Date: Fri, 27 May 2022 16:13:51 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264257 --- Comment #5 from John Baldwin <jhb@FreeBSD.org> --- Looks like it walked off the end of the mbuf chain as it tried to copy one byte too many. You could try going up to frame 8 (tcp_output) to see if the arguments passed to m_copydata() are still around (looks like we know the mbuf chain via m@entry for frame 9, but knowing the original length and offset and confirming it walked off the end would be good). You'd have to figure out why the length was wrong though and that might need more digging in the tp or the like. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.