panic: kernel diagnostic assertion "ifp != NULL" failed: file "/syzkaller/managers/setuid/kernel/sys/netinet/if_ether.c", line 758 Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 367278 25762 32767 0x10 0 1 syz-executor.7 *206720 41273 0 0x14000 0x40000200 0K softclock db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff827a626f) at panic+0x17b sys/kern/subr_prf.c:198 __assert(ffffffff82828374,ffffffff8287665a,2f6,ffffffff82778a43) at __assert+0x29 sys/kern/subr_prf.c:157 arptfree(fffffd8076655638) at arptfree+0x132 sys/netinet/if_ether.c:758 arptimer(ffffffff82d1fef8) at arptimer+0x88 sys/netinet/if_ether.c:135 timeout_run(ffffffff82d1fef8) at timeout_run+0xd0 sys/kern/kern_timeout.c:665 softclock_thread(ffff800021159298) at softclock_thread+0x114 sys/kern/kern_timeout.c:809 end trace frame: 0x0, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: kernel diagnostic assertion "ifp != NULL" failed: file "/syzkaller/managers/setuid/kernel/sys/netinet/if_ether.c", line 758 ddb{0}> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff827a626f) at panic+0x17b sys/kern/subr_prf.c:198 __assert(ffffffff82828374,ffffffff8287665a,2f6,ffffffff82778a43) at __assert+0x29 sys/kern/subr_prf.c:157 arptfree(fffffd8076655638) at arptfree+0x132 sys/netinet/if_ether.c:758 arptimer(ffffffff82d1fef8) at arptimer+0x88 sys/netinet/if_ether.c:135 timeout_run(ffffffff82d1fef8) at timeout_run+0xd0 sys/kern/kern_timeout.c:665 softclock_thread(ffff800021159298) at softclock_thread+0x114 sys/kern/kern_timeout.c:809 end trace frame: 0x0, count: -7 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff8000211651e0 rbx 0xffffffff82c15ba7 cpu_info_full_primary+0x2ba7 rdx 0 rcx 0xffff800021159298 rax 0xffffffff82c14ff0 cpu_info_full_primary+0x1ff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x8557db818cab6d99 r11 0x9b5bd92c0f4c9945 r12 0xffffffff82c159a8 cpu_info_full_primary+0x29a8 r13 0 r14 0 r15 0x1 rip 0xffffffff8218f5ec db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff8000211651d0 ss 0 db_enter+0x1c: addq $0x8,%rsp ddb{0}> show proc PROC (softclock) tid=206720 pid=41273 tcnt=1 stat=onproc flags process=14000 proc=40000200 runpri=0, usrpri=50, slppri=0, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff800021159540,0xffff800021158d58 process=0xffff8000ffffc000 user=0xffff800021160000, vmspace=0xffffffff82d14d68 estcpu=0, cpticks=2, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 97764 458504 92871 32767 2 0x10 syz-executor.1 57475 255505 85938 32767 2 0x10 syz-executor.2 17735 388899 54396 32767 2 0x10 syz-executor.6 17735 498297 54396 32767 2 0x4000010 syz-executor.6 25762 367278 50311 32767 7 0x10 syz-executor.7 25762 392373 50311 32767 3 0x4000090 fsleep syz-executor.7 25762 510641 50311 32767 3 0x4000090 fsleep syz-executor.7 25762 87881 50311 32767 2 0x4000010 syz-executor.7 78672 372754 29160 32767 2 0x10 syz-executor.4 78672 356639 29160 32767 3 0x4000090 fsleep syz-executor.4 78672 396899 29160 32767 3 0x4000090 netio syz-executor.4 29160 309058 31954 32767 3 0x90 nanoslp syz-executor.4 31954 268903 96790 0 3 0x82 wait syz-executor.4 85938 210272 51422 32767 3 0x90 nanoslp syz-executor.2 51422 43882 96790 0 3 0x82 wait syz-executor.2 40610 225789 63410 32767 2 0x10 syz-executor.5 63410 485418 96790 0 3 0x82 wait syz-executor.5 97584 162278 96790 0 3 0x82 wait syz-executor.0 50311 499033 85971 32767 2 0x490 syz-executor.7 85971 136838 96790 0 3 0x82 wait syz-executor.7 54396 226480 2784 32767 3 0x90 nanoslp syz-executor.6 2784 482000 96790 0 3 0x82 wait syz-executor.6 92871 312657 14729 32767 3 0x90 nanoslp syz-executor.1 14729 17667 96790 0 3 0x82 wait syz-executor.1 14575 461548 90485 32767 2 0x490 syz-executor.3 90485 261848 96790 0 3 0x82 wait syz-executor.3 80348 304243 0 0 3 0x14200 bored sosplice 96790 388769 76655 0 3 0x2000082 wait syz-fuzzer 96790 308338 76655 0 2 0x6000482 syz-fuzzer 96790 504988 76655 0 3 0x6000082 wait syz-fuzzer 96790 470706 76655 0 3 0x6000082 wait syz-fuzzer 96790 71507 76655 0 3 0x6000082 thrsleep syz-fuzzer 96790 147989 76655 0 3 0x6000082 wait syz-fuzzer 96790 266927 76655 0 3 0x6000082 thrsleep syz-fuzzer 96790 490448 76655 0 3 0x6000082 kqread syz-fuzzer 96790 523349 76655 0 3 0x6000082 thrsleep syz-fuzzer 96790 127712 76655 0 3 0x6000082 wait syz-fuzzer 96790 427564 76655 0 3 0x6000082 thrsleep syz-fuzzer 96790 413285 76655 0 3 0x6000082 thrsleep syz-fuzzer 96790 120236 76655 0 3 0x6000082 wait syz-fuzzer 96790 208909 76655 0 3 0x6000082 thrsleep syz-fuzzer 96790 293024 76655 0 3 0x6000082 wait syz-fuzzer 96790 437734 76655 0 3 0x6000082 wait syz-fuzzer 76655 120080 17021 0 3 0x10008a sigsusp ksh 17021 91654 74244 0 3 0x9a kqread sshd 19345 170250 1 0 3 0x100083 ttyin getty 74244 201154 1 0 3 0x88 kqread sshd 99679 104314 97777 73 3 0x1100090 kqread syslogd 97777 448414 1 0 3 0x100082 netio syslogd 80014 226985 1 0 3 0x100080 kqread resolvd 73113 108013 10227 77 3 0x100092 kqread dhcpleased 70469 349112 10227 77 3 0x100092 kqread dhcpleased 10227 450773 1 0 3 0x80 kqread dhcpleased 58097 65615 0 0 3 0x14200 bored smr 59142 388426 0 0 2 0x14200 zerothread 64717 360876 0 0 3 0x14200 aiodoned aiodoned 35204 19818 0 0 3 0x14200 syncer update 31759 7542 0 0 3 0x14200 cleaner cleaner 19394 26392 0 0 3 0x14200 reaper reaper 80594 203195 0 0 3 0x14200 pgdaemon pagedaemon 68639 142749 0 0 3 0x14200 bored viomb 63013 237911 0 0 3 0x40014200 acpi0 acpi0 94100 513529 0 0 3 0x40014200 idle1 21560 409005 0 0 3 0x14200 bored softnet3 3933 396765 0 0 3 0x14200 bored softnet2 72418 495900 0 0 3 0x14200 bored softnet1 40459 414338 0 0 3 0x14200 bored softnet0 63028 180438 0 0 3 0x14200 bored systqmp 35709 274538 0 0 3 0x14200 bored systq 59258 217108 0 0 3 0x14200 tmoslp softclockmp *41273 206720 0 0 7 0x40014200 softclock 52698 188989 0 0 3 0x40014200 idle0 1 373752 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 41273 (softclock) thread 0xffff800021159298 (206720) exclusive rwlock netlock r = 0 (0xffffffff82c32dd0) #0 witness_lock+0x447 #1 arptimer+0x26 sys/netinet/if_ether.c:132 #2 timeout_run+0xd0 sys/kern/kern_timeout.c:665 #3 softclock_thread+0x114 sys/kern/kern_timeout.c:809 #4 proc_trampoline+0x10 shared rwlock timeout r = 0 (0xffffffff82c379b8) #0 witness_lock+0x447 #1 timeout_run+0xbb sys/kern/kern_timeout.c:661 #2 softclock_thread+0x114 sys/kern/kern_timeout.c:809 #3 proc_trampoline+0x10 exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82d24cd8) #0 witness_lock+0x447 #1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 #2 mi_switch+0x46d sys/kern/sched_bsd.c:470 #3 sleep_finish+0x19b sys/kern/kern_synch.c:414 #4 msleep+0xea sys/kern/kern_synch.c:249 #5 softclock_thread+0xd0 sys/kern/kern_timeout.c:805 #6 proc_trampoline+0x10 ddb{0}>