tcpdump mailing list archives
Re: HP-UX crash on inject while receiving
From: "Harley Stenzel" <hstenzel () gmail com>
Date: Mon, 31 Jul 2006 11:16:16 -0400
On 7/28/06, Guy Harris <guy () alum mit edu> wrote:
On Jul 28, 2006, at 12:51 PM, Harley Stenzel wrote: > Show that this happens when 2 threads use pcap_t at the same time:
libpcap is, for better or worse, not thread-safe,
Good to know, thanks.
Using *different* pcap_t's in two threads should work, although pcap- dlpi.c has static variables that it uses on HP-UX (ctlbuf and ctl), which is a clear botch unless getmsg() is guaranteed not to modify ctl.
Also good to know. Although with the one promiscous STREAMS accessor per device on HP-UX, this doesn't suggest a solution.
However, the static variable isn't part of the inject code path, so that shouldn't be causing the crash. The claim from gdb is that dlp->dl_primitive = DL_HP_RAWDATA_REQ; is crashing, but "dlp" just points to a buffer on the stack, which *should* be thread-safe. (The stack trace is a bit odd, given that the crash is in dlrawdatareq().)
Right, I thought it was quite odd too, but figured it was a compiler or debugger artifact. I couldn't access the locals in dlrawdatareq() with gdb. All the debugger was able to give me was "buf" as an arg on the previous stack frame and global "ctl", the strbuf. (gdb) list - 1493 static int 1494 dlrawdatareq(int fd, const u_char *datap, int datalen) 1495 { 1496 struct strbuf ctl, data; 1497 long buf[MAXDLBUF]; /* XXX - char? */ 1498 union DL_primitives *dlp; 1499 int dlen; 1500 1501 dlp = (union DL_primitives*) buf; 1502 (gdb) print ctl $9 = {maxlen = 8192, len = 4, buf = 0x9fffffffef7e23a4 ""} (gdb) print &ctl $10 = (struct strbuf *) 0x9fffffffef7e0260 (gdb) print data No symbol "data" in current context. (gdb) print &data No symbol "data" in current context. (gdb) print dlp No symbol "dlp" in current context. (gdb) print &dlp No symbol "dlp" in current context. (gdb) print dlen No symbol "dlen" in current context. (gdb) print &dlen No symbol "dlen" in current context. (gdb) print buf $6 = (const void *) 0x9fffffffef720890 (gdb) up #1 0xc0000000028f6c90:0 in pcap_inject (p=0x6000000000013650, buf=0x9fffffffef720890, size=60) at ./pcap.c:782 782 return (p->inject_op(p, buf, size)); (gdb) print buf $7 = (const void *) 0x9fffffffef720890 Also, it looks like ctl is only used by pcap_read_dlpi(). Is there a reason it shouldn't be local (the way the data strbuf is)? --Harley - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- HP-UX crash on inject while receiving Harley Stenzel (Jul 28)
- Re: HP-UX crash on inject while receiving Guy Harris (Jul 28)
- Re: HP-UX crash on inject while receiving Harley Stenzel (Jul 31)
- Re: HP-UX crash on inject while receiving Rick Jones (Jul 31)
- Re: HP-UX crash on inject while receiving Harley Stenzel (Jul 31)
- Re: HP-UX crash on inject while receiving Guy Harris (Jul 28)