LORs in recent -current

Peter Jeremy PeterJeremy at optushome.com.au
Fri Aug 5 21:34:43 GMT 2005


I've decided to do some experimenting with -current (cvs-cur 11544 -
about 2005-AUG-04 1300) and have found a couple of possibly new LORs:

First one (during rc.d processing between savecore and ntpdate):
lock order reversal
1st 0xc07391a0 Giant (Giant) @ /usr/src/sys/kern/kern_descrip.c:1874
2nd 0xc078754c udp (udp) @ /usr/src/sys/netinet/udp_usrreq.c:1006
KDB: stack backtrace:
kdb_backtrace(c06d8ffe,c078754c,c06d8ad4,c06d8ad4,c06e2327) at kdb_backtrace+0x2e
witness_checkorder(c078754c,9,c06e2327,3ee,0) at witness_checkorder+0x6c3
_mtx_lock_flags(c078754c,0,c06e2327,3ee,c1c685e8) at _mtx_lock_flags+0x8a
udp_detach(c1cdfc84,c0552980,246,c0713204,c19759e8) at udp_detach+0x2b
soclose(c1cdfc84,c06d461d,12c,c1c685e8,c1c685e8) at soclose+0x242
soo_close(c1c685e8,c1b44900,c06d2084,847,c1c685e8) at soo_close+0x5e
fdrop_locked(c1c685e8,c1b44900,c06d2084,832) at fdrop_locked+0xbe
fdrop(c1c685e8,c1b44900,c06d2084,77d,c0552980,c06d2084,c06d8e11,3,c1b44900,d79a6bb0,1,c06d2084,d79a6bac,c0553256,c0784998,c1c6722c,246,c0713204,c1c6722c,64a,c06d2084,d79a6bd4,c051fafa,c1c6722c,1,c06d461d,12c) at fdrop+0x3c
closef(c1c685e8,c1b44900,c06d2084,64a,c0784998) at closef+0x417
fdfree(c1b44900,0,c06d284d,e6,6af) at fdfree+0x596
exit1(c1b44900,0,d79a6d30,c0698be2,c1b44900) at exit1+0x540
sys_exit(c1b44900,d79a6d04,4,28160000,1) at sys_exit+0x1d
syscall(3b,3b,3b,bfbfee68,bfbfee38) at syscall+0x2a2
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (1, FreeBSD ELF32, sys_exit), eip = 0x2814d063, esp = 0xbfbfedfc, ebp = 0xbfbfee08 ---

I can't see anything that looks like this.

Second one (about 90 seconds later):
lock order reversal
1st 0xc1cfcc84 inp (tcpinp) @ /usr/src/sys/netinet/tcp_syncache.c:1083
2nd 0xc1a77018 fxp0 (network driver) @ /usr/src/sys/modules/fxp/../../dev/fxp/if_fxp.c:1187
KDB: stack backtrace:
kdb_backtrace(c06d8ffe,c1a77018,c1a6b270,c08fae5a,c08fb133) at kdb_backtrace+0x2e
witness_checkorder(c1a77018,9,c08fb133,4a3,c06df39c) at witness_checkorder+0x6c3
_mtx_lock_flags(c1a77018,0,c08fb133,4a3,c1a50000) at _mtx_lock_flags+0x8a
fxp_start(c1a50000,12c,0,c1a50000) at fxp_start+0x34
if_start(c1a50000,0,c06df39c,197,272e0) at if_start+0x89
ether_output_frame(c1a50000,c1c12c00,6,d56edaec,d56eda8c) at ether_output_frame+0x218
ether_output(c1a50000,c1c12c00,d56edaec,c1ce3dec,c0553256) at ether_output+0x47f
ip_output(c1c12c00,0,d56edae8,0,0) at ip_output+0x815
syncache_respond(c204c000,c1c12c00,1,336,c1cfe564) at syncache_respond+0x2fc
syncache_add(d56edbdc,d56edc2c,c1abb034,d56edbd8,c1a85e00) at syncache_add+0x42a
tcp_input(c1a85e00,14,c06df9b0,d56edc90,c051fafa) at tcp_input+0x7b0
ip_input(c1a85e00,0,c06df9b0,e8,c0786078) at ip_input+0x5d7
netisr_processqueue(c0786078,c0739160,1,c06d461d,c1981980) at netisr_processqueue+0x8e
swi_net(0,0,c06d2b2a,251,d56edd04) at swi_net+0xec
ithread_loop(c1987480,d56edd38,c06d2921,30d,c1987480) at ithread_loop+0x152
fork_exit(c05124b0,c1987480,d56edd38) at fork_exit+0xc1
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xd56edd6c, ebp = 0 ---

This looks like http://sources.zabbadoz.net/freebsd/lor.html#075 but
the traceback is different (via ip_input rather than tcp_output)
-- 
Peter Jeremy


More information about the freebsd-current mailing list