2008/7/5 Nicolas Thery <[EMAIL PROTECTED]>: > It looks like so_pru_ctloutput() passes an invalid sopt_val to > kfree(). This code was changed > recently: > > http://leaf.dragonflybsd.org/mailarchive/commits/2008-06/msg00123.html > > There is some pointer arithmetic on sopt_val in soopt_mcopyout() that > may cause the panic you > observe. sopt_val ends up pointing past the data copied from the > mbuf. Maybe this is > intentional as the code is old (imported straight from fbsd 4 and is > still in fbsd head). This > would allow to append more data later on. On the other hand, maybe > that's a bug. Only a > networking savvy person could say.
Forget this, soopt_mcopyout() is called during getsockopt() but the crash ocurred during setsockopt()...
