kernel: protection fault trap, code=0 Stopped at sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_semop(ffff80002a7cc020,ffff80003c9a1120,ffff80003c9a1070) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003c9a1120) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9a1120) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x973069e7a80, count: -3 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003c9a1050 rbx 0xdeaf4152deaf4152 rdx 0xffff80000146f700 rcx 0 rax 0xdeaf4152deaf4152 r8 0x7f7fffffc000 r9 0 r10 0xb69dc712a0b8a8d9 r11 0xaaec95c7ea1462f8 r12 0 r13 0xfffffd80694d3ee0 r14 0xffff80003c9a1120 r15 0 rip 0xffffffff82af2c95 sys_semop+0x3d5 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c9a0f60 ss 0x10 sys_semop+0x3d5: movzwl 0(%rax),%r15d ddb> show proc PROC (syz-executor) tid=149947 pid=64162 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=54, usrpri=54, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7b5240,0xffff80002a7cc7f8 process=0xffff8000ffff8018 user=0xffff80003c99c000, vmspace=0xfffffd80725c9468 estcpu=4, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 60407 379207 97142 0 2 0 syz-executor 60407 40968 97142 0 3 0x4000080 fsleep syz-executor 60407 375940 97142 0 3 0x4000080 fsleep syz-executor 57263 121679 41143 0 2 0 syz-executor 57263 313859 41143 0 3 0x4000080 fsleep syz-executor 57263 183113 41143 0 3 0x4000080 fsleep syz-executor 57263 164385 41143 0 2 0x4000000 syz-executor 67818 404083 77221 0 2 0 syz-executor 67818 504103 77221 0 3 0x4000080 fsleep syz-executor 67818 28170 77221 0 3 0x4000080 fsleep syz-executor 67818 490759 77221 0 3 0x4000080 fsleep syz-executor 64162 46115 91114 0 2 0 syz-executor 64162 105317 91114 0 3 0x4000080 kqsel syz-executor *64162 149947 91114 0 7 0x4000000 syz-executor 64162 199089 91114 0 3 0x4000080 fsleep syz-executor 36833 404434 44169 0 2 0 syz-executor 36833 348278 44169 0 3 0x4000080 fsleep syz-executor 54757 299206 98435 0 2 0 syz-executor 54757 424053 98435 0 3 0x4000080 fsleep syz-executor 5682 413323 6623 0 2 0xc80 syz-executor 5682 496268 6623 0 3 0x4000080 kqsel syz-executor 5682 86550 6623 0 3 0x4000080 fsleep syz-executor 5682 348027 6623 0 3 0x4000080 pipewr syz-executor 5682 13033 6623 0 3 0x4000080 fsleep syz-executor 91114 13253 49459 0 2 0xc82 syz-executor 41143 102124 49459 0 2 0xc82 syz-executor 97142 398855 49459 0 2 0xc82 syz-executor 77221 116195 49459 0 2 0xc82 syz-executor 44169 468518 49459 0 2 0xc82 syz-executor 2534 215238 49459 0 2 0x2 syz-executor 98435 52061 49459 0 2 0xc82 syz-executor 6623 397316 49459 0 3 0x82 nanoslp syz-executor 49459 301653 17290 0 3 0x82 kqread syz-executor 17290 221361 53516 0 3 0x10008a sigsusp ksh 53516 248521 41403 0 3 0x98 kqread sshd-session 41403 328871 32281 0 3 0x92 kqread sshd-session 81921 266662 1 0 3 0x100083 ttyin getty 32281 500852 1 0 3 0x88 kqread sshd 78105 512249 23174 73 3 0x1100090 kqread syslogd 23174 78640 1 0 3 0x100082 sbwait syslogd 14926 444321 1 0 3 0x100080 kqread resolvd 7912 390361 31266 77 3 0x100092 kqread dhcpleased 88101 6709 31266 77 3 0x100092 kqread dhcpleased 31266 207397 1 0 3 0x80 kqread dhcpleased 67312 275538 0 0 3 0x14200 bored smr 46262 492823 0 0 2 0x14200 zerothread 37896 395300 0 0 3 0x14200 aiodoned aiodoned 7321 62224 0 0 3 0x14200 syncer update 98954 489311 0 0 3 0x14200 cleaner cleaner 84611 369009 0 0 3 0x14200 reaper reaper 60982 28761 0 0 3 0x14200 pgdaemon pagedaemon 17581 288762 0 0 3 0x14200 bored viomb 35398 476805 0 0 3 0x40014200 acpi0 acpi0 2166 462920 0 0 3 0x14200 bored softnet0 85262 452593 0 0 3 0x14200 bored systqmp 96596 284433 0 0 3 0x14200 bored systq 65252 33324 0 0 2 0x40014200 softclock 33222 299201 0 0 3 0x40014200 idle0 1 433522 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10168 11041K 11241K 166960K 11276 0 pcb 17 12K 12K 166960K 32 0 rtable 243 7K 7K 166960K 371 0 pf 30 12K 12K 166960K 30 0 ifaddr 42 7K 7K 166960K 44 0 ifgroup 50 2K 2K 166960K 50 0 sysctl 1 1K 9K 166960K 7 0 counters 32 17K 17K 166960K 32 0 ioctlops 0 0K 4K 166960K 103 0 iov 0 0K 1K 166960K 2 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1371 86K 86K 166960K 1416 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 3 0 VM map 2 1K 1K 166960K 2 0 sem 4 0K 0K 166960K 7 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 85K 166960K 179 0 proc 60 59K 91K 166960K 483 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 9 0 in_multi 99 7K 7K 166960K 103 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 43 201K 201K 166960K 43 0 exec 0 0K 1K 166960K 359 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 243 159K 165K 166960K 3364 0 UVM aobj 68 3K 3K 166960K 68 0 pinsyscall 38 76K 90K 166960K 1247 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 2 0 NDP 11 0K 1K 166960K 27 0 temp 41 8639K 8703K 166960K 5944 0 kqueue 15 24K 28K 166960K 30 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 42 0 39 1 0 1 1 0 8 0 rtentry 136 111 0 1 4 0 4 4 0 8 0 unpcb 144 68 0 51 1 0 1 1 0 8 0 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 20 0 16 1 0 1 1 0 8 0 arp 96 18 0 0 1 0 1 1 0 8 0 inpcb 328 88 0 79 2 0 2 2 0 8 1 ip6q 72 1 0 1 1 1 0 1 0 8 0 ip6af 40 2 0 2 1 1 0 1 0 8 0 nd6 112 24 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 pfrule 1344 2 0 1 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 453 0 0 29 0 29 29 0 8 0 art_table 40 454 0 0 5 0 5 5 0 8 0 art_node 32 111 0 11 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 2 1 0 1 1 0 8 0 semapl 112 4 0 3 1 0 1 1 0 8 0 shmpl 112 65 0 0 2 0 2 2 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1632 0 128 95 0 95 95 0 8 0 ffsino 256 1632 0 128 95 0 95 95 0 8 0 nchpl 144 1887 0 194 63 0 63 63 0 8 0 vnodes 216 1761 0 0 98 0 98 98 0 8 0 namei 1024 5678 0 5677 2 1 1 2 0 8 0 kstatmem 264 22 0 0 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 6012 0 6012 3 2 1 3 1 8 1 plimitpl 152 32 0 15 1 0 1 1 0 8 0 sigapl 424 465 0 423 6 1 5 6 0 8 0 knotepl 120 4668 0 4381 18 1 17 17 0 8 8 kqueuepl 184 39 0 26 1 0 1 1 0 8 0 pipepl 304 120 0 92 3 0 3 3 0 8 0 fdescpl 448 452 0 423 4 0 4 4 0 8 0 filepl 120 1797 0 1579 10 1 9 9 0 8 0 lockfpl 104 30 0 27 1 0 1 1 0 8 0 lockfspl 48 14 0 11 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 29 0 13 1 0 1 1 0 8 0 ucredpl 104 116 0 105 1 0 1 1 0 8 0 zombiepl 144 437 0 437 2 1 1 1 0 8 1 processpl 1152 465 0 423 4 0 4 4 0 8 0 procpl 664 555 0 496 6 0 6 6 0 8 1 sockpl 552 200 0 171 3 0 3 3 0 8 0 mcl64k 65536 5 0 5 1 1 0 1 0 8 0 mcl16k 16384 2 0 2 1 1 0 1 0 8 0 mcl8k 8192 4 0 4 1 1 0 1 0 8 0 mcl4k 4096 2494 0 2438 15 7 8 15 0 8 0 mcl2k2 2112 1 0 1 1 1 0 1 0 8 0 mcl2k 2048 245 0 245 1 0 1 1 0 8 1 mtagpl 96 5 0 5 1 1 0 1 0 8 0 mbufpl 256 4381 0 4227 12 0 12 12 0 8 0 bufpl 280 2339 0 119 159 0 159 159 0 8 0 anonpl 24 101937 0 98843 32 11 21 32 0 187 0 amapchunkpl 152 9517 0 9003 24 3 21 24 0 158 1 amappl16 200 1889 0 1867 5 3 2 5 0 8 0 amappl15 192 63 0 63 1 1 0 1 0 8 0 amappl14 184 8 0 8 1 1 0 1 0 8 0 amappl13 176 406 0 404 1 0 1 1 0 8 0 amappl12 168 792 0 754 2 0 2 2 0 8 0 amappl11 160 3 0 3 1 1 0 1 0 8 0 amappl10 152 45 0 35 1 0 1 1 0 8 0 amappl9 144 285 0 285 1 1 0 1 0 8 0 amappl8 136 115 0 114 1 0 1 1 0 8 0 amappl7 128 78 0 77 1 0 1 1 0 8 0 amappl6 120 266 0 255 1 0 1 1 0 8 0 amappl5 112 97 0 90 1 0 1 1 0 8 0 amappl4 104 375 0 353 1 0 1 1 0 8 0 amappl3 96 1484 0 1389 3 0 3 3 0 8 0 amappl2 88 559 0 491 2 0 2 2 0 8 0 amappl1 80 8943 0 8408 12 0 12 12 0 8 0 amappl 88 2668 0 2495 4 0 4 4 0 92 0 uvmvnodes 80 1761 0 0 36 0 36 36 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 67 0 0 2 0 2 2 0 8 0 uaddrrnd 24 452 0 423 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 452 0 423 1 0 1 1 0 8 0 vmmpekpl 168 5337 0 5302 2 0 2 2 0 8 0 vmmpepl 168 37002 0 35220 82 2 80 80 0 357 2 vmsppl 368 451 0 423 4 1 3 4 0 8 0 rwobjpl 40 15230 0 12557 27 0 27 27 0 8 0 pdppl 4096 910 0 846 94 28 66 76 0 8 2 pvpl 32 227304 0 218903 90 12 78 88 0 265 2 pmappl 216 451 0 423 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 363 0 43 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_semop(ffff80002a7cc020,ffff80003c9a1120,ffff80003c9a1070) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003c9a1120) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9a1120) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x973069e7a80, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_semop(ffff80002a7cc020,ffff80003c9a1120,ffff80003c9a1070) at sys_semop+0x3d5 sys/kern/sysv_sem.c:617 syscall(ffff80003c9a1120) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9a1120) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x973069e7a80, count: -3