AIX BPF operating system crashes

[Shaun <delius () progsoc uts edu au>]

Hi All,

This email has two goals, first to send a warning regarding BPF driver
issues on AIX and second to enlist some help in determining if the
behaviour is consistent on other people's AIX installations.

First the warning, it is trivial to crash/endless loop an AIX machine
using the BPF driver (we test on a Dual 375 MHz IBM 7028-6E1). The crash
can be reproduced in a number of ways:
        - Simply running two (tcpdump.org) tcpdump sessions on one NIC
then quitting them
        - Using the AIX native tcpdump with the following (bourne shell)
command line:
        tcpdump -i en0 & sleep 2; tcpdump -i lo0 -c 0; tcpdump -i en0
        - The attached small program linked with either the IBM supplied
or tcpdump.org libpcap

The crash appears to only occur as a result of opening the loopback
interface, though I'm unsure if this is because it adds another driver tap
or because there is something special about the loopback. The result of
the problem is somewhat inconsistent, sometimes it crashes, sometimes it
loops the operating system in locking code.

I'd love to hear if other people get the same results. I'd particularly
like to hear any results from people who have multiple NICs which are
managed by different drivers (we only have Ethernet and Loopback here),
does it still crash when the loopback is replaced with the other NIC?

Thanks,
Shaun

Attachment: crashwithpcap.c
Description: