Hello. I saw John Baldwin commit to if_lge.c rev 1.43 and perform same changes for if_nge.c I've tested it and it works. Patch in attachment or available from http://www.netams.com/if_nge.c.patch
Also i've noticed if_lge affected same problem i've met nge.
In if_lgereg.h we have
struct lge_list_data {
struct lge_rx_desc lge_rx_list[LGE_RX_LIST_CNT];
struct lge_tx_desc lge_tx_list[LGE_TX_LIST_CNT];
};
In if_lge.c
524: sc->lge_ldata = contigmalloc(sizeof(struct lge_list_data), M_DEVBUF,
M_NOWAIT, 0, 0xffffffff, PAGE_SIZE, 0);
So lge_rx_list and lge_tx_list might be initialized with garbage in it.
But in lge_stop() there is:
/*
* Free data in the RX lists.
*/
for (i = 0; i < LGE_RX_LIST_CNT; i++) {
if (sc->lge_ldata->lge_rx_list[i].lge_mbuf != NULL) {
m_freem(sc->lge_ldata->lge_rx_list[i].lge_mbuf);
sc->lge_ldata->lge_rx_list[i].lge_mbuf = NULL;
}
}
And lge_stop() called from lge_init() (if_lge.c line 1242)
So m_freem() called on garbage from lge_rx_list!
I suggest to add M_ZERO to contigmalloc() flags for both if_nge.c and if_lge.c
Jura
if_nge.c.patch
Description: Binary data
_______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
