panic: Data modified on freelist: word 5 of object 0xffff800000a72700 size 0x100 previous type devbuf (0xd != 0xdead4110)

Stopped at      db_enter+0x18:  addq    $0x8,%rsp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*252196  60663      0           0  0x4000000    0  syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(100,2,a) at malloc+0xa23 sys/kern/kern_malloc.c:331
bpfopen(21700,1,2000,ffff8000ffff8280) at bpfopen+0xb5 sys/net/bpf.c:362
spec_open_clone(ffff800014918808) at spec_open_clone+0x241 sys/kern/spec_vnops.c:737
spec_open(ffff800014918808) at spec_open+0x40e
VOP_OPEN(fffffd8036ce1750,1,fffffd803f7c6b40,ffff8000ffff8280) at VOP_OPEN+0x6a sys/kern/vfs_vops.c:154
vn_open(ffff800014918a48,1,0) at vn_open+0x494 sys/kern/vfs_vnops.c:174
doopenat(ffff8000ffff8280,ffffff9c,20000040,0,0,ffff800014918c40) at doopenat+0x28e sys/kern/vfs_syscalls.c:1157
syscall(ffff800014918cc0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,0,ffffffffffffffa2,0,4,24bb1b9a010) at Xsyscall+0x128
end of kernel
end trace frame: 0x24dcec5f290, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
Data modified on freelist: word 5 of object 0xffff800000a72700 size 0x100 previous type devbuf (0xd != 0xdead4110)

ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(100,2,a) at malloc+0xa23 sys/kern/kern_malloc.c:331
bpfopen(21700,1,2000,ffff8000ffff8280) at bpfopen+0xb5 sys/net/bpf.c:362
spec_open_clone(ffff800014918808) at spec_open_clone+0x241 sys/kern/spec_vnops.c:737
spec_open(ffff800014918808) at spec_open+0x40e
VOP_OPEN(fffffd8036ce1750,1,fffffd803f7c6b40,ffff8000ffff8280) at VOP_OPEN+0x6a sys/kern/vfs_vops.c:154
vn_open(ffff800014918a48,1,0) at vn_open+0x494 sys/kern/vfs_vnops.c:174
doopenat(ffff8000ffff8280,ffffff9c,20000040,0,0,ffff800014918c40) at doopenat+0x28e sys/kern/vfs_syscalls.c:1157
syscall(ffff800014918cc0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,0,ffffffffffffffa2,0,4,24bb1b9a010) at Xsyscall+0x128
end of kernel
end trace frame: 0x24dcec5f290, count: -11
ddb> show registers
rdi                                0
rsi                              0x1
rbp               0xffff800014918510
rbx               0xffff8000149185c0
rdx                              0x2
rcx                              0x1
rax                              0x1
r8                0xffff8000149184d0
r9                               0x1
r10               0x1e2a43d0ef48f8b0
r11               0xb5a1fb27050c5138
r12                     0x3000000008
r13               0xffff800014918520
r14                            0x100
r15                              0x1
rip               0xffffffff81defc18    db_enter+0x18
cs                               0x8
rflags                         0x246
rsp               0xffff800014918500
ss                              0x10
db_enter+0x18:  addq    $0x8,%rsp
ddb>