From owner-freebsd-bugs@FreeBSD.ORG Fri Dec 1 12:25:21 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1C76616A40F for ; Fri, 1 Dec 2006 12:25:21 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 349F243CBB for ; Fri, 1 Dec 2006 12:25:03 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id kB1CPGGx035072 for ; Fri, 1 Dec 2006 12:25:16 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id kB1CPGCh035071; Fri, 1 Dec 2006 12:25:16 GMT (envelope-from gnats) Resent-Date: Fri, 1 Dec 2006 12:25:16 GMT Date: Fri, 1 Dec 2006 12:25:16 GMT Resent-Message-Id: <200612011225.kB1CPGCh035071@freefall.freebsd.org> Message-Id: <200612011225.kB1CPGCh035071@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Scot W. Hetzel" From: "Scot W. Hetzel" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: kern/106131: [patch] sys/contrib/ndis: new functions needed by latest Broadcom Wireless LAN driver X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Scot W. Hetzel" List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Dec 2006 12:25:21 -0000 >Number: 106131 >Category: kern >Synopsis: [patch] sys/contrib/ndis: new functions needed by latest Broadcom Wireless LAN driver >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Dec 01 12:25:16 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Scot W. Hetzel >Release: FreeBSD 7.0-CURRENT amd64 >Organization: >Environment: System: FreeBSD hp010.hetzel.org 7.0-CURRENT FreeBSD 7.0-CURRENT #3: Wed Nov 29 03:49:00 CST 2006 root@hp010.hetzel.org:/usr/obj/usr/src/7x/sys/GENERIC.debug amd64 >Description: I downloaded the latest driver service pack from HP for my Broadcom Wireless LAN driver SP33008 for my dv8000 laptop. I extracted the *.inf and *.sys file from sp33008.exe, generated the bcmwl564_sys.ko using ndisgen. But when this kernel module is loaded, it causes the ndis kernel module to print a list of missing functions in the NDISulator: strrchr MmAllocateContiguousMemorySpecifyCache MmFreeContiguousMemorySpecifyCache MmGetPhysicalAddress before it crashes the kernel with a Fatal trap 12. >How-To-Repeat: #mkdir broadcom #cd broadcom #fetch ftp://ftp.hp.com/pub/softpaq/sp33001-33500/sp33008.exe #cabextract -q -L -F 'bcmwl5*' sp33008.exe #ndisgen bcmwl5.inf bcmwl564.sys #kldloadd ./bcmwl564_sys.ko no match for strrchr no match for MmFreeContiguousMemorySpecifyCache no match for MmAllocateContiguousMemorySpecifyCache no match for MmGetPhysicalAddress ichsmb0: port 0x8400-0x840f mem 0xc0003000-0xc0003fff at device 20.0 on pci0 device_attach: ichsmb0 attach returned 6 ndis0: mem 0xc0204000-0xc0205fff irq 21 at device 20.0 on pci6 ndis0: NDIS API Version: 5.1 fpudna in kernel mode! ntoskrnl dummy called... Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x1a fault code = supervisor read, page not present instruction pointer = 0x8:0xffffffffa2b1b1eb stack pointer = 0x10:0xffffffffa2a6f100 frame pointer = 0x10:0xffffffffa2b82140 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = intrrupt enabled, resume, IOPL=0 current process = 1503 (kldload) [thread pid 1503 tid 100099] stopped at 0xffffffffa2b1b1eb: cmpb (%rax, %rdx, 1), %cl db>bt tracing pid 1503 tid 100099 td 0xffffff002f569810 bcmwl564_sys_drv_data_start() at 0xffffffffa2b1b1eb (null)() at 0x11600000000 >Fix: Apply the attached patch which implements these missing functions. Implemented Functions: stricmp strrchr MmAllocateContiguousMemory MmAllocateContiguousMemorySpecifyCache MmFreeContiguousMemory MmFreeContiguousMemorySpecifyCache MmGetPhysicalAddress I tried to implement the memchr function, but it caused a "cast discards qualifiers from pointer target type", which I copied from lib/libc/string/memchr.c. This function is included in the patch, but is currently surrounded by #ifdef MEMCHR ... #endif to prevent the build of the ndis.ko module from failing. Index: sys/compat/ndis/subr_ntoskrnl.c =================================================================== RCS file: /home/ncvs/src/sys/compat/ndis/subr_ntoskrnl.c,v retrieving revision 1.87 diff -u -r1.87 subr_ntoskrnl.c --- sys/compat/ndis/subr_ntoskrnl.c 16 May 2006 14:37:57 -0000 1.87 +++ sys/compat/ndis/subr_ntoskrnl.c 26 Nov 2006 18:19:29 -0000 @@ -197,6 +197,11 @@ static uint32_t InterlockedIncrement(volatile uint32_t *); static uint32_t InterlockedDecrement(volatile uint32_t *); static void ExInterlockedAddLargeStatistic(uint64_t *, uint32_t); +static void *MmAllocateContiguousMemory(uint32_t, uint64_t); +static void *MmAllocateContiguousMemorySpecifyCache(uint32_t, + uint64_t, uint64_t, uint64_t, uint32_t); +static void MmFreeContiguousMemory(void *); +static void MmFreeContiguousMemorySpecifyCache(void *, uint32_t, uint32_t); static uint32_t MmSizeOfMdl(void *, size_t); static void *MmMapLockedPages(mdl *, uint8_t); static void *MmMapLockedPagesSpecifyCache(mdl *, @@ -232,11 +237,14 @@ uint32_t, void *); static uint32_t WmiTraceMessage(uint64_t, uint32_t, void *, uint16_t, ...); static uint32_t IoWMIRegistrationControl(device_object *, uint32_t); -static void *ntoskrnl_memset(void *, int, size_t); +#ifdef MEMCHR +static void *ntoskrnl_memchr(const void *, unsigned char, size_t); +#endif static void *ntoskrnl_memmove(void *, void *, size_t); +static void *ntoskrnl_memset(void *, int, size_t); static char *ntoskrnl_strstr(char *, char *); -static int ntoskrnl_toupper(int); static int ntoskrnl_tolower(int); +static int ntoskrnl_toupper(int); static funcptr ntoskrnl_findwrap(funcptr); static uint32_t DbgPrint(char *, ...); static void DbgBreakPoint(void); @@ -433,6 +441,34 @@ return(dst); } +#ifdef MEMCHR + +/* + * /usr/src/sys/modules/ndis/../../compat/ndis/subr_ntoskrnl.c: In function `ntoskrnl_memchr': + * /usr/src/sys/modules/ndis/../../compat/ndis/subr_ntoskrnl.c:463: warning: cast discards qualifiers from pointer target type + * *** Error code 1 + */ + +/* copied from src/lib/libc/string/memchr.c */ + +static void * +ntoskrnl_memchr(buf, ch, len) + const void *buf; + unsigned char ch; + size_t len; +{ + if (len != 0) { + const unsigned char *p = buf; + + do { + if (*p++ == ch) + return ((void *)(p - 1)); /* error occurs here */ + } while (--len != 0); + } + return (NULL); +} +#endif + static char * ntoskrnl_strstr(s, find) char *s, *find; @@ -2471,6 +2507,53 @@ return; } +static void * +MmAllocateContiguousMemory(size, highest) + uint32_t size; /* Specifies the number of bytes to allocate */ + uint64_t highest; /* Specifies the highest valid physical address that the driver can use. */ +{ + void *addr; + size_t pagelength = ((size + PAGE_SIZE - 1) / PAGE_SIZE) * PAGE_SIZE; + + addr = ExAllocatePoolWithTag(NonPagedPool, pagelength, 0); + + return(addr); +} + +static void * +MmAllocateContiguousMemorySpecifyCache(size, lowest, highest, boundary, cachetype) + uint32_t size; /* Specifies the number of bytes to allocate */ + uint64_t lowest; /* Specifies the lowest valid physical address that the driver can use. */ + uint64_t highest; /* Specifies the highest valid physical address that the driver can use. */ + uint64_t boundary; /* If nonzero, this value specifies the physical address multiple that */ + /* the allocated buffer must not cross. */ + uint32_t cachetype; /* indicates the type of caching allowed for the requested memory */ +{ + void *addr; + size_t pagelength = ((size + PAGE_SIZE -1) / PAGE_SIZE) * PAGE_SIZE; + + addr = ExAllocatePoolWithTag(NonPagedPool, pagelength, 0); + + return(addr); +} + +static void +MmFreeContiguousMemory(base) + void *base; /* Specifies the base address of the buffer to be freed */ +{ + ExFreePool(base); +} + +static void +MmFreeContiguousMemorySpecifyCache(base, size, cachetype) + void *base; /* Specifies the base address of the buffer to be freed */ + uint32_t size; /* Specifies the size in bytes of the buffer to be freed. Must match the */ + /* size requested when the buffer was allocated */ + uint32_t cachetype; /* Specifies the cache type of the buffer to be freed */ +{ + ExFreePool(base); +} + static uint32_t MmSizeOfMdl(vaddr, len) void *vaddr; @@ -4144,6 +4227,7 @@ IMPORT_SFUNC(DbgBreakPoint, 0), IMPORT_CFUNC(strncmp, 0), IMPORT_CFUNC(strcmp, 0), + IMPORT_CFUNC_MAP(stricmp, strcasecmp, 0), IMPORT_CFUNC(strncpy, 0), IMPORT_CFUNC(strcpy, 0), IMPORT_CFUNC(strlen, 0), @@ -4151,6 +4235,10 @@ IMPORT_CFUNC_MAP(tolower, ntoskrnl_tolower, 0), IMPORT_CFUNC_MAP(strstr, ntoskrnl_strstr, 0), IMPORT_CFUNC_MAP(strchr, index, 0), + IMPORT_CFUNC_MAP(strrchr, rindex, 0), +#ifdef MEMCHR + IMPORT_CFUNC_MAP(memchr, ntoskrnl_memchr, 0), +#endif IMPORT_CFUNC(memcpy, 0), IMPORT_CFUNC_MAP(memmove, ntoskrnl_memmove, 0), IMPORT_CFUNC_MAP(memset, ntoskrnl_memset, 0), @@ -4239,6 +4327,11 @@ IMPORT_FFUNC(ExInterlockedAddLargeStatistic, 2), IMPORT_SFUNC(IoAllocateMdl, 5), IMPORT_SFUNC(IoFreeMdl, 1), + IMPORT_SFUNC(MmAllocateContiguousMemory, 2), + IMPORT_SFUNC(MmAllocateContiguousMemorySpecifyCache, 5), + IMPORT_SFUNC(MmFreeContiguousMemory, 1), + IMPORT_SFUNC(MmFreeContiguousMemorySpecifyCache, 3), + IMPORT_SFUNC_MAP(MmGetPhysicalAddress, pmap_kextract, 1), IMPORT_SFUNC(MmSizeOfMdl, 1), IMPORT_SFUNC(MmMapLockedPages, 2), IMPORT_SFUNC(MmMapLockedPagesSpecifyCache, 6), >Release-Note: >Audit-Trail: >Unformatted: