On Tue, 2 Dec 2014, Carlin Bingham wrote:
> On -current, running apachebench with a large number of concurrent
> requests is causing a protection fault.
>
> eg. the command: ab -n 1000 -c 1000 http://my.host/
>
> Reproduced on two different machines.
> CNR on 5.6-release.
>
>
> kernel: protection fault trap, code=0
> Stopped at sys_socket+0x6a: orb $0x1,0(%rax)
> ddb{1}> trace
> sys_socket() at sys_socket+0x6a
> syscall() at syscall+0x297
> --- syscall (number 97) ---
> end of kernel
> end trace frames: 0x182f8a7adde8, count: -2
> 0x182fbc0e1cba:
> ddb{1}>
Gah, this is almost certainly my fault, trying to set the close-on-exec
flag even when the fd allocation failed. Can you reproduce it with this
diff applied?
Philip Guenther
Index: uipc_syscalls.c
===================================================================
RCS file: /cvs/src/sys/kern/uipc_syscalls.c,v
retrieving revision 1.93
diff -u -p -r1.93 uipc_syscalls.c
--- uipc_syscalls.c 9 Sep 2014 02:07:17 -0000 1.93
+++ uipc_syscalls.c 1 Dec 2014 18:44:13 -0000
@@ -83,7 +83,7 @@ sys_socket(struct proc *p, void *v, regi
fdplock(fdp);
error = falloc(p, &fp, &fd);
- if (type & SOCK_CLOEXEC)
+ if (error == 0 && (type & SOCK_CLOEXEC))
fdp->fd_ofileflags[fd] |= UF_EXCLOSE;
fdpunlock(fdp);
if (error != 0)
@@ -240,7 +240,7 @@ redo:
fdplock(fdp);
error = falloc(p, &fp, &tmpfd);
- if (flags & SOCK_CLOEXEC)
+ if (error == 0 && (flags & SOCK_CLOEXEC))
fdp->fd_ofileflags[tmpfd] |= UF_EXCLOSE;
fdpunlock(fdp);
if (error != 0) {
