panic: pool_do_get: mbufpl free list modified: page 0xffffff0034f40000; item addr 0xffffff0034f40400; offset 0x0=0x8130378d06000100 != 0x8130378d75d0047f
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*343693  91220      0           0  0x4000000    0  syz-executor0
db_enter() at db_enter+0xa
panic() at panic+0x147
pool_do_get(2,ffffffff81ea46b8,ffffff0034f40500) at pool_do_get+0x3ae
pool_get(1,2) at pool_get+0x77
m_get(0,2c) at m_get+0x2f
switchwrite(ffffff00371e7010,ffffff00371e7010,ffff800014ae2398) at switchwrite+0x1d3
spec_write(ffffffff81e1e918) at spec_write+0xa0
VOP_WRITE(2c,ffffff00371e7010,1,ffff800014ae2398) at VOP_WRITE+0x65
vn_write(ffffff0030b3dcb8,ffff800014ae2398,2c) at vn_write+0x127
dofilewritev(ffff8000ffffabd0,ffff800014ae2440,2c,ffff800014ae2458,4bbbed77e68) at dofilewritev+0x13e
sys_write(ffff800014ae24e0,ffff8000ffffabd0,ffff8000149cffd0) at sys_write+0x6e
syscall(0) at syscall+0x3e4
Xsyscall(6,0,c,0,3,4b9360a4010) at Xsyscall+0x128
end of kernel
end trace frame: 0x4bbbed77ef0, count: 2
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> show panic
pool_do_get: mbufpl free list modified: page 0xffffff0034f40000; item addr 0xffffff0034f40400; offset 0x0=0x8130378d06000100 != 0x8130378d75d0047f
ddb> trace
db_enter() at db_enter+0xa
panic() at panic+0x147
pool_do_get(2,ffffffff81ea46b8,ffffff0034f40500) at pool_do_get+0x3ae
pool_get(1,2) at pool_get+0x77
m_get(0,2c) at m_get+0x2f
switchwrite(ffffff00371e7010,ffffff00371e7010,ffff800014ae2398) at switchwrite+0x1d3
spec_write(ffffffff81e1e918) at spec_write+0xa0
VOP_WRITE(2c,ffffff00371e7010,1,ffff800014ae2398) at VOP_WRITE+0x65
vn_write(ffffff0030b3dcb8,ffff800014ae2398,2c) at vn_write+0x127
dofilewritev(ffff8000ffffabd0,ffff800014ae2440,2c,ffff800014ae2458,4bbbed77e68) at dofilewritev+0x13e
sys_write(ffff800014ae24e0,ffff8000ffffabd0,ffff8000149cffd0) at sys_write+0x6esyscall(0) at syscall+0x3e4
Xsyscall(6,0,c,0,3,4b9360a4010) at Xsyscall+0x128
end of kernel
end trace frame: 0x4bbbed77ef0, count: -13
ddb> show registers
rdi               0xffffffff81e22360    kprintf_mutex
rsi               0xffffffff81425d59    db_enter+0x9
rbp               0xffff800014ae1fe0
rbx               0xffff800014ae2080
rdx               0xffff800002ad0000
rcx                           0x412f    __ALIGN_SIZE+0x312f
rax               0xffff800002ad0000
r8                0xffff800014ae1fb0
r9                0x8080808080808080
r10               0x8130378d06000100
r11               0xffffffff81550c30    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff800014ae1ff0
r14                            0x100
r15               0xffffffff81c48ac4    cy_pio_rec+0x1206c
rip               0xffffffff81425d5a    db_enter+0xa
cs                               0x8
rflags                         0x202
rsp               0xffff800014ae1fe0
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb> show proc
PROC (syz-executor0) pid=343693 stat=onproc
    flags process=0 proc=4000000<THREAD>
    pri=83, usrpri=83, nice=20
    forw=0xffffffffffffffff, list=0xffff8000ffffa4c8,0xffffffff81ed30d8
    process=0xffff8000149cffd0 user=0xffff800014add000, vmspace=0xffffff003f12b948
    estcpu=36, cpticks=2, pctcpu=0.0
    user=0, sys=2, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 91220  515867  99575      0  2           0                syz-executor0
*91220  343693  99575      0  7   0x4000000                syz-executor0
 34098  360197      1      0  3    0x100083  ttyin         getty
 48665  502599      0      0  3     0x14200  bored         sosplice
 99575  375221  65920      0  3        0x82  nanosleep     syz-executor0
 82232  355187  65920      0  3         0x2  biowait       syz-executor1
 65920  522916  29243      0  3        0x82  thrsleep      syz-fuzzer
 65920  259885  29243      0  3   0x4000082  nanosleep     syz-fuzzer
 65920  256177  29243      0  3   0x4000082  thrsleep      syz-fuzzer
 65920  203809  29243      0  3   0x4000082  kqread        syz-fuzzer
 65920  268187  29243      0  3   0x4000082  thrsleep      syz-fuzzer
 65920   75045  29243      0  3   0x4000082  thrsleep      syz-fuzzer
 65920  178545  29243      0  3   0x4000082  thrsleep      syz-fuzzer
 29243   75597   4998      0  3    0x10008a  pause         ksh
  4998  128842  91841      0  3        0x92  select        sshd
 91841  113970      1      0  3        0x80  select        sshd
 54398  234226  83139     73  3    0x100010  biowait       syslogd
 83139  395181      1      0  3    0x100082  netio         syslogd
 37151  197947      1     77  3    0x100090  poll          dhclient
 49791  129190      1      0  3        0x80  poll          dhclient
 98012  285712      0      0  2     0x14200                zerothread
 41609  349147      0      0  3     0x14200  aiodoned      aiodoned
 80892   44736      0      0  3     0x14200  syncer        update
 68893  485334      0      0  3     0x14200  cleaner       cleaner
 21223   29571      0      0  3     0x14200  reaper        reaper
 22075  227127      0      0  3     0x14200  pgdaemon      pagedaemon
 19178  442424      0      0  3     0x14200  bored         crynlk
 63770   84190      0      0  3     0x14200  bored         crypto
 59662  466501      0      0  3  0x40014200  acpi0         acpi0
 46423   25986      0      0  3     0x14200  bored         softnet
 75355  489236      0      0  3     0x14200  bored         systqmp
  6040  112004      0      0  3     0x14200  bored         systq
 70640  394280      0      0  3  0x40014200  bored         softclock
 13313  419508      0      0  3  0x40014200                idle0
     1  286610      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper