svn commit: r314813 - head/sys/kern
Ngie Cooper (yaneurabeya)
yaneurabeya at gmail.com
Tue Mar 7 03:08:44 UTC 2017
> On Mar 6, 2017, at 16:20, Hiren Panchasara <hiren at FreeBSD.org> wrote:
>
> Author: hiren
> Date: Tue Mar 7 00:20:01 2017
> New Revision: 314813
> URL: https://svnweb.freebsd.org/changeset/base/314813
>
> Log:
> We've found a recurring problem where some userland process would be
> stuck spinning at 100% cpu around sbcut_internal(). Inside
> sbflush_internal(), sb_ccc reached to about 4GB and before passing it
> to sbcut_internal(), we type-cast it from uint to int making it -ve.
>
> The root cause of sockbuf growing this large is unknown. Correct fix
> is also not clear but based on mailing list discussions, adding
> KASSERTs to panic instead of looping endlessly.
>
> Reviewed by: glebius
> Sponsored by: Limelight Networks
>
> Modified:
> head/sys/kern/uipc_sockbuf.c
>
> Modified: head/sys/kern/uipc_sockbuf.c
> ==============================================================================
> --- head/sys/kern/uipc_sockbuf.c Tue Mar 7 00:13:53 2017 (r314812)
> +++ head/sys/kern/uipc_sockbuf.c Tue Mar 7 00:20:01 2017 (r314813)
> @@ -1043,6 +1043,11 @@ sbcut_internal(struct sockbuf *sb, int l
> {
> struct mbuf *m, *next, *mfree;
>
> + KASSERT(len > 0, ("%s: len is %d but it is supposed to be +ve",
> + __func__, len));
> + KASSERT(len <= sb->sb_ccc, ("%s: len: %d is > ccc: %u",
> + __func__, len, sb->sb_ccc));
> +
> next = (m = sb->sb_mb) ? m->m_nextpkt : 0;
> mfree = NULL;
The KASSERT is bad — please fix it. From https://ci.freebsd.org/job/FreeBSD-head-amd64-test/1994/console :
add host 127.0.0.1panic: sbcut_internal: len is 0 but it is supposed to be +ve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20170306/a9df6826/attachment.sig>
More information about the svn-src-head
mailing list