kernel: protection fault trap, code=0 Stopped at sys_semop+0x352: movzwl 0x8(%rbx),%r15d ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace sys_semop(ffff800031401a40,ffff80003c4978d0,ffff80003c497820) at sys_semop+0x352 sys/kern/sysv_sem.c:622 syscall(ffff80003c4978d0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4978d0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x89bd4c490e0, count: -3 ddb{0}> show registers rdi 0 rsi 0xb rbp 0xffff80003c4977f0 rbx 0xdeaf4152deaf4152 rdx 0 rcx 0xffff800031401a40 rax 0xffffffff837d8ff0 cpu_info_full_primary+0x1ff0 r8 0x7f7fffffc000 r9 0 r10 0x653ec1114a465645 r11 0x53badd39333e9a84 r12 0xb r13 0xfffffd80673278c0 r14 0xffff80003c4978d0 r15 0xb rip 0xffffffff8283f7f2 sys_semop+0x352 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c497700 ss 0x10 sys_semop+0x352: movzwl 0x8(%rbx),%r15d ddb{0}> show proc PROC (syz-executor) tid=278120 pid=89720 tcnt=3 stat=onproc flags process=10 proc=4000000 runpri=83, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800031401278,0xffff80002a39aab8 process=0xffff800039c28020 user=0xffff80003c492000, vmspace=0xfffffd806ef975c0 estcpu=33, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 25659 441680 83162 0 2 0 syz-executor 25659 510438 83162 0 3 0x4000080 fsleep syz-executor 66662 85044 41991 0 2 0 syz-executor 66662 53959 41991 0 2 0x4000000 syz-executor 89720 479328 44734 60928 2 0x10 syz-executor *89720 278120 44734 60928 7 0x4000010 syz-executor 89720 368755 44734 60928 3 0x4000090 fsleep syz-executor 74711 435470 0 0 3 0x14200 acct acct 71977 422694 36333 0 3 0x80 nanoslp syz-executor 71977 182163 36333 0 3 0x4000080 semwait syz-executor 71977 416832 36333 0 3 0x4000080 kqsel syz-executor 9973 281343 48687 0 3 0x80 nanoslp syz-executor 9973 144695 48687 0 3 0x4000080 kqsel syz-executor 9973 75266 48687 0 3 0x4000080 fsleep syz-executor 36333 257395 6671 0 2 0x3 syz-executor 56796 216602 0 0 3 0x14280 nfsidl nfsio 14342 510701 0 0 3 0x14280 nfsidl nfsio 76384 312562 0 0 3 0x14280 nfsidl nfsio 33541 518359 0 0 3 0x14280 nfsidl nfsio 37309 952 0 0 3 0x14280 nfsidl nfsio 38595 37490 0 0 3 0x14280 nfsidl nfsio 98864 101474 0 0 3 0x14280 nfsidl nfsio 83582 375225 0 0 3 0x14280 nfsidl nfsio 32515 357619 0 0 3 0x14280 nfsidl nfsio 95532 315635 0 0 3 0x14280 nfsidl nfsio 76223 408827 0 0 3 0x14280 nfsidl nfsio 26226 248310 0 0 3 0x14280 nfsidl nfsio 80920 175637 0 0 3 0x14280 nfsidl nfsio 58897 139477 0 0 3 0x14280 nfsidl nfsio 73167 219429 0 0 3 0x14280 nfsidl nfsio 24076 504124 0 0 3 0x14280 nfsidl nfsio 14964 82199 0 0 3 0x14280 nfsidl nfsio 11834 57371 0 0 3 0x14280 nfsidl nfsio 53738 206705 0 0 3 0x14280 nfsidl nfsio 76826 442504 0 0 3 0x14280 nfsidl nfsio 50159 430326 0 0 3 0x14200 bored sosplice 80868 299405 6671 0 2 0x2 syz-executor 78783 171095 6671 0 2 0x3 syz-executor 44734 278771 6671 0 2 0x3 syz-executor 83162 63580 6671 0 3 0x82 nanoslp syz-executor 41991 373527 6671 0 2 0x3 syz-executor 48687 369923 6671 0 3 0x82 nanoslp syz-executor 75392 248630 6671 0 2 0x2 syz-executor 6671 502063 45670 0 3 0x82 kqread syz-executor 45670 509226 98349 0 3 0x10008a sigsusp ksh 98349 434025 76959 0 3 0x98 kqread sshd-session 76959 271188 14490 0 3 0x92 kqread sshd-session 88633 191940 1 0 3 0x100083 ttyin getty 14490 300157 1 0 3 0x88 kqread sshd 17401 72295 54588 74 3 0x1100092 bpf pflogd 54588 11160 1 0 3 0x80 sbwait pflogd 88530 106132 3917 73 3 0x1100090 kqread syslogd 3917 193667 1 0 3 0x100082 sbwait syslogd 13440 491391 1 0 3 0x100080 kqread resolvd 66327 509504 2244 77 3 0x100092 kqread dhcpleased 77504 433000 2244 77 3 0x100092 kqread dhcpleased 2244 123958 1 0 3 0x80 kqread dhcpleased 3562 52063 0 0 3 0x14200 bored smr 73718 451500 0 0 2 0x14200 zerothread 8484 81696 0 0 3 0x14200 aiodoned aiodoned 68528 36585 0 0 3 0x14200 syncer update 11721 293612 0 0 3 0x14200 cleaner cleaner 73129 376729 0 0 3 0x14200 reaper reaper 37968 441762 0 0 3 0x14200 pgdaemon pagedaemon 6940 515433 0 0 3 0x14200 bored viomb 27683 89610 0 0 3 0x40014200 acpi0 acpi0 76282 419297 0 0 7 0x40014200 idle1 58219 340517 0 0 3 0x14200 bored softnet7 98552 237316 0 0 3 0x14200 bored softnet6 77352 195027 0 0 3 0x14200 bored softnet5 95620 379473 0 0 3 0x14200 bored softnet4 45015 439622 0 0 3 0x14200 bored softnet3 5666 68251 0 0 3 0x14200 bored softnet2 34041 377544 0 0 3 0x14200 bored softnet1 84585 356337 0 0 3 0x14200 bored softnet0 21919 377291 0 0 3 0x14200 bored systqmp 33641 311058 0 0 3 0x14200 bored systq 30236 211948 0 0 3 0x14200 tmoslp softclockmp 52152 197031 0 0 3 0x40014200 tmoslp softclock 25185 92086 0 0 3 0x40014200 idle0 1 520764 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 89720 (syz-executor) thread 0xffff800031401a40 (278120) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10264 11120K 12341K 166960K 12668 0 pcb 17 17K 32K 166960K 391 0 rtable 226 10K 11K 166960K 548 0 pf 38 18K 82K 166960K 203 0 ifaddr 44 8K 8K 166960K 126 0 ifgroup 59 2K 2K 166960K 219 0 sysctl 4 1K 9K 166960K 16 0 counters 70 37K 38K 166960K 238 0 ioctlops 0 0K 4K 166960K 1937 0 iov 0 0K 24K 166960K 169 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1465 92K 92K 166960K 2674 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 17 0 VM map 2 1K 1K 166960K 2 0 sem 13 1K 1K 166960K 94 0 dirhash 12 2K 2K 166960K 33 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 93K 166960K 1460 0 sigio 0 0K 0K 166960K 24 0 proc 73 115K 180K 166960K 713 0 subproc 72 4K 4K 166960K 90 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 185 0 in_multi 99 7K 7K 166960K 187 0 ether_multi 1 0K 0K 166960K 22 0 mrt 2 0K 0K 166960K 5 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 259 1155K 1155K 166960K 259 0 exec 0 0K 1K 166960K 764 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 230 160K 179K 166960K 15046 0 UVM aobj 63 7K 7K 166960K 65 0 pinsyscall 41 82K 104K 166960K 2625 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 2 0K 0K 166960K 90 0 NDP 13 0K 2K 166960K 89 0 temp 79 8652K 8907K 166960K 65808 0 kqueue 14 22K 31K 166960K 284 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 197 0 194 3 2 1 3 0 8 0 rtentry 176 158 0 68 5 0 5 5 0 8 0 unpcb 144 890 0 866 9 7 2 4 0 8 1 syncache 336 12 0 12 3 2 1 1 0 8 1 tcpqe 32 4 0 4 2 1 1 1 0 8 1 tcpcb 736 650 0 606 17 12 5 7 0 8 0 arp 128 19 0 9 1 0 1 1 0 8 0 inpcb 328 1961 0 1910 20 13 7 10 0 8 2 nd6 144 29 0 7 1 0 1 1 0 8 0 pkpcb 40 12 0 12 4 4 0 1 0 8 0 kcovpl 48 10 0 2 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 1 0 1 0 8 0 ppxss 1192 66 0 66 3 2 1 1 0 8 1 pppxif 1504 6 0 6 3 2 1 1 0 8 1 pfstscr 40 4 0 4 1 1 0 1 0 8 0 pffrag 232 13 0 3 1 0 1 1 0 482 0 pffrnode 88 12 0 3 1 0 1 1 0 8 0 pffrent 40 19 0 9 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstitem 24 130 0 34 1 0 1 1 0 8 0 pfstkey 128 133 0 38 4 0 4 4 0 8 0 pfstate 384 132 0 37 10 0 10 10 0 8 0 pfrule 1344 29 0 23 2 1 1 2 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 698 0 277 32 1 31 31 0 8 1 art_table 40 701 0 277 5 0 5 5 0 8 0 art_node 32 158 0 78 1 0 1 1 0 8 0 sysvmsgpl 40 15 0 8 1 0 1 1 0 8 0 semupl 112 35 0 35 1 1 0 1 0 8 0 semapl 112 86 0 77 1 0 1 1 0 8 0 shmpl 112 62 0 2 2 0 2 2 0 8 0 dirhash 1024 32 0 15 3 0 3 3 0 8 0 dino2pl 256 4338 0 2829 95 0 95 95 0 8 0 ffsino 296 4338 0 2829 117 0 117 117 0 8 0 nchpl 144 6404 0 5869 64 31 33 64 0 8 8 rtmask 32 16 0 16 2 2 0 1 0 8 0 uvmvnodes 80 4978 0 0 102 0 102 102 0 8 0 vnodes 216 4978 0 0 277 0 277 277 0 8 0 namei 1024 22237 0 22235 3 2 1 2 0 8 0 percpumem 16 134 0 84 1 0 1 1 0 8 0 kstatmem 264 140 0 110 5 2 3 3 0 8 1 acpiwqpl 32 2 0 2 1 0 1 1 1 8 1 scsiplug 72 10 0 10 3 2 1 1 0 8 1 scxspl 216 33237 0 33237 12 10 2 8 1 8 2 plimitpl 152 350 0 333 1 0 1 1 0 8 0 sigapl 424 1811 0 1737 10 1 9 9 0 8 0 knotepl 120 544 0 0 17 0 17 17 0 8 0 kqueuepl 224 631 0 620 7 5 2 3 0 8 1 pipepl 344 239 0 212 3 0 3 3 0 8 0 fdescpl 528 1743 0 1713 3 0 3 3 0 8 0 filepl 160 12437 0 12176 21 8 13 16 0 8 1 lockfpl 104 678 0 673 3 2 1 2 0 8 0 lockfspl 48 253 0 249 1 0 1 1 0 8 0 sessionpl 144 31 0 22 1 0 1 1 0 8 0 pgrppl 48 60 0 43 1 0 1 1 0 8 0 ucredpl 104 2562 0 2548 1 0 1 1 0 8 0 zombiepl 144 2174 0 2173 1 0 1 1 0 8 0 processpl 1232 1812 0 1737 6 0 6 6 0 8 0 procpl 664 4130 0 4047 11 2 9 9 0 8 0 sosppl 168 12 0 12 3 2 1 1 0 8 1 sockpl 752 3297 0 3219 32 21 11 17 0 8 2 mcl64k 65536 17 0 0 3 0 3 3 0 8 0 mcl16k 16384 5 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 4 0 0 1 0 1 1 0 8 0 mcl4k 4096 121 0 0 16 0 16 16 0 8 0 mcl2k 2048 53 0 0 5 0 5 5 0 8 0 mtagpl 96 6 0 0 1 0 1 1 0 8 0 mbufpl 256 636 0 0 40 0 40 40 0 8 0 bufpl 280 12716 0 6573 441 1 440 440 0 8 0 anonpl 32 10803 0 0 87 0 87 87 0 246 0 amapchunkpl 152 52614 0 52143 48 21 27 36 0 158 5 amappl16 200 5942 0 5907 42 25 17 24 0 8 8 amappl15 192 3 0 3 1 1 0 1 0 8 0 amappl14 184 130 0 118 1 0 1 1 0 8 0 amappl13 176 3 0 3 1 1 0 1 0 8 0 amappl12 168 2421 0 2391 4 2 2 3 0 8 0 amappl11 160 52 0 38 1 0 1 1 0 8 0 amappl10 152 6 0 6 1 1 0 1 0 8 0 amappl9 144 257 0 257 1 1 0 1 0 8 0 amappl8 136 25 0 21 1 0 1 1 0 8 0 amappl7 128 133 0 119 1 0 1 1 0 8 0 amappl6 120 196 0 193 1 0 1 1 0 8 0 amappl5 112 140 0 130 1 0 1 1 0 8 0 amappl4 104 330 0 308 1 0 1 1 0 8 0 amappl3 96 10340 0 10235 4 0 4 4 0 8 0 amappl2 88 722 0 658 2 0 2 2 0 8 0 amappl1 80 15468 0 14865 17 2 15 15 0 8 0 amappl 88 14048 0 13891 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 257 0 257 4 3 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 64 0 2 2 0 2 2 0 8 0 uaddrrnd 24 1743 0 1713 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1743 0 1713 1 0 1 1 0 8 0 vmmpekpl 168 15980 0 15936 3 0 3 3 0 8 0 vmmpepl 168 116640 0 114676 125 15 110 110 0 357 10 vmsppl 488 1742 0 1713 7 2 5 5 0 8 1 rwobjpl 80 37184 0 31208 128 1 127 127 0 8 1 pdppl 4096 3494 0 3426 115 43 72 86 0 8 4 pvpl 32 18524 0 0 150 0 150 150 0 265 0 pmappl 256 1742 0 1713 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 345 0 64 9 0 9 9 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace sys_semop(ffff800031401a40,ffff80003c4978d0,ffff80003c497820) at sys_semop+0x352 sys/kern/sysv_sem.c:622 syscall(ffff80003c4978d0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4978d0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x89bd4c490e0, count: -3 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224 sched_idle(ffff8000299edff0) at sched_idle+0x391 sys/kern/kern_sched.c:191 end trace frame: 0x0, count: -5