kernel: protection fault trap, code=0 Stopped at sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff80003390b780,ffff80003a937130,ffff80003a937080) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003a937130) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a937130) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3be335ef0f0, count: -3 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003a937060 rbx 0xdeaf4152deaf4152 rdx 0 rcx 0 rax 0xdeaf4152deaf4152 r8 0x7f7fffffc000 r9 0 r10 0x537e615464d8f89c r11 0xa877710980f22d50 r12 0 r13 0xfffffd806aadbb60 r14 0xffff80003a937130 r15 0 rip 0xffffffff823dcc25 sys_semop+0x3d5 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003a936f70 ss 0x10 sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> show proc PROC (syz-executor) tid=344238 pid=26383 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003390aa88,0xffff80003390b260 process=0xffff8000ffff8d98 user=0xffff80003a932000, vmspace=0xfffffd806332f8b8 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 26383 474097 79834 0 2 0 syz-executor *26383 344238 79834 0 7 0x4000000 syz-executor 26383 119638 79834 0 3 0x4000080 fsleep syz-executor 23214 261009 72581 0 3 0x80 fsleep syz-executor 23214 34295 72581 0 3 0x4000080 ttyout syz-executor 41552 384526 41687 0 3 0x80 fsleep syz-executor 41552 20517 41687 0 3 0x4000080 sbwait syz-executor 39739 120007 6261 0 3 0x80 fsleep syz-executor 39739 215454 6261 0 3 0x4000080 kqsel syz-executor 71114 248753 98706 0 3 0x80 fsleep syz-executor 71114 320071 98706 0 3 0x4000080 netcon syz-executor 39095 365770 0 0 3 0x14200 acct acct 56749 262652 0 0 3 0x14200 bored sosplice 80255 98332 61525 0 3 0x82 wait syz-executor 61520 44041 61525 0 3 0x82 nanoslp syz-executor 41687 478394 61525 0 3 0x82 nanoslp syz-executor 6261 260538 61525 0 3 0x82 nanoslp syz-executor 72581 367553 61525 0 3 0x82 nanoslp syz-executor 79834 208877 61525 0 3 0x82 nanoslp syz-executor 98706 327288 61525 0 3 0x82 nanoslp syz-executor 37394 4166 61525 0 3 0x82 wait syz-executor 61525 515743 87593 0 3 0x82 kqread syz-executor 87593 234497 73163 0 3 0x10008a sigsusp ksh 73163 504840 64669 0 3 0x98 kqread sshd-session 64669 288256 60008 0 3 0x92 kqread sshd-session 39746 357997 1 0 3 0x100083 ttyin getty 60008 122767 1 0 3 0x88 kqread sshd 19523 186210 34277 73 3 0x1100090 kqread syslogd 34277 75301 1 0 3 0x100082 sbwait syslogd 98253 379044 1 0 3 0x100080 kqread resolvd 17381 393061 55587 77 3 0x100092 kqread dhcpleased 42833 19318 55587 77 3 0x100092 kqread dhcpleased 55587 366125 1 0 3 0x80 kqread dhcpleased 65483 351269 0 0 3 0x14200 bored smr 43753 433472 0 0 2 0x14200 zerothread 68300 147430 0 0 3 0x14200 aiodoned aiodoned 13135 155233 0 0 3 0x14200 syncer update 39650 217225 0 0 3 0x14200 cleaner cleaner 35541 364626 0 0 3 0x14200 reaper reaper 9978 13406 0 0 3 0x14200 pgdaemon pagedaemon 15300 460455 0 0 3 0x14200 bored viomb 40491 333915 0 0 3 0x40014200 acpi0 acpi0 58763 448207 0 0 3 0x14200 bored softnet0 92146 460103 0 0 3 0x14200 bored systqmp 98909 38468 0 0 3 0x14200 bored systq 18781 371419 0 0 3 0x40014200 tmoslp softclock 11662 40794 0 0 3 0x40014200 idle0 1 137886 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10186 11063K 11494K 166960K 12147 0 pcb 17 14K 16K 166960K 127 0 rtable 193 8K 10K 166960K 457 0 pf 30 13K 15K 166960K 107 0 ifaddr 32 5K 7K 166960K 78 0 ifgroup 47 2K 2K 166960K 120 0 sysctl 4 1K 9K 166960K 17 0 counters 31 17K 18K 166960K 68 0 ioctlops 0 0K 4K 166960K 143 0 iov 0 0K 28K 166960K 75 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1347 85K 85K 166960K 1888 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 8 0 VM map 2 1K 1K 166960K 2 0 sem 11 0K 0K 166960K 17 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 89K 166960K 662 0 sigio 0 0K 0K 166960K 6 0 proc 60 59K 116K 166960K 535 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 57 0 in_multi 67 5K 7K 166960K 124 0 ether_multi 1 0K 0K 166960K 7 0 mrt 1 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 413 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 233 154K 168K 166960K 7607 0 UVM aobj 13 2K 4K 166960K 15 0 pinsyscall 39 78K 92K 166960K 1710 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 26 0 NDP 10 0K 2K 166960K 51 0 temp 55 8642K 8898K 166960K 12453 0 kqueue 15 22K 30K 166960K 122 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 149 0 146 1 0 1 1 0 8 0 rtentry 136 122 0 49 4 0 4 4 0 8 0 unpcb 144 407 0 390 5 3 2 4 0 8 1 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 198 0 193 7 0 7 7 0 8 6 arp 96 18 0 4 1 0 1 1 0 8 0 ipq 40 2 0 0 1 0 1 1 0 8 0 ipqe 40 3 0 0 1 0 1 1 0 8 0 inpcb 328 624 0 616 13 4 9 12 0 8 8 ip6q 72 4 0 2 1 0 1 1 0 8 0 ip6af 40 6 0 4 1 0 1 1 0 8 0 nd6 112 25 0 6 1 0 1 1 0 8 0 pkpcb 40 4 0 4 3 2 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 1 0 1 0 8 0 ppxss 1072 28 0 28 3 2 1 1 0 8 1 pppxif 1384 4 0 4 2 1 1 1 0 8 1 pfosfp 40 1 0 0 1 0 1 1 0 8 0 pfosfpen 112 1 0 0 1 0 1 1 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pftag 88 4 0 0 1 0 1 1 0 8 0 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 0 1 0 1 1 0 8 0 pfstate 384 2 0 0 1 0 1 1 0 8 0 pfrule 1344 8 0 7 1 0 1 1 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 540 0 239 29 4 25 29 0 8 1 art_table 40 542 0 239 5 0 5 5 0 8 0 art_node 32 120 0 55 1 0 1 1 0 8 0 sysvmsgpl 40 14 0 8 2 1 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 14 0 6 1 0 1 1 0 8 0 shmpl 112 12 0 2 1 0 1 1 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 2605 0 1110 95 0 95 95 0 8 0 ffsino 256 2605 0 1110 95 0 95 95 0 8 0 nchpl 144 3591 0 1900 63 0 63 63 0 8 0 rtmask 32 5 0 5 2 1 1 1 0 8 1 vnodes 216 2925 0 0 163 0 163 163 0 8 0 namei 1024 12147 0 12147 3 2 1 2 0 8 1 kstatmem 264 70 0 50 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 11751 0 11751 15 14 1 8 1 8 1 plimitpl 152 115 0 98 1 0 1 1 0 8 0 sigapl 424 945 0 900 6 0 6 6 0 8 0 knotepl 120 40185 0 40136 31 21 10 16 0 8 8 kqueuepl 184 164 0 153 1 0 1 1 0 8 0 pipepl 304 188 0 161 3 0 3 3 0 8 0 fdescpl 448 929 0 899 5 1 4 5 0 8 0 filepl 120 5541 0 5322 14 1 13 13 0 8 5 lockfpl 104 251 0 248 1 0 1 1 0 8 0 lockfspl 48 78 0 75 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 44 0 28 1 0 1 1 0 8 0 ucredpl 104 1124 0 1111 1 0 1 1 0 8 0 zombiepl 144 978 0 975 2 1 1 1 0 8 0 processpl 1152 945 0 900 4 0 4 4 0 8 0 procpl 664 1738 0 1687 6 0 6 6 0 8 0 sockpl 552 1232 0 1204 18 7 11 12 0 8 8 mcl64k 65536 185 0 185 3 2 1 1 0 8 1 mcl12k 12288 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 26 0 26 3 2 1 1 0 8 1 mcl4k 4096 3184 0 3134 12 5 7 12 0 8 0 mcl2k 2048 911 0 905 8 6 2 5 0 8 1 mtagpl 96 71 0 4 2 0 2 2 0 8 0 mbufpl 256 9833 0 9648 15 1 14 15 0 8 0 bufpl 280 4184 0 122 291 0 291 291 0 8 0 anonpl 24 144618 0 140962 64 30 34 45 0 187 10 amapchunkpl 152 24791 0 24292 47 19 28 31 0 158 8 amappl16 200 2401 0 2363 16 13 3 14 0 8 0 amappl15 192 10 0 9 1 0 1 1 0 8 0 amappl14 184 14 0 13 1 0 1 1 0 8 0 amappl13 176 399 0 398 1 0 1 1 0 8 0 amappl12 168 1261 0 1222 2 0 2 2 0 8 0 amappl11 160 44 0 44 1 1 0 1 0 8 0 amappl10 152 44 0 34 1 0 1 1 0 8 0 amappl9 144 244 0 244 1 1 0 1 0 8 0 amappl8 136 37 0 35 1 0 1 1 0 8 0 amappl7 128 74 0 72 1 0 1 1 0 8 0 amappl6 120 254 0 243 1 0 1 1 0 8 0 amappl5 112 70 0 63 1 0 1 1 0 8 0 amappl4 104 369 0 343 1 0 1 1 0 8 0 amappl3 96 4203 0 4115 3 0 3 3 0 8 0 amappl2 88 1042 0 968 2 0 2 2 0 8 0 amappl1 80 10756 0 10217 13 1 12 13 0 8 0 amappl 88 6835 0 6673 6 2 4 5 0 92 0 uvmvnodes 80 2925 0 0 60 0 60 60 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 14 0 2 1 0 1 1 0 8 0 uaddrrnd 24 929 0 899 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 929 0 899 1 0 1 1 0 8 0 vmmpekpl 168 8709 0 8680 2 0 2 2 0 8 0 vmmpepl 168 63848 0 62009 93 11 82 91 0 357 0 vmsppl 368 928 0 899 4 1 3 4 0 8 0 rwobjpl 40 21428 0 17646 39 0 39 39 0 8 0 pdppl 4096 1864 0 1798 96 30 66 78 0 8 0 pvpl 32 406263 0 396833 140 49 91 117 0 265 7 pmappl 216 928 0 899 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 386 0 59 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff80003390b780,ffff80003a937130,ffff80003a937080) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003a937130) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a937130) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3be335ef0f0, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff80003390b780,ffff80003a937130,ffff80003a937080) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003a937130) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a937130) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3be335ef0f0, count: -3