David Miller <davem@xxxxxxxxxxxxx> wrote: > > /* copy the peer address and timestamp */ > > if (!continue_call) { > > - if (msg->msg_name && msg->msg_namelen > 0) > > - memcpy(msg->msg_name, > > - &call->conn->trans->peer->srx, > > - sizeof(call->conn->trans->peer->srx)); > > I bet the size is too large for a sockaddr_storage, and therefore we > spam the kernel stack. So I can only guess that changing this to a > copy_to_user() fixes the hang because it simply faults on the kernel > destination address. Maybe, though I don't see how that would just fix the hang rather than oopsing. If Dan can printk the following: msg->msg_namelen sizeof(call->conn->trans->peer->srx) before doing the memcpy, that could be handy. David -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html