lang: en

FreeBSD lock order reversal (LOR) #93

ID 93
state patched
responsible
reported first
reported last
do you know more? submit update by email
LOR
lock order reversal
 1st 0xc152b9a8 rtentry (rtentry) @ sys/netinet/if_ether.c:445
 2nd 0xc142665c bpf interface lock (bpf interface lock) @ sys/net/bpf.c:1160
		
KDB: stack backtrace:
kdb_backtrace(0,ffffffff,c0903a30,c0903850,c088e508) at kdb_backtrace+0x29
witness_checkorder(c142665c,9,c083641d,488) at witness_checkorder+0x54c
_mtx_lock_flags(c142665c,0,c083641d,488,c14845d6) at _mtx_lock_flags+0x5b
bpf_tap(c1426640,c14845d6,2a,c14845d6,c1484500) at bpf_tap+0x2b
bpf_mtap(c1426640,c1484500,c08f9cc0,cc8ad964,c148c2f0) at bpf_mtap+0x34
ath_start(c148b000) at ath_start+0xa65
if_start(c148b000) at if_start+0x7b
ether_output_frame(c148b000,c1484500,1,ffffffff,0) at ether_output_frame+0x1d9
ether_output(c148b000,c1484500,cc8ada6c,0,2) at ether_output+0x384
arprequest(c148b000,c1596ec8,cc8adb3c,c13fceac) at arprequest+0xd8
arpresolve(c148b000,c152b948,c1484600,cc8adb38,cc8adadc) at arpresolve+0x29c
ether_output(c148b000,c1484600,cc8adb38,c152b948,c1596e00) at ether_output+0x66
ip_output(c1484600,0,cc8adb34,20,0) at ip_output+0x6fc
rip_output(c1484600,c1527cf8,100a8c0,40,c1484600) at rip_output+0x293
rip_send(c1527cf8,0,c1484600,c148dbc0,0) at rip_send+0x93
sosend(c1527cf8,c148dbc0,cc8adc4c,c1484600,0) at sosend+0x5e7
kern_sendit(c14f3000,4,cc8adccc,0,0) at kern_sendit+0x104
sendit(c14f3000,4,cc8adccc,0,804eab4) at sendit+0x163
sendto(c14f3000,cc8add14,6,4,292) at sendto+0x4d
syscall(2f,2f,2f,804ea74,40) at syscall+0x213
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (133, FreeBSD ELF32, sendto), eip = 0x280d365b, esp = 0xbfbee7ac, ebp = 0xbfbee7f8 ---
		
comments/references