kernel: protection fault trap, code=0 Stopped at sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff800031506560,ffff80003a5250d0,ffff80003a525020) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003a5250d0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a5250d0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd7a7995a7c0, count: -3 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003a525000 rbx 0xdeafbeaddeafbead rdx 0 rcx 0 rax 0xdeafbeaddeafbead r8 0x7f7fffffc000 r9 0 r10 0xf790ef57f01afe05 r11 0x772e1e6f97595180 r12 0 r13 0xfffffd80696e1a10 r14 0xffff80003a5250d0 r15 0 rip 0xffffffff8314c3f5 sys_semop+0x3d5 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003a524f10 ss 0x10 sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> show proc PROC (syz-executor) tid=50255 pid=61558 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=83, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000315067f8,0xffff80002f1007f0 process=0xffff8000ffffb618 user=0xffff80003a520000, vmspace=0xfffffd806c234d08 estcpu=33, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 54886 510866 3568 0 2 0 syz-executor 54886 124154 3568 0 3 0x4000080 fsleep syz-executor 61558 78048 34587 0 2 0 syz-executor *61558 50255 34587 0 7 0x4000000 syz-executor 61558 131780 34587 0 3 0x4000080 fsleep syz-executor 90466 64047 58784 0 2 0 syz-executor 90466 226815 58784 0 3 0x4000080 fsleep syz-executor 90466 187102 58784 0 2 0x4000000 syz-executor 30162 394570 60664 0 2 0x10 syz-executor 30162 488821 60664 0 2 0x4000010 syz-executor 88122 335604 68026 60929 2 0x10 syz-executor 88122 356634 68026 60929 3 0x4000090 fsleep syz-executor 91693 521737 56604 0 2 0 syz-executor 91693 338884 56604 0 3 0x4000080 kqsel syz-executor 91693 204699 56604 0 2 0x4000000 syz-executor 91693 13687 56604 0 3 0x4000080 fsleep syz-executor 86256 79668 10828 0 3 0x80 nanoslp syz-executor 86256 334662 10828 0 3 0x4000080 kqread syz-executor 86256 358716 10828 0 3 0x4000080 fsleep syz-executor 43751 56422 0 0 3 0x14200 acct acct 7519 256023 0 0 3 0x14280 nfsidl nfsio 57005 340285 0 0 3 0x14280 nfsidl nfsio 82541 427012 0 0 3 0x14280 nfsidl nfsio 15941 146540 0 0 3 0x14280 nfsidl nfsio 34733 207553 0 0 3 0x14280 nfsidl nfsio 85890 509612 0 0 3 0x14280 nfsidl nfsio 6414 91816 0 0 3 0x14280 nfsidl nfsio 49022 384899 0 0 3 0x14280 nfsidl nfsio 74544 495023 0 0 3 0x14280 nfsidl nfsio 72870 475548 0 0 3 0x14280 nfsidl nfsio 19447 353284 0 0 3 0x14280 nfsidl nfsio 92060 476503 0 0 3 0x14280 nfsidl nfsio 47439 489085 0 0 3 0x14280 nfsidl nfsio 75090 431814 0 0 3 0x14280 nfsidl nfsio 64715 520792 0 0 3 0x14280 nfsidl nfsio 67362 282971 0 0 3 0x14280 nfsidl nfsio 43300 11404 0 0 3 0x14280 nfsidl nfsio 99089 229059 0 0 3 0x14280 nfsidl nfsio 28864 335309 0 0 3 0x14280 nfsidl nfsio 93925 93099 0 0 3 0x14280 nfsidl nfsio 3568 480359 32798 0 3 0x82 nanoslp syz-executor 10828 218611 32798 0 2 0x3 syz-executor 60664 18826 32798 0 2 0x3 syz-executor 68026 69845 32798 0 2 0x3 syz-executor 34587 115857 32798 0 2 0x3 syz-executor 58784 449604 32798 0 2 0x3 syz-executor 87655 185155 32798 0 2 0x3 syz-executor 56604 400001 32798 0 2 0x3 syz-executor 32798 455331 