panic: free: size too small 20 <= 64 / 2 (0xffff800000cca1c0) type devbuf
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
425575 44389 0 0 0 0 syz-executor.0
*432109 44389 0 0 0x4000000 1K syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff8249233f) at panic+0x177 sys/kern/subr_prf.c:202
free(ffff800000cca1c0,2,14) at free+0x58c sys/kern/kern_malloc.c:433
wskbd_init_keymap(4,ffff800000680958,ffff800000680954) at wskbd_init_keymap+0x75 sys/dev/wscons/wskbdutil.c:385
wskbd_displayioctl_sc(ffff800000680800,8010570e,ffff800027a2da80,2,ffff800022298000,0) at wskbd_displayioctl_sc+0xb78 sys/dev/wscons/wskbd.c:1136
wskbd_do_ioctl_sc(ffff800000680800,8010570e,ffff800027a2da80,2,ffff800022298000,0) at wskbd_do_ioctl_sc+0x18f sys/dev/wscons/wskbd.c:995
wskbdioctl(4300,8010570e,ffff800027a2da80,2,ffff800022298000) at wskbdioctl+0x7e sys/dev/wscons/wskbd.c:934
VOP_IOCTL(fffffd80726c93f0,8010570e,ffff800027a2da80,2,fffffd807f7d8300,ffff800022298000) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264
vn_ioctl(fffffd807460d390,8010570e,ffff800027a2da80,ffff800022298000) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800022298000,ffff800027a2db98,ffff800027a2dbf0) at sys_ioctl+0x4a2
syscall(ffff800027a2dc60) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800027a2dc60) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xbb00e122ca0, count: 3
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.