David Miller <davem@xxxxxxxxxxxxx> wrote:
> > /* copy the peer address and timestamp */
> > if (!continue_call) {
> > - if (msg->msg_name && msg->msg_namelen > 0)
> > - memcpy(msg->msg_name,
> > - &call->conn->trans->peer->srx,
> > - sizeof(call->conn->trans->peer->srx));
>
> I bet the size is too large for a sockaddr_storage, and therefore we
> spam the kernel stack. So I can only guess that changing this to a
> copy_to_user() fixes the hang because it simply faults on the kernel
> destination address.
Maybe, though I don't see how that would just fix the hang rather than
oopsing. If Dan can printk the following:
msg->msg_namelen
sizeof(call->conn->trans->peer->srx)
before doing the memcpy, that could be handy.
David
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
