kernel: protection fault trap, code=0 Stopped at sys_semop+0x352: movzwl 0x8(%rbx),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff80002a7f4a80,ffff800037947f30,ffff800037947e80) at sys_semop+0x352 sys/kern/sysv_sem.c:622 syscall(ffff800037947f30) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800037947f30) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8844e551960, count: -3 ddb> show registers rdi 0 rsi 0x6966 __ALIGN_SIZE+0x5966 rbp 0xffff800037947e60 rbx 0xdead4110deaf7738 rdx 0 rcx 0 rax 0xffff80002a7f4a80 r8 0x7f7fffffc000 r9 0 r10 0x27ad50cebfeb0bfd r11 0xe6e1287baf39643e r12 0x6966 __ALIGN_SIZE+0x5966 r13 0xfffffd806a91a850 r14 0xffff800037947f30 r15 0x6966 __ALIGN_SIZE+0x5966 rip 0xffffffff81756e02 sys_semop+0x352 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800037947d70 ss 0x10 sys_semop+0x352: movzwl 0x8(%rbx),%r15d ddb> show proc PROC (syz-executor) tid=137071 pid=36282 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=81, usrpri=81, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003ca34568 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003ca35790,0xffff80002a7f5788 process=0xffff8000ffff9b30 user=0xffff800037942000, vmspace=0xfffffd806bb7ae70 estcpu=31, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 87971 277947 13004 60928 2 0x10 syz-executor 87971 34488 13004 60928 3 0x4000090 fsleep syz-executor 87971 353820 13004 60928 3 0x4000090 fsleep syz-executor 64902 487264 47728 0 2 0 syz-executor 64902 257805 47728 0 3 0x4000080 fsleep syz-executor 64902 327881 47728 0 3 0x4000080 fsleep syz-executor 96535 377892 0 0 3 0x14200 acct acct 65161 346284 75967 0 2 0x1 syz-executor 65161 55341 75967 0 2 0x4000001 syz-executor 65161 293550 75967 0 3 0x4000080 fsleep syz-executor 65161 282945 75967 0 3 0x4000080 fsleep syz-executor 33612 107665 68678 0 2 0x1 syz-executor 33612 278070 68678 0 2 0x4000000 syz-executor 33612 468457 68678 0 3 0x4000080 fsleep syz-executor 33612 1317 68678 0 3 0x4000080 fsleep syz-executor 36282 289947 68246 0 3 0x3000 suspend syz-executor *36282 137071 68246 0 7 0x4081000 syz-executor 45456 424356 37797 0 2 0x1 syz-executor 45456 457794 37797 0 2 0x4000000 syz-executor 45456 156481 37797 0 3 0x4000080 fsleep syz-executor 45456 323601 37797 0 3 0x4000080 fsleep syz-executor 8448 349745 73108 0 4 0x82000 syz-executor 8448 254868 73108 0 4 0x4082000 syz-executor 8448 137788 73108 0 2 0x4082000 syz-executor 8448 479171 73108 0 3 0x4002000 suspend syz-executor 52254 225528 0 0 3 0x14280 nfsidl nfsio 82249 164038 0 0 3 0x14280 nfsidl nfsio 9828 427180 0 0 3 0x14280 nfsidl nfsio 65390 384970 0 0 3 0x14280 nfsidl nfsio 17240 209237 0 0 3 0x14280 nfsidl nfsio 43802 450283 0 0 3 0x14280 nfsidl nfsio 635 242294 0 0 3 0x14280 nfsidl nfsio 57092 295846 0 0 3 0x14280 nfsidl nfsio 77181 238218 0 0 3 0x14280 nfsidl nfsio 46206 172496 0 0 3 0x14280 nfsidl nfsio 71629 272668 0 0 3 0x14280 nfsidl nfsio 44592 160808 0 0 3 0x14280 nfsidl nfsio 55480 78637 0 0 3 0x14280 nfsidl nfsio 29875 442840 0 0 3 0x14280 nfsidl nfsio 20885 471676 0 0 3 0x14280 nfsidl nfsio 35934 351713 0 0 3 0x14280 nfsidl nfsio 76993 468117 0 0 3 0x14280 nfsidl nfsio 84640 32805 0 0 3 0x14280 nfsidl nfsio 60979 159780 0 0 3 0x14280 nfsidl nfsio 66141 397719 0 0 3 0x14280 nfsidl nfsio 80976 416399 0 0 3 0x14200 bored sosplice 73108 475044 80497 0 3 0x82 nanoslp syz-executor 68678 161958 80497 0 3 0x82 nanoslp syz-executor 