On Thu, 12 Aug 2004, Martin Blapp wrote: > Here is more information: (thanks robert for the help) > > > Fatal trap 12: page fault while in kernel mode > > cpuid = 1; apic id = 01 > > fault virtual address = 0x14 > > fault code = supervisor write, page not present > > instruction pointer = 0x8:0xc066a1c7 > > stack pointer = 0x10:0xe2626aa8 > > frame pointer = 0x10:0xe2626ab8 > > code segment = base 0x0, limit 0xfffff, type 0x1b > > = DPL 0, pres 1, def32 1, gran 1 > > processor eflags = interrupt enabled, resume, IOPL = 0 > > current process = 27897 (mimedefang) > > Ok, indeed, this appears to be an unaddressed class of race conditions in the UNIX domain socket code. I'm currently working through it, both to address in the mpsafe case and non-mpsafe case (the one you were running in). I will run some tests on it tonight and try to get you patches to try tomorrow. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert_at_fledge.watson.org Principal Research Scientist, McAfee Research > > db> where > unp_connect2(c4bb78a4,c39cc13c,0,0,0) at /usr/src/sys/kern/uipc_usrreq.c:892 > unp_connect(c4bb78a4,c43d9380,c4dee9a0,c43d9380,80) at /usr/src/sys/kern/uipc_usrreq.c:865 > uipc_connect(c4bb78a4,c43d9380,c4dee9a0) at /usr/src/sys/kern/uipc_usrreq.c:179 > soconnect(c4bb78a4,c43d9380,c4dee9a0,0,bf1dad88) at /usr/src/sys/kern/uipc_socket.c:518 > kern_connect(c4dee9a0,3,c43d9380,c43d9380,c3e958ac) at /usr/src/sys/kern/uipc_syscalls.c:477 > connect(c4dee9a0,e2626d14,c,c4dee9a0,e2626d3c) at connect+0x42 > syscall(2f,2f,2f,bf1dad88,bf1dad8a) at syscall+0x300 > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (98, FreeBSD ELF32, connect), eip = 0x28101d23, esp = 0xbf1dad74, ebp = 0xbf1dae10 --- > > src/sys/kern/uipc_syscalls.c,v 1.199 > src/sys/kern/uipc_usrreq.c,v 1.135 > src/sys/kern/uipc_socket.c,v 1.207 > > (gdb) l *unp_connect2+0x2a > 0x1f93 is in unp_connect2 (/usr/src/sys/kern/uipc_usrreq.c:892). > 887 UNP_LOCK_ASSERT(); > 888 > 889 if (so2->so_type != so->so_type) > 890 return (EPROTOTYPE); > 891 unp2 = sotounpcb(so2); > 892 unp->unp_conn = unp2; > 893 switch (so->so_type) { > 894 > 895 case SOCK_DGRAM: > 896 LIST_INSERT_HEAD(&unp2->unp_refs, unp, unp_reflink); > > (gdb) l *unp_connect+0x3d5 > 0x1e24 is in unp_connect (/usr/src/sys/kern/uipc_usrreq.c:865). > 860 SOCK_UNLOCK(so); > 861 #endif > 862 > 863 so2 = so3; > 864 } > 865 error = unp_connect2(so, so2); > 866 bad2: > 867 UNP_UNLOCK(); > 868 mtx_lock(&Giant); > 869 bad: > > (gdb) l *uipc_connect+0x76 > 0x2dd is in uipc_connect (/usr/src/sys/kern/uipc_usrreq.c:179). > 174 KASSERT(td == curthread, ("uipc_connect: td != curthread")); > 175 > 176 if (unp == NULL) > 177 return (EINVAL); > 178 UNP_LOCK(); > 179 error = unp_connect(so, nam, td); > 180 UNP_UNLOCK(); > 181 return (error); > 182 } > 183 > > (gdb) l *soconnect+0x54 > 0x100f is in soconnect (/usr/src/sys/kern/uipc_socket.c:518). > 513 (error = sodisconnect(so)))) > 514 error = EISCONN; > 515 else > 516 error = (*so->so_proto->pr_usrreqs->pru_connect)(so, nam, td); > 517 return (error); > 518 } > 519 > 520 int > 521 soconnect2(so1, so2) > 522 struct socket *so1; > > (gdb) l *kern_connect+0xb > 0xd5e is in kern_connect (/usr/src/sys/kern/uipc_syscalls.c:477). > 472 int > 473 kern_connect(td, fd, sa) > 474 struct thread *td; > 475 int fd; > 476 struct sockaddr *sa; > 477 { > 478 struct socket *so; > 479 int error, s; > 480 int interrupted = 0; > 481 >Received on Thu Aug 12 2004 - 21:31:21 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:06 UTC