kernel: protection fault trap, code=0 Stopped at sys_semop+0x384: movzwl 0(%rbx),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff800035d402c0,ffff80003ca17470,ffff80003ca173c0) at sys_semop+0x384 sys/kern/sysv_sem.c:604 syscall(ffff80003ca17470) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca17470) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x957aae58270, count: -3 ddb> show registers rdi 0 rsi 0xfff9 __ALIGN_SIZE+0xeff9 rbp 0xffff80003ca173a0 rbx 0xdeafbeaddeafbead rdx 0 rcx 0 rax 0xffff800035d402c0 r8 0x7f7fffffc000 r9 0 r10 0xd9c88604f4a315ad r11 0x2288f6015efef8d6 r12 0xfffffff9 r13 0xfffffd80723e1c40 r14 0xffff80003ca17470 r15 0 rip 0xffffffff8209f5c4 sys_semop+0x384 cs 0x8 rflags 0x10286 __ALIGN_SIZE+0xf286 rsp 0xffff80003ca172b0 ss 0x10 sys_semop+0x384: movzwl 0(%rbx),%r15d ddb> show proc PROC (syz-executor) tid=306996 pid=34599 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=84, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800035d414e8,0xffff80003ca2c810 process=0xffff800035d3c928 user=0xffff80003ca12000, vmspace=0xfffffd8076f15b88 estcpu=34, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 45526 459863 80535 0 2 0 syz-executor 45526 27357 80535 0 3 0x4000080 fsleep syz-executor 45526 42398 80535 0 3 0x4000080 fsleep syz-executor 78411 439078 68638 0 2 0 syz-executor 87517 321649 51158 0 2 0 syz-executor 87517 487192 51158 0 2 0x4000000 syz-executor 87517 6792 51158 0 2 0x4000000 syz-executor 34599 50531 27078 0 2 0 syz-executor *34599 306996 27078 0 7 0x4000000 syz-executor 34599 209655 27078 0 3 0x4000080 fsleep syz-executor 34599 60509 27078 0 3 0x4000080 fsleep syz-executor 79763 222406 73452 0 3 0 vmmaplk syz-executor 79763 349380 73452 0 2 0x4000000 syz-executor 79763 374276 73452 0 2 0x4000000 syz-executor 31171 137302 18903 0 2 0 syz-executor 31171 452524 18903 0 2 0x4000000 syz-executor 31171 381717 18903 0 3 0x4000080 fsleep syz-executor 37982 494065 69015 0 2 0x1 syz-executor 37982 282144 69015 0 3 0x4000080 fsleep syz-executor 37982 432919 69015 0 3 0x4000080 fsleep syz-executor 63147 466727 33431 0 2 0x3 syz-executor 51158 84257 33431 0 2 0x3 syz-executor 66120 469526 33659 0 3 0x82 sbwait sshd-session 63137 445222 0 0 3 0x14280 nfsidl nfsio 65796 413330 0 0 3 0x14280 nfsidl nfsio 86221 336780 0 0 3 0x14280 nfsidl nfsio 11443 205738 0 0 3 0x14280 nfsidl nfsio 10288 222273 0 0 3 0x14280 nfsidl nfsio 60248 420572 0 0 3 0x14280 nfsidl nfsio 8618 57151 0 0 3 0x14280 nfsidl nfsio 63250 111723 0 0 3 0x14280 nfsidl nfsio 56937 236078 0 0 3 0x14280 nfsidl nfsio 63731 501651 0 0 3 0x14280 nfsidl nfsio 56727 218498 0 0 3 0x14280 nfsidl nfsio 32082 51377 0 0 3 0x14280 nfsidl nfsio 68162 317378 0 0 3 0x14280 nfsidl nfsio 48208 335956 0 0 3 0x14280 nfsidl nfsio 30554 287790 0 0 3 0x14280 nfsidl nfsio 19338 4369 0 0 3 0x14280 nfsidl nfsio 84985 209535 0 0 3 0x14280 nfsidl nfsio 96263 261481 0 0 3 0x14280 nfsidl nfsio 19162 380978 0 0 3 0x14280 nfsidl nfsio 43439 59993 0 0 3 0x14280 nfsidl nfsio 80535 470498 33431 0 3 0x82 nanoslp syz-executor 53657 114646 1 0 3 0x100083 ttyin getty 37435 262132 0 0 3 0x14200 bored sosplice 68638 145923 33431 0 3 0x82 nanoslp syz-executor 18903 223617 33431 0 3 0x82 nanoslp syz-executor 73452 59971 33431 0 2 0x3 syz-executor 27078 30582 33431 0 2 0x3 syz-executor 69015 308217 33431 0 3 0x82 nanoslp syz-executor 33431 402040 95862 0 3 0x82 kqread syz-executor 95862 520557 25895 0 3 0x10008a sigsusp ksh 25895 234117 71480 0 3 0x98 kqread sshd-session 71480 32990 33659 0 3 0x92 kqread