[  64.7132419] panic: kernel diagnostic assertion "dev->dv_detaching == curlwp" failed: file "/syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/kern/subr_autoconf.c", line 2176 
[  64.7232316] cpu1: Begin traceback...
[  64.7532308] vpanic() at netbsd:vpanic+0x2f2 sys/kern/subr_prf.c:293
[  64.8232320] kern_assert() at netbsd:kern_assert+0x65 sys/arch/amd64/amd64/db_disasm.c:1074
[  64.8732312] config_detach_commit() at netbsd:config_detach_commit+0xcb sys/kern/subr_autoconf.c:2176
[  64.9232297] cdev_detached() at netbsd:cdev_detached+0x15d sys/kern/subr_devsw.c:1384
[  64.9732305] vdevgone() at netbsd:vdevgone+0x125 sys/kern/vfs_subr.c:524
[  65.0232319] audiodetach() at netbsd:audiodetach+0xb8 sys/dev/audio/audio.c:1371
[  65.0732296] config_detach() at netbsd:config_detach+0x495 sys/kern/subr_autoconf.c:2037
[  65.1232299] config_detach_children() at netbsd:config_detach_children+0x83 sys/kern/subr_autoconf.c:2195
[  65.1832339] pad_detach() at netbsd:pad_detach+0x87 sys/dev/pad/pad.c:251
[  65.2332299] config_detach() at netbsd:config_detach+0x495 sys/kern/subr_autoconf.c:2037
[  65.2832330] fops_pad_close() at netbsd:fops_pad_close+0xb7 pad_close sys/dev/pad/pad.c:423 [inline]
[  65.2832330] fops_pad_close() at netbsd:fops_pad_close+0xb7 sys/dev/pad/pad.c:433
[  65.3332294] closef() at netbsd:closef+0x1cd sys/kern/kern_descrip.c:832
[  65.3832342] fd_close() at netbsd:fd_close+0x461 sys/kern/kern_descrip.c:715
[  65.4232294] fd_dup2() at netbsd:fd_dup2+0x1b1 sys/kern/kern_descrip.c:780
[  65.4732290] dodup() at netbsd:dodup+0x1ee sys/kern/sys_descrip.c:144
[  65.5232342] sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline]
[  65.5232342] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90
[  65.5732301] syscall() at netbsd:syscall+0x2da sy_call sys/sys/syscallvar.h:65 [inline]
[  65.5732301] syscall() at netbsd:syscall+0x2da sy_invoke sys/sys/syscallvar.h:94 [inline]
[  65.5732301] syscall() at netbsd:syscall+0x2da sys/arch/x86/x86/syscall.c:138
[  65.5932284] --- syscall (number 90 via SYS_syscall) ---
[  65.6032266] netbsd:syscall+0x2da:
[  65.6132280] cpu1: End traceback...
[  65.6132280] fatal breakpoint trap in supervisor mode
[  65.6132280] trap type 1 code 0 rip 0xffffffff80221ab5 cs 0x8 rflags 0x246 cr2 0x76e5a1402180 ilevel 0 rsp 0xffffcd00d1536980
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
[  65.6332248] Skipping crash dump on recursive panic
[  65.6332248] panic: UBSan: Undefined Behavior in /syzkaller/managers/ci2-netbsd-kubsan/kernel/sys/dev/wsfb/genfb.c:988:28, member access within null pointer of type 'struct genfb_private'

[  65.6332248] cpu1: Begin traceback...
