On Fri, 19 Nov 2004, Slawek Zak wrote:
> I can reproduce it easily,
>
> The panic message and backtrace is:
Could I get you to convert the symbol+offsets below to line numbers using
gdb on a copy of your kernel with debugging symbols? In particular, the
offsets into tcp_output, tcp_input, and ip_input.
Thanks!
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org Principal Research Scientist, McAfee Research
>
> panic: m_copym, offset > size of mbuf chain
> cpuid = 1
> KDB: enter: panic
> [thread 100025]
> Stopped at kdb_enter+0x2f: nop
> db> trace
> kdb_enter() at kdb_enter+0x2f
> panic() at panic+0x249
> m_copym() at m_copym+0x1b1
> tcp_output() at tcp_output+0xce8
> tcp_input() at tcp_input+0x2d95
> ip_input() at ip_input+0x10f
> netisr_processqueue() at netisr_processqueue+0x17
> swi_net() at swi_net+0x116
> ithread_loop() at ithread_loop+0xd9
> fork_exit() at fork_exit+0xc3
> fork_trampoline() at fork_trampoline+0xe
> --- trap 0, rip = 0, rsp = 0xffffffffb19bad00, rbp = 0 ---
>
> I was able to collect a coredump, if it helps, I can make it available
> to interrested parties along with kernel.debug.
>
> The machine is 2 processor SunFire V20z, debug.mpsafenet is 0.
>
> TIA, /S
>