Fatal trap 9: general protection fault while in kernel mode cpuid = 0; apic id = 00 instruction pointer = 0x20:0xffffffff8133b775 stack pointer = 0x0:0xfffffe0025a4a5d0 frame pointer = 0x0:0xfffffe0025a4a7a0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 937 (syz-executor.2) trap number = 9 panic: general protection fault cpuid = 0 time = 1592262339 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0025a4a2a0 vpanic() at vpanic+0x1c7/frame 0xfffffe0025a4a300 panic() at panic+0x43/frame 0xfffffe0025a4a360 trap_fatal() at trap_fatal+0x4ca/frame 0xfffffe0025a4a3e0 trap() at trap+0xda/frame 0xfffffe0025a4a500 calltrap() at calltrap+0x8/frame 0xfffffe0025a4a500 --- trap 0x9, rip = 0xffffffff8133b775, rsp = 0xfffffe0025a4a5d0, rbp = 0xfffffe0025a4a7a0 --- sctp_lower_sosend() at sctp_lower_sosend+0x32e5/frame 0xfffffe0025a4a7a0 sctp_sosend() at sctp_sosend+0x501/frame 0xfffffe0025a4a8d0 sosend() at sosend+0xc6/frame 0xfffffe0025a4a940 kern_sendit() at kern_sendit+0x33d/frame 0xfffffe0025a4a9f0 sendit() at sendit+0x224/frame 0xfffffe0025a4aa50 sys_sendto() at sys_sendto+0x5c/frame 0xfffffe0025a4aab0 ia32_syscall() at ia32_syscall+0x24e/frame 0xfffffe0025a4abf0 int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0xfbffcf78 KDB: enter: panic [ thread pid 937 tid 100460 ] Stopped at kdb_enter+0x67: movq $0,0x14a5626(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b ll+0x1a es 0x3b ll+0x1a fs 0x13 gs 0x1b ss 0 rax 0x12 rcx 0x80 ll+0x5f rdx 0xffffffff8195e8a8 rbx 0 rsp 0xfffffe0025a4a280 rbp 0xfffffe0025a4a2a0 rsi 0x1 rdi 0 r8 0 r9 0xffffffff r10 0 r11 0xfffffe0025c26f10 r12 0xffffffff82068f70 ddb_dbbe r13 0 r14 0xffffffff819a9130 r15 0xffffffff819a9130 rip 0xffffffff810b45c7 kdb_enter+0x67 rflags 0x200082 kernphys+0x82 kdb_enter+0x67: movq $0,0x14a5626(%rip) db> show proc Process 937 (syz-executor.2) at 0xfffff80003c30000: state: NORMAL uid: 0 gids: 0, 0, 5 parent: pid 778 at 0xfffff8001658e000 ABI: FreeBSD ELF32 arguments: /root/syz-executor.2 reaper: 0xfffff80003318000 reapsubtree: 1 sigparent: 20 vmspace: 0xfffffe002584d000 (map 0xfffffe002584d000) (map.pmap 0xfffffe002584d0c0) (pmap 0xfffffe002584d120) threads: 4 100090 S nanslp 0xffffffff8252f1f1 syz-executor.2 100460 Run CPU 0 syz-executor.2 100462 S uwait 0xfffff800037c1b00 syz-executor.2 100464 S uwait 0xfffff800037c1c00 syz-executor.2 db> ps pid ppid pgrp uid state wmesg wchan cmd 938 790 790 0 S (threaded) syz-executor.3 100077 S nanslp 0xffffffff8252f1f1 syz-executor.3 100461 S sbwait 0xfffffe00239afb8c syz-executor.3 100463 S sbwait 0xfffffe00239afb8c syz-executor.3 100465 S uwait 0xfffff80016a04d00 syz-executor.3 937 778 778 0 R (threaded) syz-executor.2 100090 S nanslp 0xffffffff8252f1f1 syz-executor.2 100460 Run CPU 0 syz-executor.2 100462 S uwait 0xfffff800037c1b00 syz-executor.2 100464 S uwait 0xfffff800037c1c00 syz-executor.2 936 775 775 0 R (threaded) syz-executor.0 100119 RunQ syz-executor.0 100456 S sbwait 0xfffffe00239e465c syz-executor.0 100458 S sbwait 0xfffffe00239e465c syz-executor.0 100459 S uwait 0xfffff800030f9180 syz-executor.0 935 777 777 0 R (threaded) syz-executor.1 100120 Run CPU 1 syz-executor.1 100452 S sbwait 0xfffffe00239e547c syz-executor.1 100455 S sbwait 0xfffffe00239e547c syz-executor.1 100457 S uwait 0xfffff80016a04c00 syz-executor.1 828 818 828 0 Ss select 0xfffff80015aee6c0 dhclient 825 1 825 0 Ss select 0xfffff8001613c340 dhclient 818 803 424 65 S select 0xfffff80003bf98c0 dhclient 803 424 424 0 S wait 0xfffff8001658a000 sh 790 773 790 0 Rs syz-executor.3 778 773 778 0 Ss nanslp 0xffffffff8252f1f1 syz-executor.2 777 773 777 0 Ss nanslp 0xffffffff8252f1f1 syz-executor.1 775 773 775 0 Ss nanslp 0xffffffff8252f1f1 syz-executor.0 773 771 771 0 S (threaded) syz-execprog 100107 S uwait 0xfffff800039f6d80 syz-execprog 100108 S uwait 0xfffff800037c2200 syz-execprog 100109 S uwait 0xfffff800037c2300 syz-execprog 100110 S uwait 0xfffff800037c2480 syz-execprog 100111 S uwait 0xfffff800037c2580 syz-execprog 100112 S kqread 0xfffff80003345700 syz-execprog 100114 S uwait 0xfffff800037c0d80 syz-execprog 100115 S uwait 0xfffff800037c0b80 syz-execprog 100116 S uwait 0xfffff800037c1d80 syz-execprog 771 769 771 0 Ss pause 0xfffff800165895c8 csh 769 682 769 0 Ss select 0xfffff80003d151c0 sshd 750 1 750 0 Ss+ ttyin 0xfffff800037b98b0 getty 749 1 749 0 Ss+ ttyin 0xfffff80003b35cb0 getty 748 1 748 0 Ss+ ttyin 0xfffff80003b384b0 getty 747 1 747 0 Ss+ ttyin 0xfffff80003b38cb0 getty 746 1 746 0 Ss+ ttyin 0xfffff800033c44b0 getty 745 1 745 0 Ss+ ttyin 0xfffff800033c4cb0 getty 744 1 744 0 Ss+ ttyin 0xfffff800033c34b0 getty 743 1 743 0 Ss+ ttyin 0xfffff800033c3cb0 getty 742 1 742 0 Ss+ ttyin 0xfffff800033c64b0 getty 740 1 24 0 S+ piperd 0xfffff80003c61000 logger 739 738 24 0 S+ nanslp 0xffffffff8252f1f1 sleep 738 1 24 0 S+ wait 0xfffff80003c74000 sh 686 1 686 0 Ss nanslp 0xffffffff8252f1f1 cron 682 1 682 0 Ss select 0xfffff80003d152c0 sshd 4