[ 1.0867650] panic: kernel diagnostic assertion "len <= map->dm_mapsize - offset" failed: file "/syzkaller/managers/ci2-netbsd-kmsan/kernel/sys/arch/x86/x86/bus_dma.c", line 816 bad length 0x20004 + 4000 > 22000 [ 1.0867650] cpu0: Begin traceback... [ 1.0867650] vpanic() at netbsd:vpanic+0xc9d [ 1.0867650] kern_assert() at netbsd:kern_assert+0x228 [ 1.0867650] bus_dmamap_sync() at netbsd:bus_dmamap_sync+0x1364 _bus_dmamap_sync sys/arch/x86/x86/bus_dma.c:813 [inline] [ 1.0867650] bus_dmamap_sync() at netbsd:bus_dmamap_sync+0x1364 sys/arch/x86/x86/bus_dma.c:1373 [ 1.0867650] virtio_enqueue_commit() at netbsd:virtio_enqueue_commit+0xbd6 sys/dev/pci/virtio.c:1159 [ 1.0867650] vioscsi_scsipi_request() at netbsd:vioscsi_scsipi_request+0x1f4e sys/dev/pci/vioscsi.c:423 [ 1.0867650] scsipi_run_queue() at netbsd:scsipi_run_queue+0x1ef0 scsipi_adapter_request sys/dev/scsipi/scsipi_base.c:2834 [inline] [ 1.0867650] scsipi_run_queue() at netbsd:scsipi_run_queue+0x1ef0 sys/dev/scsipi/scsipi_base.c:2183 [ 1.0867650] scsipi_execute_xs() at netbsd:scsipi_execute_xs+0xe8e sys/dev/scsipi/scsipi_base.c:2204 [ 1.0867650] scsipi_command() at netbsd:scsipi_command+0x386 [ 1.0867650] scsipi_inquire() at netbsd:scsipi_inquire+0x18b sys/dev/scsipi/scsipi_base.c:1221 [ 1.0867650] scsi_probe_bus() at netbsd:scsi_probe_bus+0x9dc scsi_report_luns sys/dev/scsipi/scsiconf.c:358 [inline] [ 1.0867650] scsi_probe_bus() at netbsd:scsi_probe_bus+0x9dc scsi_discover_luns sys/dev/scsipi/scsiconf.c:435 [inline] [ 1.0867650] scsi_probe_bus() at netbsd:scsi_probe_bus+0x9dc sys/dev/scsipi/scsiconf.c:494 [ 1.0867650] scsibus_config() at netbsd:scsibus_config+0x349 sys/dev/scsipi/scsiconf.c:268 [ 1.0867650] scsibus_discover_thread() at netbsd:scsibus_discover_thread+0x28 sys/dev/scsipi/scsiconf.c:234 [ 1.0867650] cpu0: End traceback... [ 1.0867650] fatal breakpoint trap in supervisor mode [ 1.0867650] trap type 1 code 0 rip 0xffffffff8023675d cs 0x8 rflags 0x286 cr2 0 ilevel 0x8 rsp 0xffffe000af079360 [ 1.0867650] curlwp 0xffffe000103f5b00 pid 0.96 lowest kstack 0xffffe000af0722c0 Stopped in pid 0.96 (system) at netbsd:breakpoint+0x5: leave breakpoint() at netbsd:breakpoint+0x5 vpanic() at netbsd:vpanic+0xc9d kern_assert() at netbsd:kern_assert+0x228 bus_dmamap_sync() at netbsd:bus_dmamap_sync+0x1364 _bus_dmamap_sync sys/arch/x86/x86/bus_dma.c:813 [inline] bus_dmamap_sync() at netbsd:bus_dmamap_sync+0x1364 sys/arch/x86/x86/bus_dma.c:1373 virtio_enqueue_commit() at netbsd:virtio_enqueue_commit+0xbd6 sys/dev/pci/virtio.c:1159 vioscsi_scsipi_request() at netbsd:vioscsi_scsipi_request+0x1f4e sys/dev/pci/vioscsi.c:423 scsipi_run_queue() at netbsd:scsipi_run_queue+0x1ef0 scsipi_adapter_request sys/dev/scsipi/scsipi_base.c:2834 [inline] scsipi_run_queue() at netbsd:scsipi_run_queue+0x1ef0 sys/dev/scsipi/scsipi_base.c:2183 scsipi_execute_xs() at netbsd:scsipi_execute_xs+0xe8e sys/dev/scsipi/scsipi_base.c:2204 scsipi_command() at netbsd:scsipi_command+0x386 scsipi_inquire() at netbsd:scsipi_inquire+0x18b sys/dev/scsipi/scsipi_base.c:1221 scsi_probe_bus() at netbsd:scsi_probe_bus+0x9dc scsi_report_luns sys/dev/scsipi/scsiconf.c:358 [inline] scsi_probe_bus() at netbsd:scsi_probe_bus+0x9dc scsi_discover_luns sys/dev/scsipi/scsiconf.c:435 [inline] scsi_probe_bus() at netbsd:scsi_probe_bus+0x9dc sys/dev/scsipi/scsiconf.c:494 scsibus_config() at netbsd:scsibus_config+0x349 sys/dev/scsipi/scsiconf.c:268 scsibus_discover_thread() at netbsd:scsibus_discover_thread+0x28 sys/dev/scsipi/scsiconf.c:234 ds 4918 es 89c3 fs 9350 gs 0 rdi 5 rsi 0 rbp ffffe000af079360 rbx 0 rdx 1 --db_more--