>Number:         11802
>Category:       kern
>Synopsis:       m_copym0 overrun on arm26 with NFS root
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Dec 23 10:31:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     Ben Harris
>Release:        2000-12-22
>Organization:
>Environment:
NetBSD 1.5P on arm26

>Description:
On all my arm26 systems, when booting with root on NFS, I get a "m_copym
overrun" panic while init is starting.  This seems to be caused by
nfs_request() dereferencing a null "cred" pointer.  A stack backtrace from
there (where I've planted a KASSERT) upwards goes:

nfs_request()
nfs_writerpc()
nfs_doio()
nfssvc_iod()
start_nfsio()

It seems that nfs_writerpc gets the "cred" pointer from the vnode in the
buf on the queue handled by the nfsiod.

>How-To-Repeat:
Boot an arm26 system with root on NFS.  Works on all three of mine (two
4Mb one 8Mb, all three arm26 Ethernet drivers).

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted: