From owner-freebsd-net@FreeBSD.ORG  Wed Oct 12 20:32:06 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 65F0416A420
	for <freebsd-net@freebsd.org>; Wed, 12 Oct 2005 20:32:06 +0000 (GMT)
	(envelope-from jhb@freebsd.org)
Received: from mv.twc.weather.com (mv.twc.weather.com [65.212.71.225])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C929643D48
	for <freebsd-net@freebsd.org>; Wed, 12 Oct 2005 20:32:05 +0000 (GMT)
	(envelope-from jhb@freebsd.org)
Received: from [10.50.41.234] (Not Verified[10.50.41.234]) by
	mv.twc.weather.com with NetIQ MailMarshal (v6, 0, 3, 8)
	id <B434d76970004>; Wed, 12 Oct 2005 16:48:23 -0400
From: John Baldwin <jhb@freebsd.org>
To: "Yuriy N. Shkandybin" <jura@networks.ru>
Date: Wed, 12 Oct 2005 16:21:10 -0400
User-Agent: KMail/1.8.2
References: <092e01c5cb15$f7fe5840$6504010a@Jura>
In-Reply-To: <092e01c5cb15$f7fe5840$6504010a@Jura>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-6"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200510121621.11666.jhb@freebsd.org>
Cc: freebsd-net@freebsd.org
Subject: Re: if_nge & if_lge drivers
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2005 20:32:06 -0000

On Friday 07 October 2005 04:06 am, Yuriy N. Shkandybin wrote:
> Hello.
>
> I saw John Baldwin commit to if_lge.c rev 1.43 and perform same changes for
> if_nge.c I've tested it and it  works.
> Patch in attachment or available from
> http://www.netams.com/if_nge.c.patch
>
>
>
> Also i've noticed if_lge affected same problem i've met nge.
> In if_lgereg.h we have
> struct lge_list_data {
>         struct lge_rx_desc      lge_rx_list[LGE_RX_LIST_CNT];
>         struct lge_tx_desc      lge_tx_list[LGE_TX_LIST_CNT];
> };
>
> In if_lge.c
> 524: sc->lge_ldata = contigmalloc(sizeof(struct lge_list_data), M_DEVBUF,
>             M_NOWAIT, 0, 0xffffffff, PAGE_SIZE, 0);
>
> So lge_rx_list and lge_tx_list  might be initialized with garbage in it.
>
> But in lge_stop() there is:
> /*
>          * Free data in the RX lists.
>          */
>         for (i = 0; i < LGE_RX_LIST_CNT; i++) {
>                 if (sc->lge_ldata->lge_rx_list[i].lge_mbuf != NULL) {
>                         m_freem(sc->lge_ldata->lge_rx_list[i].lge_mbuf);
>                         sc->lge_ldata->lge_rx_list[i].lge_mbuf = NULL;
>                 }
>         }
>
> And lge_stop() called from lge_init()  (if_lge.c line 1242)
> So m_freem() called on garbage from lge_rx_list!
>
> I suggest to add M_ZERO to contigmalloc() flags for both if_nge.c and
> if_lge.c

Also, is there a reason you added a call to nge_reset() after nge_stop() in 
nge_init()?

-- 
John Baldwin <jhb@FreeBSD.org>  <><  http://www.FreeBSD.org/~jhb/
"Power Users Use the Power to Serve"  =  http://www.FreeBSD.org