On Sun, Dec 18, 2022 at 08:53:26PM -0500, Geoff Steckel wrote:                  
> nc of 0's from one rge to another at full speed crashes                       
> in the input interrupt path with corruption of the memory                     
> pool used for the mbufs                                                       
> It's 100% reproduceable.                                                      
> Probably race condition & use-after-free or some such                         
> since it takes 200,000+ packets to happen.                                    
> I suspect that the crash happens when the corruption is detected              
> some time after it actually occurs.                                           
                                                                                
> This is a ---very--- abbreviated description.                                 
> If this crash hasn't been seen before I'll submit a full bug report.          
                                                                                
> Is there any more info from sysctls, ddb, etc. that would help?               
> I can put in breakpoints & dump (small) memory areas.                         
> If running the most recent snapshot would give better info I can do that.     
> A serial console to get an exact transcript is possible but not easy.         
                                                                                
> Any suggestions of something I can do to help beyond a standard bug           
> report welcomed. I can run test patches easily.                               
                                                                                
> This is with the standard 1500 mtu.                                           
> Setting mtu to 8000 trashes memory enough to cause a kernel protection        
> fault.

Could you use the following patch to show the hardware revision?
I guess yours is 0x60900000, thanks.

--- sys/dev/pci/if_rge.c.orig   Wed Nov 23 16:29:44 2022
+++ sys/dev/pci/if_rge.c        Mon Dec 19 21:50:21 2022
@@ -249,6 +249,7 @@
                printf(": unknown version 0x%08x\n", hwrev);
                return;
        }
+       printf(", hwrev 0x%08x", hwrev);
 
        rge_config_imtype(sc, RGE_IMTYPE_SIM);
 

Reply via email to