On Thu, Mar 07, 2002 at 03:29:44PM -0800, David Boggs wrote: > Attached below is some BPF code. As I read it, bpfattach() is passed > an ifp (struct ifnet *). It mallocs a 'bpf_if' (1) and installs the ifp > in it (2). Then it uses this pointer to ZERO a pointer in the ifp named > if_bpf (3) (presumably a back-pointer). Later, bpf_mtap() is called, > and it picks up the back-pointer to the if_bpf (4) (which has been ZEROed) > and dereferences it (5), causing a type 12 trap. > > Grepping through other device drivers, I note that most of them don't > call bpfattach(), but two or three do. Those that do, are NOT passing > a struct ifnet * as the first argument. What's going on here?
I'm not sure where you're looking for drivers, but every instance of bpfattach I can find passes in a struct ifnet * at the first argument. Take a look at sys/net/if_loop.c for a trivial example of bpf usage. The key thing is that in the input phase you check the if_bpf pointer and only call bpf_mtap if it's non-NULL and hence there is a listener. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
msg32626/pgp00000.pgp
Description: PGP signature