login: panic: pledge_namei: ni_pledge
Stopped at db_enter+0x25: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 5991 49411 0 0x502000 0x4080000 0K syz-executor
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8340acaf) at panic+0x1e5 sys/kern/subr_prf.c:198
pledge_namei(ffff8000397f4a80,ffff80002a2d8838,ffff80002a36f400) at pledge_namei+0xb76
namei(ffff80002a2d8838) at namei+0x434 sys/kern/vfs_lookup.c:202
vn_open(ffff80002a2d8838,a,0) at vn_open+0x15a sys/kern/vfs_vnops.c:140
sys_acct(ffff8000397f4a80,ffff80002a2d8a10,ffff80002a2d8960) at sys_acct+0xb9 sys/kern/kern_acct.c:121
syscall(ffff80002a2d8a10) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a2d8a10) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:765
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6ac35b4e8c0, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: pledge_namei: ni_pledge
ddb{0}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8340acaf) at panic+0x1e5 sys/kern/subr_prf.c:198
pledge_namei(ffff8000397f4a80,ffff80002a2d8838,ffff80002a36f400) at pledge_namei+0xb76
namei(ffff80002a2d8838) at namei+0x434 sys/kern/vfs_lookup.c:202
vn_open(ffff80002a2d8838,a,0) at vn_open+0x15a sys/kern/vfs_vnops.c:140
sys_acct(ffff8000397f4a80,ffff80002a2d8a10,ffff80002a2d8960) at sys_acct+0xb9 sys/kern/kern_acct.c:121
syscall(ffff80002a2d8a10) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a2d8a10) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:765
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6ac35b4e8c0, count: -8
ddb{0}> show registers
rdi 0
rsi 0x1
rbp 0xffff80002a2d8130
rbx 0xffffffff83847e07 cpu_info_full_primary+0x2e07
rdx 0
rcx 0xffff8000397f4a80
rax 0xffffffff83846ff0 cpu_info_full_primary+0x1ff0
r8 0x101010101010101
r9 0x8080808080808080
r10 0x4bbbe27939a479ae
r11 0x47abc6e5df5718df
r12 0xffffffff83847c08 cpu_info_full_primary+0x2c08
r13 0
r14 0
r15 0x1
rip 0xffffffff82164b95 db_enter+0x25
cs 0x8
rflags 0x246
rsp 0xffff80002a2d8120
ss 0x10
db_enter+0x25: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor) tid=5991 pid=49411 tcnt=3 stat=onproc
flags process=502000<SINGLEUNWIND,PLEDGE,EXECPLEDGE> proc=4080000<SUSPSINGLE,THREAD>
runpri=86, usrpri=86, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0xffff80003c433790 scnt=2 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000397f5a10,0xffffffff8395fb80
process=0xffff80003c4289c0 user=0xffff80002a2d3000, vmspace=0xfffffd806c119208
estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
49411 294104 27114 0 2 0x582000 syz-executor
49411 235133 27114 0 3 0x4502000 suspend syz-executor
*49411 5991 27114 0 7 0x4582000 syz-executor
66322 251363 15009 0 2 0 syz-executor
66322 219732 15009 0 3 0x4000080 fsleep syz-executor
66322 376431 15009 0 3 0x4000080 kqsel syz-executor
13728 410064 1 0 3 0x100083 ttyin getty
16953 53761 0 0 3 0x14200 acct acct
46655 266991 92525 0 3 0x82 piperd syz-executor
15009 39370 92525 0 3 0x82 nanoslp syz-executor
85240 229431 92525 0 3 0x82 wait syz-executor
12774 130265 92525 0 3 0x82 piperd syz-executor
52747 445954 92525 0 3 0x82 piperd syz-executor
27114 141134 92525 0 3 0x82 nanoslp syz-executor
41844 304737 92525 0 3 0x82 piperd syz-executor
92525 43321 91066 0 3 0x82 wait syz-executor
91066 510581 64262 0 3 0x10008a sigsusp ksh
64262 102824 49931 0 3 0x98 kqread sshd-session
49931 162446 93155 0 3 0x92 kqread sshd-session
93155 320327 1 0 3 0x88 kqread sshd
51296 149699 57396 74 3 0x1100092 bpf pflogd
57396 309335 1 0 3 0x80 sbwait pflogd
81351 358850 92088 73 3 0x1100090 kqread syslogd
92088 7450 1 0 3 0x100082 sbwait syslogd
81381 363849 1 0 3 0x100080 kqread resolvd
98901 477897 0 0 3 0x14200 bored smr
79737 387984 0 0 2 0x14200 zerothread
6935 247944 0 0 3 0x14200 aiodoned aiodoned
5856 508458 0 0 3 0x14200 syncer update
18846 308950 0 0 3 0x14200 cleaner cleaner
11486 483426 0 0 3 0x14200 reaper reaper
8847 477967 0 0 3 0x14200 pgdaemon pagedaemon
8590 410698 0 0 3 0x14200 bored viomb
4383 371210 0 0 3 0x40014200 acpi0 acpi0
75807 255824 0 0 7 0x40014200 idle1
58121 85069 0 0 3 0x14200 bored softnet1
41580 504837 0 0 3 0x14200 bored softnet0
96015 261144 0 0 3 0x14200 bored systqmp
12139 435148 0 0 3 0x14200 bored systq
24636 400570 0 0 3 0x14200 tmoslp softclockmp
67913 450366 0 0 3 0x40014200 tmoslp softclock
67115 389418 0 0 3 0x40014200 idle0
1 240784 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
Process 49411 (syz-executor) thread 0xffff8000397f4a80 (5991)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff83960e88)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1
#2 pool_get+0x27e sys/kern/subr_pool.c:591
#3 namei+0xdf sys/kern/vfs_lookup.c:145
#4 vn_open+0x15a sys/kern/vfs_vnops.c:140
#5 sys_acct+0xb9 sys/kern/kern_acct.c:121
#6 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#6 syscall+0xb17 sys/arch/amd64/amd64/trap.c:765
#7 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10194 11035K 11681K 166960K 12298 0
pcb 17 16K 17K 166960K 313 0
rtable 220 10K 10K 166960K 683 0
pf 32 17K 67485K 166960K 141 0
ifaddr 38 6K 7K 166960K 116 0
ifgroup 51 2K 2K 166960K 179 0
sysctl 4 1K 9K 166960K 15 0
counters 66 36K 37K 166960K 506 0
ioctlops 0 0K 4K 166960K 1803 0
iov 0 0K 16K 166960K 78 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1491 94K 95K 166960K 2173 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 13 0
VM map 2 1K 1K 166960K 2 0
sem 20 5K 6K 166960K 80 0
dirhash 12 2K 2K 166960K 24 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 13 45K 106K 166960K 1025 0
sigio 0 0K 0K 166960K 17 0
proc 66 83K 164K 166960K 790 0
subproc 72 4K 4K 166960K 135 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 112 0
in_multi 78 5K 7K 166960K 217 0
ether_multi 1 0K 0K 166960K 13 0
mrt 0 0K 0K 166960K 14 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 103 466K 466K 166960K 103 0
exec 0 0K 1K 166960K 621 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 185 125K 175K 166960K 10969 0
UVM aobj 11 18K 18K 166960K 11 0
pinsyscall 32 64K 102K 166960K 2378 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 61 0
NDP 13 0K 2K 166960K 82 0
temp 72 8662K 8730K 166960K 48247 0
kqueue 8 14K 31K 166960K 179 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 119 0 118 1 0 1 1 0 8 0
rtentry 176 210 0 121 6 0 6 6 0 8 0
unpcb 144 776 0 766 7 6 1 6 0 8 0
syncache 336 6 0 6 3 3 0 1 0 8 0
tcpqe 32 3 0 3 2 2 0 1 0 8 0
tcpcb 736 323 0 316 8 6 2 4 0 8 1
arp 136 35 0 17 1 0 1 1 0 8 0
inpcb 328 1091 0 1082 14 7 7 7 0 8 5
nd6 152 46 0 27 1 0 1 1 0 8 0
pkpcb 40 6 0 6 2 1 1 1 0 8 1
kcovpl 48 15 0 7 1 0 1 1 0 8 0
ppxss 1192 202 0 202 4 3 1 2 0 8 1
pppxif 1504 71 0 71 3 3 0 2 0 8 0
pffrag 232 11 0 2 1 0 1 1 0 482 0
pffrnode 88 10 0 1 1 0 1 1 0 8 0
pffrent 40 17 0 7 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 3 0 3 2 2 0 1 0 8 0
pfstitem 24 18 0 11 1 0 1 1 0 8 0
pfstkey 128 18 0 11 1 0 1 1 0 8 0
pfstate 448 18 0 11 2 0 2 2 0 8 0
pfrule 1344 22 0 16 2 1 1 2 0 8 0
rttmr 136 2 0 2 2 2 0 1 0 8 0
art_heap8 4096 4 0 0 4 0 4 4 0 8 0
art_heap4 256 936 0 566 32 6 26 29 0 8 2
art_table 40 940 0 566 5 0 5 5 0 8 0
art_node 32 209 0 130 1 0 1 1 0 8 0
sysvmsgpl 40 146 0 142 1 0 1 1 0 8 0
semupl 112 4 0 4 2 2 0 1 0 8 0
semapl 112 74 0 56 1 0 1 1 0 8 0
dirhash 1024 25 0 8 3 0 3 3 0 8 0
dino2pl 256 3213 0 1690 97 1 96 96 0 8 0
ffsino 296 3213 0 1690 119 1 118 118 0 8 0
nchpl 144 4556 0 2830 65 0 65 65 0 8 0
rtmask 32 11 0 11 4 3 1 1 0 8 1
vnodes 216 3733 0 0 208 0 208 208 0 8 0
namei 1024 15838 0 15837 6 5 1 3 0 8 0
percpumem 16 268 0 220 1 0 1 1 0 8 0
vcpupl 3968 8 0 0 1 0 1 1 0 8 0
vmpool 840 8 0 0 1 0 1 1 0 8 0
kstatmem 264 104 0 80 4 2 2 3 0 8 0
scsiplug 72 3 0 3 2 2 0 1 0 8 0
scxspl 216 34108 0 34108 11 10 1 8 1 8 1
plimitpl 152 235 0 219 1 0 1 1 0 8 0
sigapl 424 1366 0 1325 9 3 6 8 0 8 0
knotepl 120 802 0 0 24 0 24 24 0 8 0
kqueuepl 224 332 0 323 2 1 1 2 0 8 0
pipepl 344 279 0 252 9 6 3 9 0 8 0
fdescpl 528 1311 0 1287 3 0 3 3 0 8 0
filepl 160 7645 0 7382 21 8 13 19 0 8 1
lockfpl 104 608 0 606 3 2 1 2 0 8 0
lockfspl 48 279 0 277 1 0 1 1 0 8 0
sessionpl 144 32 0 24 1 0 1 1 0 8 0
pgrppl 48 69 0 53 1 0 1 1 0 8 0
ucredpl 104 1158 0 1148 1 0 1 1 0 8 0
zombiepl 144 1638 0 1636 1 0 1 1 0 8 0
processpl 1232 1366 0 1325 6 2 4 6 0 8 0
procpl 664 2766 0 2721 9 3 6 8 0 8 0
sosppl 176 4 0 3 3 2 1 1 0 8 0
sockpl 752 2018 0 1998 25 15 10 17 0 8 6
mcl64k 65536 5 0 0 1 0 1 1 0 8 0
mcl16k 16384 2 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 2 0 0 1 0 1 1 0 8 0
mcl4k 4096 128 0 0 16 0 16 16 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 40 0 0 5 0 5 5 0 8 0
mtagpl 96 2 0 0 1 0 1 1 0 8 0
mbufpl 256 228 0 0 14 0 14 14 0 8 0
bufpl 280 14286 0 8149 439 0 439 439 0 8 0
anonpl 32 11988 0 0 97 0 97 97 0 246 0
amapchunkpl 152 35849 0 35487 39 10 29 29 0 158 8
amappl16 200 4524 0 4487 58 40 18 26 0 8 8
amappl15 192 7 0 7 1 1 0 1 0 8 0
amappl14 184 4 0 4 1 1 0 1 0 8 0
amappl13 176 555 0 553 1 0 1 1 0 8 0
amappl12 168 1728 0 1696 3 1 2 3 0 8 0
amappl11 160 9 0 9 2 2 0 1 0 8 0
amappl10 152 47 0 39 1 0 1 1 0 8 0
amappl9 144 251 0 251 1 1 0 1 0 8 0
amappl8 136 33 0 30 1 0 1 1 0 8 0
amappl7 128 111 0 110 1 0 1 1 0 8 0
amappl6 120 364 0 353 1 0 1 1 0 8 0
amappl5 112 90 0 82 1 0 1 1 0 8 0
amappl4 104 478 0 451 1 0 1 1 0 8 0
amappl3 96 6236 0 6172 4 1 3 3 0 8 0
amappl2 88 1420 0 1364 2 0 2 2 0 8 0
amappl1 80 13748 0 13269 15 1 14 15 0 8 0
amappl 88 9920 0 9793 5 0 5 5 0 92 0
uvmvnodes 80 142 0 0 3 0 3 3 0 8 0
dma16384 16384 1 0 1 1 1 0 1 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 10 0 0 1 0 1 1 0 8 0
uaddrrnd 24 1311 0 1287 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1311 0 1287 1 0 1 1 0 8 0
vmmpekpl 168 12564 0 12514 3 0 3 3 0 8 0
vmmpepl 168 90175 0 88709 112 22 90 106 0 357 3
vmsppl 488 1310 0 1287 5 1 4 5 0 8 0
rwobjpl 80 26749 0 25846 32 3 29 31 0 8 0
pdppl 4096 2646 0 2582 118 42 76 84 0 8 12
pvpl 32 18745 0 0 152 0 152 152 0 265 0
pmappl 256 1318 0 1287 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 318 0 66 8 0 8 8 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8340acaf) at panic+0x1e5 sys/kern/subr_prf.c:198
pledge_namei(ffff8000397f4a80,ffff80002a2d8838,ffff80002a36f400) at pledge_namei+0xb76
namei(ffff80002a2d8838) at namei+0x434 sys/kern/vfs_lookup.c:202
vn_open(ffff80002a2d8838,a,0) at vn_open+0x15a sys/kern/vfs_vnops.c:140
sys_acct(ffff8000397f4a80,ffff80002a2d8a10,ffff80002a2d8960) at sys_acct+0xb9 sys/kern/kern_acct.c:121
syscall(ffff80002a2d8a10) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a2d8a10) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:765
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6ac35b4e8c0, count: -8
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224
sched_idle(ffff8000299edff0) at sched_idle+0x391 sys/kern/kern_sched.c:191
end trace frame: 0x0, count: 10
ddb{1}> trace
x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224
sched_idle(ffff8000299edff0) at sched_idle+0x391 sys/kern/kern_sched.c:191
end trace frame: 0x0, count: -5