Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0x0 fault code = supervisor write data, page not present instruction pointer = 0x20:0xffffffff81165262 stack pointer = 0x0:0xfffffe00247285e0 frame pointer = 0x0:0xfffffe00247286b0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 11877 (syz-executor.1) trap number = 12 panic: page fault cpuid = 1 time = 1569833924 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0024728230 vpanic() at vpanic+0x1e0/frame 0xfffffe0024728290 panic() at panic+0x43/frame 0xfffffe00247282f0 trap_fatal() at trap_fatal+0x4de/frame 0xfffffe0024728370 trap_pfault() at trap_pfault+0xdc/frame 0xfffffe00247283f0 trap() at trap+0x44f/frame 0xfffffe0024728510 calltrap() at calltrap+0x8/frame 0xfffffe0024728510 --- trap 0xc, rip = 0xffffffff81165262, rsp = 0xfffffe00247285e0, rbp = 0xfffffe00247286b0 --- uipc_send() at uipc_send+0x6d2/frame 0xfffffe00247286b0 sosend_generic() at sosend_generic+0x747/frame 0xfffffe0024728770 sosend() at sosend+0xc6/frame 0xfffffe00247287e0 kern_sendit() at kern_sendit+0x33d/frame 0xfffffe0024728890 freebsd32_sendmsg() at freebsd32_sendmsg+0x268/frame 0xfffffe0024728970 ia32_syscall() at ia32_syscall+0x46a/frame 0xfffffe0024728ab0 int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0x8142fef KDB: enter: panic [ thread pid 11877 tid 100466 ] Stopped at kdb_enter+0x6a: movq $0,kdb_why 08:58:44 executing program 1: pipe2(&(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) sendmsg$unix(r0, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001500)=[@rights={0x14, 0xffff, 0x1, [r1, r2]}, @cred={0x18}, @rights={0x10, 0xffff, 0x1, [0xffffffffffffffff]}], 0x3c, 0x101}, 0x0) 08:58:44 executing program 1: pipe2(&(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000140), 0x0) sendmsg$unix(r0, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001500)=[@rights={0x10, 0xffff, 0x1, [r1]}, @cred={0x18}, @rights={0x10, 0xffff, 0x1, [0xffffffffffffffff]}], 0x38, 0x101}, 0x0) 08:58:44 executing program 0: poll(&(0x7f0000000200)=[{}], 0x1, 0x80) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffffff2840029f}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffff7f28400299}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000000)={{0xffffffff284002cb}}) 08:58:44 executing program 3: poll(&(0x7f0000000200)=[{}], 0x1, 0x80) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000080)={{0xffffffff284002a1}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffffff2840029f}}) __semctl$IPC_SET(0x0, 0x0, 0xa, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000000)={{0xffffffff284002cb}}) 08:58:44 executing program 1: pipe2(&(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) pipe2(&(0x7f0000000140), 0x0) pipe2(&(0x7f0000000140), 0x0) sendmsg$unix(r0, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001500)=[@rights={0xc}, @cred={0x18}, @rights={0x10, 0xffff, 0x1, [0xffffffffffffffff]}], 0x34, 0x101}, 0x0)