I've decided to do some experimenting with -current (cvs-cur 11544 - about 2005-AUG-04 1300) and have found a couple of possibly new LORs: First one (during rc.d processing between savecore and ntpdate): lock order reversal 1st 0xc07391a0 Giant (Giant) _at_ /usr/src/sys/kern/kern_descrip.c:1874 2nd 0xc078754c udp (udp) _at_ /usr/src/sys/netinet/udp_usrreq.c:1006 KDB: stack backtrace: kdb_backtrace(c06d8ffe,c078754c,c06d8ad4,c06d8ad4,c06e2327) at kdb_backtrace+0x2e witness_checkorder(c078754c,9,c06e2327,3ee,0) at witness_checkorder+0x6c3 _mtx_lock_flags(c078754c,0,c06e2327,3ee,c1c685e8) at _mtx_lock_flags+0x8a udp_detach(c1cdfc84,c0552980,246,c0713204,c19759e8) at udp_detach+0x2b soclose(c1cdfc84,c06d461d,12c,c1c685e8,c1c685e8) at soclose+0x242 soo_close(c1c685e8,c1b44900,c06d2084,847,c1c685e8) at soo_close+0x5e fdrop_locked(c1c685e8,c1b44900,c06d2084,832) at fdrop_locked+0xbe fdrop(c1c685e8,c1b44900,c06d2084,77d,c0552980,c06d2084,c06d8e11,3,c1b44900,d79a6bb0,1,c06d2084,d79a6bac,c0553256,c0784998,c1c6722c,246,c0713204,c1c6722c,64a,c06d2084,d79a6bd4,c051fafa,c1c6722c,1,c06d461d,12c) at fdrop+0x3c closef(c1c685e8,c1b44900,c06d2084,64a,c0784998) at closef+0x417 fdfree(c1b44900,0,c06d284d,e6,6af) at fdfree+0x596 exit1(c1b44900,0,d79a6d30,c0698be2,c1b44900) at exit1+0x540 sys_exit(c1b44900,d79a6d04,4,28160000,1) at sys_exit+0x1d syscall(3b,3b,3b,bfbfee68,bfbfee38) at syscall+0x2a2 Xint0x80_syscall() at Xint0x80_syscall+0x1f --- syscall (1, FreeBSD ELF32, sys_exit), eip = 0x2814d063, esp = 0xbfbfedfc, ebp = 0xbfbfee08 --- I can't see anything that looks like this. Second one (about 90 seconds later): lock order reversal 1st 0xc1cfcc84 inp (tcpinp) _at_ /usr/src/sys/netinet/tcp_syncache.c:1083 2nd 0xc1a77018 fxp0 (network driver) _at_ /usr/src/sys/modules/fxp/../../dev/fxp/if_fxp.c:1187 KDB: stack backtrace: kdb_backtrace(c06d8ffe,c1a77018,c1a6b270,c08fae5a,c08fb133) at kdb_backtrace+0x2e witness_checkorder(c1a77018,9,c08fb133,4a3,c06df39c) at witness_checkorder+0x6c3 _mtx_lock_flags(c1a77018,0,c08fb133,4a3,c1a50000) at _mtx_lock_flags+0x8a fxp_start(c1a50000,12c,0,c1a50000) at fxp_start+0x34 if_start(c1a50000,0,c06df39c,197,272e0) at if_start+0x89 ether_output_frame(c1a50000,c1c12c00,6,d56edaec,d56eda8c) at ether_output_frame+0x218 ether_output(c1a50000,c1c12c00,d56edaec,c1ce3dec,c0553256) at ether_output+0x47f ip_output(c1c12c00,0,d56edae8,0,0) at ip_output+0x815 syncache_respond(c204c000,c1c12c00,1,336,c1cfe564) at syncache_respond+0x2fc syncache_add(d56edbdc,d56edc2c,c1abb034,d56edbd8,c1a85e00) at syncache_add+0x42a tcp_input(c1a85e00,14,c06df9b0,d56edc90,c051fafa) at tcp_input+0x7b0 ip_input(c1a85e00,0,c06df9b0,e8,c0786078) at ip_input+0x5d7 netisr_processqueue(c0786078,c0739160,1,c06d461d,c1981980) at netisr_processqueue+0x8e swi_net(0,0,c06d2b2a,251,d56edd04) at swi_net+0xec ithread_loop(c1987480,d56edd38,c06d2921,30d,c1987480) at ithread_loop+0x152 fork_exit(c05124b0,c1987480,d56edd38) at fork_exit+0xc1 fork_trampoline() at fork_trampoline+0x8 --- trap 0x1, eip = 0, esp = 0xd56edd6c, ebp = 0 --- This looks like http://sources.zabbadoz.net/freebsd/lor.html#075 but the traceback is different (via ip_input rather than tcp_output) -- Peter JeremyReceived on Fri Aug 05 2005 - 19:34:43 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:40 UTC