On 03/06/17 at 07:08P, Ngie Cooper (yaneurabeya) wrote: > > > On Mar 6, 2017, at 16:20, Hiren Panchasara <hi...@freebsd.org> wrote: > > > > Author: hiren > > Date: Tue Mar 7 00:20:01 2017 > > New Revision: 314813 > > URL: https://svnweb.freebsd.org/changeset/base/314813 > > > > Log: > > We've found a recurring problem where some userland process would be > > stuck spinning at 100% cpu around sbcut_internal(). Inside > > sbflush_internal(), sb_ccc reached to about 4GB and before passing it > > to sbcut_internal(), we type-cast it from uint to int making it -ve. > > > > The root cause of sockbuf growing this large is unknown. Correct fix > > is also not clear but based on mailing list discussions, adding > > KASSERTs to panic instead of looping endlessly. > > > > Reviewed by: glebius > > