panic: kernel diagnostic assertion "ifp != NULL" failed: file "/syzkaller/managers/setuid/kernel/sys/netinet/if_ether.c", line 758
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
367278 25762 32767 0x10 0 1 syz-executor.7
*206720 41273 0 0x14000 0x40000200 0K softclock
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827a626f) at panic+0x17b sys/kern/subr_prf.c:198
__assert(ffffffff82828374,ffffffff8287665a,2f6,ffffffff82778a43) at __assert+0x29 sys/kern/subr_prf.c:157
arptfree(fffffd8076655638) at arptfree+0x132 sys/netinet/if_ether.c:758
arptimer(ffffffff82d1fef8) at arptimer+0x88 sys/netinet/if_ether.c:135
timeout_run(ffffffff82d1fef8) at timeout_run+0xd0 sys/kern/kern_timeout.c:665
softclock_thread(ffff800021159298) at softclock_thread+0x114 sys/kern/kern_timeout.c:809
end trace frame: 0x0, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: kernel diagnostic assertion "ifp != NULL" failed: file "/syzkaller/managers/setuid/kernel/sys/netinet/if_ether.c", line 758
ddb{0}> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827a626f) at panic+0x17b sys/kern/subr_prf.c:198
__assert(ffffffff82828374,ffffffff8287665a,2f6,ffffffff82778a43) at __assert+0x29 sys/kern/subr_prf.c:157
arptfree(fffffd8076655638) at arptfree+0x132 sys/netinet/if_ether.c:758
arptimer(ffffffff82d1fef8) at arptimer+0x88 sys/netinet/if_ether.c:135
timeout_run(ffffffff82d1fef8) at timeout_run+0xd0 sys/kern/kern_timeout.c:665
softclock_thread(ffff800021159298) at softclock_thread+0x114 sys/kern/kern_timeout.c:809
end trace frame: 0x0, count: -7
ddb{0}> show registers
rdi 0
rsi 0x1
rbp 0xffff8000211651e0
rbx 0xffffffff82c15ba7 cpu_info_full_primary+0x2ba7
rdx 0
rcx 0xffff800021159298
rax 0xffffffff82c14ff0 cpu_info_full_primary+0x1ff0
r8 0x101010101010101
r9 0x8080808080808080
r10 0x8557db818cab6d99
r11 0x9b5bd92c0f4c9945
r12 0xffffffff82c159a8 cpu_info_full_primary+0x29a8
r13 0
r14 0
r15 0x1
rip 0xffffffff8218f5ec db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff8000211651d0
ss 0
db_enter+0x1c: addq $0x8,%rsp
ddb{0}> show proc
PROC (softclock) tid=206720 pid=41273 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=40000200<SYSTEM,CPUPEG>
runpri=0, usrpri=50, slppri=0, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff800021159540,0xffff800021158d58
process=0xffff8000ffffc000 user=0xffff800021160000, vmspace=0xffffffff82d14d68
estcpu=0, cpticks=2, pctcpu=0.0, user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
97764 458504 92871 32767 2 0x10 syz-executor.1
57475 255505 85938 32767 2 0x10 syz-executor.2
17735 388899 54396 32767 2 0x10 syz-executor.6
17735 498297 54396 32767 2 0x4000010 syz-executor.6
25762 367278 50311 32767 7 0x10 syz-executor.7
25762 392373 50311 32767 3 0x4000090 fsleep syz-executor.7
25762 510641 50311 32767 3 0x4000090 fsleep syz-executor.7
25762 87881 50311 32767 2 0x4000010 syz-executor.7
78672 372754 29160 32767 2 0x10 syz-executor.4
78672 356639 29160 32767 3 0x4000090 fsleep syz-executor.4
78672 396899 29160 32767 3 0x4000090 netio syz-executor.4
29160 309058 31954 32767 3 0x90 nanoslp syz-executor.4
31954 268903 96790 0 3 0x82 wait syz-executor.4
85938 210272 51422 32767 3 0x90 nanoslp syz-executor.2
51422 43882 96790 0 3 0x82 wait syz-executor.2
40610 225789 63410 32767 2 0x10 syz-executor.5
63410 485418 96790 0 3 0x82 wait syz-executor.5
97584 162278 96790 0 3 0x82 wait syz-executor.0
