panic: pool_do_get: inpcb free list modified: page 0xfffffd8066a70000; item addr 0xfffffd8066a70b00; offset 0x0=0x0 != 0x98e19b4ba81f7e7a
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*250406 54108 0 0 0x4000000 0 syz-executor.4
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8261113e) at panic+0x161 sys/kern/subr_prf.c:202
pool_do_get(ffffffff82ab3328,a,ffff800024b26dc8) at pool_do_get+0x427 sys/kern/subr_pool.c:740
pool_get(ffffffff82ab3328,a) at pool_get+0xb3 sys/kern/subr_pool.c:584
in_pcballoc(fffffd805ef89730,ffffffff82a853a0) at in_pcballoc+0x9f sys/netinet/in_pcb.c:234
rip6_attach(fffffd805ef89730,0) at rip6_attach+0x122 sys/netinet6/raw_ip6.c:733
socreate(18,ffff800024b26f78,3,0) at socreate+0x224 sys/kern/uipc_socket.c:195
sys_socket(ffff800023ce4008,ffff800024b27008,ffff800024b27060) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96
syscall(ffff800024b270d0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x92c356a86e0, count: 5
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.