d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

We've found a recurring problem where some userland process would be

Browse Source 
stuck spinning at 100% cpu around sbcut_internal(). Inside
sbflush_internal(), sb_ccc reached to about 4GB and before passing it
to sbcut_internal(), we type-cast it from uint to int making it -ve.

The root cause of sockbuf growing this large is unknown. Correct fix
is also not clear but based on mailing list discussions, adding
KASSERTs to panic instead of looping endlessly.

Reviewed by:		glebius
Sponsored by:		Limelight Networks
This commit is contained in:
Hiren Panchasara 2017-03-07 00:20:01 +00:00
parent 22986c6740
commit b5b023b91e
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/kern/uipc_sockbuf.c
View File

@ -1043,6 +1043,11 @@ sbcut_internal(struct sockbuf *sb, int len)
{
struct mbuf *m, *next, *mfree;
KASSERT(len > 0, ("%s: len is %d but it is supposed to be +ve",
__func__, len));
KASSERT(len <= sb->sb_ccc, ("%s: len: %d is > ccc: %u",
__func__, len, sb->sb_ccc));
next = (m = sb->sb_mb) ? m->m_nextpkt : 0;
mfree = NULL;