50311 499033 85971 32767 2 0x490 syz-executor.7
85971 136838 96790 0 3 0x82 wait syz-executor.7
54396 226480 2784 32767 3 0x90 nanoslp syz-executor.6
2784 482000 96790 0 3 0x82 wait syz-executor.6
92871 312657 14729 32767 3 0x90 nanoslp syz-executor.1
14729 17667 96790 0 3 0x82 wait syz-executor.1
14575 461548 90485 32767 2 0x490 syz-executor.3
90485 261848 96790 0 3 0x82 wait syz-executor.3
80348 304243 0 0 3 0x14200 bored sosplice
96790 388769 76655 0 3 0x2000082 wait syz-fuzzer
96790 308338 76655 0 2 0x6000482 syz-fuzzer
96790 504988 76655 0 3 0x6000082 wait syz-fuzzer
96790 470706 76655 0 3 0x6000082 wait syz-fuzzer
96790 71507 76655 0 3 0x6000082 thrsleep syz-fuzzer
96790 147989 76655 0 3 0x6000082 wait syz-fuzzer
96790 266927 76655 0 3 0x6000082 thrsleep syz-fuzzer
96790 490448 76655 0 3 0x6000082 kqread syz-fuzzer
96790 523349 76655 0 3 0x6000082 thrsleep syz-fuzzer
96790 127712 76655 0 3 0x6000082 wait syz-fuzzer
96790 427564 76655 0 3 0x6000082 thrsleep syz-fuzzer
96790 413285 76655 0 3 0x6000082 thrsleep syz-fuzzer
96790 120236 76655 0 3 0x6000082 wait syz-fuzzer
96790 208909 76655 0 3 0x6000082 thrsleep syz-fuzzer
96790 293024 76655 0 3 0x6000082 wait syz-fuzzer
96790 437734 76655 0 3 0x6000082 wait syz-fuzzer
76655 120080 17021 0 3 0x10008a sigsusp ksh
17021 91654 74244 0 3 0x9a kqread sshd
19345 170250 1 0 3 0x100083 ttyin getty
74244 201154 1 0 3 0x88 kqread sshd
99679 104314 97777 73 3 0x1100090 kqread syslogd
97777 448414 1 0 3 0x100082 netio syslogd
80014 226985 1 0 3 0x100080 kqread resolvd
73113 108013 10227 77 3 0x100092 kqread dhcpleased
70469 349112 10227 77 3 0x100092 kqread dhcpleased
10227 450773 1 0 3 0x80 kqread dhcpleased
58097 65615 0 0 3 0x14200 bored smr
59142 388426 0 0 2 0x14200 zerothread
64717 360876 0 0 3 0x14200 aiodoned aiodoned
35204 19818 0 0 3 0x14200 syncer update
31759 7542 0 0 3 0x14200 cleaner cleaner
19394 26392 0 0 3 0x14200 reaper reaper
80594 203195 0 0 3 0x14200 pgdaemon pagedaemon
68639 142749 0 0 3 0x14200 bored viomb
63013 237911 0 0 3 0x40014200 acpi0 acpi0
94100 513529 0 0 3 0x40014200 idle1
21560 409005 0 0 3 0x14200 bored softnet3
3933 396765 0 0 3 0x14200 bored softnet2
72418 495900 0 0 3 0x14200 bored softnet1
40459 414338 0 0 3 0x14200 bored softnet0
63028 180438 0 0 3 0x14200 bored systqmp
35709 274538 0 0 3 0x14200 bored systq
59258 217108 0 0 3 0x14200 tmoslp softclockmp
*41273 206720 0 0 7 0x40014200 softclock
52698 188989 0 0 3 0x40014200 idle0
1 373752 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 41273 (softclock) thread 0xffff800021159298 (206720)
exclusive rwlock netlock r = 0 (0xffffffff82c32dd0)
#0 witness_lock+0x447
#1 arptimer+0x26 sys/netinet/if_ether.c:132
#2 timeout_run+0xd0 sys/kern/kern_timeout.c:665
#3 softclock_thread+0x114 sys/kern/kern_timeout.c:809
#4 proc_trampoline+0x10
shared rwlock timeout r = 0 (0xffffffff82c379b8)
#0 witness_lock+0x447
#1 timeout_run+0xbb sys/kern/kern_timeout.c:661
#2 softclock_thread+0x114 sys/kern/kern_timeout.c:809
#3 proc_trampoline+0x10
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82d24cd8)
#0 witness_lock+0x447
#1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
#2 mi_switch+0x46d sys/kern/sched_bsd.c:470
#3 sleep_finish+0x19b sys/kern/kern_synch.c:414
#4 msleep+0xea sys/kern/kern_synch.c:249
#5 softclock_thread+0xd0 sys/kern/kern_timeout.c:805
#6 proc_trampoline+0x10
ddb{0}>