panic: pool_do_get: mbufpl free list modified: page 0xffffff003bb0e000; item addr 0xffffff003bb0e400; offset 0x0=0x8ef77e4406000100 != 0x8ef77e443ffc2778
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*350981  93286      0        0x10  0x4000000    0  syz-executor1
db_enter() at db_enter+0xa
panic() at panic+0x147
pool_do_get(2,ffffffff81e99280,ffffff003bb0ed00) at pool_do_get+0x3ae
pool_get(1,2) at pool_get+0x77
m_get(0,2c) at m_get+0x2f
switchwrite(ffffff00365d55c0,ffffff00365d55c0,ffff800014ad03c8) at switchwrite+0x1d3
spec_write(ffffffff81e300a8) at spec_write+0xa0
VOP_WRITE(2c,ffffff00365d55c0,1,ffff800014ad03c8) at VOP_WRITE+0x65
vn_write(ffffff003064b268,ffff800014ad03c8,2c) at vn_write+0x127
dofilewritev(ffff800014ada538,ffff800014ad0470,2c,ffff800014ad0488,7c27454a9b8) at dofilewritev+0x13e
sys_write(ffff800014ad0510,ffff800014ada538,ffff8000149d0620) at sys_write+0x6e
syscall(0) at syscall+0x3e4
Xsyscall(6,0,c,0,3,7bfb34be010) at Xsyscall+0x128
end of kernel
end trace frame: 0x7c27454aa40, count: 2
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> show panic
pool_do_get: mbufpl free list modified: page 0xffffff003bb0e000; item addr 0xffffff003bb0e400; offset 0x0=0x8ef77e4406000100 != 0x8ef77e443ffc2778
ddb> trace
db_enter() at db_enter+0xa
panic() at panic+0x147
pool_do_get(2,ffffffff81e99280,ffffff003bb0ed00) at pool_do_get+0x3ae
pool_get(1,2) at pool_get+0x77
m_get(0,2c) at m_get+0x2f
switchwrite(ffffff00365d55c0,ffffff00365d55c0,ffff800014ad03c8) at switchwrite+0x1d3
spec_write(ffffffff81e300a8) at spec_write+0xa0
VOP_WRITE(2c,ffffff00365d55c0,1,ffff800014ad03c8) at VOP_WRITE+0x65
vn_write(ffffff003064b268,ffff800014ad03c8,2c) at vn_write+0x127
dofilewritev(ffff800014ada538,ffff800014ad0470,2c,ffff800014ad0488,7c27454a9b8) at dofilewritev+0x13e
sys_write(ffff800014ad0510,ffff800014ada538,ffff8000149d0620) at sys_write+0x6esyscall(0) at syscall+0x3e4
Xsyscall(6,0,c,0,3,7bfb34be010) at Xsyscall+0x128
end of kernel
end trace frame: 0x7c27454aa40, count: -13
ddb> show registers
rdi               0xffffffff81e28ee0    kprintf_mutex
rsi               0xffffffff81a90bd9    db_enter+0x9
rbp               0xffff800014ad0010
rbx               0xffff800014ad00b0
rdx               0xffff800002ad0000
rcx                           0x4357    __ALIGN_SIZE+0x3357
rax               0xffff800002ad0000
r8                0xffff800014acffe0
r9                0x8080808080808080
r10               0x8ef77e4406000100
r11               0xffffffff8142ad10    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff800014ad0020
r14                            0x100
r15               0xffffffff81c4957a    cy_pio_rec+0x11e9c
rip               0xffffffff81a90bda    db_enter+0xa
cs                               0x8
rflags                         0x202
rsp               0xffff800014ad0010
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb> show proc
PROC (syz-executor1) pid=350981 stat=onproc
    flags process=10<SUGID> proc=4000000<THREAD>
    pri=86, usrpri=86, nice=20
    forw=0xffffffffffffffff, list=0xffff800014ada790,0xffffffff81e94fe8
    process=0xffff8000149d0620 user=0xffff800014acb000, vmspace=0xffffff003f12bc60
    estcpu=36, cpticks=1, pctcpu=0.0
    user=0, sys=1, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 93286  164133  12549      0  2        0x10                syz-executor1
*93286  350981  12549      0  7   0x4000010                syz-executor1
 37641  524188  21133      0  3        0x80  nanosleep     syz-executor0
 37641  496532  21133      0  3   0x4000080  netio         syz-executor0
 37641  441033  21133      0  3   0x4000080  fsleep        syz-executor0
 20384  180936      1      0  3    0x100083  ttyin         getty
 10423  236569      0      0  3     0x14200  bored         sosplice
 21133  180896  14147      0  3        0x82  nanosleep     syz-executor0
 12549   19404  14147      0  3        0x82  nanosleep     syz-executor1
 14147   80799  72740      0  3        0x82  thrsleep      syz-fuzzer
 14147  188474  72740      0  3   0x4000082  nanosleep     syz-fuzzer
 14147  499200  72740      0  3   0x4000082  thrsleep      syz-fuzzer
 14147  403876  72740      0  3   0x4000082  kqread        syz-fuzzer
 14147   12730  72740      0  3   0x4000082  thrsleep      syz-fuzzer
 14147  492324  72740      0  3   0x4000082  thrsleep      syz-fuzzer
 14147  345860  72740      0  3   0x4000082  thrsleep      syz-fuzzer
 72740  459809  68628      0  3    0x10008a  pause         ksh
 68628  346718  77037      0  3        0x92  select        sshd
 77037  485929      1      0  3        0x80  select        sshd
 43193   38535  23290     73  3    0x100090  kqread        syslogd
 23290  469642      1      0  3    0x100082  netio         syslogd
 84316   92923      1     77  3    0x100090  poll          dhclient
 70340  380214      1      0  3        0x80  poll          dhclient
 50933   56733      0      0  2     0x14200                zerothread
 12004  355764      0      0  3     0x14200  aiodoned      aiodoned
 51127  379766      0      0  3     0x14200  syncer        update
 24280  512960      0      0  3     0x14200  cleaner       cleaner
 27223  369979      0      0  3     0x14200  reaper        reaper
 44090  268758      0      0  3     0x14200  pgdaemon      pagedaemon
 18427  392264      0      0  3     0x14200  bored         crynlk
 58777  183244      0      0  3     0x14200  bored         crypto
 16688  431324      0      0  3  0x40014200  acpi0         acpi0
 14321  423696      0      0  3     0x14200  bored         softnet
  1291  496269      0      0  3     0x14200  bored         systqmp
 70817  150751      0      0  3     0x14200  bored         systq
 92050   87108      0      0  3  0x40014200  bored         softclock
 48088  454604      0      0  3  0x40014200                idle0
     1  481062      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper