Date: Sun, 4 Feb 2007 15:15:58 -0500 From: Kris Kennaway <kris@obsecurity.org> To: stable@FreeBSD.org Cc: bz@freeBSD.org Subject: LOR in ipdivert and devfs Message-ID: <20070204201558.GA46483@xor.obsecurity.org>
next in thread | raw e-mail | index | archive | help
--PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I get the following lock order reversals at boot on this 6.2 system. Feb 3 14:47:28 xor kernel: lock order reversal: Feb 3 14:47:28 xor kernel: 1st 0xc08422a0 cdev (cdev) @ kern/kern_conf.c:61 Feb 3 14:47:28 xor kernel: 2nd 0xc3a4510c sleep mtxpool (sleep mtxpool) @ kern/kern_prot.c:1877 Feb 3 14:47:28 xor kernel: KDB: stack backtrace: Feb 3 14:47:28 xor kernel: kdb_backtrace(c07cc880,c3a4510c,c07c7bf8,c07c7bf8,c07c83f9,...) at kdb_backtrace+0x2e Feb 3 14:47:28 xor kernel: witness_checkorder(c3a4510c,9,c07c83f9,755,c0817780,...) at witness_checkorder+0x6d2 Feb 3 14:47:28 xor kernel: _mtx_lock_flags(c3a4510c,0,c07c83f0,755,c3ed0778,...) at _mtx_lock_flags+0xac Feb 3 14:47:28 xor kernel: crhold(c3fd0880,40,20,c07cecea,def0f814,...) at crhold+0x2d Feb 3 14:47:28 xor kernel: make_dev_credv(c0817780,0,c3fd0880,0,0,...) at make_dev_credv+0xf6 Feb 3 14:47:28 xor kernel: make_dev_cred(c0817780,0,c3fd0880,0,0,...) at make_dev_cred+0x42 Feb 3 14:47:28 xor kernel: pty_clone(0,c3fd0880,def0f8f6,5,def0f868,...) at pty_clone+0x124 Feb 3 14:47:28 xor kernel: devfs_lookupx(def0f998,def0f91c,299,1,c080a120,...) at devfs_lookupx+0x39d Feb 3 14:47:28 xor kernel: devfs_lookup(def0f998,def0f998,c3cc5000,c3cc5000,0,...) at devfs_lookup+0x4c Feb 3 14:47:28 xor kernel: VOP_LOOKUP_APV(c080a120,def0f998,c3f2cd80,c3f2cd80,0,...) at VOP_LOOKUP_APV+0xa6 Feb 3 14:47:28 xor kernel: lookup(def0fbc4,0,c07d13d8,be,c057ab2c,...) at lookup+0x4de Feb 3 14:47:28 xor kernel: namei(def0fbc4,c07c9fca,27d,c3f2cd80,c3f2cd80,...) at namei+0x42d Feb 3 14:47:28 xor kernel: vn_open_cred(def0fbc4,def0fcc4,0,c3fd0880,4,...) at vn_open_cred+0x2be Feb 3 14:47:28 xor kernel: vn_open(def0fbc4,def0fcc4,0,4,def0fb60,...) at vn_open+0x33 Feb 3 14:47:28 xor kernel: kern_open(c3f2cd80,bfbfdd80,0,3,0,...) at kern_open+0xc8 Feb 3 14:47:28 xor kernel: open(c3f2cd80,def0fd04,c,420,3,...) at open+0x36 Feb 3 14:47:28 xor kernel: syscall(3b,3b,3b,8077f14,8077ee0,...) at syscall+0x2a2 Feb 3 14:47:28 xor kernel: Xint0x80_syscall() at Xint0x80_syscall+0x1f Feb 3 14:47:28 xor kernel: --- syscall (5, FreeBSD ELF32, open), eip = 0x2837e727, esp = 0xbfbfdd4c, ebp = 0xbfbfdda8 --- This one appears to be new although there are other ipdivert-related reversals known. Feb 3 12:48:49 xor kernel: lock order reversal: Feb 3 12:48:49 xor kernel: 1st 0xc3dea090 inp (divinp) @ netinet/ip_divert.c:354 Feb 3 12:48:49 xor kernel: 2nd 0xc0892700 in_multi_mtx (in_multi_mtx) @ netinet/ip_output.c:306 Feb 3 12:48:49 xor kernel: KDB: stack backtrace: Feb 3 12:48:49 xor kernel: kdb_backtrace(c07cc86f,c0892700,c07cc2c2,c07cc2c2,c07d5799,...) at kdb_backtrace+0x2e Feb 3 12:48:49 xor kernel: witness_checkorder(c0892700,9,c07d5799,132,c07d382c,...) at witness_checkorder+0x6d2 Feb 3 12:48:49 xor kernel: _mtx_lock_flags(c0892700,0,c07d5790,132,162,...) at _mtx_lock_flags+0xac Feb 3 12:48:49 xor kernel: ip_output(c3c85100,0,ddcd4b24,22,0,...) at ip_output+0x4cc Feb 3 12:48:49 xor kernel: div_output(c3bbade8,c3c85100,c3bd49b0,0,ddcd4c00,...) at div_output+0x1d3 Feb 3 12:48:49 xor kernel: div_send(c3bbade8,0,c3c85100,c3bd49b0,0,...) at div_send+0x5d Feb 3 12:48:49 xor kernel: sosend(c3bbade8,c3bd49b0,ddcd4c34,c3c85100,0,...) at sosend+0x6e7 Feb 3 12:48:49 xor kernel: kern_sendit(c3ba2180,3,ddcd4cb4,0,0,...) at kern_sendit+0x12f Feb 3 12:48:49 xor kernel: sendit(c3ba2180,3,ddcd4cb4,0,bfbdeb60,...) at sendit+0x1ab Feb 3 12:48:49 xor kernel: sendto(c3ba2180,ddcd4d04,18,8053000,6,...) at sendto+0x5b Feb 3 12:48:49 xor kernel: syscall(3b,3b,3b,bfbdeb40,2,...) at syscall+0x2a2 Feb 3 12:48:49 xor kernel: Xint0x80_syscall() at Xint0x80_syscall+0x1f Feb 3 12:48:49 xor kernel: --- syscall (133, FreeBSD ELF32, sendto), eip = 0x28145083, esp = 0xbfbdeaac, ebp = 0xbfbeeb58 --- Kris --PEIAKu/WMn1b1Hv9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFxj7+Wry0BWjoQKURAinZAKDgpK0b6s7AMuYD8BS/oVuxxkEiRwCfagX/ UhlAOIWMSP53hhxvrtmhnYg= =jygu -----END PGP SIGNATURE----- --PEIAKu/WMn1b1Hv9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070204201558.GA46483>