75967 62292 80497 0 3 0x82 nanoslp syz-executor 47728 368146 80497 0 3 0x82 nanoslp syz-executor 37797 167964 80497 0 3 0x82 nanoslp syz-executor 20326 101647 80497 0 2 0x2 syz-executor 13004 195524 80497 0 3 0x82 nanoslp syz-executor 68246 434189 80497 0 3 0x82 nanoslp syz-executor 80497 324568 48698 0 3 0x82 kqread syz-executor 48698 506751 86093 0 3 0x10008a sigsusp ksh 86093 238046 7967 0 3 0x98 kqread sshd-session 7967 203708 20191 0 3 0x92 kqread sshd-session 27101 93300 1 0 3 0x100083 ttyin getty 20191 499986 1 0 3 0x88 kqread sshd 6299 19676 60726 73 3 0x1100090 kqread syslogd 60726 41110 1 0 3 0x100082 sbwait syslogd 29141 493927 1 0 3 0x100080 kqread resolvd 1575 396713 0 0 3 0x14200 bored smr 23939 62201 0 0 2 0x14200 zerothread 4226 297262 0 0 3 0x14200 aiodoned aiodoned 55779 286089 0 0 3 0x14200 syncer update 37545 81432 0 0 3 0x14200 cleaner cleaner 83507 143230 0 0 3 0x14200 reaper reaper 89470 301543 0 0 3 0x14200 pgdaemon pagedaemon 33090 281118 0 0 3 0x14200 bored viomb 28893 417336 0 0 3 0x40014200 acpi0 acpi0 76358 40687 0 0 3 0x14200 bored softnet7 68128 183420 0 0 3 0x14200 bored softnet6 80038 39056 0 0 3 0x14200 bored softnet5 45936 505296 0 0 3 0x14200 bored softnet4 21141 121666 0 0 3 0x14200 bored softnet3 90885 228753 0 0 3 0x14200 bored softnet2 28685 263973 0 0 3 0x14200 bored softnet1 25685 441561 0 0 3 0x14200 bored softnet0 1553 18299 0 0 3 0x14200 bored systqmp 85378 409750 0 0 3 0x14200 bored systq 82328 292223 0 0 3 0x40014200 tmoslp softclock 36596 362625 0 0 3 0x40014200 idle0 1 478761 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10180 11039K 11323K 166960K 11423 0 pcb 19 15K 16K 166960K 150 0 rtable 184 8K 9K 166960K 348 0 pf 36 14K 14K 166960K 59 0 ifaddr 39 6K 8K 166960K 61 0 ifgroup 56 2K 2K 166960K 85 0 sysctl 4 1K 9K 166960K 8 0 counters 35 18K 18K 166960K 49 0 ioctlops 0 0K 4K 166960K 65 0 iov 0 0K 32K 166960K 73 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1336 84K 85K 166960K 1516 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 5 0 VM map 2 1K 1K 166960K 2 0 sem 10 0K 1K 166960K 15 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 102K 166960K 405 0 sigio 0 0K 0K 166960K 4 0 proc 54 43K 108K 166960K 500 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 100 0 in_multi 86 6K 7K 166960K 111 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 365 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 215 134K 168K 166960K 5199 0 UVM aobj 131 4K 4K 166960K 131 0 pinsyscall 32 64K 95K 166960K 1420 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 9 0 NDP 13 0K 2K 166960K 39 0 temp 48 8633K 8708K 166960K 6237 0 kqueue 8 14K 27K 166960K 68 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 51 0 50 1 0 1 1 0 8 0 rtentry 136 111 0 39 4 0 4 4 0 8 0 unpcb 144 291 0 279 5 3 2 4 0 8 1 syncache 336 4 0 4 2 1 1 1 0 8 1 tcpcb 736 180 0 175 10 3 7 7 0 8 6 arp 96 13 0 4 1 0 1 1 0 8 0 ipq 40 1 0 0 1 0 1 1 0 8 0 ipqe 40 1 0 0 1 0 1 1 0 8 0 inpcb 328 489 0 482 13 6 7 7 0 8 5 ip6q 72 4 0 1 1 0 1 1 0 8 0 ip6af 40 5 0 2 1 0 1 1 0 8 0 nd6 104 19 0 4 1 0 1 1 0 8 0 pkpcb 40 3 0 3 2 2 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 12 0 10 2 1 1 1 0 8 0 pppxif 1384 2 0 2 1 0 1 1 0 8 1 pfstscr 40 1 0 1 1 0 1 1 0 8 1 pftag 88 2 0 0 1 0 1 1 0 8 0 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 3 0 1 1 0 1 1 0 8 0 pfstate 384 2 0 1 1 0 1 1 0 8 0 pfrule 1344 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 