Warning: Permanently added '10.128.1.27' (ECDSA) to the list of known hosts. 2019/05/11 00:11:01 parsed 1 programs 2019/05/11 00:11:01 executed programs: 0 interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type interface if_tuntap.1 already present in the KLD 'kernel'! linker_load_file: /boot/kernel/if_tap.ko - unsupported file type Kernel page fault with the following non-sleepable locks held: exclusive sleep mutex sctp-tcb (tcb) r = 0 (0xfffff80012c6c928) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_output.c:13021 stack backtrace: #0 0xffffffff8110eb9e at witness_debugger+0x8e #1 0xffffffff81110220 at witness_warn+0x640 #2 0xffffffff8170c6e0 at trap_pfault+0x80 #3 0xffffffff8170b64d at trap+0x44d #4 0xffffffff816d4835 at calltrap+0x8 #5 0xffffffff8153781a at uma_zfree_arg+0x1aa #6 0xffffffff81039f8f at m_freem+0x13f #7 0xffffffff812db644 at ip_output+0x1eb4 #8 0xffffffff81320ece at sctp_lowlevel_chunk_output+0xfbe #9 0xffffffff81333120 at sctp_send_abort_tcb+0x360 #10 0xffffffff81380218 at sctp_abort_an_association+0x38 #11 0xffffffff8133ae82 at sctp_lower_sosend+0x2b12 #12 0xffffffff81331e60 at sctp_sosend+0x510 #13 0xffffffff811596f6 at sosend+0xc6 #14 0xffffffff81122af1 at soo_write+0x61 #15 0xffffffff811158bd at dofilewrite+0xpanic: Memory modified after free 0xfffff80004993900(256) val=0 @ 0xfffff80004993900 cpuid = 0 time = 1557533462 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0021294690 vpanic() at vpanic+0x1e0/frame 0xfffffe00212946f0 panic() at panic+0x43/frame 0xfffffe0021294750 trash_ctor() at trash_ctor+0xaa/frame 0xfffffe0021294790 mb_ctor_mbuf() at mb_ctor_mbuf+0x30/frame 0xfffffe00212947d0 uma_zalloc_arg() at uma_zalloc_arg+0x1036/frame 0xfffffe0021294880 m_getm2() at m_getm2+0x213/frame 0xfffffe00212948f0 sctp_get_mbuf_for_msg() at sctp_get_mbuf_for_msg+0x4a/frame 0xfffffe0021294930 sctp_lowlevel_chunk_output() at sctp_lowlevel_chunk_output+0x164/frame 0xfffffe0021294a80 sctp_med_chunk_output() at sctp_med_chunk_output+0x45ca/frame 0xfffffe0021295470 sctp_lower_sosend() at sctp_lower_sosend+0x4465/frame 0xfffffe0021295670 sctp_sosend() at sctp_sosend+0x510/frame 0xfffffe00212957a0 sosend() at sosend+0xc6/frame 0xfffffe0021295810 kern_sendit() at kern_sendit+0x35e/frame 0xfffffe00212958c0 sendit() at sendit+0x226/frame 0xfffffe0021295920 sys_sendmsg() at sys_sendmsg+0x8b/frame 0xfffffe0021295980 amd64_syscall() at amd64_syscall+0x436/frame 0xfffffe0021295ab0 fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe0021295ab0 --- syscall (198, FreeBSD ELF64, nosys), rip = 0x41309a, rsp = 0x7fffdffdcf38, rbp = 0x3 --- KDB: enter: panic [ thread pid 814 tid 100123 ] Stopped at kdb_enter+0x6a: movq $0,kdb_why db>