kernel: protection fault trap, code=0 Stopped at sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff80002a7ccd10,ffff8000385bbcb0,ffff8000385bbc00) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff8000385bbcb0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff8000385bbcb0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xac4e87a3c60, count: -3 ddb> show registers rdi 0 rsi 0 rbp 0xffff8000385bbbe0 rbx 0xdead4110dead4110 rdx 0xffff800001435e40 rcx 0 rax 0xdead4110dead4110 r8 0x7f7fffffc000 r9 0 r10 0xfec03865bef46efa r11 0x8b49034f7f72a8cb r12 0 r13 0xfffffd806b74ad20 r14 0xffff8000385bbcb0 r15 0 rip 0xffffffff829c1255 sys_semop+0x3d5 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000385bbaf0 ss 0x10 sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> show proc PROC (syz-executor) tid=73527 pid=69251 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=84, usrpri=84, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7cc018,0xffff80003c948570 process=0xffff80002a7efa90 user=0xffff8000385b6000, vmspace=0xfffffd806d22dd00 estcpu=34, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 23915 328809 26415 0 2 0 syz-executor 8515 116629 98750 0 2 0 syz-executor 8515 522972 98750 0 3 0x4000080 fsleep syz-executor 8515 158978 98750 0 2 0x4000000 syz-executor 91905 256862 16782 0 2 0 syz-executor 91905 73611 16782 0 3 0x4000080 fsleep syz-executor 41743 138202 56759 0 2 0 syz-executor 41743 2271 56759 0 2 0x4000000 syz-executor 41743 464430 56759 0 2 0x4000000 syz-executor 78022 369233 54981 0 2 0 syz-executor 78022 178564 54981 0 3 0x4000080 fsleep syz-executor 69251 93867 47739 0 2 0 syz-executor 69251 463401 47739 0 3 0x4000080 kqsel syz-executor *69251 73527 47739 0 7 0x4000000 syz-executor 69251 433364 47739 0 3 0x4000080 fsleep syz-executor 74573 83331 99316 0 2 0x2002 ifconfig 99316 140820 22253 0 3 0x10008a sigsusp sh 77056 327646 45125 0 2 0x2 ndp 45125 406311 86575 0 3 0x10008a sigsusp sh 22253 146254 65487 0 3 0x82 wait syz-executor 86575 111335 65487 0 3 0x82 wait syz-executor 98750 283074 65487 0 2 0x3 syz-executor 54981 518876 65487 0 2 0x3 syz-executor 87136 141710 1 0 3 0x100083 ttyin getty 56759 409155 65487 0 2 0x3 syz-executor 39863 242082 0 0 3 0x14280 nfsidl nfsio 36046 421717 0 0 3 0x14280 nfsidl nfsio 19871 341160 0 0 3 0x14280 nfsidl nfsio 92148 403282 0 0 3 0x14280 nfsidl nfsio 54545 437746 0 0 3 0x14280 nfsidl nfsio 26109 306686 0 0 3 0x14280 nfsidl nfsio 41434 54920 0 0 3 0x14280 nfsidl nfsio 1872 213006 0 0 3 0x14280 nfsidl nfsio 80539 367439 0 0 3 0x14280 nfsidl nfsio 5294 323253 0 0 3 0x14280 nfsidl nfsio 80121 442541 0 0 3 0x14280 nfsidl nfsio 56947 385903 0 0 3 0x14280 nfsidl nfsio 8509 226618 0 0 3 0x14280 nfsidl nfsio 3694 408629 0 0 3 0x14280 nfsidl nfsio 20214 232423 0 0 3 0x14280 nfsidl nfsio 42836 250051 0 0 3 0x14280 nfsidl nfsio 36142 309814 0 0 3 0x14280 nfsidl nfsio 89463 369303 0 0 3 0x14280 nfsidl nfsio 47866 83785 0 0 3 0x14280 nfsidl nfsio 82787 160647 0 0 3 0x14280 nfsidl nfsio 47739 378904 65487 0 2 0x3 syz-executor 16782 368702 65487 0 2 0x3 syz-executor 26415 520729 65487 0 3 0x82 nanoslp syz-executor 65487 120973 85550 0 3 0x82 kqread syz-executor 85550 127975 88396 0 3 0x10008a sigsusp ksh 88396 371955 10534 0 3 0x98 kqread sshd-session 10534 18962 2607 0 3 0x92 kqread sshd-session 2607 322866 1 0 3 0x88 kqread