3 0 1 3 0 3 3 0 8 1 art_heap4 256 504 0 126 30 1 29 30 0 8 2 art_table 40 507 0 127 5 0 5 5 0 8 0 art_node 32 108 0 45 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 3 2 2 0 1 0 8 0 semapl 112 11 0 4 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 2076 0 574 95 0 95 95 0 8 0 ffsino 256 2076 0 574 95 0 95 95 0 8 0 nchpl 144 2662 0 980 63 0 63 63 0 8 0 rtmask 32 3 0 2 2 1 1 1 0 8 0 uvmvnodes 80 2208 0 0 46 0 46 46 0 8 0 vnodes 216 2208 0 0 123 0 123 123 0 8 0 namei 1024 8642 0 8642 6 3 3 3 0 8 3 kstatmem 264 46 0 20 2 0 2 2 0 8 0 scsiplug 72 2 0 2 2 2 0 1 0 8 0 scxspl 216 8661 0 8661 8 7 1 8 1 8 1 plimitpl 152 204 0 189 1 0 1 1 0 8 0 sigapl 424 702 0 634 10 1 9 9 0 8 0 knotepl 120 12888 0 12853 22 13 9 9 0 8 7 kqueuepl 184 223 0 213 4 0 4 4 0 8 3 pipepl 304 122 0 95 3 0 3 3 0 8 0 fdescpl 448 659 0 633 5 1 4 5 0 8 0 filepl 120 3702 0 3461 13 4 9 10 0 8 0 lockfpl 104 91 0 89 1 0 1 1 0 8 0 lockfspl 48 40 0 38 1 0 1 1 0 8 0 sessionpl 144 21 0 14 1 0 1 1 0 8 0 pgrppl 48 29 0 14 1 0 1 1 0 8 0 ucredpl 104 530 0 520 1 0 1 1 0 8 0 zombiepl 144 748 0 747 2 1 1 1 0 8 0 processpl 1152 702 0 634 7 1 6 6 0 8 0 procpl 664 1156 0 1071 8 0 8 8 0 8 0 sosppl 168 1 0 1 1 1 0 1 0 8 0 sockpl 552 908 0 888 15 7 8 8 0 8 5 mcl64k 65536 23 0 22 3 2 1 1 0 8 0 mcl16k 16384 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 40 0 40 2 1 1 1 0 8 1 mcl4k 4096 2804 0 2752 15 7 8 14 0 8 1 mcl2k 2048 547 0 544 4 2 2 2 0 8 1 mtagpl 96 4 0 4 1 1 0 1 0 8 0 mbufpl 256 7996 0 7849 77 62 15 75 0 8 3 bufpl 280 3440 0 120 238 0 238 238 0 8 0 anonpl 24 120908 0 118101 50 17 33 33 0 187 9 amapchunkpl 152 17104 0 16614 45 13 32 32 0 158 11 amappl16 200 1901 0 1877 5 3 2 5 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 134 0 127 1 0 1 1 0 8 0 amappl13 176 6 0 6 1 1 0 1 0 8 0 amappl12 168 1266 0 1240 3 1 2 3 0 8 0 amappl11 160 48 0 43 1 0 1 1 0 8 0 amappl10 152 4 0 4 1 1 0 1 0 8 0 amappl9 144 269 0 269 1 1 0 1 0 8 0 amappl8 136 18 0 17 1 0 1 1 0 8 0 amappl7 128 93 0 86 1 0 1 1 0 8 0 amappl6 120 169 0 166 1 0 1 1 0 8 0 amappl5 112 122 0 119 1 0 1 1 0 8 0 amappl4 104 262 0 249 1 0 1 1 0 8 0 amappl3 96 2716 0 2626 3 0 3 3 0 8 0 amappl2 88 880 0 825 2 0 2 2 0 8 0 amappl1 80 8936 0 8480 13 1 12 13 0 8 1 amappl 88 4508 0 4341 6 1 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 2 0 1 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 659 0 633 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 659 0 633 1 0 1 1 0 8 0 vmmpekpl 168 6736 0 6706 2 0 2 2 0 8 0 vmmpepl 168 46845 0 45278 87 3 84 84 0 357 13 vmsppl 368 658 0 633 4 1 3 4 0 8 0 rwobjpl 40 17024 0 13968 32 0 32 32 0 8 0 pdppl 4096 1325 0 1266 99 38 61 81 0 8 2 pvpl 32 301822 0 294102 123 24 99 99 0 265 23 pmappl 216 658 0 633 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 457 0 125 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff80002a7f4a80,ffff800037947f30,ffff800037947e80) at sys_semop+0x352 sys/kern/sysv_sem.c:622 syscall(ffff800037947f30) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800037947f30) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8844e551960, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff80002a7f4a80,ffff800037947f30,ffff800037947e80) at sys_semop+0x352 sys/kern/sysv_sem.c:622 syscall(ffff800037947f30) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800037947f30) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8844e551960, count: -3