Re: AIX BPF Problems

[Shaun <delius () progsoc uts edu au>]

To reply to my own message....

I've still been occasionally looking at the AIX BPF problems I described
below:

On Wed, 12 Feb 2003, Shaun wrote:

> On a related note I am having some very weird issues with BPF on AIX and
> was wondering if anyone might be able to give me some hints.
>
> Basically, it has been discussed previously that occasionally AIX BPF
> returns EFAULT to a read(). At the time the running hypothesis was that
> this was related in some way to the kernel dropping packets and wasn't
> really an issue since reads could continue.
...
> The question (for me at least) was then why AIXs native tcpdump doesn't
> seem to ever get EFAULTs from reads().
>
> Here's where it gets really weird, I hope I can explain the exact symptoms
> of the problem clearly.

It does indeed get very weird. I did some more reverse engineering and can
100% confirm that EFAULT has nothing to do with packets being dropped or
not. What is actually happening is that the driver is calling uiomove() to
copy the buffer to userland, and that uiomove() is returning EFAULT. This
should only ever happen if the userland buffer is invalid, but I've
confirmed with a kernel debugger that it is. So it's still mostly a
mystery exactly what's going on, but I've found the most effective fix is
simply to memset the buffer to 0s immediately after allocating it. Perhaps
the fact that this causes real/swap pages to be allocated for the new
block is what fixes the EFAULT?

In any case, I submitted a trivial patch to add the memset.

I'm still trying to debug other problems with the driver so if anyone has
some inside knowledge or contacts at IBM that could help I'd be most
appreciative :)

Thanks,
Shaun

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe