kernel: protection fault trap, code=0 Stopped at sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff80002a7bda10,ffff80003c96bc50,ffff80003c96bba0) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003c96bc50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96bc50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x2bc5eb3b920, count: -3 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003c96bb80 rbx 0xdeadbeefdeadbeef rdx 0 rcx 0 rax 0xdeadbeefdeadbeef r8 0x7f7fffffc000 r9 0 r10 0x2a18a160c921306e r11 0x7580ee3c814f0b39 r12 0 r13 0xfffffd806b9809a0 r14 0xffff80003c96bc50 r15 0 rip 0xffffffff82c63005 sys_semop+0x3d5 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c96ba90 ss 0x10 sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> show proc PROC (syz-executor) tid=222850 pid=61716 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=83, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7bdca8,0xffff80002a7bc2c8 process=0xffff80003ca228a8 user=0xffff80003c966000, vmspace=0xfffffd806c98ea20 estcpu=33, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 27405 155517 42300 0 2 0 syz-executor 27405 113179 42300 0 3 0x4000080 fsleep syz-executor 90014 91179 19273 0 2 0 syz-executor 90014 190776 19273 0 3 0x4000080 fsleep syz-executor 90014 107035 19273 0 3 0x4000080 fsleep syz-executor 90014 222911 19273 0 3 0x4000080 fsleep syz-executor 32157 182651 17865 0 2 0x10 syz-executor 32157 148320 17865 0 3 0x4000090 fsleep syz-executor 32157 182964 17865 0 3 0x4000090 fsleep syz-executor 32157 12328 17865 0 3 0x4000090 fsleep syz-executor 61716 430727 89228 0 2 0 syz-executor *61716 222850 89228 0 7 0x4000000 syz-executor 61716 269276 89228 0 3 0x4000080 fsleep syz-executor 61716 385219 89228 0 2 0x4000000 syz-executor 97772 322319 90451 0 3 0x82 nanoslp syz-executor 17865 56285 90451 0 3 0x82 nanoslp syz-executor 4468 326225 0 0 3 0x14200 acct acct 67618 381842 0 0 3 0x14280 nfsidl nfsio 4065 387332 0 0 3 0x14280 nfsidl nfsio 93977 468066 0 0 3 0x14280 nfsidl nfsio 34514 215842 0 0 3 0x14280 nfsidl nfsio 18955 277946 0 0 3 0x14280 nfsidl nfsio 95509 307430 0 0 3 0x14280 nfsidl nfsio 29717 313899 0 0 3 0x14280 nfsidl nfsio 99179 412034 0 0 3 0x14280 nfsidl nfsio 63932 105321 0 0 3 0x14280 nfsidl nfsio 64943 233830 0 0 3 0x14280 nfsidl nfsio 88454 416274 0 0 3 0x14280 nfsidl nfsio 41655 226860 0 0 3 0x14280 nfsidl nfsio 62374 126694 0 0 3 0x14280 nfsidl nfsio 91819 200869 0 0 3 0x14280 nfsidl nfsio 85256 202975 0 0 3 0x14280 nfsidl nfsio 84594 222464 0 0 3 0x14280 nfsidl nfsio 39200 381133 0 0 3 0x14280 nfsidl nfsio 78849 284710 0 0 3 0x14280 nfsidl nfsio 73582 406306 0 0 3 0x14280 nfsidl nfsio 59713 304507 0 0 3 0x14280 nfsidl nfsio 69949 396606 90451 0 2 0x2 syz-executor 19273 413220 90451 0 3 0x82 nanoslp syz-executor 42300 329034 90451 0 3 0x82 nanoslp syz-executor 51565 304164 90451 0 3 0x82 wait syz-executor 88564 521498 90451 0 3 0x82 wait syz-executor 89228 130011 90451 0 3 0x82 nanoslp syz-executor 90451 358249 85994 0 3 0x82 kqread syz-executor 85994 15992 45968 0 3 0x10008a sigsusp ksh 45968 474727 9024 0 3 0x98 kqread sshd-session 9024 249117 74641 0 3 0x92 kqread sshd-session 90800 134113 1 0 3 0x100083 ttyin getty 74641 41079 1 0 3 0x88 kqread sshd 36340 176582 46886 73 3 0x1100090 kqread