€ [ 42.1789248] panic: kernel diagnostic assertion "c->c_cpu->cc_lwp == curlwp || c->c_cpu->cc_active != c" failed: file "/syzkaller/managers/netbsd-kubsan/kernel/sys/kern/kern_timeout.c", line 320 [ 42.1889332] cpu1: Begin traceback... [ 42.2089349] vpanic() at netbsd:vpanic+0x2aa [ 42.2490482] bootinfo_add.cold.1() at netbsd:bootinfo_add.cold.1 [ 42.2890196] callout_destroy() at netbsd:callout_destroy+0x14b sys/kern/kern_timeout.c:320 [ 42.3190835] tcp_close() at netbsd:tcp_close+0x498 sys/netinet/tcp_subr.c:1228 [ 42.3590930] tcp_drop() at netbsd:tcp_drop+0x296 sys/netinet/tcp_subr.c:1074 [ 42.3891242] tcp_abort_wrapper() at netbsd:tcp_abort_wrapper+0x6f tcp_abort sys/netinet/tcp_usrreq.c:940 [inline] [ 42.3891242] tcp_abort_wrapper() at netbsd:tcp_abort_wrapper+0x6f sys/netinet/tcp_usrreq.c:2450 [ 42.4291686] soabort() at netbsd:soabort+0x124 sys/kern/uipc_socket.c:781 [ 42.4591978] soclose() at netbsd:soclose+0x3fe solock sys/sys/socketvar.h:513 [inline] [ 42.4591978] soclose() at netbsd:soclose+0x3fe sys/kern/uipc_socket.c:729 [ 42.4992412] soo_close() at netbsd:soo_close+0x43 sys/kern/sys_socket.c:256 [ 42.5292759] closef() at netbsd:closef+0x1a4 sys/kern/kern_descrip.c:834 [ 42.5593049] fd_free() at netbsd:fd_free+0x60b sys/kern/kern_descrip.c:1563 [ 42.5893348] exit1() at netbsd:exit1+0x329 sys/kern/kern_exit.c:286 [ 42.6193661] sys_exit() at netbsd:sys_exit+0xba sys/kern/kern_exit.c:179 [ 42.6594089] syscall() at netbsd:syscall+0x29a sy_call sys/sys/syscallvar.h:65 [inline] [ 42.6594089] syscall() at netbsd:syscall+0x29a sy_invoke sys/sys/syscallvar.h:94 [inline] [ 42.6594089] syscall() at netbsd:syscall+0x29a sys/arch/x86/x86/syscall.c:138 [ 42.6694646] --- syscall (number 1) --- [ 42.6694646] Skipping crash dump on recursive panic [ 42.6794275] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/amd64/amd64/db_machdep.c:153:24, member access within misaligned address 0xffffffff for type 'struct x86_64_frame' which requires 8 byte alignment [ 42.6994454] Faulted in mid-traceback; aborting... [ 42.7094563] fatal breakpoint trap in supervisor mode [ 42.7094563] trap type 1 code 0 rip 0xffffffff80221a9d cs 0x8 rflags 0x286 cr2 0x1b2e929000 ilevel 0x4 rsp 0xffffac00b47a7d00 [ 42.7194679] curlwp 0xffffec27e3c74900 pid 499.1 lowest kstack 0xffffac00b47a52c0 Stopped in pid 499.1 (syz-executor.4) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0xd1 sys/ddb/db_panic.c:67 vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336 isAlreadyReported() at netbsd:isAlreadyReported HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xcc HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b sys/../common/lib/libc/misc/ubsan.c:408 db_nextframe() at netbsd:db_nextframe+0x6f6 sys/arch/amd64/amd64/db_machdep.c:153 db_stack_trace_print() at netbsd:db_stack_trace_print+0x2c4 sys/arch/x86/x86/db_trace.c:277 db_panic() at netbsd:db_panic+0x8b x86_curcpu sys/arch/amd64/compile/obj/GENERIC_SYZKALLER/./machine/cpu.h:56 [inline] db_panic() at netbsd:db_panic+0x8b sys/ddb/db_panic.c:57 vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336 bootinfo_add.cold.1() at netbsd:bootinfo_add.cold.1 callout_destroy() at netbsd:callout_destroy+0x14b sys/kern/kern_timeout.c:320 tcp_close() at netbsd:tcp_close+0x498 sys/netinet/tcp_subr.c:1228 tcp_drop() at netbsd:tcp_drop+0x296 sys/netinet/tcp_subr.c:1074 tcp_abort_wrapper() at netbsd:tcp_abort_wrapper+0x6f tcp_abort sys/netinet/tcp_usrreq.c:940 [inline] tcp_abort_wrapper() at netbsd:tcp_abort_wrapper+0x6f sys/netinet/tcp_usrreq.c:2450 soabort() at netbsd:soabort+0x124 sys/kern/uipc_socket.c:781 soclose() at netbsd:soclose+0x3fe solock sys/sys/socketvar.h:513 [inline] soclose() at netbsd:soclose+0x3fe sys/kern/uipc_socket.c:729 soo_close() at netbsd:soo_close+0x43 sys/kern/sys_socket.c:256 closef() at netbsd:closef+0x1a4 sys/kern/kern_descrip.c:834 fd_free() at netbsd:fd_free+0x60b sys/kern/kern_descrip.c:1563 exit1() at netbsd:exit1+0x329 sys/kern/kern_exit.c:286 sys_exit() at netbsd:sys_exit+0xba sys/kern/kern_exit.c:179 syscall() at netbsd:syscall+0x29a sy_call sys/sys/syscallvar.h:65 [inline] syscall() at netbsd:syscall+0x29a sy_invoke sys/sys/syscallvar.h:94 [inline] syscall() at netbsd:syscall+0x29a sys/arch/x86/x86/syscall.c:138 --- syscall (number 1) --- [ 42.7294789] Skipping crash dump on recursive panic [ 42.7294789] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/amd64/amd64/db_machdep.c:154:14, member access within misaligned address 0xffffffff for type 'struct x86_64_frame' which requires 8 byte alignment [ 42.7294789] Faulted in mid-traceback; aborting... [ 42.7294789] fatal breakpoint trap in supervisor mode [ 42.7294789] trap type 1 code 0 rip 0xffffffff80221a9d cs 0x8 rflags 0x286 cr2 0x1b2e929000 ilevel 0x8 rsp 0xffffac00b47a6a00 [ 42.7294789] curlwp 0xffffec27e3c74900 pid 499.1 lowest kstack 0xffffac00b47a52c0 Stopped in pid 499.1 (syz-executor.4) at netbsd:breakpoint+0x5: leave