tcpdump mailing list archives
Re: HP-UX crash on inject while receiving
From: "Harley Stenzel" <hstenzel () gmail com>
Date: Mon, 31 Jul 2006 11:16:16 -0400
On 7/28/06, Guy Harris <guy () alum mit edu> wrote:
On Jul 28, 2006, at 12:51 PM, Harley Stenzel wrote: > Show that this happens when 2 threads use pcap_t at the same time:
libpcap is, for better or worse, not thread-safe,
Good to know, thanks.
Using *different* pcap_t's in two threads should work, although pcap- dlpi.c has static variables that it uses on HP-UX (ctlbuf and ctl), which is a clear botch unless getmsg() is guaranteed not to modify ctl.
Also good to know. Although with the one promiscous STREAMS accessor per device on HP-UX, this doesn't suggest a solution.
However, the static variable isn't part of the inject code path, so
that shouldn't be causing the crash. The claim from gdb is that
dlp->dl_primitive = DL_HP_RAWDATA_REQ;
is crashing, but "dlp" just points to a buffer on the stack, which
*should* be thread-safe. (The stack trace is a bit odd, given that
the crash is in dlrawdatareq().)
Right, I thought it was quite odd too, but figured it was a compiler
or debugger artifact. I couldn't access the locals in dlrawdatareq()
with gdb. All the debugger was able to give me was "buf" as an arg on
the previous stack frame and global "ctl", the strbuf.
(gdb) list -
1493 static int
1494 dlrawdatareq(int fd, const u_char *datap, int datalen)
1495 {
1496 struct strbuf ctl, data;
1497 long buf[MAXDLBUF]; /* XXX - char? */
1498 union DL_primitives *dlp;
1499 int dlen;
1500
1501 dlp = (union DL_primitives*) buf;
1502
(gdb) print ctl
$9 = {maxlen = 8192, len = 4, buf = 0x9fffffffef7e23a4 ""}
(gdb) print &ctl
$10 = (struct strbuf *) 0x9fffffffef7e0260
(gdb) print data
No symbol "data" in current context.
(gdb) print &data
No symbol "data" in current context.
(gdb) print dlp
No symbol "dlp" in current context.
(gdb) print &dlp
No symbol "dlp" in current context.
(gdb) print dlen
No symbol "dlen" in current context.
(gdb) print &dlen
No symbol "dlen" in current context.
(gdb) print buf
$6 = (const void *) 0x9fffffffef720890
(gdb) up
#1 0xc0000000028f6c90:0 in pcap_inject (p=0x6000000000013650,
buf=0x9fffffffef720890, size=60) at ./pcap.c:782
782 return (p->inject_op(p, buf, size));
(gdb) print buf
$7 = (const void *) 0x9fffffffef720890
Also, it looks like ctl is only used by pcap_read_dlpi(). Is there a
reason it shouldn't be local (the way the data strbuf is)?
--Harley
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- HP-UX crash on inject while receiving Harley Stenzel (Jul 28)
- Re: HP-UX crash on inject while receiving Guy Harris (Jul 28)
- Re: HP-UX crash on inject while receiving Harley Stenzel (Jul 31)
- Re: HP-UX crash on inject while receiving Rick Jones (Jul 31)
- Re: HP-UX crash on inject while receiving Harley Stenzel (Jul 31)
- Re: HP-UX crash on inject while receiving Guy Harris (Jul 28)