Page MenuHomeFreeBSD

inet6: fix a LOR between rip and rawinp
ClosedPublic

Authored by mjg on Dec 16 2021, 2:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 24, 12:00 AM
Unknown Object (File)
Fri, Jan 10, 2:14 AM
Unknown Object (File)
Thu, Jan 9, 5:21 PM
Unknown Object (File)
Thu, Jan 9, 4:57 PM
Unknown Object (File)
Dec 12 2024, 5:08 AM
Unknown Object (File)
Nov 16 2024, 12:30 PM
Unknown Object (File)
Nov 14 2024, 1:19 AM
Unknown Object (File)
Oct 31 2024, 3:43 AM

Details

Summary

Running sys/netpfil/pf/fragmentation v6 results in:

lock order reversal:
1st 0xfffffe00050429a8 rip (rip, sleep mutex) @ /usr/src/sys/netinet6/raw_ip6.c:803
2nd 0xfffff8009491e1d0 rawinp (rawinp, rw) @ /usr/src/sys/netinet6/raw_ip6.c:804
lock order rawinp -> rip established at:
0xffffffff8068e26a at witness_lock_order_add+0x28a
0xffffffff8068d087 at witness_checkorder+0x627
0xffffffff805a9f05 at __mtx_lock_flags+0x205
0xffffffff808102e4 at in_pcballoc+0x204
0xffffffff808d53c6 at rip6_attach+0x116
0xffffffff806dc4e8 at socreate+0x368
0xffffffff806eaedc at kern_socket+0xfc
0xffffffff806eadcd at sys_socket+0x2d
0xffffffff80abc774 at syscallenter+0x5c4
0xffffffff80abbeeb at amd64_syscall+0x1b
0xffffffff80a8044b at fast_syscall_common+0xf8
lock order rip -> rawinp attempted at:
0xffffffff8068dc2a at witness_checkorder+0x11ca
0xffffffff805d1b7f at _rw_wlock_cookie+0x18f
0xffffffff808d596c at rip6_connect+0x19c
0xffffffff806e0842 at soconnectat+0x142
0xffffffff806ebe36 at kern_connectat+0x136
0xffffffff806ebcdf at sys_connect+0x4f
0xffffffff80abc774 at syscallenter+0x5c4
0xffffffff80abbeeb at amd64_syscall+0x1b
0xffffffff80a8044b at fast_syscall_common+0xf8

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped