netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR

[   1.6152407] panic: kmem_intr_free: zero size with pointer 0xffffa400af979f70
[   1.6242997] cpu0: Begin traceback...
[   1.6337804] vpanic() at netbsd:vpanic+0x2d0 sys/kern/subr_prf.c:290
[   1.6637820] panic() at netbsd:panic+0x49 sys/kern/subr_prf.c:1221
[   1.6837832] kmem_intr_free() at netbsd:kmem_intr_free+0x2a8 sys/kern/subr_kmem.c:276
[   1.7137828] scsi_probe_bus() at netbsd:scsi_probe_bus+0x6ea sys/dev/scsipi/scsiconf.c:535
[   1.7337818] scsibus_discover_thread() at netbsd:scsibus_discover_thread+0x109 scsibus_config sys/dev/scsipi/scsiconf.c:325 [inline]
[   1.7337818] scsibus_discover_thread() at netbsd:scsibus_discover_thread+0x109 sys/dev/scsipi/scsiconf.c:290
[   1.7441679] cpu0: End traceback...
[   1.7548331] fatal breakpoint trap in supervisor mode
[   1.7548331] trap type 1 code 0 rip 0xffffffff80221a95 cs 0x8 rflags 0x246 cr2 0 ilevel 0 rsp 0xffffa400af979d10
[   1.7698868] curlwp 0xffffdbd85513d6c0 pid 0.30 lowest kstack 0xffffa400af9752c0
Stopped in pid 0.30 (system) at netbsd:breakpoint+0x5:  leave
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0xec sys/ddb/db_panic.c:69
vpanic() at netbsd:vpanic+0x2d0 sys/kern/subr_prf.c:290
panic() at netbsd:panic+0x49 sys/kern/subr_prf.c:1221
kmem_intr_free() at netbsd:kmem_intr_free+0x2a8 sys/kern/subr_kmem.c:276
scsi_probe_bus() at netbsd:scsi_probe_bus+0x6ea sys/dev/scsipi/scsiconf.c:535
scsibus_discover_thread() at netbsd:scsibus_discover_thread+0x109 scsibus_config sys/dev/scsipi/scsiconf.c:325 [inline]
scsibus_discover_thread() at netbsd:scsibus_discover_thread+0x109 sys/dev/scsipi/scsiconf.c:290
ds          39
es          9cd0
fs          9d20
gs          10
rdi         5
rsi         0
rbp         ffffa400af979d10
rbx         1
rdx         ffffdbd85513dad0
rcx         ffffffff82bdc7de    db_panic+0xde
rax         ffffffff
r8          ffffffff84f6af80    cpu_info_primary
r9          0
r10         ffffa400af979c40
r11         10
--db_more--

Crashes (12):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Manager	Title
2022/01/28 19:58	netbsd	ba70987d7420	495e00c5	.config	console log	report	ci2-netbsd-kubsan	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 19:58	netbsd	ba70987d7420	495e00c5	.config	console log	report	ci2-netbsd-kubsan	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 19:58	netbsd	ba70987d7420	495e00c5	.config	console log	report	ci2-netbsd-kubsan	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 19:37	netbsd	ba70987d7420	495e00c5	.config	console log	report	ci2-netbsd	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 19:37	netbsd	ba70987d7420	495e00c5	.config	console log	report	ci2-netbsd	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 19:37	netbsd	ba70987d7420	495e00c5	.config	console log	report	ci2-netbsd	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 18:10	netbsd	dcbaa805afd7	495e00c5	.config	console log	report	ci2-netbsd-kubsan	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 18:10	netbsd	dcbaa805afd7	495e00c5	.config	console log	report	ci2-netbsd-kubsan	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 18:10	netbsd	dcbaa805afd7	495e00c5	.config	console log	report	ci2-netbsd-kubsan	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 17:04	netbsd	dcbaa805afd7	495e00c5	.config	console log	report	ci2-netbsd	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 17:04	netbsd	dcbaa805afd7	495e00c5	.config	console log	report	ci2-netbsd	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR
2022/01/28 17:04	netbsd	dcbaa805afd7	495e00c5	.config	console log	report	ci2-netbsd	netbsd boot error: panic: kmem_intr_free: zero size with pointer ADDR

Crashes (12):

Time

Assets (help?)