12483 0 3 0x82 kqread syz-executor 12483 192232 91526 0 3 0x10008a sigsusp ksh 91526 418416 37260 0 3 0x98 kqread sshd-session 37260 464323 11507 0 3 0x92 kqread sshd-session 11302 378434 1 0 3 0x100083 ttyin getty 11507 302472 1 0 3 0x88 kqread sshd 76968 78729 59009 73 3 0x1100090 kqread syslogd 59009 144262 1 0 3 0x100082 sbwait syslogd 63232 262104 1 0 3 0x100080 kqread resolvd 86562 67304 89641 77 3 0x100092 kqread dhcpleased 72429 22960 89641 77 3 0x100092 kqread dhcpleased 89641 490361 1 0 3 0x80 kqread dhcpleased 73401 158365 0 0 3 0x14200 bored smr 74671 266096 0 0 2 0x14200 zerothread 22105 392729 0 0 3 0x14200 aiodoned aiodoned 8387 15832 0 0 3 0x14200 syncer update 1821 514160 0 0 3 0x14200 cleaner cleaner 95515 485214 0 0 3 0x14200 reaper reaper 93183 163564 0 0 3 0x14200 pgdaemon pagedaemon 18443 335367 0 0 3 0x14200 bored viomb 87561 14632 0 0 3 0x40014200 acpi0 acpi0 9527 501275 0 0 3 0x14200 bored softnet0 74101 56132 0 0 3 0x14200 bored systqmp 24272 111262 0 0 3 0x14200 bored systq 23814 414733 0 0 3 0x40014200 tmoslp softclock 8172 373888 0 0 3 0x40014200 idle0 1 67467 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10193 11077K 11717K 166960K 12028 0 pcb 18 14K 16K 166960K 192 0 rtable 214 9K 9K 166960K 435 0 pf 36 14K 17K 166960K 75 0 ifaddr 40 6K 7K 166960K 61 0 ifgroup 58 2K 2K 166960K 93 0 sysctl 4 1K 9K 166960K 14 0 counters 34 18K 18K 166960K 50 0 ioctlops 0 0K 4K 166960K 98 0 iov 0 0K 32K 166960K 70 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1433 90K 91K 166960K 1938 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 7 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 31 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 89K 166960K 578 0 sigio 0 0K 0K 166960K 3 0 proc 60 59K 91K 166960K 540 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 44 0 in_multi 84 6K 7K 166960K 117 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 425 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 243 159K 176K 166960K 7315 0 UVM aobj 71 3K 3K 166960K 74 0 pinsyscall 39 78K 94K 166960K 1681 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 11 0 NDP 13 0K 2K 166960K 39 0 temp 48 8640K 8768K 166960K 30762 0 kqueue 14 22K 26K 166960K 98 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 142 0 139 3 2 1 3 0 8 0 rtentry 136 123 0 39 4 0 4 4 0 8 0 unpcb 144 281 0 265 1 0 1 1 0 8 0 syncache 336 8 0 8 2 1 1 1 0 8 1 tcpqe 32 4 0 4 2 1 1 1 0 8 1 tcpcb 736 192 0 184 7 0 7 7 0 8 5 arp 96 20 0 4 1 0 1 1 0 8 0 inpcb 328 481 0 467 7 0 7 7 0 8 4 ip6q 72 6 0 2 1 0 1 1 0 8 0 ip6af 40 7 0 4 1 0 1 1 0 8 0 nd6 112 25 0 5 1 0 1 1 0 8 0 pkpcb 40 4 0 4 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 11 0 11 2 1 1 1 0 8 1 pppxif 1384 1 0 1 1 1 0 1 0 8 0 pfstscr 40 5 0 5 2 1 1 1 0 8 1 pfrktable 1344 2 0 2 1 1 0 1 0 8 0 pfstkey 128 4 0 4 2 1 1 1 0 8 1 pfstate 384 3 0 3 2 1 1 1 0 8 1 pfrule 1344 2 0 2 2 1 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 531 0 135 29 1 28 29 0 8 2 art_table 40 532 0 135 5 0 5 5 0 8 0 art_node 32 122 0 46 1 0 1 1 0 8 0 sysvmsgpl 40 43 0 3 1 0 1 1 0 8 0 semapl 112 25 0 16 1 0 1 1 0 8 0 shmpl 112 71 0 3 2 0 2 2 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 2545 0 1049 95 0 95 95 0 8 0 ffsino 256 2545 0 1049 95 0 95 95 0 8 0 nchpl 144 3353 0 1662 64 0 64 64 0 8 0 rtmask 32 1 0 1 1 1 0 1 0 8 0 vnodes 216 2902 0 0 162 0 162 162 0 8 0 namei 1024 10828 0 10826 2 1 1 2 0 8 0 kstatmem 264 46 0 20 2 0 2 2 0 8 0 scxspl 216 11208 0 11208 8 7 1 8 1 8 1 plimitpl 152 150 0 134 1 0 1 1 0 8 0 sigapl 424 894 0 830 9 1 8 8 0 8 0 knotepl 120 19550 0 19498 16 7 9 9 0 8 7 kqueuepl 184 231 0 219 4 0 4 4 0 8 3 pipepl 304 155 0 128 3 0 3 3 0 8 0 fdescpl 448 859 0 829 5 1 4 5 0 8 0 filepl 120 4922 0 4706 17 4 13 13 0 8 5 lockfpl 104 303 0 300 2 0 2 2 0 8 1 lockfspl 48 71 0 68 1 0 1 1 0 8 0 sessionpl 144 26 0 18 1 0 1 1 0 8 0 pgrppl 48 44 0 28 1 0 1 1 0 8 0 ucredpl 104 975 0 962 1 0 1 1 0 8 0 zombiepl 144 1085 0 1084 1 0 1 1 0 8 0 processpl 1152 894 0 830 5 0 5 5 0 8 0 procpl 664 1689 0 1613 7 0 7 7 0 8 0 sockpl 552 1077 0 1044 13 5 8 8 0 8 4 mcl64k 65536 79 0 79 2 1 1 1 0 8 1 mcl16k 16384 2 0 2 2 1 1 1 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 11 0 11 2 1 1 1 0 8 1 mcl4k 4096 3104 0 3054 17 9 8 16 0 8 1 mcl2k2 2112 1 0 1 1 0 1 1 0 8 1 mcl2k 2048 883 0 873 3 1 2 2 0 8 0 mtagpl 96 12 0 5 1 0 1 1 0 8 0 mbufpl 256 8854 0 8690 14 0 14 14 0 8 0 bufpl 280 4249 0 119 295 0 295 295 0 8 0 anonpl 24 126197 0 123008 45 0 45 45 0 187 18 amapchunkpl 152 23302 0 22788 42 16 26 36 0 158 5 amappl16 200 1599 0 1567 15 4 11 15 0 8 8 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 5 0 5 2 1 1 1 0 8 1 amappl13 176 405 0 404 1 0 1 1 0 8 0 amappl12 168 1212 0 1173 2 0 2 2 0 8 0 amappl11 160 5 0 5 1 1 0 1 0 8 0 amappl10 152 40 0 30 1 0 1 1 0 8 0 amappl9 144 258 0 258 1 1 0 1 0 8 0 amappl8 136 15 0 14 1 0 1 1 0 8 0 amappl7 128 78 0 77 1 0 1 1 0 8 0 amappl6 120 266 0 255 1 0 1 1 0 8 0 amappl5 112 70 0 62 1 0 1 1 0 8 0 amappl4 104 398 0 374 1 0 1 1 0 8 0 amappl3 96 3901 0 3804 3 0 3 3 0 8 0 amappl2 88 1017 0 943 2 0 2 2 0 8 0 amappl1 80 11973 0 11429 13 0 13 13 0 8 0 amappl 88 6499 0 6325 5 0 5 5 0 92 0 uvmvnodes 80 2902 0 0 60 0 60 60 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 7 0 7 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 73 0 3 2 0 2 2 0 8 0 uaddrrnd 24 859 0 829 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 859 0 829 1 0 1 1 0 8 0 vmmpekpl 168 8948 0 8917 3 0 3 3 0 8 0 vmmpepl 168 61626 0 59773 92 0 92 92 0 357 9 vmsppl 368 858 0 829 4 1 3 4 0 8 0 rwobjpl 40 21821 0 17994 39 0 39 39 0 8 0 pdppl 4096 1725 0 1658 101 34 67 79 0 8 0 pvpl 32 370044 0 361439 115 0 115 115 0 265 31 pmappl 216 858 0 829 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 389 0 55 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff800031506560,ffff80003a5250d0,ffff80003a525020) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003a5250d0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a5250d0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd7a7995a7c0, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff800031506560,ffff80003a5250d0,ffff80003a525020) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003a5250d0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a5250d0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd7a7995a7c0, count: -3