From owner-freebsd-hackers Wed May 3 20:21: 0 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2]) by hub.freebsd.org (Postfix) with ESMTP id 2CD1C37BF7D; Wed, 3 May 2000 20:20:51 -0700 (PDT) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id UAA66688; Wed, 3 May 2000 20:19:19 -0700 (PDT) (envelope-from dillon) Date: Wed, 3 May 2000 20:19:19 -0700 (PDT) From: Matthew Dillon Message-Id: <200005040319.UAA66688@apollo.backplane.com> To: Howard Leadmon Cc: Greg Lehey , freebsd-stable@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: Debugging Kernel/System Crashes, can anyone help?? References: <200005040255.WAA61544@account.abs.net> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :#14 0xc0227c57 in trap (frame={tf_fs = 24, tf_es = -675545072, : tf_ds = -1058602992, tf_edi = -1059013248, tf_esi = 28, : tf_ebp = -8360071, tf_isp = -8360160, tf_ebx = -1058670080, : tf_edx = -1059008325, tf_ecx = 0, tf_eax = -1059168256, tf_trapno = 12, : tf_err = 2, tf_eip = -1072225173, tf_cs = 8, tf_eflags = 66178, : tf_esp = -1071902645, tf_ss = -1059168256}) at ../../i386/i386/trap.c:423 :#15 0xc017246b in bpfioctl (dev=0xc0c0de60, cmd=12639866, : addr=0xff400800
, flags=16777215, : p=0xacc0de60) at ../../net/bpf.c:683 :#16 0xc01c19 in ?? () :cannot read proc at 0 :(kgdb) : : :Is this more help? (shame I don't actually understand it..) : :Howard Leadmon - howardl@abs.net - http://www.abs.net Ahhhh hah! Yes, I think I see what is happening. The kernel ioctl() system call is using a stack based char buffer to hold the temporary data, and this buffer is not aligned. Please try the following patch. -Matt Matthew Dillon Index: kern/sys_generic.c =================================================================== RCS file: /home/ncvs/src/sys/kern/sys_generic.c,v retrieving revision 1.55 diff -u -r1.55 sys_generic.c --- kern/sys_generic.c 2000/02/20 13:36:26 1.55 +++ kern/sys_generic.c 2000/05/04 03:18:02 @@ -496,7 +496,10 @@ caddr_t data, memp; int tmp; #define STK_PARAMS 128 - char stkbuf[STK_PARAMS]; + union { + char stkbuf[STK_PARAMS]; + long align; + } ubuf; fdp = p->p_fd; if ((u_int)uap->fd >= fdp->fd_nfiles || @@ -523,11 +526,11 @@ if (size > IOCPARM_MAX) return (ENOTTY); memp = NULL; - if (size > sizeof (stkbuf)) { + if (size > sizeof (ubuf.stkbuf)) { memp = (caddr_t)malloc((u_long)size, M_IOCTLOPS, M_WAITOK); data = memp; } else - data = stkbuf; + data = ubuf.stkbuf; if (com&IOC_IN) { if (size) { error = copyin(uap->data, data, (u_int)size); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message