syslogd 46886 79210 1 0 3 0x100082 sbwait syslogd 51520 362770 1 0 3 0x100080 kqread resolvd 34458 280279 93613 77 3 0x100092 kqread dhcpleased 61435 385785 93613 77 3 0x100092 kqread dhcpleased 93613 438568 1 0 3 0x80 kqread dhcpleased 20994 440489 0 0 3 0x14200 bored smr 6844 223382 0 0 2 0x14200 zerothread 43767 218230 0 0 3 0x14200 aiodoned aiodoned 9977 355652 0 0 3 0x14200 syncer update 94492 109880 0 0 3 0x14200 cleaner cleaner 85400 515199 0 0 3 0x14200 reaper reaper 36327 217333 0 0 3 0x14200 pgdaemon pagedaemon 29212 365176 0 0 3 0x14200 bored viomb 20783 351178 0 0 3 0x40014200 acpi0 acpi0 46125 69381 0 0 3 0x14200 bored softnet0 76614 499905 0 0 3 0x14200 bored systqmp 11463 356333 0 0 3 0x14200 bored systq 69323 305459 0 0 3 0x40014200 tmoslp softclock 91232 308673 0 0 3 0x40014200 idle0 1 489950 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11071 12136K 13756K 166960K 14695 0 pcb 18 15K 16K 166960K 368 0 rtable 234 12K 12K 166960K 756 0 pf 31 13K 15K 166960K 218 0 ifaddr 38 7K 8K 166960K 165 0 ifgroup 51 2K 2K 166960K 303 0 sysctl 4 1K 9K 166960K 18 0 counters 34 17K 18K 166960K 224 0 ioctlops 0 0K 4K 166960K 721 0 iov 0 0K 32K 166960K 207 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1525 96K 96K 166960K 3002 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 20 0 VM map 2 1K 1K 166960K 2 0 sem 12 1K 1K 166960K 78 0 dirhash 12 2K 2K 166960K 51 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 244K 166960K 2072 0 sigio 0 0K 0K 166960K 25 0 proc 61 59K 116K 166960K 776 0 subproc 72 4K 4K 166960K 102 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 1 0K 0K 166960K 471 0 in_multi 80 5K 7K 166960K 224 0 ether_multi 2 0K 0K 166960K 26 0 mrt 3 0K 0K 166960K 16 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 241 1076K 1076K 166960K 241 0 exec 0 0K 1K 166960K 822 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 6 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 256 160K 180K 166960K 19166 0 UVM aobj 53 24K 28K 166960K 64 0 pinsyscall 38 76K 96K 166960K 3197 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 89 0 NDP 12 0K 2K 166960K 117 0 temp 81 8672K 8796K 166960K 102227 0 kqueue 13 20K 32K 166960K 421 0 SYN cache 2 8K 16K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 220 0 216 2 1 1 2 0 8 0 rtentry 136 196 0 112 4 0 4 4 0 8 0 unpcb 144 2110 0 2095 8 7 1 8 0 8 0 syncache 336 7 0 7 2 2 0 1 0 8 0 tcpqe 32 2 0 2 1 1 0 1 0 8 0 tcpcb 736 575 0 568 10 8 2 7 0 8 1 arp 96 30 0 14 1 0 1 1 0 8 0 ipq 40 6 0 1 1 0 1 1 0 8 0 ipqe 40 72 0 67 1 0 1 1 0 8 0 inpcb 328 1810 0 1795 7 5 2 7 0 8 0 ip6q 72 6 0 3 1 0 1 1 0 8 0 ip6af 40 10 0 7 1 0 1 1 0 8 0 nd6 112 35 0 16 1 0 1 1 0 8 0 pkpcb 40 14 0 14 2 2 0 1 0 8 0 kcovpl 48 11 0 3 1 0 1 1 0 8 0 ppxss 1072 158 0 158 3 2 1 1 0 8 1 pppxif 1384 15 0 15 3 2 1 1 0 8 1 rttmr 136 2 0 2 2 2 0 1 0 8 0 art_heap8 4096 6 0 1 5 0 5 5 0 8 0 art_heap4 256 910 0 542 32 8 24 31 0 8 1 art_table 40 916 0 543 5 0 5 5 0 8 0 art_node 32 192 0 117 1 0 1 1 0 8 0 sysvmsgpl 40 19 0 11 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 71 0 62 1 0 1 1 0 8 0 shmpl 112 49 0 6 2 0 2 2 0 8 0 dirhash 1024 43 0 26 3 0 3 3 0 8 0 dino2pl 256 5511 0 4012 95 0 95 95 0 8 0 ffsino 256 5511 0 4012 95 0 95 95 0 8 0 nchpl 144 8370 0 6669 64 0 64 64 0 8 0 rtmask 32 15 0 15 2 2 0 1 0 8 0 vnodes 216 4385 0 0 244 0 244 244 0 8 0 namei 1024 30676 0 30675 4 3 1 2 0 8 0 vcpupl 3904 9 0 2 2 0 2 2 0 8 0 vmpool 808 12 0 5 1 0 1 1 0 8 0 kstatmem 264 188 0 164 3 1 2 3 0 8 0 acpiwqpl 32 4 0 4 1 0 1 1 1 8 1 scsiplug 72 14 0 14 3 2 1 1 0 8 1 scxspl 216 29394 0 29394 9 8 1 8 1 8 1 plimitpl 152 521 0 503 1 0 1 1 0 8 0 sigapl 424 2375 0 2312 11 3 8 8 0 8 0 knotepl 120 631042 0 630995 58 50 8 17 0 8 5 kqueuepl 184 790 0 781 4 3 1 4 0 8 0 pipepl 304 256 0 229 3 0 3 3 0 8 0 fdescpl 448 2314 0 2285 5 1 4 5 0 8 0 filepl 120 16365 0 16145 15 7 8 15 0 8 0 lockfpl 104 1080 0 1078 2 1 1 2 0 8 0 lockfspl 48 318 0 316 1 0 1 1 0 8 0 sessionpl 144 25 0 17 1 0 1 1 0 8 0 pgrppl 48 103 0 87 1 0 1 1 0 8 0 ucredpl 104 3253 0 3240 1 0 1 1 0 8 0 zombiepl 144 2333 0 2330 1 0 1 1 0 8 0 processpl 1152 2375 0 2312 6 1 5 5 0 8 0 procpl 664 5200 0 5127 8 1 7 7 0 8 0 sosppl 176 24 0 24 2 2 0 1 0 8 0 sockpl 552 4251 0 4217 31 27 4 17 0 8 0 mcl64k 65536 379 0 378 1 0 1 1 0 8 0 mcl16k 16384 12 0 12 2 1 1 1 0 8 1 mcl8k 8192 99 0 99 3 2 1 1 0 8 1 mcl4k 4096 5029 0 4978 15 7 8 14 0 8 1 mcl2k2 2112 1 0 1 1 1 0 1 0 8 0 mcl2k 2048 3523 0 3511 6 4 2 4 0 8 0 mtagpl 96 16 0 13 1 0 1 1 0 8 0 mbufpl 256 26255 0 26098 20 3 17 20 0 8 0 bufpl 280 9232 0 3011 445 0 445 445 0 8 0 anonpl 24 358188 0 349885 87 11 76 87 0 187 0 amapchunkpl 152 68238 0 67608 56 17 39 39 0 158 12 amappl16 200 7284 0 7023 44 17 27 36 0 8 0 amappl15 192 34 0 34 1 1 0 1 0 8 0 amappl14 184 23 0 23 2 2 0 1 0 8 0 amappl13 176 445 0 444 1 0 1 1 0 8 0 amappl12 168 2675 0 2637 2 0 2 2 0 8 0 amappl11 160 20 0 19 1 0 1 1 0 8 0 amappl10 152 52 0 42 1 0 1 1 0 8 0 amappl9 144 250 0 250 1 1 0 1 0 8 0 amappl8 136 27 0 25 1 0 1 1 0 8 0 amappl7 128 150 0 149 1 0 1 1 0 8 0 amappl6 120 306 0 294 1 0 1 1 0 8 0 amappl5 112 119 0 111 1 0 1 1 0 8 0 amappl4 104 396 0 370 1 0 1 1 0 8 0 amappl3 96 11868 0 11766 3 0 3 3 0 8 0 amappl2 88 2438 0 2362 2 0 2 2 0 8 0 amappl1 80 16904 0 16373 13 1 12 13 0 8 0 amappl 88 18083 0 17896 5 0 5 5 0 92 0 uvmvnodes 80 162 0 0 4 0 4 4 0 8 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 9 0 9 2 2 0 1 0 8 0 dma128 128 262 0 262 2 2 0 1 0 8 0 dma64 64 7 0 7 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 63 0 11 1 0 1 1 0 8 0 uaddrrnd 24 2314 0 2285 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2314 0 2285 1 0 1 1 0 8 0 vmmpekpl 168 17933 0 17890 3 0 3 3 0 8 0 vmmpepl 168 149211 0 147154 109 9 100 106 0 357 0 vmsppl 368 2313 0 2285 4 1 3 4 0 8 0 rwobjpl 40 37795 0 36465 17 0 17 17 0 8 0 pdppl 4096 4659 0 4587 119 42 77 83 0 8 5 pvpl 32 1029060 0 1015620 174 25 149 167 0 265 0 pmappl 216 2325 0 2290 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 427 0 86 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff80002a7bda10,ffff80003c96bc50,ffff80003c96bba0) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003c96bc50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96bc50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x2bc5eb3b920, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff80002a7bda10,ffff80003c96bc50,ffff80003c96bba0) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003c96bc50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96bc50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x2bc5eb3b920, count: -3