NetBSD Problem Report #25061

Received: (qmail 6115 invoked by uid 605); 5 Apr 2004 14:02:12 -0000
Message-Id: <20040405140209.2FC0423445@thoreau.thistledown.com.au>
Date: Tue,  6 Apr 2004 00:02:09 +1000 (EST)
From: Simon Burge <simonb@wasabisystems.com>
Sender: gnats-bugs-owner@NetBSD.org
Reply-To: Simon Burge <simonb@wasabisystems.com>
To: gnats-bugs@gnats.netbsd.org
Subject: possible infinite loop in mii readreg routines
X-Send-Pr-Version: 3.95

>Number:         25061
>Category:       kern
>Synopsis:       possible infinite loop in mii readreg routines
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Apr 05 14:03:00 +0000 2004
>Closed-Date:    
>Last-Modified:  Mon Apr 05 16:14:01 +0000 2004
>Originator:     
>Release:        NetBSD 2.0C, april 2004 sources
>Organization:
Wasabi Systems
>Environment:
	Architecture: any
	Machine: any
>Description:

        Some mii readreg routines in dev/pci/if_sip.c can sometimes lead
        to an infinite kernel loop.

        Two examples are:

        do {
                enphy = bus_space_read_4(sc->sc_st, sc->sc_sh, SIP_ENPHY);
        } while (enphy & ENPHY_ACCESS);

        and

        do {
                val = bus_space_read_4(sc->sc_st, sc->sc_sh, SIP_NS_PHY(reg));
        } while (reg == MII_BMSR && val == 0);

>How-To-Repeat:

	Code inspection (or try to use a buggy bus_space implementation!).

>Fix:

        Add timeouts like (to pick two at random) dev/pci/if_bge.c or
        arch/mips/alchemy/dev/if_aumac.c.  Should check other drivers as
        well.
>Release-Note:
>Audit-Trail:

From: David Brownlee <abs@absd.org>
To: Simon Burge <simonb@wasabisystems.com>
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: kern/25061: possible infinite loop in mii readreg routines
Date: Mon, 5 Apr 2004 17:13:08 +0100 (BST)

 On Tue, 6 Apr 2004, Simon Burge wrote:

 >         Some mii readreg routines in dev/pci/if_sip.c can sometimes lead
 >         to an infinite kernel loop.
 >
 >         Two examples are:
 >
 >         do {
 >                 enphy = bus_space_read_4(sc->sc_st, sc->sc_sh, SIP_ENPHY);
 >         } while (enphy & ENPHY_ACCESS);
 >
 >         and
 >
 >         do {
 >                 val = bus_space_read_4(sc->sc_st, sc->sc_sh, SIP_NS_PHY(reg));
 >         } while (reg == MII_BMSR && val == 0);

 	While they might be small is there any sense in trying to put some
 	of this code in common mii routines so any driver that uses them will
 	always do the right thing?

 -- 
 			   David Brownlee -- abs@absd.org
>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.