[ 139.6394229] panic: ASan: Unauthorized Access In 0xffffffff808d3c97: Addr 0xffffdb801488a4a0 [8 bytes, read, PoolUseAfterFree] [ 139.6493803] cpu1: Begin traceback... [ 139.6893820] vpanic() at netbsd:vpanic+0x265 syzkaller/managers/netbsd/kernel/sys/kern/subr_prf.c:290 [ 139.7793861] snprintf() at netbsd:snprintf [ 139.8693819] kasan_report() at netbsd:kasan_report+0x8c kasan_code_name syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:168 [inline] [ 139.8693819] kasan_report() at netbsd:kasan_report+0x8c syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:200 [ 139.9593810] __asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_8byte_isvalid syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:370 [inline] [ 139.9593810] __asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_check syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:420 [inline] [ 139.9593810] __asan_load8() at netbsd:__asan_load8+0xac syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:1207 [ 140.0393824] pmap_growkernel() at netbsd:pmap_growkernel+0x71d pmap_alloc_level syzkaller/managers/netbsd/kernel/sys/arch/x86/x86/pmap.c:5463 [inline] [ 140.0393824] pmap_growkernel() at netbsd:pmap_growkernel+0x71d syzkaller/managers/netbsd/kernel/sys/arch/x86/x86/pmap.c:5575 [ 140.1193825] uvm_map_prepare() at netbsd:uvm_map_prepare+0x785 syzkaller/managers/netbsd/kernel/sys/uvm/uvm_map.c:1228 [ 140.2193851] uvm_map() at netbsd:uvm_map+0x14d syzkaller/managers/netbsd/kernel/sys/uvm/uvm_map.c:1096 [ 140.3093809] kcov_allocbuf.part.0() at netbsd:kcov_allocbuf.part.0+0x63 [ 140.4093804] kcov_fops_ioctl() at netbsd:kcov_fops_ioctl+0x1f9 kcov_allocbuf syzkaller/managers/netbsd/kernel/sys/kern/subr_kcov.c:192 [inline] [ 140.4093804] kcov_fops_ioctl() at netbsd:kcov_fops_ioctl+0x1f9 kcov_setbufsize syzkaller/managers/netbsd/kernel/sys/kern/subr_kcov.c:378 [inline] [ 140.4093804] kcov_fops_ioctl() at netbsd:kcov_fops_ioctl+0x1f9 syzkaller/managers/netbsd/kernel/sys/kern/subr_kcov.c:497 [ 140.4993792] sys_ioctl() at netbsd:sys_ioctl+0x8ed syzkaller/managers/netbsd/kernel/sys/kern/sys_generic.c:671 [ 140.5893816] syscall() at netbsd:syscall+0x259 sy_call syzkaller/managers/netbsd/kernel/sys/sys/syscallvar.h:65 [inline] [ 140.5893816] syscall() at netbsd:syscall+0x259 sy_invoke syzkaller/managers/netbsd/kernel/sys/sys/syscallvar.h:94 [inline] [ 140.5893816] syscall() at netbsd:syscall+0x259 syzkaller/managers/netbsd/kernel/sys/arch/x86/x86/syscall.c:138 [ 140.6093824] --- syscall (number 54) --- [ 140.6393833] netbsd:syscall+0x259: [ 140.6493862] cpu1: End traceback... [ 140.6493862] fatal breakpoint trap in supervisor mode [ 140.6593787] trap type 1 code 0 rip 0xffffffff80220a2d cs 0x8 rflags 0x282 cr2 0x7f7fff10cfa0 ilevel 0x6 rsp 0xffffdb819db56820 [ 140.6693835] curlwp 0xffffdb8013cc0580 pid 1065.1065 lowest kstack 0xffffdb819db4f2c0 Stopped in pid 1065.1065 (syz-executor.3) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0x105 syzkaller/managers/netbsd/kernel/sys/ddb/db_panic.c:67 vpanic() at netbsd:vpanic+0x265 syzkaller/managers/netbsd/kernel/sys/kern/subr_prf.c:290 snprintf() at netbsd:snprintf kasan_report() at netbsd:kasan_report+0x8c kasan_code_name syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:168 [inline] kasan_report() at netbsd:kasan_report+0x8c syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:200 __asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_8byte_isvalid syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:370 [inline] __asan_load8() at netbsd:__asan_load8+0xac kasan_shadow_check syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:420 [inline] __asan_load8() at netbsd:__asan_load8+0xac syzkaller/managers/netbsd/kernel/sys/kern/subr_asan.c:1207 pmap_growkernel() at netbsd:pmap_growkernel+0x71d pmap_alloc_level syzkaller/managers/netbsd/kernel/sys/arch/x86/x86/pmap.c:5463 [inline] pmap_growkernel() at netbsd:pmap_growkernel+0x71d syzkaller/managers/netbsd/kernel/sys/arch/x86/x86/pmap.c:5575 uvm_map_prepare() at netbsd:uvm_map_prepare+0x785 syzkaller/managers/netbsd/kernel/sys/uvm/uvm_map.c:1228 uvm_map() at netbsd:uvm_map+0x14d syzkaller/managers/netbsd/kernel/sys/uvm/uvm_map.c:1096 kcov_allocbuf.part.0() at netbsd:kcov_allocbuf.part.0+0x63 kcov_fops_ioctl() at netbsd:kcov_fops_ioctl+0x1f9 kcov_allocbuf syzkaller/managers/netbsd/kernel/sys/kern/subr_kcov.c:192 [inline] kcov_fops_ioctl() at netbsd:kcov_fops_ioctl+0x1f9 kcov_setbufsize syzkaller/managers/netbsd/kernel/sys/kern/subr_kcov.c:378 [inline] kcov_fops_ioctl() at netbsd:kcov_fops_ioctl+0x1f9 syzkaller/managers/netbsd/kernel/sys/kern/subr_kcov.c:497 serialport: VM disconnected.