> On Mar 6, 2017, at 16:20, Hiren Panchasara <hi...@freebsd.org> wrote: > > Author: hiren > Date: Tue Mar 7 00:20:01 2017 > New Revision: 314813 > URL: https://svnweb.freebsd.org/changeset/base/314813 > > Log: > We've found a recurring problem where some userland process would be > stuck spinning at 100% cpu around sbcut_internal(). Inside > sbflush_internal(), sb_ccc reached to about 4GB and before passing it > to sbcut_internal(), we type-cast it from uint to int making it -ve. > > The root cause of sockbuf growing this large is unknown. Correct fix > is also not clear but based on mailing list discussions, adding > KASSERTs to panic instead of looping endlessly. > > Reviewed by: glebius > Sponsored by: Limelight Networks > > Modified: > head/sys/kern/uipc_sockbuf.c > > Modified: head/sys/kern/uipc_sockbuf.c > ============================================================================== > --- head/sys/kern/uipc_sockbuf.c Tue Mar 7 00:13:53 2017 > (r314812) > +++ head/sys/kern/uipc_sockbuf.c Tue Mar 7 00:20:01 2017 > (r314813) > @@ -1043,6 +1043,11 @@ sbcut_internal(struct sockbuf *sb, int l > { > struct mbuf *m, *next, *mfree; > > + KASSERT(len > 0, ("%s: len is %d but it is supposed to be +ve", > + __func__, len)); > + KASSERT(len <= sb->sb_ccc, ("%s: len: %d is > ccc: %u", > + __func__, len, sb->sb_ccc)); > + > next = (m = sb->sb_mb) ? m->m_nextpkt : 0; > mfree = NULL;
The KASSERT is bad — please fix it. From https://ci.freebsd.org/job/FreeBSD-head-amd64-test/1994/console : add host 127.0.0.1panic: sbcut_internal: len is 0 but it is supposed to be +ve
signature.asc
Description: Message signed with OpenPGP using GPGMail
