bug: objdump: 00004968 <_receive_frame+524> b 00004994 <_receive_frame+550> adb: _receive_frame+0x524: ba _receive_frame + 0x550 notes The lance driver, in leattach(): 1e0: 40 00 00 00 call 1e0 <_leattach+1b4> 1e0: WDISP30 _ether_attach+0xfffffe20 1e4: 92 10 00 1d mov %i5, %o1 1e8: 90 07 21 58 add %i4, 0x158, %o0 1ec: 92 10 00 1c mov %i4, %o1 1f0: 94 10 20 01 mov 1, %o2 1f4: 40 00 00 00 call 1f4 <_leattach+1c8> 1f4: WDISP30 _bpfattach+0xfffffe0c *************** *** 303,308 **** --- 308,317 ---- /* Do hardware-independent attach stuff. */ ether_attach(&es->es_if, unit, "le", leinit, leioctl, leoutput, lereset); + #if NBPFILTER > 0 + bpfattach(&es->es_bpf, &es->es_if, DLT_EN10MB, + sizeof(struct ether_header)); + #endif /* * attach interrupts and dma vectors */ lestat() calls bpf_mtap: 15c4: 40 00 00 00 call 15c4 <_lestart+39c> 15c4: WDISP30 _ether_error+0xffffea3c 15c8: 90 10 00 1b mov %i3, %o0 15cc: d0 06 e1 40 ld [ %i3 + 0x140 ], %o0 15d0: 90 02 20 01 inc %o0 15d4: d0 26 e1 40 st %o0, [ %i3 + 0x140 ] 15d8: 10 80 00 4f b 1714 <_lestart+4ec> 15dc: e0 26 e0 ec st %l0, [ %i3 + 0xec ] 15e0: 80 90 00 18 tst %i0 15e4: 32 bf ff 83 bne,a 13f0 <_lestart+1c8> 15e8: d6 06 00 00 ld [ %i0 ], %o3 15ec: d0 07 bf f4 ld [ %fp + -12 ], %o0 15f0: 13 00 00 00 sethi %hi(0), %o1 15f0: HI22 _le_softc 15f4: d2 02 60 00 ld [ %o1 ], %o1 15f4: LO10 _le_softc 15f8: 90 02 40 08 add %o1, %o0, %o0 15fc: d8 02 21 58 ld [ %o0 + 0x158 ], %o4 1600: 80 90 00 0c tst %o4 1604: 22 80 00 06 be,a 161c <_lestart+3f4> 1608: f8 26 e0 bc st %i4, [ %i3 + 0xbc ] 160c: d0 02 21 58 ld [ %o0 + 0x158 ], %o0 1610: 40 00 00 00 call 1610 <_lestart+3e8> 1610: WDISP30 _bpf_mtap+0xffffe9f0 } } while (m = m->m_next); + #if NBPFILTER > 0 + { + struct le_softc *le = &le_softc[unit]; + if (le->es_bpf) + bpf_mtap(le->es_bpf, m0); + } + #endif /* * t points to the next free tmd. */ leread(): 1ed4: 40 00 00 00 call 1ed4 <_leread+94> 1ed4: WDISP30 _ether_error+0xffffe12c 1ed8: 90 10 00 18 mov %i0, %o0 1edc: d2 06 20 44 ld [ %i0 + 0x44 ], %o1 1ee0: 92 02 60 01 inc %o1 1ee4: 10 80 00 4c b 2014 <_leread+1d4> 1ee8: d2 26 20 44 st %o1, [ %i0 + 0x44 ] 1eec: 80 90 00 0a tst %o2 1ef0: 22 80 00 1b be,a 1f5c <_leread+11c> 1ef4: d6 07 bf fc ld [ %fp + -4 ], %o3 1ef8: d6 07 bf f8 ld [ %fp + -8 ], %o3 1efc: 80 90 00 0b tst %o3 1f00: 32 80 00 17 bne,a 1f5c <_leread+11c> 1f04: d6 07 bf fc ld [ %fp + -4 ], %o3 1f08: d4 07 bf fc ld [ %fp + -4 ], %o2 1f0c: d0 06 21 58 ld [ %i0 + 0x158 ], %o0 1f10: 94 02 a0 0e add %o2, 0xe, %o2 1f14: 40 00 00 00 call 1f14 <_leread+d4> 1f14: WDISP30 _bpf_tap+0xffffe0ec ! #if NBPFILTER > 0 ! /* ! * If bpf is listening on this interface, let it ! * see the packet before we pass it up to higher ! * level protocols. ! * ! * Note that BPF doesn't currently (and hopefully never will) ! * handle trailer-encapsulated packets. We just ignore them. ! */ ! if (es->es_bpf && off == 0) { ! bpf_tap(es->es_bpf, (u_char *)header, ! (u_int)length + sizeof(struct ether_header)); ! /* ! * If we are in promiscuous mode, we return if this ! * packet isn't for us. This prevents NIT from seeing ! * any promiscuous packets when there is a BPF listener. ! * The IFF_PROMISC test isn't necessary but saves the ! * bcmp() calls; it's probably worthwhile. ! */ ! if ((es->es_if.if_flags & IFF_PROMISC) && ! bcmp(header->ether_dhost.ether_addr_octet, ! es->es_enaddr.ether_addr_octet, 6) != 0 && ! #ifdef MULTICAST ! /* return only if non-multicast */ ! !(header->ether_dhost.ether_addr_octet[0] & 1)) ! #else ! bcmp(header->ether_dhost.ether_addr_octet, ! etherbroadcastaddr.ether_addr_octet, 6) != 0) ! #endif /* MULTICAST */ ! return; ! } ! #endif todo for fddi: add es_bpf to softc [?] [cheat w/ global?] add the attach bpf_tap right after an interrupt to read bpf_tap right before tx [unncessary] 268: f6 26 20 2c st %i3, [ %i0 + 0x2c ] 26c: 40 00 00 82 call 474 <_nf_attach_to_network> 270: d0 02 20 00 ld [ %o0 ], %o0 kadb: :s :s nf_attach:b nf_attach_to_network:b :c kadb> $c kadb> $c _nf_attach_to_network(0x0,0xfb003088,0x19,0xa0,0x200,0xff007000) + 18 _nf_attach(0xfb001590,0xfb0029e8,0x64,0x0,0xf01fbe54,0xfb001f7c) + 1c0 _attach_devs(0xfb001308,0xf0204fe0,0x6,0xfb0013d0,0x0,0xfb001590) + 10c nf_attach_to_network arg0: used arg1: heap thing arg2: bashed arg3: arg4: cleared arg5: bashed nf_attach %i2 of nf_attach is ifp not passed to after receive_llc() count bkpt command 1 _receive_frame+0x7d8 1 _receive_frame+0x7f8 arg0: ifp arg1: ? +4 -> l6 arg1+4 -> l6 & with 0x78 Auth. Personal message at 02:55:32 on Sun Jul 13 1997 From: Don't surf! (Don't surf!) There is no water! on TECHNOMAGE.MIT.EDU To: jhawk@ATHENA.MIT.EDU snit_intr(ifp, m, nif) struct ifnet *ifp; struct mbuf *m; struct nit_if *nif; 00004c0c <_receive_frame+7c8> sub %o2, 4, %o2 00004c10 <_receive_frame+7cc> mov %i0, %o0 00004c14 <_receive_frame+7d0> call 00004f5c <_receive_llc> mtap in receive_llc 00004984 <_receive_frame+540> mov %i5, %l0 kadb> 0xff646700+fbb06900/(112%4)X bad modifier kadb> 0xff646700+fbb06900?44X 0xfb14d000: 0 0 0 0 0 0 0 0 50505050 100004ce 9cfd ether: 0006 7c323100 aaaa0300 800 45000054 88d94000 f5016c42 124600da 80a7fcc5 8003a97 1f160000 33c87f3f b003d 8090a0b c0d0e0f 10111213 14151617 18191a1b 1c1d1e1f 20212223 24252627 28292a2b 2c2d2e2f 30313233 34353637 f2ca1749 0 0 0 0 0 0 0 0 00004a28 <_receive_frame+5e4> mov %l0, %o0 00004a2c <_receive_frame+5e8> mov %i5, %l0 struct mbuf { struct mbuf *m_next; /* next buffer in chain */ u_long m_off; /* offset of data */ short m_len; /* amount of data in this mbuf */ short m_type; /* mbuf type (0 == free) */ union { u_char mun_dat[MLEN]; /* data storage */ struct { short mun_cltype; /* "cluster" type */ int (*mun_clfun)(); int mun_clarg; int (*mun_clswp)(); } mun_cl; } m_un; struct mbuf *m_act; /* link in higher-level mbuf list */ 00004898 <_receive_frame+454> or %o7, %o2, %o7 0000489c <_receive_frame+458> ld [ %fp + -24 ], %o2 000048a0 <_receive_frame+45c> sub %o7, %i2, %i2 i2 points to 2 words prior to etherheader / 000048a4 <_receive_frame+460> ld [ %o2 + 4 ], %o0 000048a8 <_receive_frame+464> ld [ %o2 + 0xc ], %i5 000048ac <_receive_frame+468> and %i2, -4096, %l1 stopped at _receive_frame+0x46c: sub %l1, %o0, %l1 l1 points to packet! [0-padding] div/4k * 32 pak/128 btcpdump -elpvx -i nf0 -s 1500 ./tcpdump -elpvx -i nf0 -s 1500 btcpdump: listening on nf0 13:59:12.335953 9c 0:55:55:c0:0:0 bf:0:60:3e:4c:8c 104: 0008 0045 0000 54eb 3640 00f5 0109 e512 4600 da80 a7fc c508 00c1 6d20 5000 0333 hlen 14 c8df 4000 0818 2b08 090a 0b0c 0d0e 0f10 padding 8 1112 1314 1516 1718 191a 1b1c 1d1e 1f20 2122 2324 2526 2728 292a 2b2c 2d2e 2f30 3132 3334 3536 378e 2c90 96 -> hlen 17 no change -> padding 12