sshd-session 33659 489014 1 0 3 0x88 kqread sshd 1184 103305 2966 73 3 0x1100090 kqread syslogd 2966 510076 1 0 3 0x100082 sbwait syslogd 32594 295640 1 0 3 0x100080 kqread resolvd 16671 201739 67906 77 3 0x100092 kqread dhcpleased 82239 295995 67906 77 3 0x100092 kqread dhcpleased 67906 469815 1 0 3 0x80 kqread dhcpleased 50893 205791 0 0 3 0x14200 bored smr 15356 310126 0 0 2 0x14200 zerothread 370 179115 0 0 3 0x14200 aiodoned aiodoned 71602 377969 0 0 3 0x14200 syncer update 47938 176 0 0 3 0x14200 cleaner cleaner 40020 421048 0 0 3 0x14200 reaper reaper 82666 54457 0 0 3 0x14200 pgdaemon pagedaemon 96208 512179 0 0 3 0x14200 bored viomb 38099 308145 0 0 3 0x40014200 acpi0 acpi0 64839 398724 0 0 3 0x14200 bored softnet7 24567 310181 0 0 3 0x14200 bored softnet6 63328 365823 0 0 3 0x14200 bored softnet5 23688 363168 0 0 3 0x14200 bored softnet4 38889 480684 0 0 3 0x14200 bored softnet3 40226 2111 0 0 3 0x14200 bored softnet2 74180 239768 0 0 3 0x14200 bored softnet1 81076 172973 0 0 3 0x14200 bored softnet0 4853 165346 0 0 3 0x14200 bored systqmp 15272 390215 0 0 3 0x14200 bored systq 53144 377367 0 0 3 0x40014200 tmoslp softclock 2713 385736 0 0 3 0x40014200 idle0 1 411282 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10219 11067K 11388K 166960K 13243 0 pcb 17 18K 19K 166960K 448 0 rtable 196 8K 8K 166960K 684 0 pf 33 13K 14K 166960K 158 0 ifaddr 40 7K 8K 166960K 126 0 ifgroup 54 2K 2K 166960K 211 0 sysctl 4 1K 9K 166960K 118 0 counters 33 17K 18K 166960K 101 0 ioctlops 0 0K 4K 166960K 275 0 iov 0 0K 20K 166960K 113 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1395 88K 88K 166960K 2850 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 10K 166960K 39 0 VM map 2 1K 1K 166960K 2 0 sem 12 1K 1K 166960K 60 0 dirhash 12 2K 2K 166960K 39 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 97K 166960K 1650 0 sigio 0 0K 0K 166960K 29 0 proc 61 59K 124K 166960K 731 0 subproc 72 4K 4K 166960K 99 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 1 0K 0K 166960K 230 0 in_multi 81 6K 7K 166960K 188 0 ether_multi 1 0K 0K 166960K 11 0 mrt 1 0K 0K 166960K 20 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 259 1155K 1155K 166960K 259 0 exec 0 0K 1K 166960K 578 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 232 151K 161K 166960K 17434 0 UVM aobj 20 2K 2K 166960K 21 0 pinsyscall 40 80K 96K 166960K 2769 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 76 0 NDP 12 0K 2K 166960K 86 0 temp 140 8645K 8770K 166960K 58782 0 kqueue 14 22K 30K 166960K 309 0 SYN cache 2 0K 16K 166960K 4 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 264 0 261 3 0 3 3 0 8 2 rtentry 136 229 0 155 4 0 4 4 0 8 0 unpcb 144 1880 0 1862 15 6 9 10 0 8 8 syncache 336 7 0 7 2 1 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 736 555 0 549 11 9 2 10 0 8 1 arp 96 20 0 8 1 0 1 1 0 8 0 ipq 40 11 0 11 1 0 1 1 0 8 1 ipqe 40 18 0 18 1 0 1 1 0 8 1 inpcb 328 1570 0 1560 16 9 7 10 0 8 5 ip6q 72 11 0 8 1 0 1 1 0 8 0 ip6af 40 16 0 12 1 0 1 1 0 8 0 nd6 104 25 0 12 1 0 1 1 0 8 0 pkpcb 40 11 0 11 2 1 1 1 0 8 1 kcovpl 48 11 0 3 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 49 0 49 2 1 1 1 0 8 1 pppxif 1384 5 0 5 2 1 1 1 0 8 1 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pfstkey 128 2 0 2 1 1 0 1 0 8 0 pfstate 384 1 0 1 1 1 0 1 0 8 0 rttmr 136 6 0 6 2 1 1 1 0 8 1 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 824 0 472 29 0 29 29 0 8 6 art_table 40 828 0 472 5 0 5 5 0 8 0 art_node 32 226 0 162 1 0 1 1 0 8 0 sysvmsgpl 40 22 0 12 2 1 