[  65.6332248] vpanic() at netbsd:vpanic+0x2f2 sys/kern/subr_prf.c:293
[  65.6332248] Report() at netbsd:Report+0x3b sys/../common/lib/libc/misc/ubsan.c:1352
[  65.6332248] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x1fb sys/../common/lib/libc/misc/ubsan.c:429
[  65.6332248] genfb_enable_polling() at netbsd:genfb_enable_polling+0x17e sys/dev/wsfb/genfb.c:988
[  65.6332248] x86_genfb_ddb_trap_callback() at netbsd:x86_genfb_ddb_trap_callback+0x39 sys/arch/x86/x86/genfb_machdep.c:97
[  65.6332248] db_trap() at netbsd:db_trap+0x68 sys/ddb/db_trap.c:73
[  65.6332248] kdb_trap() at netbsd:kdb_trap+0x1aa sys/arch/amd64/amd64/db_interface.c:251
[  65.6332248] trap() at netbsd:trap+0x5b2 sys/arch/amd64/amd64/trap.c:315
[  65.6332248] --- trap (number 1) ---
[  65.6332248] breakpoint() at netbsd:breakpoint+0x5
[  65.6332248] db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:69
[  65.6332248] vpanic() at netbsd:vpanic+0x2f2 sys/kern/subr_prf.c:293
[  65.6332248] kern_assert() at netbsd:kern_assert+0x65 sys/arch/amd64/amd64/db_disasm.c:1074
[  65.6332248] config_detach_commit() at netbsd:config_detach_commit+0xcb sys/kern/subr_autoconf.c:2176
[  65.6332248] cdev_detached() at netbsd:cdev_detached+0x15d sys/kern/subr_devsw.c:1384
[  65.6332248] vdevgone() at netbsd:vdevgone+0x125 sys/kern/vfs_subr.c:524
[  65.6332248] audiodetach() at netbsd:audiodetach+0xb8 sys/dev/audio/audio.c:1371
[  65.6332248] config_detach() at netbsd:config_detach+0x495 sys/kern/subr_autoconf.c:2037
[  65.6332248] config_detach_children() at netbsd:config_detach_children+0x83 sys/kern/subr_autoconf.c:2195
[  65.6332248] pad_detach() at netbsd:pad_detach+0x87 sys/dev/pad/pad.c:251
[  65.6332248] config_detach() at netbsd:config_detach+0x495 sys/kern/subr_autoconf.c:2037
[  65.6332248] fops_pad_close() at netbsd:fops_pad_close+0xb7 pad_close sys/dev/pad/pad.c:423 [inline]
[  65.6332248] fops_pad_close() at netbsd:fops_pad_close+0xb7 sys/dev/pad/pad.c:433
[  65.6332248] closef() at netbsd:closef+0x1cd sys/kern/kern_descrip.c:832
[  65.6332248] fd_close() at netbsd:fd_close+0x461 sys/kern/kern_descrip.c:715
[  65.6332248] fd_dup2() at netbsd:fd_dup2+0x1b1 sys/kern/kern_descrip.c:780
[  65.6332248] dodup() at netbsd:dodup+0x1ee sys/kern/sys_descrip.c:144
[  65.6332248] sys___syscall() at netbsd:sys___syscall+0x1e4 sy_call sys/sys/syscallvar.h:65 [inline]
[  65.6332248] sys___syscall() at netbsd:sys___syscall+0x1e4 sys/kern/sys_syscall.c:90
[  65.6332248] syscall() at netbsd:syscall+0x2da sy_call sys/sys/syscallvar.h:65 [inline]
[  65.6332248] syscall() at netbsd:syscall+0x2da sy_invoke sys/sys/syscallvar.h:94 [inline]
[  65.6332248] syscall() at netbsd:syscall+0x2da sys/arch/x86/x86/syscall.c:138
[  65.6332248] --- syscall (number 90 via SYS_syscall) ---
[  65.6332248] netbsd:syscall+0x2da:
[  65.6332248] cpu1: End traceback...
[  65.6332248] fatal breakpoint trap in supervisor mode
[  65.6332248] trap type 1 code 0 rip 0xffffffff80221ab5 cs 0x8 rflags 0x246 cr2 0x76e5a1402180 ilevel 0x8 rsp 0xffffcd00d1536050
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
[  65.6332248] uvm_fault(0xfffffaf2b2eb8890, 0x0, 1) -> e
[  65.6332248] fatal page fault in supervisor mode
[  65.6332248] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffffcd00d1535c80
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
kernel: page fault trap, code=0
[  65.6332248] uvm_fault(0xfffffaf2b2eb8890, 0x0, 1) -> e
[  65.6332248] fatal page fault in supervisor mode
[  65.6332248] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffffcd00d15358b0
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
kernel: page fault trap, code=0
[  65.6332248] uvm_fault(0xfffffaf2b2eb8890, 0x0, 1) -> e
[  65.6332248] fatal page fault in supervisor mode
[  65.6332248] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffffcd00d15354e0
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
kernel: page fault trap, code=0
[  65.6332248] uvm_fault(0xfffffaf2b2eb8890, 0x0, 1) -> e
[  65.6332248] fatal page fault in supervisor mode
[  65.6332248] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffffcd00d1535110
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
kernel: page fault trap, code=0
[  65.6332248] uvm_fault(0xfffffaf2b2eb8890, 0x0, 1) -> e
[  65.6332248] fatal page fault in supervisor mode
[  65.6332248] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffffcd00d1534d40
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
kernel: page fault trap, code=0
[  65.6332248] uvm_fault(0xfffffaf2b2eb8890, 0x0, 1) -> e
[  65.6332248] fatal page fault in supervisor mode
[  65.6332248] trap type 6 code 0 rip 0xffffffff830b6b5b cs 0x8 rflags 0x10217 cr2 0x1e8 ilevel 0x8 rsp 0xffffcd00d1534970
[  65.6332248] curlwp 0xfffffaf2bfe79180 pid 805.1971 lowest kstack 0xffffcd00d15322c0
kernel: page fault trap, code=0