From nobody@FreeBSD.org  Fri Mar 22 13:51:37 2002
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 123E837B419
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 22 Mar 2002 13:51:37 -0800 (PST)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g2MLpb221186;
	Fri, 22 Mar 2002 13:51:37 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200203222151.g2MLpb221186@freefall.freebsd.org>
Date: Fri, 22 Mar 2002 13:51:37 -0800 (PST)
From: Lev Walkin <vlm@netli.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: poll() behaves erratic on BPF file descriptors.
X-Send-Pr-Version: www-1.0

>Number:         36219
>Category:       kern
>Synopsis:       [bpf] [patch] poll() behaves erratic on BPF file descriptors.
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    gad
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 22 14:00:01 PST 2002
>Closed-Date:    Wed Sep 27 04:58:51 GMT 2006
>Last-Modified:  Wed Sep 27 04:58:51 GMT 2006
>Originator:     Lev Walkin
>Release:        FreeBSD-4.5
>Organization:
Netli, Inc.
>Environment:
FreeBSD shelty.netli.lan 4.5-RELEASE FreeBSD 4.5-RELEASE #5: Fri Mar 22 13:29:20 PST 2002     root@shelty.netli.lan:/usr/src/sys/compile/BSD  i386
Previous versions of FreeBSD does not have this problem.
>Description:
      poll() and select() system calls constantly returning POLLIN or POLLRDNORM
on BPF file descriptors, even if there is no data available. Subsequent read()
would return EAGAIN. This behaviour breaks multithreaded programs
(using standart user-level threads in libc_r), because their read() uses poll().
>How-To-Repeat:
      just try to use poll() with events=POLLIN at opened file descriptor. it will always return revents & POLLIN, despite of the data availability.
>Fix:
Fix bpfpoll() function in /sys/net/bpf.c:

===
--- bpf.c.old   Fri Mar 22 13:48:18 2002
+++ bpf.c       Fri Mar 22 13:48:42 2002
@@ -1085,7 +1085,7 @@
        if (d->bd_bif == NULL)
                return (ENXIO);
 
-       revents = events & (POLLIN | POLLWRNORM);
+       revents = events & (POLLOUT | POLLWRNORM);
        s = splimp();
        if (events & (POLLIN | POLLRDNORM)) {
                /*
@@ -1094,11 +1094,12 @@
                 *      if (d->b_slen != 0 ||
                 *          (d->bd_hbuf != NULL && d->bd_hlen != 0)
                 */
-               if (d->bd_hlen != 0 ||
-                   ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) &&
-                   d->bd_slen != 0))
+               if (d->bd_hlen != 0
+                       || (d->bd_immediate && d->bd_slen != 0)
+                       || d->bd_state == BPF_TIMED_OUT
+               ) {
                        revents |= events & (POLLIN | POLLRDNORM);
-               else {
+               } else {
                        selrecord(p, &d->bd_sel);
                        /* Start the read timeout if necessary. */
                        if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {

>Release-Note:
>Audit-Trail:

From: Garance A Drosehn <gad@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org, vlm@netli.com
Cc:  
Subject: Re: kern/36219: poll() behaves erratic on BPF file descriptors.
Date: Sat, 23 Mar 2002 02:01:22 -0500

 I have applied the first part of this patch which changes the
 POLLIN to POLLOUT on freebsd-stable.  The POLLIN was a mistake
 in one of my earlier commits.
 
 I do not know about the rest of the proposed patch.
 
 -- 
 Garance Alistair Drosehn            =   gad@eclipse.acs.rpi.edu
 Senior Systems Programmer                   or  gad@freebsd.org
 Rensselaer Polytechnic Institute            or  drosehn@rpi.edu

From: Lev Walkin <vlm@netli.com>
To: Garance A Drosehn <gad@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/36219: poll() behaves erratic on BPF file descriptors.
Date: Sat, 23 Mar 2002 17:45:38 -0800

 Garance A Drosehn wrote:
 > I have applied the first part of this patch which changes the
 > POLLIN to POLLOUT on freebsd-stable.  The POLLIN was a mistake
 > in one of my earlier commits.
 
 Yeah, sure.
 
 > I do not know about the rest of the proposed patch.
 
 Well, let's explain things.
 
 What did we had:
 
 if (d->bd_hlen != 0 || ((d->bd_immediate || d->bd_state == 
 BPF_TIMED_OUT) && d->bd_slen != 0)
 
 Suppose that we have no data in hold buffer and no data in
 store buffer. We also have a timeout state (bd_state = BPF_TIMED_OUT).
 
 So, expression transfers to
 
 if( 0 != 0 || (0 || 2 == 2) && 0 != 0)
 
 or
 
 if(0 || 1 && 0)
 
 or
 
 if(0).
 
 But we do want to report this timeout up to the application!
 So, we will not succeed in that.
 
 What do we need, is to report back POLLIN event in these
 cases:
 1. Hold buffer is not empty.
 2. We were requested to answer immediately if we have any amount of
 data.
 3. We've experienced a time out.
 
 This is effectively means the following
 
 +               if (d->bd_hlen != 0
 +                       || (d->bd_immediate && d->bd_slen != 0)
 +                       || d->bd_state == BPF_TIMED_OUT
 +               ) {
 
 
 In the FreeBSD 4.4 code we had these lines:
 
 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0))
 
 So it seems somebody installed a "d->bd_state == BPF_TIMED_OUT"
 in the wrong place.
 
 
 Please, consider applying the rest of the patch.
 
 
 -- 
 Lev Walkin
 vlm@netli.com
 

From: Nate Lawson <nate@root.org>
To: freebsd-gnats-submit@FreeBSD.org, vlm@netli.com, gad@freebsd.org
Cc: bde@freebsd.org
Subject: Re: kern/36219: poll() behaves erratic on BPF file descriptors.
Date: Thu, 15 Aug 2002 16:20:34 -0700 (PDT)

 I looked over the current state of bpf.c and it seems like this PR can be
 closed.  Comments?
 
 if (events & (POLLIN | POLLRDNORM)) {
     /*
      * An imitation of the FIONREAD ioctl code.
      * XXX not quite.  An exact imitation:
      *if (d->b_slen != 0 ||
      *    (d->bd_hbuf != NULL && d->bd_hlen != 0)
      */
     if (d->bd_hlen != 0 ||
         ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) &&
         d->bd_slen != 0))
             revents |= events & (POLLIN | POLLRDNORM);
     else {
 
 -Nate
 

From: Lev Walkin <vlm@netli.com>
To: Nate Lawson <nate@root.org>
Cc: freebsd-gnats-submit@FreeBSD.org, gad@freebsd.org,
	bde@freebsd.org
Subject: Re: kern/36219: poll() behaves erratic on BPF file descriptors.
Date: Thu, 15 Aug 2002 18:17:37 -0700

 Nate Lawson wrote:
 > I looked over the current state of bpf.c and it seems like this PR can be
 > closed.  Comments?
 > 
 > if (events & (POLLIN | POLLRDNORM)) {
 >     /*
 >      * An imitation of the FIONREAD ioctl code.
 >      * XXX not quite.  An exact imitation:
 >      *if (d->b_slen != 0 ||
 >      *    (d->bd_hbuf != NULL && d->bd_hlen != 0)
 >      */
 >     if (d->bd_hlen != 0 ||
 >         ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) &&
 >         d->bd_slen != 0))
 
 Don't we want a POLLIN event to occur when the BPF_TIMED_OUT
 state is reached and there is still no data?
 This seems to be a timeout on waiting data, which should
 be reported up.
 
 
 >             revents |= events & (POLLIN | POLLRDNORM);
 >     else {
 > 
 > -Nate
 > 
 
 
 
 -- 
 Lev Walkin
 vlm@netli.com
 

From: Bruce Evans <bde@zeta.org.au>
To: Lev Walkin <vlm@netli.com>
Cc: Nate Lawson <nate@root.org>, <freebsd-gnats-submit@FreeBSD.org>,
	<gad@FreeBSD.org>, <bde@FreeBSD.org>
Subject: Re: kern/36219: poll() behaves erratic on BPF file descriptors.
Date: Fri, 16 Aug 2002 18:17:53 +1000 (EST)

 On Thu, 15 Aug 2002, Lev Walkin wrote:
 
 > Nate Lawson wrote:
 > > I looked over the current state of bpf.c and it seems like this PR can be
 > > closed.  Comments?
 > >
 > > if (events & (POLLIN | POLLRDNORM)) {
 > >     /*
 > >      * An imitation of the FIONREAD ioctl code.
 > >      * XXX not quite.  An exact imitation:
 > >      *if (d->b_slen != 0 ||
 > >      *    (d->bd_hbuf != NULL && d->bd_hlen != 0)
 > >      */
 > >     if (d->bd_hlen != 0 ||
 > >         ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) &&
 > >         d->bd_slen != 0))
 >
 > Don't we want a POLLIN event to occur when the BPF_TIMED_OUT
 > state is reached and there is still no data?
 > This seems to be a timeout on waiting data, which should
 > be reported up.
 
 Something like that.  I think your reply in the middle of the followup
 mail gives more details.  I hoped that jdp would finish fixing this
 (It has something to do with a change that he made.  I don't completely
 understand it).
 
 One point in the original PR seems to have been OBE (E = MFC).
 
 Bruce
 
Responsible-Changed-From-To: freebsd-bugs->gad@freebsd.org 
Responsible-Changed-By: wes 
Responsible-Changed-When: Wed Sep 27 03:11:08 UTC 2006 
Responsible-Changed-Why:  
Does this even apply anymore?  If so, please update the PR description 
for 5.x on, if not close it.  Thanks!  -- Wes 


http://www.freebsd.org/cgi/query-pr.cgi?pr=36219 
State-Changed-From-To: open->feedback 
State-Changed-By: wes 
State-Changed-When: Wed Sep 27 03:46:10 UTC 2006 
State-Changed-Why:  
Fix the email address, change to feedback since I think this is out of date. 


Responsible-Changed-From-To: gad@freebsd.org->gad 
Responsible-Changed-By: wes 
Responsible-Changed-When: Wed Sep 27 03:46:10 UTC 2006 
Responsible-Changed-Why:  
Fix the email address.  Doh! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=36219 
State-Changed-From-To: feedback->closed 
State-Changed-By: gad 
State-Changed-When: Wed Sep 27 04:53:23 UTC 2006 
State-Changed-Why:  
It appears to me that this bug should be fixed, as a side-effect of: 

Revision 1.113, Tue Aug 5 07:12:49 2003 UTC (3 years, 1 month ago) by jmg 

That is probably why we haven't heard any additional reports of this in 
the past three years. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=36219 
>Unformatted:
