0 0xffffa70000017480 0041 00000000 0x0 0x0 0xffffa70000017500 0041 00000000 0x0 0x0 0xffffa70000017580 0041 00000000 0x0 0x0 0xffffa70000017600 0041 00000000 0x0 0x0 0xffffa70000017680 0041 00000000 0x0 0x0 0xffffa70000017700 0041 00000000 0x0 0x0 0xffffa70000017780 0041 00000000 0x0 0x0 0xffffa70000017800 0041 00000000 0x0 0x0 0xffffa70000017880 0041 00000000 0x0 0x0 0xffffa70000017900 0041 00000000 0x0 0x0 0xffffa70000017980 0041 00000000 0x0 0x0 0xffffa70000017a00 0041 00000000 0x0 0x0 0xffffa70000017a80 0041 00000000 0x0 0x0 0xffffa70000017b00 0041 00000000 0x0 0x0 0xffffa70000017b80 0041 00000000 0x0 0x0 0xffffa70000017c00 0041 00000000 0x0 0x0 0xffffa70000017c80 0041 00000000 0x0 0x0 0xffffa70000017d00 0041 00000000 0x0 0x0 0xffffa70000017d80 0041 00000000 0x0 0x0 0xffffa70000017e00 0041 00000000 0x0 0x0 0xffffa70000017e80 0041 00000000 0x0 0x0 0xffffa70000017f00 0041 00000000 0x0 0x0 0xffffa70000017f80 0041 00000000 0x0 0x0 0xffffa70000018000 0041 00000000 0x0 0x0 0xffffa70000018080 0041 00000000 0x0 0x0 0xffffa70000018100 0041 00000000 0x0 0x0 0xffffa70000018180 0041 00000000 0x0 0x0 0xffffa70000018200 0041 00000000 0x0 0x0 0xffffa70000018280 0041 00000000 0x0 0x0 0xffffa70000018300 0041 00000000 0x0 0x0 0xffffa70000018380 0041 00000000 0x0 0x0 0xffffa70000018400 0041 00000000 0x0 0x0 0xffffa70000018480 0041 00000000 0x0 0x0 0xffffa70000018500 0041 00000000 0x0 0x0 0xffffa70000018580 0041 00000000 0x0 0x0 0xffffa70000018600 0041 00000000 0x0 0x0 0xffffa70000018680 0041 00000000 0x0 0x0 0xffffa70000018700 0041 00000000 0x0 0x0 0xffffa70000018780 0041 00000000 0x0 0x0 0xffffa70000018800 0041 00000000 0x0 0x0 0xffffa70000018880 0041 00000000 0x0 0x0 0xffffa70000018900 0041 00000000 0x0 0x0 0xffffa70000018980 0041 00000000 0x0 0x0 0xffffa70000018a00 0041 00000000 0x0 0x0 0xffffa70000018a80 0041 00000000 0x0 0x0 0xffffa70000018b00 0041 00000000 0x0 0x0 0xffffa70000018b80 0041 00000000 0x0 0x0 0xffffa70000018c00 0041 00000000 0x0 0x0 0xffffa70000018c80 0041 00000000 0x0 0x0 0xffffa70000018d00 0041 00000000 0x0 0x0 0xffffa70000018d80 0041 00000000 0x0 0x0 0xffffa70000018e00 0041 00000000 0x0 0x0 0xffffa70000018e80 0041 00000000 0x0 0x0 0xffffa70000018f00 0041 00000000 0x0 0x0 0xffffa70000018f80 0041 00000000 0x0 0x0 0xffffa70000019000 0041 00000000 0x0 0x0 0xffffa70000019080 0041 00000000 0x0 0x0 0xffffa70000019100 0041 00000000 0x0 0x0 0xffffa70000019180 0041 00000000 0x0 0x0 0xffffa70000019200 0041 00000000 0x0 0x0 0xffffa70000019280 0041 00000000 0x0 0x0 0xffffa70000019300 0041 00000000 0x0 0x0 0xffffa70000019380 0041 00000000 0x0 0x0 0xffffa70000019400 0041 00000000 0x0 0x0 0xffffa70000019480 0041 00000000 0x0 0x0 0xffffa70000019500 0041 00000000 0x0 0x0 0xffffa70000019580 0041 00000000 0x0 0x0 0xffffa70000019600 0041 00000000 0x0 0x0 0xffffa70000019680 0041 00000000 0x0 0x0 0xffffa70000019700 0041 00000000 0x0 0x0 0xffffa70000019780 0041 00000000 0x0 0x0 0xffffa70000019800 0041 00000000 0x0 0x0 0xffffa70000019880 0041 00000000 0x0 0x0 0xffffa70000019900 0041 00000000 0x0 0x0 0xffffa70000019980 0041 00000000 0x0 0x0 0xffffa70000019a00 0041 00000000 0x0 0x0 0xffffa70000019a80 0041 00000000 0x0 0x0 0xffffa70000019b00 0041 00000000 0x0 0x0 0xffffa70000019b80 0041 00000000 0x0 0x0 0xffffa70000019c00 0041 00000000 0x0 0x0 0xffffa70000019c80 0041 00000000 0x0 0x0 0xffffa70000019d00 0041 00000000 0x0 0x0 0xffffa70000019d80 0041 00000000 0x0 0x0 0xffffa70000019e00 0041 00000000 0x0 0x0 0xffffa70000019e80 0041 00000000 0x0 0x0 0xffffa70000019f00 0041 00000000 0x0 0x0 0xffffa70000019f80 0041 00000000 0x0 0x0 0xffffa7000001a000 0041 00000000 0x0 0x0 0xffffa7000001a080 0041 00000000 0x0 0x0 0xffffa7000001a100 0041 00000000 0x0 0x0 0xffffa7000001a180 0041 00000000 0x0 0x0 0xffffa7000001a200 0041 00000000 0x0 0x0 0xffffa7000001a280 0041 00000000 0x0 0x0 0xffffa7000001a300 0041 00000000 0x0 0x0 0xffffa7000001a380 0041 00000000 0x0 0x0 0xffffa7000001a400 0041 00000000 0x0 0x0 0xffffa7000001a480 0041 00000000 0x0 0x0 0xffffa7000001a500 0041 00000000 0x0 0x0 0xffffa7000001a580 0041 00000000 0x0 0x0 0xffffa7000001a600 0041 00000000 0x0 0x0 0xffffa7000001a680 0041 00000000 0x0 0x0 0xffffa7000001a700 0041 00000000 0x0 0x0 0xffffa7000001a780 0041 00000000 0x0 0x0 0xffffa7000001a800 0041 00000000 0x0 0x0 0xffffa7000001a880 0041 00000000 0x0 0x0 0xffffa7000001a900 0041 00000000 0x0 0x0 0xffffa7000001a980 0041 00000000 0x0 0x0 0xffffa7000001aa00 0041 00000000 0x0 0x0 0xffffa7000001aa80 0041 00000000 0x0 0x0 0xffffa7000001ab00 0041 00000000 0x0 0x0 0xffffa7000001ab80 0041 00000000 0x0 0x0 0xffffa7000001ac00 0041 00000000 0x0 0x0 0xffffa7000001ac80 0041 00000000 0x0 0x0 0xffffa7000001ad00 0041 00000000 0x0 0x0 0xffffa7000001ad80 0041 00000000 0x0 0x0 0xffffa7000001ae00 0041 00000000 0x0 0x0 0xffffa7000001ae80 0041 00000000 0x0 0x0 0xffffa7000001af00 0041 00000000 0x0 0x0 0xffffa7000001af80 0041 00000000 0x0 0x0 0xffffa7000001b000 0041 00000000 0x0 0x0 0xffffa7000001b080 0041 00000000 0x0 0x0 0xffffa7000001b100 0041 00000000 0x0 0x0 0xffffa7000001b180 0041 00000000 0x0 0x0 0xffffa7000001b200 0041 00000000 0x0 0x0 0xffffa7000001b280 0041 00000000 0x0 0x0 0xffffa7000001b300 0041 00000000 0x0 0x0 0xffffa7000001b380 0041 00000000 0x0 0x0 0xffffa7000001b400 0041 00000000 0x0 0x0 0xffffa7000001b480 0041 00000000 0x0 0x0 0xffffa7000001b500 0041 00000000 0x0 0x0 0xffffa7000001b580 0041 00000000 0x0 0x0 0xffffa7000001b600 0041 00000000 0x0 0x0 0xffffa7000001b680 0041 00000000 0x0 0x0 0xffffa7000001b700 0041 00000000 0x0 0x0 0xffffa7