[ 233.6198040] panic: ASan: Unauthorized Access In 0xffffffff81ccbaf1: Addr 0xffffa400133bd400 [8 bytes, read, PoolUseAfterFree]

[ 233.6198040] cpu1: Begin traceback...
[ 233.6297909] vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:292
[ 233.6697937] panic() at netbsd:panic+0x9e sys/kern/subr_prf.c:1088
[ 233.7097944] kasan_report() at netbsd:kasan_report+0x8f kasan_code_name sys/kern/subr_asan.c:169 [inline]
[ 233.7097944] kasan_report() at netbsd:kasan_report+0x8f sys/kern/subr_asan.c:201
[ 233.7397903] __asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_8byte_isvalid sys/kern/subr_asan.c:371 [inline]
[ 233.7397903] __asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
[ 233.7397903] __asan_load8() at netbsd:__asan_load8+0xac sys/kern/subr_asan.c:1208
[ 233.7697906] mount_domount() at netbsd:mount_domount+0x783 mount_checkdirs sys/kern/vfs_mount.c:741 [inline]
[ 233.7697906] mount_domount() at netbsd:mount_domount+0x783 sys/kern/vfs_mount.c:895
[ 233.7997901] do_sys_mount() at netbsd:do_sys_mount+0x7a1 sys/kern/vfs_syscalls.c:616
[ 233.8297928] sys___mount50() at netbsd:sys___mount50+0x8f sys/kern/vfs_syscalls.c:537
[ 233.8597913] sys___syscall() at netbsd:sys___syscall+0x10e sy_call sys/sys/syscallvar.h:65 [inline]
[ 233.8597913] sys___syscall() at netbsd:sys___syscall+0x10e sys/kern/sys_syscall.c:90
[ 233.8997905] syscall() at netbsd:syscall+0x25a sy_call sys/sys/syscallvar.h:65 [inline]
[ 233.8997905] syscall() at netbsd:syscall+0x25a sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 233.8997905] syscall() at netbsd:syscall+0x25a sys/arch/x86/x86/syscall.c:138
[ 233.9097948] --- syscall (number 410 via SYS_syscall) ---
[ 233.9197888] netbsd:syscall+0x25a:
[ 233.9197888] cpu1: End traceback...
[ 233.9297894] fatal breakpoint trap in supervisor mode
[ 233.9297894] trap type 1 code 0 rip 0xffffffff8023241d cs 0x8 rflags 0x286 cr2 0xffffa402485e9000 ilevel 0 rsp 0xffffa40248656900
[ 233.9397881] curlwp 0xffffa40012cc5500 pid 6325.5579 lowest kstack 0xffffa4024864f2c0
Stopped in pid 6325.5579 (syz-executor.2) at    netbsd:breakpoint+0x5:  leave
?
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:69
vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:292
panic() at netbsd:panic+0x9e sys/kern/subr_prf.c:1088
kasan_report() at netbsd:kasan_report+0x8f kasan_code_name sys/kern/subr_asan.c:169 [inline]
kasan_report() at netbsd:kasan_report+0x8f sys/kern/subr_asan.c:201
__asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_8byte_isvalid sys/kern/subr_asan.c:371 [inline]
__asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_check sys/kern/subr_asan.c:421 [inline]
__asan_load8() at netbsd:__asan_load8+0xac sys/kern/subr_asan.c:1208
mount_domount() at netbsd:mount_domount+0x783 mount_checkdirs sys/kern/vfs_mount.c:741 [inline]
mount_domount() at netbsd:mount_domount+0x783 sys/kern/vfs_mount.c:895
do_sys_mount() at netbsd:do_sys_mount+0x7a1 sys/kern/vfs_syscalls.c:616
sys___mount50() at netbsd:sys___mount50+0x8f sys/kern/vfs_syscalls.c:537
sys___syscall() at netbsd:sys___syscall+0x10e sy_call sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0x10e sys/kern/sys_syscall.c:90
syscall() at netbsd:syscall+0x25a sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x25a sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x25a sys/arch/x86/x86/syscall.c:138
--- syscall (number 410 via SYS_syscall) ---
netbsd:syscall+0x25a:
Panic string: ASan: Unauthorized Access In 0xffffffff81ccbaf1: Addr 0xffffa400133bd400 [8 bytes, read, PoolUseAfterFree]

PID    LID S CPU     FLAGS       STRUCT LWP *               NAME WAIT
6351  6492 2   1    100100   ffffa400133e9b00     syz-executor.5
6351  6351 2   1  10040040   ffffa40012d99040     syz-executor.5
6325 >5579 7   1       100   ffffa40012cc5500     syz-executor.2
