kernel: protection fault trap, code=0 Stopped at sys_semop+0x45b: movzwl 0(%rax),%r15d ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace sys_semop(ffff8000364b9c10,ffff80002a3804f0,ffff80002a380440) at sys_semop+0x45b sys/kern/sysv_sem.c:615 syscall(ffff80002a3804f0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a3804f0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3db9f899230, count: -3 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80002a380410 rbx 0 rdx 0 rcx 0xffff8000364b9c10 rax 0xdeaf4152deaf4152 r8 0x7f7fffffc000 r9 0 r10 0xbd20ec944e60d279 r11 0x8bcd3f673e036d60 r12 0xffff8000014fcf04 r13 0 r14 0xffff80002a3804f0 r15 0 rip 0xffffffff81fc55bb sys_semop+0x45b cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a3802f0 ss 0x10 sys_semop+0x45b: movzwl 0(%rax),%r15d ddb{0}> show proc PROC (syz-executor) tid=491913 pid=84685 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=86, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000364b8a58,0xffff80003c4dc548 process=0xffff80003c596b58 user=0xffff80002a37b000, vmspace=0xfffffd806be59ad0 estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 22699 166693 20138 0 2 0 syz-executor 22699 132862 20138 0 3 0x4000080 fsleep syz-executor 22699 348857 20138 0 3 0x4000080 fsleep syz-executor 86198 488837 72102 0 7 0 syz-executor 86198 80648 72102 0 2 0x4000000 syz-executor 42462 176577 68976 0 2 0x10 syz-executor 42462 171377 68976 0 3 0x4000090 fsleep syz-executor 84685 34557 71259 0 2 0 syz-executor *84685 491913 71259 0 7 0x4000000 syz-executor 84685 320257 71259 0 3 0x4000080 fsleep syz-executor 336 177809 22910 0 2 0 syz-executor 336 138099 22910 0 2 0x4000000 syz-executor 38389 2681 98462 0 3 0x80 nanoslp syz-executor 38389 425667 98462 0 3 0x4000080 kqsel syz-executor 42967 33488 79921 0 3 0x90 nanoslp syz-executor 42967 149599 79921 0 3 0x4000090 netcon syz-executor 64334 97162 1 0 3 0x100083 ttyopn getty 90243 66002 47026 0 3 0x82 sbwait sshd-session 71259 82864 61780 0 3 0x82 nanoslp syz-executor 68976 412317 61780 0 3 0x82 nanoslp syz-executor 37604 388709 0 0 3 0x14280 nfsidl nfsio 68041 451609 0 0 3 0x14280 nfsidl nfsio 16569 110494 0 0 3 0x14280 nfsidl nfsio 74072 275290 0 0 3 0x14280 nfsidl nfsio 60827 295607 0 0 3 0x14280 nfsidl nfsio 75245 206427 0 0 3 0x14280 nfsidl nfsio 27852 81428 0 0 3 0x14280 nfsidl nfsio 24452 426386 0 0 3 0x14280 nfsidl nfsio 16851 240884 0 0 3 0x14280 nfsidl nfsio 30177 260058 0 0 3 0x14280 nfsidl nfsio 42756 242193 0 0 3 0x14280 nfsidl nfsio 41149 424817 0 0 3 0x14280 nfsidl nfsio 58370 468059 0 0 3 0x14280 nfsidl nfsio 72683 257544 0 0 3 0x14280 nfsidl nfsio 46223 371397 0 0 3 0x14280 nfsidl nfsio 40448 123965 0 0 3 0x14280 nfsidl nfsio 64933 3198 0 0 3 0x14280 nfsidl nfsio 71796 13597 0 0 3 0x14280 nfsidl nfsio 81679 462834 0 0 3 0x14280 nfsidl nfsio 22107 8940 0 0 3 0x14280 nfsidl nfsio 28007 496472 0 0 3 0x14200 bored sosplice 79921 477965 61780 0 3 0x82 nanoslp syz-executor 98462 490585 61780 0 3 0x82 nanoslp syz-executor 72102 72583 61780 0 3 0x82 nanoslp syz-executor 22910 422973 61780 0 3 0x82 nanoslp syz-executor 7329 380250 61780 0 3 0x82 wait syz-executor 20138 183641 61780 0 3 0x82 nanoslp syz-executor 61780 443920 29581 0 3 0x82 kqread syz-executor 29581 219056 7239 0 3 0x10008a sigsusp ksh 7239 203953 22014 0 3 0x98 kqread sshd-session 22014 514546 47026 0 3 0x92 kqread sshd-session 47026 464927 1 0 3 0x88 kqread sshd 34105 389599 11466 74 3 0x1100092 bpf pflogd 11466 400432 1 0 3 0x80 sbwait pflogd 59982 475226 3033 73 3 0x1100090 kqread syslogd 3033 238967 1 0 3 0x100082 sbwait syslogd 26697 209535 1 0 3 0x100080 kqread resolvd 60974 35052 40758 77 3 0x100092 kqread dhcpleased 78202 269576 40758 77 3 0x100092 kqread dhcpleased 40758 506112 1 0 3 0x80 kqread dhcpleased 72406 305373 0 0 3 0x14200 bored smr 71359 196323 0 0 2 0x14200 zerothread 17924 139742 0 0 3 0x14200 aiodoned aiodoned 82032 369020 0 0 3 0x14200 syncer update 17320 468172 0 0 3 0x14200 cleaner cleaner 60527 109166 0 0 3 0x14200 reaper reaper 45141 167631 0 0 3 0x14200 pgdaemon pagedaemon 52070 86657 0 0 3 0x14200 bored viomb 47001 270046 0 0 3 0x40014200 acpi0 acpi0 38303 519481 0 0 3 0x40014200 idle1 5283 442093 0 0 3 0x14200 bored softnet3 91896 464391 0 0 3 0x14200 bored softnet2 41136 320923 0 0 3 0x14200 bored softnet1 82557 250260 0 0 3 0x14200 bored softnet0 79229 27435 0 0 3 0x14200 bored systqmp 70423 185384 0 0 3 0x14200 bored systq 25629 268975 0 0 3 0x14200 tmoslp softclockmp 29784 131447 0 0 3 0x40014200 tmoslp softclock 82316 450106 0 0 3 0x40014200 idle0 1 522084 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 84685 (syz-executor) thread 0xffff8000364b9c10 (491913) Process 336 (syz-executor) thread 0xffff8000364b82c0 (138099) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10201 11031K 11480K 166960K 13741 0 pcb 18 12K 12K 166960K 244 0 rtable 215 12K 13K 166960K 562 0 pf 41 19K 21K 166960K 340 0 ifaddr 40 7K 8K 166960K 99 0 ifgroup 59 2K 2K 166960K 160 0 sysctl 3 1K 1K 166960K 6 0 counters 66 36K 37K 166960K 148 0 ioctlops 0 0K 4K 166960K 1960 0 iov 0 0K 20K 166960K 116 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1437 90K 91K 166960K 2632 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 5K 9K 166960K 47 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 56 0 dirhash 12 2K 2K 166960K 36 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 18 65K 97K 166960K 1619 0 sigio 0 0K 0K 166960K 25 0 proc 73 91K 140K 166960K 777 0 subproc 72 4K 4K 166960K 90 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 1 0K 0K 166960K 376 0 in_multi 87 6K 7K 166960K 164 0 ether_multi 2 0K 0K 166960K 9 0 mrt 1 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 574 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 238 73K 87K 166960K 17237 0 UVM aobj 131 8K 8K 166960K 137 0 pinsyscall 45 90K 106K 166960K 2805 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 127 0 NDP 13 0K 2K 166960K 68 0 temp 79 8644K 8772K 166960K 61113 0 kqueue 13 20K 30K 166960K 271 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 239 0 236 4 3 1 3 0 8 0 rtentry 112 166 0 74 4 0 4 4 0 8 0 unpcb 144 1029 0 1010 8 4 4 4 0 8 3 syncache 336 11 0 11 4 3 1 1 0 8 1 tcpqe 32 4 0 4 3 2 1 1 0 8 1 tcpcb 808 487 0 476 12 7 5 8 0 8 3 arp 120 29 0 12 1 0 1 1 0 8 0 inpcb 376 1841 0 1821 26 20 6 15 0 8 3 nd6 136 34 0 9 1 0 1 1 0 8 0 pkpcb 40 7 0 7 3 2 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 ppxss 1168 28 0 28 3 2 1 1 0 8 1 pppxif 1472 5 0 5 4 3 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pffrag 232 4 0 2 1 0 1 1 0 482 0 pffrnode 88 4 0 2 1 0 1 1 0 8 0 pffrent 40 8 0 6 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 1 0 0 1 0 1 1 0 8 0 pftag 88 3 0 0 1 0 1 1 0 8 0 pfstitem 24 100 0 40 1 0 1 1 0 8 0 pfstkey 128 102 0 44 2 0 2 2 0 8 0 pfstate 376 97 0 40 6 0 6 6 0 8 0 pfrule 1344 100 0 93 2 1 1 2 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 733 0 311 35 5 30 31 0 8 2 art_table 32 735 0 311 4 0 4 4 0 8 0 art_node 16 162 0 80 1 0 1 1 0 8 0 sysvmsgpl 40 42 0 40 1 0 1 1 0 8 0 semapl 112 45 0 36 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 33 0 16 3 0 3 3 0 8 0 dino2pl 256 4267 0 2764 95 0 95 95 0 8 0 ffsino 280 4267 0 2764 109 0 109 109 0 8 0 nchpl 144 6639 0 6104 64 33 31 64 0 8 6 rtmask 32 1 0 1 1 1 0 1 0 8 0 uvmvnodes 80 5167 0 0 106 0 106 106 0 8 0 vnodes 216 5167 0 0 288 0 288 288 0 8 0 namei 1024 23930 0 23930 3 2 1 2 0 8 1 percpumem 16 88 0 41 1 0 1 1 0 8 0 kstatmem 264 92 0 66 2 0 2 2 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 5 0 5 2 1 1 1 0 8 1 scxspl 216 22545 0 22545 12 10 2 8 1 8 2 plimitpl 152 221 0 202 1 0 1 1 0 8 0 sigapl 424 1949 0 1877 10 1 9 9 0 8 0 futexpl 64 22365 0 22361 1 0 1 1 0 8 0 knotepl 120 347 0 0 10 0 10 10 0 8 0 kqueuepl 216 727 0 717 9 4 5 5 0 8 4 pipepl 328 410 0 382 13 5 8 8 0 8 5 fdescpl 504 1907 0 1874 6 1 5 6 0 8 0 filepl 152 13223 0 12998 30 14 16 17 0 8 4 lockfpl 104 826 0 824 4 3 1 2 0 8 0 lockfspl 48 261 0 259 1 0 1 1 0 8 0 sessionpl 144 36 0 26 1 0 1 1 0 8 0 pgrppl 48 74 0 56 1 0 1 1 0 8 0 ucredpl 104 2015 0 1997 1 0 1 1 0 8 0 zombiepl 144 2629 0 2628 1 0 1 1 0 8 0 processpl 1168 1949 0 1877 7 1 6 6 0 8 0 procpl 648 4528 0 4447 8 0 8 8 0 8 0 srpgc 96 6 0 6 3 2 1 1 0 8 1 sosppl 168 6 0 6 4 3 1 1 0 8 1 sockpl 688 3137 0 3096 30 19 11 16 0 8 6 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 129 0 0 16 0 16 16 0 8 0 mcl2k 2048 39 0 0 5 0 5 5 0 8 0 mtagpl 96 227 0 0 6 0 6 6 0 8 0 mbufpl 256 461 0 0 27 0 27 27 0 8 0 bufpl 280 6619 0 464 440 0 440 440 0 8 0 anonpl 24 262586 0 258541 104 42 62 62 0 184 20 amapchunkpl 152 55788 0 55271 44 14 30 30 0 158 6 amappl16 200 5372 0 5331 58 44 14 20 0 8 8 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 137 0 124 1 0 1 1 0 8 0 amappl13 176 3 0 3 1 1 0 1 0 8 0 amappl12 168 2593 0 2560 4 2 2 3 0 8 0 amappl11 160 48 0 34 1 0 1 1 0 8 0 amappl10 152 5 0 5 1 1 0 1 0 8 0 amappl9 144 262 0 262 1 1 0 1 0 8 0 amappl8 136 24 0 21 1 0 1 1 0 8 0 amappl7 128 121 0 108 1 0 1 1 0 8 0 amappl6 120 203 0 198 1 0 1 1 0 8 0 amappl5 112 137 0 127 1 0 1 1 0 8 0 amappl4 104 375 0 357 1 0 1 1 0 8 0 amappl3 96 11466 0 11352 4 0 4 4 0 8 0 amappl2 88 764 0 695 2 0 2 2 0 8 0 amappl1 80 14368 0 13702 18 2 16 16 0 8 0 amappl 88 16670 0 16495 5 0 5 5 0 92 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 255 0 255 2 1 1 1 0 8 1 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 1907 0 1874 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1907 0 1874 1 0 1 1 0 8 0 vmmpekpl 168 17756 0 17708 3 0 3 3 0 8 0 vmmpepl 168 122945 0 120878 124 18 106 106 0 357 6 vmsppl 456 1906 0 1874 7 2 5 5 0 8 0 rwobjpl 64 39153 0 32813 109 2 107 107 0 8 0 pdppl 4096 3822 0 3748 117 43 74 88 0 8 0 pvpl 32 19743 0 0 160 1 159 159 0 265 0 pmappl 248 1906 0 1874 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 343 0 68 8 0 8 8 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace sys_semop(ffff8000364b9c10,ffff80002a3804f0,ffff80002a380440) at sys_semop+0x45b sys/kern/sysv_sem.c:615 syscall(ffff80002a3804f0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a3804f0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3db9f899230, count: -3 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800029aabff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 end of kernel end trace frame: 0x709ed4cde3b0, count: -3