lang: en

FreeBSD lock order reversal (LOR) #24

ID 24
state patched
responsible
reported first
reported last
do you know more? submit update by email
LOR
lock order reversal
 1st 0xc1668b1c inp (tcpinp) @ sys/netinet/tcp_syncache.c:1161
 2nd 0xc16a8600 pf task mtx (pf task mtx) @ sys/modules/pf/../../contrib/pf/net/pf.c:5828
		
KDB: stack backtrace:
witness_checkorder(c16a8600,9,c16a688e,16c4,c12bfc80) at witness_checkorder+0x5bb
_mtx_lock_flags(c16a8600,0,c16a688e,16c4,c073c460) at _mtx_lock_flags+0x54
pf_test(2,c13f6000,d57e39a4,c158b1c0,c076e260) at pf_test+0x8d
pf_check_out(0,d57e39a4,c13f6000,2,0) at pf_check_out+0x47
pfil_run_hooks(c076e260,d57e3a30,c13f6000,2,c077ab40) at pfil_run_hooks+0x14e
ip_output(c15a4300,0,d57e39fc,0,0) at ip_output+0x3f2
syncache_respond(d57e3ad0,c076ed00,1c,346,14) at syncache_respond+0x2d0
syncache_add(d57e3b80,d57e3bf0,c13b2834,d57e3b7c,c138ea00) at syncache_add+0x662
tcp_input(c138ea00,14,c13f6000,1,246) at tcp_input+0x2df7
ip_input(c138ea00,0,c06ea00d,96,18) at ip_input+0xea
netisr_processqueue(c073c4a0,8,c06ea00d,fe,c12e6940) at netisr_processqueue+0x15
swi_net(0,0,c06de235,268,d57e3d10) at swi_net+0x108
ithread_loop(c12bfc80,d57e3d48,c06de00a,32c,0) at ithread_loop+0x1fd
fork_exit(c050ad10,c12bfc80,d57e3d48) at fork_exit+0xa9
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xd57e3d7c, ebp = 0 ---
		
comments/references