lock error in [ 157.ADDR] do_sys_accept

[syzbot]

Hello,

syzbot found the following crash on:

HEAD commit: c0dd5d0f Format MAP_FMT so that it's more humanly readable..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=10cccd24a00000
dashboard link: https://syzkaller.appspot.com/bug?extid=d969b898766a6e08ce47

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d969b8...@syzkaller.appspotmail.com

[ 157.5698093] panic: lock error: Mutex: mutex_vector_exit,761: assertion
failed: MUTEX_OWNER(mtx->mtx_owner) == curthread: lock 0xffffc200130971c0
cpu 0 lwp 0xffffc20012ccd320
[ 157.5924708] cpu0: Begin traceback...
[ 157.5977590] vpanic() at netbsd:vpanic+0x214
[ 157.6109214] snprintf() at netbsd:snprintf
[ 157.6251928] lockdebug_abort() at netbsd:lockdebug_abort+0x14c
[ 157.6394641] mutex_vector_exit() at netbsd:mutex_vector_exit+0x1bc
[ 157.6543582] do_sys_accept() at netbsd:do_sys_accept+0x346
[ 157.6690586] sys_paccept() at netbsd:sys_paccept+0x11c
[ 157.6839301] sys___syscall() at netbsd:sys___syscall+0xe2
[ 157.6965505] syscall() at netbsd:syscall+0x348
[ 157.7124393] --- syscall (number 198) ---
[ 157.7250907] 77dca383f4aa:
[ 157.7250907] cpu0: End traceback...

[ 157.7250907] dumping to dev 4,1 (offset=0, size=0): not possible
[ 157.7250907] rebooting...
SeaBIOS (version 1.8.2-20190322_093631-google)
Total RAM Size = 0x00000001e0000000 = 7680 MiB
CPUs found: 2 Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0
removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f29d0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Booting from Hard Disk 0...

>> NetBSD/x86 BIOS Boot, Revision 5.10 (Tue Jul 17 14:59:51 UTC 2018) (from
>> NetBSD 8.0)
>> Memory: 639/3144640 k

1. Boot normally
2. Boot single user
3. Disable ACPI
4. Disable ACPI and SMP
5. Drop to boot prompt


---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

[Siddharth Muralee]

Hello, 

Looks like we are getting a lot of duplicate reports due to this.

The issue can be solved with modification to the regex as such -

old regex - `panic: lock error:(?:.*\n)+?.*?Begin traceback.*?\n(?:.*(?:panic|printf|lockdebug|abort|mutex).*\n)*(.*?)\(`

new regex - `panic: lock error:(?:.*\n)+?.*?Begin traceback.*?\n(?:.*(?:panic|printf|lockdebug|abort|mutex).*\n)*.*?\](.*?)\(`

The issue with it is currently this will only match if the backtrace also has the time with it. Something like 

`[ 157.6543582] do_sys_accept() at netbsd:do_sys_accept+0x346` will work but

`sys_socketpair() at netbsd:sys_socketpair+0xb1` will error out

Does this look fine? We will probably have to rework it again once we add the debug trace as Kamil suggested.

Alternate suggestion :

Simplify it to give just the syscall name.

regex - panic: lock error:(?:.*\n)+?.*? sys_(.*?)\(

--
You received this message because you are subscribed to the Google Groups "syzkaller-netbsd-bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-netbsd...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-netbsd-bugs/000000000000063d990587bda0ac%40google.com.
For more options, visit https://groups.google.com/d/optout.

--

Regards, 

  Siddharth M
  Third Year B.Tech (CSE) Student,
  Amrita School of Engineering, Kollam

  Blog 

---------------------------------------

“Most people get ahead during the time that others waste."

[Maxime Villard]

#syz dup: lock error in [ 81.ADDR] do_sys_accept