netbsd-bugs: kern/22288: Kernel panic in m

Subject: kern/22288: Kernel panic in m_copym with 1.6.1
To: None <gnats-bugs@gnats.netbsd.org>
From: None <martti.kuparinen@iki.fi>
List: netbsd-bugs
Date: 07/28/2003 12:44:19
>Number:         22288
>Category:       kern
>Synopsis:       Kernel panic in m_copym with 1.6.1
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jul 28 09:45:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Martti Kuparinen
>Release:        NetBSD 1.6.1_STABLE
>Organization:
>Environment:
System: NetBSD inside 1.6.1_STABLE NetBSD 1.6.1_STABLE (INSIDE) #0: Tue Jul 15 12:20:38 EEST 2003 root@inside:/usr/src/sys/arch/i386/compile/INSIDE i386
Architecture: i386
Machine: i386
>Description:

I had a kernel panic on my NFS server. It is using IPsec AH in transport
mode and ESP in tunnel mode with manual keys (/etc/ipsec.conf). The kernel
configuration file is almost GENERIC, only IPSEC, IPSEC_ESP and apm0 were
added.

(gdb) target kcore /var/crash/netbsd.0.core 
panic: m_copym: m == 0
#0  0x1 in ?? ()
(gdb) bt
#0  0x1 in ?? ()
#1  0xc03705ef in cpu_reboot (howto=256, bootstr=0x0)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../arch/i386/i386/machdep.c:2236
#2  0xc029181b in panic ()
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../kern/subr_prf.c:253
#3  0xc029fe48 in m_copym0 (m=0x0, off0=14600, len=1460, wait=1, deep=0)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../kern/uipc_mbuf.c:404
#4  0xc029fdac in m_copym (m=0xc1bba700, off0=14600, len=1460, wait=1)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../kern/uipc_mbuf.c:374
#5  0xc030b2a1 in tcp_output (tp=0xc1ab253c)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../netinet/tcp_output.c:441
#6  0xc030e977 in tcp_usrreq (so=0xc199d3f0, req=9, m=0xc1bbac00, nam=0x0, 
    control=0x0, p=0xe66fd918)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../netinet/tcp_usrreq.c:512
#7  0xc02a273c in sosend (so=0xc199d3f0, addr=0x0, uio=0xe66a9ec0, 
    top=0xc1bbac00, control=0x0, flags=0)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../kern/uipc_socket.c:748
#8  0xc02a571f in sendit (p=0xe66fd918, s=5, mp=0xe66a9f24, flags=0, 
    retsize=0xe66a9f78)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../kern/uipc_syscalls.c:512
#9  0xc02a54e2 in sys_sendto (p=0xe66fd918, v=0xe66a9f80, retval=0xe66a9f78)
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../kern/uipc_syscalls.c:398
#10 0xc037a2ef in syscall_plain (frame={tf_gs = 31, tf_fs = 31, tf_es = 31, 
      tf_ds = 31, tf_edi = 61503, tf_esi = 0, tf_ebp = -1077946920, 
      tf_ebx = 1211203796, tf_edx = 61499, tf_ecx = 136577025, tf_eax = 133, 
      tf_trapno = 3, tf_err = 2, tf_eip = 1211044435, tf_cs = 23, 
      tf_eflags = 647, tf_esp = -1077946980, tf_ss = 31, tf_vm86_es = 0, 
      tf_vm86_ds = 0, tf_vm86_fs = 0, tf_vm86_gs = 0})
    at /usr/src/sys/arch/i386/compile/INSIDE/../../../../arch/i386/i386/syscall.c:140

>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: