[syslinux] fsc branch and Bochs

Sebastian Herbszt herbszt at gmx.de
Wed Sep 2 15:44:59 PDT 2009 

Sebastian Herbszt wrote:
> H. Peter Anvin wrote:
>> On 09/02/2009 02:15 PM, Sebastian Herbszt wrote:
>>> Trying to load: pxelinux.cfg/C0A80178                              TFTP unknown
>>> opcode 1
>>
>> This means that we got an RRQ back from the TFTP server, which is
>> nonsensical; it may be that Etherboot echoes back our own packets somehow.
> 
> I used wireshark to grab a network dump:
> 
> 192.168.1.120 192.168.1.88 TFTP Read Request, File: pxelinux.cfg/01-b0-c4-20-00-00-01\000, Transfer type: octet\000, 
> tsize\000=0\000, blksize\000=1408\000
> 192.168.1.88 192.168.1.120 TFTP Error Code, Code: File not found, Message: File not found\000
> 192.168.1.120 192.168.1.88 TFTP Read Request, File: pxelinux.cfg/C0A80178\000, Transfer type: octet\000, 
> tsize\000=0\000, blksize\000=1408\000
> 192.168.1.88 192.168.1.120 TFTP Error Code, Code: File not found, Message: File not found\000
> 192.168.1.120 192.168.1.88 TFTP Error Code, Code: Option negotiation failed, Message: TFTP_protocol error\000
> 
> Looks pretty sane to me.

Think i got it. It looks like packet_buf still contains the sent request and not the incoming data.
I put some debug statements into pxe_searchdir (pxe.c) and did overwrite packet_buf with the pattern 0x123456789012
and after the while loop with "err = pxe_call(PXENV_UDP_READ, &udp_read);" it still contains my pattern. Without
the overwrite it still has the sent request, so it doesn't bounce back but is just still in the buffer:

Trying to load: pxelinux.cfg/C0A80178
err: 1 timeout: 2
err: 0 timeout: 2
break!
opcode: 5
packet_buf: 500
packet_buf+2: 100
packet_buf+4: 6946
   [FAILED]
Trying to load: pxelinux.cfg/C0A8017
err: 1 timeout: 2
break!
opcode: 13330
packet_buf: 1234
packet_buf+2: 5678
packet_buf+4: 9012
TFTP unknown opcode 13330
TFTP server sent an incomprehesible reply
 
Maybe the code should clear packet_buf and udp_read?

The code checks for

        /* Make sure the packet actually came from the server */
        if (udp_read.src_ip == open_file->tftp_remoteip) {
            printf("break!\n");
            break;
        }

and since udp_read.src_ip still seems to be valid it does exit the while loop.

A possible fix would be to use

        if (!err && (udp_read.src_ip == open_file->tftp_remoteip)) {
            printf("break!\n");
            break;
        }

instead and only check if "err = pxe_call(PXENV_UDP_READ, &udp_read);" didn't error.

- Sebastian

More information about the Syslinux mailing list