Indeed, I found this very same problem in internal testing, I took it out, but then have been working on the best way to keep the idea without the problems, I have code that will do that coming soon.
Thanks for the report! Jack On Mon, Nov 19, 2012 at 11:57 AM, Karim Fodil-Lemelin < fodillemlinka...@gmail.com> wrote: > Hello -net, > > While testing the latest igb driver in CURRENT I came across an issue with > igb_mq_start(). More specifically this code: > > ... > > struct mbuf *pm = NULL; > /* > ** Try to queue first to avoid > ** out-of-order delivery, but > ** settle for it if that fails > */ > if (m && drbr_enqueue(ifp, txr->br, m)) > pm = m; > err = igb_mq_start_locked(ifp, txr, pm); > > ... > > > The problem comes from the fact that drbr_enqueue() can return an error > and delete the mbuf as seen in drbr_enqueue(): > > ... > error = buf_ring_enqueue(br, m); > if (error) > m_freem(m); > ... > > When this happens pm is set to m then igb_mq_start_locked() will enqueue > an already freed mbuf with the outcome you can imagine. > > When I reverted only that part of r241037 that problem disappeared. I have > attached a patch for those interested. > > Best regards, > > Karim. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
