lang: en
Home: sources.zabbadoz.net - a collection of foobar
Up: FreeBSD LOR(lock order reversal)s seen and comments Prev: freebsd/lor/76.html Next: freebsd/lor/78.html
Home
Imprint

FreeBSD lock order reversal (LOR) #77

ID 77
state patched
responsible
reported first
reported last
do you know more? submit update by email
LOR 
lock order reversal
  1st 0xc14c5924 rtentry (rtentry) @ sys/netinet/if_ether.c:445
  2nd 0xc1428d4c wi0 (network driver) @ sys/dev/wi/if_wi.c:876
		
KDB: stack backtrace:
witness_checkorder(c1428d4c,9,c0640083,36c) at witness_checkorder+0x4d6
_mtx_lock_flags(c1428d4c,0,c0640083,36c,c064aef7) at _mtx_lock_flags+0x5f
wi_start(c1428000,202,0,c13fa1d6,0) at wi_start+0x34
ether_output_frame(c1428000,c13fa100,ffffffff,ffffffff,c05dffff) at
ether_output_frame+0x1b5
ether_output(c1428000,c13fa100,d2d89a64,0,c14744c8) at ether_output+0x34b
arprequest(d2d89b3c) at arprequest+0xda
arpresolve(c1428000,c14c58c4,c13fa200,d2d89b38,d2d89ac0) at arpresolve+0x259
ether_output(c1428000,c13fa200,d2d89b38,c14c58c4) at ether_output+0x82
ip_output(c13fa200,0,d2d89b34,1,0,c14c37bc) at ip_output+0x844
udp_send(c14c167c,0,c13fa200,0,0,c140f730) at udp_send+0x46a
sosend(c14c167c,0,d2d89c48,c13fa200,0,0,c140f730) at sosend+0x657
kern_sendit(c140f730,4,d2d89cc8,0,0) at kern_sendit+0xf5
sendit(d2d89cc8,0,807a021,0,0) at sendit+0x14f
sendto(c140f730,d2d89d14,bfbfddd0,6,3) at sendto+0x4d
syscall(2f,2f,2f,bfbfe95c,2812b624) at syscall+0x1f2
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (133, FreeBSD ELF32, sendto), eip = 0x280bf6ab, esp = 0xbfbfddcc, ebp = 0xbfbfddec ---
comments/references

Copyright (c) 1999-2014 Bjoern A. Zeeb. All rights reserved.
$ZABBADOZ$