sshd 10440 393295 29113 73 3 0x1100090 kqread syslogd 29113 47623 1 0 3 0x100082 sbwait syslogd 31655 480899 1 0 3 0x100080 kqread resolvd 52471 86039 62862 77 3 0x100092 kqread dhcpleased 64735 56319 62862 77 3 0x100092 kqread dhcpleased 62862 123406 1 0 3 0x80 kqread dhcpleased 94987 105972 0 0 3 0x14200 bored smr 78017 453296 0 0 2 0x14200 zerothread 3423 272879 0 0 3 0x14200 aiodoned aiodoned 72656 325499 0 0 3 0x14200 syncer update 79530 354595 0 0 3 0x14200 cleaner cleaner 725 59963 0 0 3 0x14200 reaper reaper 66675 123017 0 0 3 0x14200 pgdaemon pagedaemon 48547 248257 0 0 3 0x14200 bored viomb 25821 278947 0 0 3 0x40014200 acpi0 acpi0 46034 400461 0 0 3 0x14200 bored softnet0 95177 160690 0 0 3 0x14200 bored systqmp 1613 231964 0 0 3 0x14200 bored systq 88887 153459 0 0 3 0x40014200 tmoslp softclock 66088 373098 0 0 3 0x40014200 idle0 1 183440 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10196 11047K 11721K 166960K 15306 0 pcb 17 22K 24K 166960K 711 0 rtable 207 13K 14K 166960K 1521 0 pf 26 12K 15K 166960K 285 0 ifaddr 29 5K 9K 166960K 258 0 ifgroup 42 1K 2K 166960K 383 0 sysctl 4 1K 9K 166960K 32 0 counters 30 17K 18K 166960K 217 0 ioctlops 0 0K 4K 166960K 682 0 iov 0 0K 28K 166960K 233 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1507 95K 95K 166960K 4615 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 5K 166960K 5 0 VM map 2 1K 1K 166960K 2 0 sem 14 68K 68K 166960K 109 0 dirhash 12 2K 3K 166960K 66 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 20 73K 236K 166960K 3233 0 sigio 0 0K 0K 166960K 258 0 proc 61 59K 124K 166960K 1520 0 subproc 72 4K 4K 166960K 324 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 492 0 in_multi 59 4K 7K 166960K 508 0 ether_multi 1 0K 0K 166960K 44 0 mrt 2 0K 0K 166960K 48 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 1134 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 232 145K 160K 166960K 28870 0 UVM aobj 149 6K 6K 166960K 155 0 pinsyscall 42 84K 96K 166960K 5036 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 214 0 NDP 9 0K 2K 166960K 187 0 temp 80 8652K 8976K 166960K 115353 0 kqueue 13 20K 33K 166960K 620 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 404 0 401 3 2 1 3 0 8 0 rtentry 136 493 0 425 4 0 4 4 0 8 0 unpcb 144 2622 0 2607 9 3 6 6 0 8 5 syncache 336 12 0 12 2 1 1 1 0 8 1 tcpqe 32 4 0 4 2 1 1 1 0 8 1 tcpcb 736 1100 0 1095 8 6 2 7 0 8 1 arp 96 84 0 69 1 0 1 1 0 8 0 ipq 40 19 0 18 1 0 1 1 0 8 0 ipqe 40 94 0 93 1 0 1 1 0 8 0 inpcb 328 3651 0 3642 27 20 7 21 0 8 5 ip6q 72 12 0 11 1 0 1 1 0 8 0 ip6af 40 19 0 19 1 0 1 1 0 8 1 nd6 112 114 0 100 1 0 1 1 0 8 0 pkpcb 40 34 0 34 2 1 1 1 0 8 1 kcovpl 48 36 0 28 1 0 1 1 0 8 0 mppekey 1024 3 0 3 1 1 0 1 0 8 0 ppxss 1072 133 0 133 2 1 1 1 0 8 1 pppxif 1384 11 0 11 1 1 0 1 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pfrule 1344 4 0 3 1 0 1 1 0 8 0 rttmr 136 12 0 12 2 1 1 1 0 8 1 art_heap8 4096 5 0 0 5 0 5 5 0 8 0 art_heap4 256 2137 0 1839 31 4 27 31 0 8 3 art_table 40 2142 0 1839 5 0 5 5 0 8 0 art_node 32 485 0 424 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 0 1 0 1 1 0 8 0 semupl 112 4 0 4 1 1 0 1 0 8 0 semapl 112 99 0 88 1 0 1 1 0 8 0 shmpl 112 152 0 6 5 0 5 5 0 8 0 dirhash 1024 54 0 37 3 0 3 3 0 8 0 dino2pl 256 7228 0 5684 97 0 97 97 0 8 0 ffsino 256 7228 0 5684 97 0 97 97 0 8 0 nchpl 144 11134 0 9362 66 0 66 66 0 