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 56 0 47 1 0 1 1 0 8 0 shmpl 112 18 0 1 1 0 1 1 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 4764 0 3260 95 0 95 95 0 8 0 ffsino 256 4764 0 3260 95 0 95 95 0 8 0 nchpl 144 7103 0 5411 63 0 63 63 0 8 0 rtmask 32 5 0 5 2 1 1 1 0 8 1 uvmvnodes 80 5455 0 0 112 0 112 112 0 8 0 vnodes 216 5455 0 0 304 0 304 304 0 8 0 namei 1024 25402 0 25397 2 1 1 2 0 8 0 kstatmem 264 128 0 104 2 0 2 2 0 8 0 scsiplug 72 10 0 10 1 0 1 1 0 8 1 scxspl 216 26332 0 26332 15 7 8 8 1 8 8 plimitpl 152 415 0 399 1 0 1 1 0 8 0 sigapl 424 1974 0 1903 10 1 9 9 0 8 0 knotepl 120 63904 0 63854 29 18 11 17 0 8 8 kqueuepl 184 669 0 656 5 1 4 4 0 8 3 pipepl 304 316 0 289 5 0 5 5 0 8 2 fdescpl 448 1909 0 1879 5 1 4 5 0 8 0 filepl 120 14265 0 14048 17 3 14 14 0 8 4 lockfpl 104 956 0 954 2 0 2 2 0 8 1 lockfspl 48 230 0 228 1 0 1 1 0 8 0 sessionpl 144 28 0 19 1 0 1 1 0 8 0 pgrppl 48 54 0 37 1 0 1 1 0 8 0 ucredpl 104 3163 0 3151 1 0 1 1 0 8 0 zombiepl 144 3003 0 3003 2 1 1 1 0 8 1 processpl 1152 1974 0 1903 7 1 6 6 0 8 0 procpl 664 4790 0 4706 8 0 8 8 0 8 0 sosppl 168 5 0 5 2 1 1 1 0 8 1 sockpl 552 3797 0 3766 34 23 11 19 0 8 8 mcl64k 65536 780 0 780 2 1 1 1 0 8 1 mcl16k 16384 5 0 5 1 0 1 1 0 8 1 mcl12k 12288 2 0 2 1 0 1 1 0 8 1 mcl9k 9216 5 0 5 2 1 1 1 0 8 1 mcl8k 8192 19 0 19 2 1 1 1 0 8 1 mcl4k 4096 4697 0 4647 16 8 8 15 0 8 1 mcl2k 2048 2336 0 2329 8 2 6 6 0 8 4 mtagpl 96 9 0 7 1 0 1 1 0 8 0 mbufpl 256 25360 0 25214 139 116 23 83 0 8 8 bufpl 280 10588 0 4360 446 0 446 446 0 8 0 anonpl 24 291731 0 288362 74 27 47 56 0 187 13 amapchunkpl 152 59799 0 59322 45 10 35 35 0 158 12 amappl16 200 5273 0 5240 42 28 14 15 0 8 8 amappl15 192 8 0 8 2 1 1 1 0 8 1 amappl14 184 114 0 103 1 0 1 1 0 8 0 amappl13 176 39 0 39 2 1 1 1 0 8 1 amappl12 168 2610 0 2580 3 1 2 3 0 8 0 amappl11 160 49 0 39 1 0 1 1 0 8 0 amappl10 152 32 0 31 1 0 1 1 0 8 0 amappl9 144 292 0 291 2 1 1 1 0 8 0 amappl8 136 18 0 17 1 0 1 1 0 8 0 amappl7 128 103 0 92 1 0 1 1 0 8 0 amappl6 120 232 0 225 1 0 1 1 0 8 0 amappl5 112 154 0 146 1 0 1 1 0 8 0 amappl4 104 283 0 267 1 0 1 1 0 8 0 amappl3 96 10348 0 10257 3 0 3 3 0 8 0 amappl2 88 2166 0 2088 2 0 2 2 0 8 0 amappl1 80 14937 0 14314 15 1 14 14 0 8 0 amappl 88 16420 0 16256 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 2 0 2 1 0 1 1 0 8 1 dma256 256 7 0 7 2 1 1 1 0 8 1 dma128 128 255 0 255 2 1 1 1 0 8 1 dma64 64 7 0 7 2 1 1 1 0 8 1 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 20 0 1 1 0 1 1 0 8 0 uaddrrnd 24 1909 0 1879 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1909 0 1879 1 0 1 1 0 8 0 vmmpekpl 168 17230 0 17188 3 0 3 3 0 8 0 vmmpepl 168 125280 0 123289 109 9 100 100 0 357 8 vmsppl 368 1908 0 1879 4 1 3 4 0 8 0 rwobjpl 40 38847 0 32432 65 0 65 65 0 8 0 pdppl 4096 3824 0 3758 129 61 68 82 0 8 2 pvpl 32 825138 0 816046 161 34 127 127 0 265 41 pmappl 216 1908 0 1879 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 554 0 204 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff800035d402c0,ffff80003ca17470,ffff80003ca173c0) at sys_semop+0x384 sys/kern/sysv_sem.c:604 syscall(ffff80003ca17470) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca17470) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x957aae58270, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff800035d402c0,ffff80003ca17470,ffff80003ca173c0) at sys_semop+0x384 sys/kern/sysv_sem.c:604 syscall(ffff80003ca17470) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca17470) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x957aae58270, count: -3