6325  6325 2   1  10040140   ffffa40012a71040     syz-executor.2
6495  6495 2   1       140   ffffa40012aa54c0     syz-executor.5
6322  6322 2   1        40   ffffa40013459040     syz-executor.0
6527  6527 2   1       140   ffffa400134654c0     syz-executor.2
1237  4410 3   1       180   ffffa40012c28240       syz-execprog parked
1237  1207 3   1       1c0   ffffa40013d9db80       syz-execprog parked
1237  1199 3   1       1c0   ffffa40013d9d740       syz-execprog wait
1237  1236 3   0       180   ffffa40013d52b00       syz-execprog parked
1237  1243 2   0         0   ffffa40013cfaa40       syz-execprog
1237   929 3   0       180   ffffa40013cfa600       syz-execprog parked
1237   990 3   1       180   ffffa40013cfa1c0       syz-execprog wait
1237  1242 3   1       180   ffffa40012c14a80       syz-execprog parked
1237  1120 3   0       180   ffffa40012b7b100       syz-execprog parked
1237  1235 3   1       180   ffffa40012c14640       syz-execprog wait
1237  1226 3   0       180   ffffa400134312c0       syz-execprog parked
1237  1132 3   0       180   ffffa400133d2ac0       syz-execprog parked
1237  1238 2   0       140   ffffa400133d2240       syz-execprog
1237  1237 2   1  10000040   ffffa40012b7b980       syz-execprog
1230  1230 3   0       180   ffffa40012b7b540               sshd select
1083  1083 3   1       180   ffffa400126e8b80              getty nanoslp
825    825 3   1       180   ffffa400126e8740              getty nanoslp
1056  1056 3   1       180   ffffa40012ce0140              getty nanoslp
1084  1084 3   0       1c0   ffffa400134af180              getty ttyraw
952    952 3   0       180   ffffa400133c6640               sshd select
1065  1065 3   0       180   ffffa40012cb7900             powerd kqueue
702    702 3   0       180   ffffa40013431b40            syslogd kqueue
746    746 3   0       180   ffffa40012ca6480             dhcpcd poll
747    747 3   0       180   ffffa40012cd2100             dhcpcd poll
743    743 3   0       180   ffffa40012ca6040             dhcpcd poll
292    292 3   0       180   ffffa40012db0900             dhcpcd poll
485    485 3   0       180   ffffa40012db04c0             dhcpcd poll
291    291 3   0       180   ffffa40012db0080             dhcpcd poll
1        1 3   0       180   ffffa40012879180               init wait
0      686 3   0       200   ffffa400129a26c0            physiod physiod
0      196 3   0       200   ffffa400129a4700          pooldrain pooldrain
0    > 195 7   0     40240   ffffa400129a42c0            ioflush
0      194 3   1       200   ffffa400129a2b00           pgdaemon pgdaemon
0      167 3   1       200   ffffa40012962ac0               usb7 usbevt
0      172 3   1       200   ffffa40012962680               usb6 usbevt
0      170 3   1       200   ffffa40012962240               usb5 usbevt
0      168 3   1       200   ffffa40012914a80               usb4 usbevt
0      166 3   0       200   ffffa40012914640               usb3 usbevt
0      165 3   0       200   ffffa40012914200               usb2 usbevt
0       31 3   0       200   ffffa400128daa40               usb1 usbevt
0       63 3   0       200   ffffa400128da600               usb0 usbevt
0      126 3   1       200   ffffa400128da1c0         usbtask-dr usbtsk
0      125 3   1       200   ffffa40012879a00         usbtask-hc usbtsk
0      124 3   0       200   ffffa40010d77b00          swwreboot swwreboot
0      123 2   1       240   ffffa400128795c0             npfgc0
0      122 3   1       200   ffffa4001286b9c0            rt_free rt_free
0      121 3   1       200   ffffa4001286b580              unpgc unpgc
0      120 3   0       200   ffffa4001286b140    key_timehandler key_timehandler
0      119 3   1       200   ffffa4001271c980    icmp6_wqinput/1 icmp6_wqinput
0      118 3   0       200   ffffa4001271c540    icmp6_wqinput/0 icmp6_wqinput
0      117 3