8 0 rtmask 32 26 0 26 2 1 1 1 0 8 1 vnodes 216 9053 0 0 503 0 503 503 0 8 0 namei 1024 43388 0 43386 4 2 2 2 0 8 1 kstatmem 264 232 0 214 2 0 2 2 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 17 0 17 2 1 1 1 0 8 1 scxspl 216 35513 0 35513 15 7 8 8 1 8 8 plimitpl 152 868 0 852 1 0 1 1 0 8 0 sigapl 424 3478 0 3413 8 0 8 8 0 8 0 knotepl 120 428111 0 428064 53 43 10 23 0 8 6 kqueuepl 184 1135 0 1123 6 3 3 4 0 8 2 pipepl 304 692 0 665 8 5 3 8 0 8 0 fdescpl 448 3435 0 3403 5 1 4 5 0 8 0 filepl 120 24637 0 24427 17 6 11 16 0 8 2 lockfpl 104 1670 0 1667 3 2 1 3 0 8 0 lockfspl 48 615 0 612 2 1 1 2 0 8 0 sessionpl 144 57 0 49 1 0 1 1 0 8 0 pgrppl 48 134 0 118 1 0 1 1 0 8 0 ucredpl 104 4922 0 4911 1 0 1 1 0 8 0 zombiepl 144 3905 0 3905 2 1 1 1 0 8 1 processpl 1152 3478 0 3413 5 0 5 5 0 8 0 procpl 664 7728 0 7654 8 0 8 8 0 8 1 sosppl 176 17 0 17 2 1 1 1 0 8 1 sockpl 552 6803 0 6776 26 15 11 20 0 8 8 mcl64k 65536 389 0 389 3 2 1 3 0 8 1 mcl16k 16384 19 0 19 2 1 1 1 0 8 1 mcl12k 12288 2 0 2 1 1 0 1 0 8 0 mcl9k 9216 6 0 6 2 1 1 1 0 8 1 mcl8k 8192 31 0 31 2 1 1 1 0 8 1 mcl4k 4096 6266 0 6213 16 7 9 15 0 8 1 mcl2k 2048 4653 0 4648 7 3 4 5 0 8 2 mtagpl 96 14 0 10 1 0 1 1 0 8 0 mbufpl 256 43081 0 42962 173 154 19 76 0 8 5 bufpl 280 13375 0 7152 445 0 445 445 0 8 0 anonpl 24 469511 0 460885 76 0 76 76 0 187 0 amapchunkpl 152 107225 0 106665 44 13 31 37 0 158 6 amappl16 200 8772 0 8516 34 7 27 27 0 8 0 amappl15 192 6 0 5 1 0 1 1 0 8 0 amappl14 184 38 0 37 1 0 1 1 0 8 0 amappl13 176 735 0 732 1 0 1 1 0 8 0 amappl12 168 3956 0 3916 2 0 2 2 0 8 0 amappl11 160 10 0 10 1 1 0 1 0 8 0 amappl10 152 54 0 44 1 0 1 1 0 8 0 amappl9 144 319 0 318 1 0 1 1 0 8 0 amappl8 136 21 0 19 1 0 1 1 0 8 0 amappl7 128 193 0 190 1 0 1 1 0 8 0 amappl6 120 610 0 594 1 0 1 1 0 8 0 amappl5 112 97 0 89 1 0 1 1 0 8 0 amappl4 104 549 0 523 1 0 1 1 0 8 0 amappl3 96 17519 0 17434 3 0 3 3 0 8 0 amappl2 88 3565 0 3487 2 0 2 2 0 8 0 amappl1 80 24978 0 24406 13 0 13 13 0 8 1 amappl 88 27155 0 26995 5 0 5 5 0 92 0 uvmvnodes 80 9053 0 0 185 0 185 185 0 8 0 dma32768 32768 1 0 1 1 1 0 1 0 8 0 dma16384 16384 2 0 2 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 260 0 260 1 1 0 1 0 8 0 dma64 64 10 0 10 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 154 0 6 3 0 3 3 0 8 0 uaddrrnd 24 3435 0 3403 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3435 0 3403 1 0 1 1 0 8 0 vmmpekpl 168 24673 0 24614 3 0 3 3 0 8 0 vmmpepl 168 223655 0 221575 113 5 108 108 0 357 11 vmsppl 368 3434 0 3403 4 1 3 4 0 8 0 rwobjpl 40 63280 0 52953 105 0 105 105 0 8 0 pdppl 4096 6877 0 6806 203 132 71 83 0 8 0 pvpl 32 1430775 0 1416360 169 13 156 158 0 265 8 pmappl 216 3434 0 3403 3 1 2 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 670 0 322 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff80002a7ccd10,ffff8000385bbcb0,ffff8000385bbc00) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff8000385bbcb0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff8000385bbcb0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xac4e87a3c60, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff80002a7ccd10,ffff8000385bbcb0,ffff8000385bbc00) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff8000385bbcb0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff8000385bbcb0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xac4e87a3c60, count: -3