[   1.6134025] panic: kernel diagnostic assertion "start < end" failed: file "/syzkaller/managers/ci2-netbsd/kernel/sys/uvm/uvm_km.c", line 513 
[   1.6217438] cpu1: Begin traceback...
[   1.6417484] vpanic() at netbsd:vpanic+0x258 sys/kern/subr_prf.c:290
[   1.6617459] _sub_D_65535_0() at netbsd:_sub_D_65535_0+-0xca08
[   1.6917485] uvm_km_pgremove_intrsafe() at netbsd:uvm_km_pgremove_intrsafe+0x40b sys/uvm/uvm_km.c:514
[   1.7217460] uvm_km_kmem_free() at netbsd:uvm_km_kmem_free+0x3d sys/uvm/uvm_km.c:885
[   1.7417479] kmem_intr_free() at netbsd:kmem_intr_free+0x31a sys/kern/subr_kmem.c:279
[   1.7717481] scsi_probe_bus() at netbsd:scsi_probe_bus+0x7a9 sys/dev/scsipi/scsiconf.c:536
[   1.7917494] scsibus_discover_thread() at netbsd:scsibus_discover_thread+0xbb scsibus_config sys/dev/scsipi/scsiconf.c:325 [inline]
[   1.7917494] scsibus_discover_thread() at netbsd:scsibus_discover_thread+0xbb sys/dev/scsipi/scsiconf.c:290
[   1.8017490] cpu1: End traceback...
[   1.8117462] fatal breakpoint trap in supervisor mode
[   1.8117462] trap type 1 code 0 rip 0xffffffff80220a2d cs 0x8 rflags 0x282 cr2 0 ilevel 0 rsp 0xffffc80185089920
[   1.8217385] curlwp 0xffffc800120b36c0 pid 0.30 lowest kstack 0xffffc801850822c0
Stopped in pid 0.30 (system) at netbsd:breakpoint+0x5:  leave
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:69
vpanic() at netbsd:vpanic+0x258 sys/kern/subr_prf.c:290
_sub_D_65535_0() at netbsd:_sub_D_65535_0+-0xca08
uvm_km_pgremove_intrsafe() at netbsd:uvm_km_pgremove_intrsafe+0x40b sys/uvm/uvm_km.c:514
uvm_km_kmem_free() at netbsd:uvm_km_kmem_free+0x3d sys/uvm/uvm_km.c:885
kmem_intr_free() at netbsd:kmem_intr_free+0x31a sys/kern/subr_kmem.c:279
scsi_probe_bus() at netbsd:scsi_probe_bus+0x7a9 sys/dev/scsipi/scsiconf.c:536
scsibus_discover_thread() at netbsd:scsibus_discover_thread+0xbb scsibus_config sys/dev/scsipi/scsiconf.c:325 [inline]
scsibus_discover_thread() at netbsd:scsibus_discover_thread+0xbb sys/dev/scsipi/scsiconf.c:290
ds          0
es          1
fs          8ab3
gs          d7b
rdi         5
rsi         0
rbp         ffffc80185089920
rbx         1
rdx         0
rcx         ffffffff8161a066    db_panic+0xf6
rax         ffffc800120b36c0
r8          4
r9          ffffffff8161a057    db_panic+0xe7
--db_more--