From owner-freebsd-net@FreeBSD.ORG  Sun Jun 27 15:17:35 2010
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 303691065670;
	Sun, 27 Jun 2010 15:17:35 +0000 (UTC)
	(envelope-from rrs@lakerest.net)
Received: from lakerest.net (unknown [IPv6:2001:240:585:2:213:d4ff:fef3:2d8d])
	by mx1.freebsd.org (Postfix) with ESMTP id C0E428FC20;
	Sun, 27 Jun 2010 15:17:34 +0000 (UTC)
Received: from [192.168.2.132] (pool-96-238-218-232.snfcca.dsl-w.verizon.net
	[96.238.218.232]) (authenticated bits=0)
	by lakerest.net (8.14.3/8.14.3) with ESMTP id o5RFHB8F035418
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT);
	Sun, 27 Jun 2010 11:17:26 -0400 (EDT)
	(envelope-from rrs@lakerest.net)
DKIM-Signature: a=rsa-sha1; c=simple/simple; d=lakerest.net; s=mail;
	t=1277651853; h=Cc:Message-Id:From:To:In-Reply-To:Content-Type:
	Content-Transfer-Encoding:Mime-Version:Subject:Date:References:
	X-Mailer; b=H3oNFH+oylKQ+iBZtY74Z/B75D+eu29FfpWkxguBX4inz7IKVbUU9Gf
	UrySyaGeO6GjzrdSQpZwWPt7WvzGY+Q==
Message-Id: <7F89D5E5-2641-4007-A00D-6AE78E3A2CA7@lakerest.net>
From: Randall Stewart <rrs@lakerest.net>
To: netch@netch.kiev.ua
In-Reply-To: <20100626130013.GA1502@netch.kiev.ua>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Sun, 27 Jun 2010 08:17:05 -0700
References: <20100626130013.GA1502@netch.kiev.ua>
X-Mailer: Apple Mail (2.936)
Cc: Michael Tuexen <tuexen@freebsd.org>, net@freebsd.org
Subject: Re: SCTP panic with sctp_send()
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jun 2010 15:17:35 -0000

netch:

I take it you have KTRACE enabled.. otherwise you would
not hit this line ;-)

When you did the sctp_sendmsg call what were
the parameters on your user program?

R
On Jun 26, 2010, at 6:00 AM, Valentin Nechayev wrote:

> Hi,
>
> FreeBSD 7.3-RELEASE i386
>
> Fatal trap 12: page fault while in kernel mode
> fault virtual address   = 0x0
> fault code              = supervisor read, page not present
> instruction pointer     = 0x20:0xc05955ca
> stack pointer           = 0x28:0xe783bb94
> frame pointer           = 0x28:0xe783bc80
> code segment            = base 0x0, limit 0xfffff, type 0x1b
>                        = DPL 0, pres 1, def32 1, gran 1
> processor eflags        = interrupt enabled, resume, IOPL = 0
> current process         = 7751 (spc)
> trap number             = 12
> panic: page fault
> Uptime: 20d6h25m18s
> Physical memory: 1910 MB
> Dumping 265 MB: 250 234 218 202 186 170 154 138 122 106 90 74 58 42  
> 26 10
>
> (kgdb) bt
> #0  doadump () at pcpu.h:196
> #1  0xc053a730 in boot (howto=260) at /usr/BSD/src/sys/kern/ 
> kern_shutdown.c:418
> #2  0xc053a931 in panic (fmt=Variable "fmt" is not available.
> ) at /usr/BSD/src/sys/kern/kern_shutdown.c:574
> #3  0xc0762e4c in trap_fatal (frame=0xe783bb54, eva=0)
>    at /usr/BSD/src/sys/i386/i386/trap.c:950
> #4  0xc07630b0 in trap_pfault (frame=0xe783bb54, usermode=0, eva=0)
>    at /usr/BSD/src/sys/i386/i386/trap.c:863
> #5  0xc0763a92 in trap (frame=0xe783bb54)
>    at /usr/BSD/src/sys/i386/i386/trap.c:541
> #6  0xc074f81b in calltrap () at /usr/BSD/src/sys/i386/i386/ 
> exception.s:166
> #7  0xc05955ca in sctp_generic_sendmsg (td=0xcafb7d80, uap=0xe783bcfc)
>    at /usr/BSD/src/sys/kern/uipc_syscalls.c:2386
> #8  0xc0763405 in syscall (frame=0xe783bd38)
>    at /usr/BSD/src/sys/i386/i386/trap.c:1101
> #9  0xc074f880 in Xint0x80_syscall ()
>    at /usr/BSD/src/sys/i386/i386/exception.s:262
> #10 0x00000033 in ?? ()
> Previous frame inner to this frame (corrupt stack?)
>
> (kgdb) f 7
> #7  0xc05955ca in sctp_generic_sendmsg (td=0xcafb7d80, uap=0xe783bcfc)
>    at /usr/BSD/src/sys/kern/uipc_syscalls.c:2386
> 2386                    ktrsockaddr(to);
> (kgdb) p to
> $1 = (struct sockaddr *) 0x0
> (kgdb) l
> 2381            error = getsock(td->td_proc->p_fd, uap->sd, &fp,  
> NULL);
> 2382            if (error)
> 2383                    goto sctp_bad;
> 2384    #ifdef KTRACE
> 2385            if (KTRPOINT(td, KTR_STRUCT))
> 2386                    ktrsockaddr(to);
> 2387    #endif
> 2388
> 2389            iov[0].iov_base = uap->msg;
> 2390            iov[0].iov_len = uap->mlen;
>
> As seen from code, if uap->tolen is zero, `to' isn't initialized and  
> remains
> NULL. This error is identical to -CURRENT.
>
> Seems this zero originates from libc code for sctp_send():
>
> ===
> #ifdef SYS_sctp_generic_sendmsg
>        struct sockaddr *to = NULL;
>
>        return (syscall(SYS_sctp_generic_sendmsg, sd,
>            data, len, to, 0, sinfo, flags));
> #else
> ===
>
> why after `to'?
>
>
> -netch-
>

------------------------------
Randall Stewart
803-317-4952 (cell)