On 12/27/15 21:51, Guido Witmond wrote: > So more like a Request of Death.
It had! See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533 > "The http_request_split_value function in request.c in lighttpd before > 1.4.32 allows remote attackers to cause a denial of service (infinite > loop) via a request with a header containing an empty token, as > demonstrated using the "Connection: TE,,Keep-Alive" header. " I don't have any packet captures to prove I got hit by those, but anyway, I've upgraded to lighttpd 1.4.38. Which is here: https://github.com/gwitmond/genode/commit/074130 However, I still experience the hangs. :-( Could it have to do with the remark by ChristianH: [1] "This hints we may have an issue with our file descriptor handling on poll/select." I have reasons to believe the system is busy waiting instead of polling. The power usage monitor shows a constant 56.8 Watts when running Fiasco.OC with lightttpd and a mere 43.6 when running linux. A cpuburn at one cpu reaches just 1 watt less than Genode. Is this polling to be expected from Fiasco.OC with debug mode enabled? Is Genode smart enough to prevent busy loops or is it worth investigation as a cause for the hangs? Cheers, Guido. 1: https://github.com/genodelabs/genode/issues/987#issuecomment-129775238
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
