^S2$e9~lju{:&~J6-_uEiaJr+b9[S
PU((_DQ,^J>|HD+@|)rN)"'`7r- E`M<{_P
)/6X\-54*^S2$e9~lju{:&~J6-_upanic: pr_find_pagehead: mbufpl: page header missing
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*188738  79920      0           0  0x4000000    0  syz-executor1
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
pool_do_put(ffffff0006000100,ffffffff81e94370) at pool_do_put+0x339
pool_put(0,ffffff0006000100) at pool_put+0x37 sys/kern/subr_pool.c:808
m_free(ffffff0006000100) at m_free+0x12c sys/kern/uipc_mbuf.c:447
tun_dev_read(ffff800014ac87a8,ffffff003edb3e80,ffffff003edb3e80) at tun_dev_read+0x237 sys/net/if_tun.c:791
spec_read(10) at spec_read+0x9d sys/kern/spec_vnops.c:223
VOP_READ(ffff800014ac87a8,ffffff003edb3e80,ffffff003077b2e0,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247
vn_read(ffffff003077b2e0,ffff8000ffffc710,3e8) at vn_read+0x130 sys/kern/vfs_vnops.c:365
dofilereadv(ffff8000ffffc710,ffff800014ac8850,3e8,ffff800014ac8860,3ac9bcd6e38) at dofilereadv+0x14f sys/kern/sys_generic.c:235
sys_read(ffff800014ac88f0,ffff8000ffffc710,ffff8000149cf980) at sys_read+0x6e sys/kern/sys_generic.c:155
syscall(0) at syscall+0x3e4
Xsyscall(6,3,2,3,c10a,3ad0b3a8000) at Xsyscall+0x128
end of kernel
end trace frame: 0x3ac9bcd6e50, count: 2
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> show panic
pr_find_pagehead: mbufpl: page header missing
ddb> trace
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
pool_do_put(ffffff0006000100,ffffffff81e94370) at pool_do_put+0x339
pool_put(0,ffffff0006000100) at pool_put+0x37 sys/kern/subr_pool.c:808
m_free(ffffff0006000100) at m_free+0x12c sys/kern/uipc_mbuf.c:447
tun_dev_read(ffff800014ac87a8,ffffff003edb3e80,ffffff003edb3e80) at tun_dev_read+0x237 sys/net/if_tun.c:791
spec_read(10) at spec_read+0x9d sys/kern/spec_vnops.c:223
VOP_READ(ffff800014ac87a8,ffffff003edb3e80,ffffff003077b2e0,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247vn_read(ffffff003077b2e0,ffff8000ffffc710,3e8) at vn_read+0x130
dofilereadv(ffff8000ffffc710,ffff800014ac8850,3e8,ffff800014ac8860,3ac9bcd6e38) at dofilereadv+0x14f sys/kern/sys_generic.c:235
sys_read(ffff800014ac88f0,ffff8000ffffc710,ffff8000149cf980) at sys_read+0x6e sys/kern/sys_generic.c:155
syscall(0) at syscall+0x3e4
Xsyscall(6,3,2,3,c10a,3ad0b3a8000) at Xsyscall+0x128
end of kernel
end trace frame: 0x3ac9bcd6e50, count: -13
ddb> show registers
rdi               0xffffffff81e39300    kprintf_mutex
rsi               0xffffffff81804899    db_enter+0x9
rbp               0xffff800014ac83d0
rbx               0xffff800014ac8470
rdx               0xffff800000acb000
rcx                           0x15b4    __ALIGN_SIZE+0x5b4
rax               0xffff800000acb000
r8                0xffff800014ac83a0
r9                0x8080808080808080
r10                                0
r11               0xffffffff81782140    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff800014ac83e0
r14                            0x100
r15               0xffffffff81c171db    apollo_udma100_tim+0x4c97
rip               0xffffffff8180489a    db_enter+0xa
cs                               0x8
rflags                         0x206
rsp               0xffff800014ac83d0
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb> show proc
PROC (syz-executor1) pid=188738 stat=onproc
    flags process=0 proc=4000000<THREAD>
    pri=68, usrpri=68, nice=20
    forw=0xffffffffffffffff, list=0xffff8000ffffcbc0,0xffffffff81ebb720
    process=0xffff8000149cf980 user=0xffff800014ac3000, vmspace=0xffffff003f12bd68
    estcpu=36, cpticks=0, pctcpu=0.0
    user=0, sys=0, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 79920   38995   3144      0  2           0                syz-executor1
*79920  188738   3144      0  7   0x4000000                syz-executor1
  8801  344926      0      0  3     0x14200  bored         sosplice
 38361  495752  82533      0  3         0x2  biowait       syz-executor0
  3144  274865  82533      0  3        0x82  nanosleep     syz-executor1
 82533  319880  49251      0  3        0x82  thrsleep      syz-fuzzer
 82533  501630  49251      0  3   0x4000082  nanosleep     syz-fuzzer
 82533  520976  49251      0  3   0x4000082  thrsleep      syz-fuzzer
 82533  273119  49251      0  3   0x4000082  kqread        syz-fuzzer
 82533  502939  49251      0  3   0x4000082  thrsleep      syz-fuzzer
 82533  212065  49251      0  3   0x4000082  thrsleep      syz-fuzzer
 82533   41665  49251      0  3   0x4000082  thrsleep      syz-fuzzer
 49251  445700  85466      0  3    0x10008a  pause         ksh
 85466  349333  83381      0  3        0x92  select        sshd
 84448  297828      1      0  3    0x100083  ttyin         getty
 83381  351372      1      0  3        0x80  select        sshd
 94829  405914   7294     73  3    0x100090  kqread        syslogd
  7294  248383      1      0  3    0x100082  netio         syslogd
 78911  436192      1     77  3    0x100090  poll          dhclient
 93314  297837      1      0  3        0x80  poll          dhclient
 98820   96331      0      0  2     0x14200                zerothread
 59772  163962      0      0  3     0x14200  aiodoned      aiodoned
 89388  316775      0      0  3     0x14200  syncer        update
 23842    3791      0      0  3     0x14200  cleaner       cleaner
 55647  326127      0      0  3     0x14200  reaper        reaper
  5901   11582      0      0  3     0x14200  pgdaemon      pagedaemon
 66343  440475      0      0  3     0x14200  bored         crynlk
 42145  326546      0      0  3     0x14200  bored         crypto
 82823   57642      0      0  3  0x40014200  acpi0         acpi0
  5918   83096      0      0  3     0x14200  bored         softnet
 13913  502595      0      0  3     0x14200  bored         systqmp
 88981  145762      0      0  3     0x14200  bored         systq
 10629   48976      0      0  3  0x40014200  bored         softclock
  4055  303955      0      0  3  0x40014200                idle0
     1  205482      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper