panic: kernel diagnostic assertion "ifp != NULL" failed: file "/syzkaller/managers/main/kernel/sys/netinet/if_ether.c", line 716 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *366448 57838 0 0x14000 0x40000200 0 softclock db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 __assert(ffffffff821e7905,ffffffff821ff642,2cc,ffffffff82170446) at __assert+0x2b sys/kern/subr_prf.c:154 arptfree(fffffd802d9b1bd8) at arptfree+0xfb sys/netinet/if_ether.c:716 arptimer(ffffffff82500ec0) at arptimer+0x95 sys/netinet/if_ether.c:120 softclock_thread(ffff8000ffffe9e0) at softclock_thread+0x145 timeout_run sys/kern/kern_timeout.c:475 [inline] softclock_thread(ffff8000ffffe9e0) at softclock_thread+0x145 sys/kern/kern_timeout.c:552 end trace frame: 0x0, count: 9 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel diagnostic assertion "ifp != NULL" failed: file "/syzkaller/managers/main/kernel/sys/netinet/if_ether.c", line 716 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 __assert(ffffffff821e7905,ffffffff821ff642,2cc,ffffffff82170446) at __assert+0x2b sys/kern/subr_prf.c:154 arptfree(fffffd802d9b1bd8) at arptfree+0xfb sys/netinet/if_ether.c:716 arptimer(ffffffff82500ec0) at arptimer+0x95 sys/netinet/if_ether.c:120 softclock_thread(ffff8000ffffe9e0) at softclock_thread+0x145 timeout_run sys/kern/kern_timeout.c:475 [inline] softclock_thread(ffff8000ffffe9e0) at softclock_thread+0x145 sys/kern/kern_timeout.c:552 end trace frame: 0x0, count: -6 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800014812530 rbx 0xffff8000148125e0 rdx 0x2 rcx 0 rax 0 r8 0xffff8000148124f0 r9 0x1 r10 0 r11 0x7d74fb77a4b73225 r12 0x3000000008 r13 0xffff800014812540 r14 0x100 r15 0x1 rip 0xffffffff817df538 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800014812520 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (softclock) pid=366448 stat=onproc flags process=14000 proc=40000200 pri=0, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff8000fffff3c0,0xffff8000ffffe288 process=0xffff8000ffffc360 user=0xffff80001480d000, vmspace=0xffffffff8256d628 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 28814 73480 48316 0 2 0 syz-executor.1 28814 508982 48316 0 2 0x4000000 syz-executor.1 77953 281354 0 0 3 0x14200 acct acct 48316 155848 246 0 2 0x482 syz-executor.1 66200 164042 0 0 3 0x14200 bored sosplice 246 408997 83578 0 3 0x82 thrsleep syz-fuzzer 246 135172 83578 0 3 0x4000082 thrsleep syz-fuzzer 246 93830 83578 0 2 0x4000482 syz-fuzzer 246 305574 83578 0 3 0x4000082 thrsleep syz-fuzzer 246 173923 83578 0 3 0x4000082 thrsleep syz-fuzzer 246 267256 83578 0 3 0x4000082 kqread syz-fuzzer 246 320139 83578 0 3 0x4000082 thrsleep syz-fuzzer 246 228565 83578 0 3 0x4000082 thrsleep syz-fuzzer 246 123577 83578 0 3 0x4000082 thrsleep syz-fuzzer 83578 358810 82580 0 3 0x10008a pause ksh 82580 293185 67232 0 3 0x92 select sshd 56524 325375 1 0 3 0x100083 ttyin getty 67232 100509 1 0 3 0x80 select sshd 24172 206412 60275 73 3 0x100090 kqread syslogd 60275 322512 1 0 3 0x100082 netio syslogd 38176 139370 1 77 3 0x100090 poll dhclient 16854 254364 1 0 3 0x80 poll dhclient 6242 490605 0 0 2 0x14200 zerothread 16698 83353 0 0 3 0x14200 aiodoned aiodoned 45168 288853 0 0 2 0x14200 update 67957 343993 0 0 3 0x14200 cleaner cleaner 37058 358897 0 0 3 0x14200 reaper reaper 12955 457177 0 0 3 0x14200 pgdaemon pagedaemon 98783 512210 0 0 3 0x14200 bored crynlk 13380 477681 0 0 3 0x14200 bored crypto 79180 516339 0 0 3 0x40014200 acpi0 acpi0 94876 379466 0 0 3 0x14200 bored softnet 40 197170 0 0 3 0x14200 bored systqmp 63251 157769 0 0 3 0x14200 bored systq *57838 366448 0 0 7 0x40014200 softclock 65483 2008 0 0 3 0x40014200 idle0 31097 83346 0 0 2 0x14200 smr 1 498889 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9668 6495K 15123K 78643K 117509 0 0 pcb 13 13K 15K 78643K 3957 0 0 rtable 122 12K 14K 78643K 15584 0 0 ifaddr 120 33K 39K 78643K 2981 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 965 0 0 iov 0 0K 32K 78643K 4287 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1225 77K 78K 78643K 30894 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 9K 78643K 339 0 0 VM map 171 42K 42K 78643K 234 0 0 sem 12 1K 1K 78643K 4152 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 4 9K 25K 78643K 18325 0 0 sigio 0 0K 0K 78643K 337 0 0 proc 50 38K 63K 78643K 5748 0 0 subproc 16 1K 2K 78643K 1706 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 2492 0 0 in_multi 34 2K 3K 78643K 2147 0 0 ether_multi 1 0K 0K 78643K 150 0 0 mrt 0 0K 0K 78643K 96 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 192 848K 848K 78643K 192 0 0 exec 0 0K 1K 78643K 3379 0 0 pfkey data 0 0K 4K 78643K 6 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 397 1490K 1498K 78643K 46534 0 0 UVM aobj 130 4K 4K 78643K 140 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 4206 0 0 NDP 27 0K 1K 78643K 1003 0 0 temp 260 3541K 4182K 78643K 748225 0 0 kqueue 0 0K 0K 78643K 274 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 836 0 828 1 0 1 1 0 8 0 rtpcb 80 5818 0 5816 1 0 1 1 0 8 0 rtentry 112 3342 0 3299 2 0 2 2 0 8 0 unpcb 120 9575 0 9549 46 45 1 3 0 8 0 syncache 264 112 0 112 46 46 0 1 0 8 0 tcpqe 32 218 0 218 34 34 0 1 0 8 0 tcpcb 544 8465 0 8461 105 93 12 15 0 8 11 ipq 40 137 0 137 51 51 0 1 0 8 0 ipqe 40 2638 0 2638 51 51 0 1 0 8 0 inpcb 280 25143 0 25134 168 159 9 13 0 8 8 rttmr 72 30 0 30 13 13 0 1 0 8 0 ip6q 72 8 0 8 5 5 0 1 0 8 0 ip6af 40 23 0 23 5 5 0 1 0 8 0 nd6 48 289 0 287 7 6 1 1 0 8 0 pkpcb 40 50 0 50 20 20 0 1 0 8 0 swfcl 56 9 0 0 1 0 1 1 0 8 0 ppxss 1128 379 0 379 66 66 0 1 0 8 0 art_heap8 4096 47 0 46 29 28 1 3 0 8 0 art_heap4 256 9611 0 9357 81 61 20 24 0 8 0 art_table 32 9658 0 9403 3 0 3 3 0 8 0 art_node 16 3327 0 3288 1 0 1 1 0 8 0 sysvmsgpl 40 69 0 52 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 4145 0 4135 1 0 1 1 0 8 0 shmpl 112 138 0 10 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 29863 0 28360 49 0 49 49 0 8 0 ffsino 240 29863 0 28360 90 1 89 89 0 8 0 nchpl 144 63118 0 62628 62 42 20 61 0 8 0 uvmvnodes 72 10332 0 0 188 0 188 188 0 8 0 vnodes 208 10332 0 0 544 0 544 544 0 8 0 namei 1024 226556 0 226556 17 16 1 1 0 8 1 vcpupl 1984 170 0 1 22 0 22 22 0 8 0 vmpool 520 232 0 63 14 2 12 12 0 8 0 scsiplug 64 20 0 20 15 15 0 1 0 8 0 scxspl 192 218009 0 218009 113 112 1 7 0 8 1 plimitpl 152 1602 0 1596 1 0 1 1 0 8 0 sigapl 432 18202 0 18190 2 0 2 2 0 8 0 futexpl 56 559587 0 559587 18 17 1 1 0 8 1 knotepl 112 4808 0 4795 5 4 1 3 0 8 0 kqueuepl 104 6047 0 6043 19 15 4 4 0 8 3 pipepl 112 14648 0 14635 43 42 1 2 0 8 0 fdescpl 424 18203 0 18190 2 0 2 2 0 8 0 filepl 120 176374 0 176298 143 132 11 11 0 8 8 lockfpl 104 6987 0 6986 1 0 1 1 0 8 0 lockfspl 48 2192 0 2191 1 0 1 1 0 8 0 sessionpl 112 115 0 106 1 0 1 1 0 8 0 pgrppl 48 535 0 526 1 0 1 1 0 8 0 ucredpl 96 19973 0 19962 1 0 1 1 0 8 0 zombiepl 144 18198 0 18198 2 1 1 1 0 8 1 processpl 864 18227 0 18198 4 0 4 4 0 8 0 procpl 632 40433 0 40395 11 7 4 5 0 8 0 sosppl 128 372 0 372 63 63 0 1 0 8 0 sockpl 384 40838 0 40802 260 247 13 23 0 8 8 mcl64k 65536 3886 0 3886 234 234 0 33 0 8 0 mcl16k 16384 224 0 224 70 69 1 1 0 8 1 mcl12k 12288 582 0 582 49 48 1 1 0 8 1 mcl9k 9216 325 0 325 67 67 0 1 0 8 0 mcl8k 8192 1025 0 1025 26 26 0 1 0 8 0 mcl4k 4096 2243 0 2243 23 22 1 1 0 8 1 mcl2k2 2112 214 0 214 69 69 0 1 0 8 0 mcl2k 2048 106205 0 106162 61 55 6 14 0 8 0 mtagpl 80 1004 0 966 8 7 1 1 0 8 0 mbufpl 256 373148 0 372791 573 539 34 49 0 8 0 bufpl 256 80884 0 70452 653 0 653 653 0 8 0 anonpl 16 2272761 0 2247106 596 480 116 124 0 62 8 amapchunkpl 152 95332 0 95070 299 288 11 21 0 158 0 amappl16 192 118177 0 116373 783 691 92 95 0 8 1 amappl15 184 1852 0 1852 18 17 1 1 0 8 1 amappl14 176 3625 0 3620 1 0 1 1 0 8 0 amappl13 168 1861 0 1858 2 1 1 1 0 8 0 amappl12 160 1863 0 1860 1 0 1 1 0 8 0 amappl11 152 2881 0 2869 1 0 1 1 0 8 0 amappl10 144 3688 0 3688 20 19 1 1 0 8 1 amappl9 136 3497 0 3490 1 0 1 1 0 8 0 amappl8 128 2923 0 2858 3 0 3 3 0 8 0 amappl7 120 4121 0 4112 1 0 1 1 0 8 0 amappl6 112 2627 0 2615 1 0 1 1 0 8 0 amappl5 104 2878 0 2869 1 0 1 1 0 8 0 amappl4 96 17979 0 17944 1 0 1 1 0 8 0 amappl3 88 3758 0 3732 1 0 1 1 0 8 0 amappl2 80 140900 0 140808 9 6 3 3 0 8 0 amappl1 72 338327 0 337918 27 18 9 20 0 8 0 amappl 80 42528 0 42391 4 1 3 3 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 139 0 10 3 0 3 3 0 8 0 uaddrrnd 24 18435 0 18190 2 0 2 2 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 18435 0 18190 2 0 2 2 0 8 0 vmmpekpl 168 112005 0 111950 3 0 3 3 0 8 0 vmmpepl 168 2223099 0 2219649 1179 1021 158 200 0 357 3 vmsppl 272 18202 0 18190 11 10 1 2 0 8 0 pdppl 4096 36876 0 36675 34 8 26 26 0 8 0 pvpl 32 6128116 0 6104087 1412 1187 225 335 0 265 16 pmappl 200 18434 0 18253 14 4 10 10 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 2012 0 1164 27 2 25 26 0 8 0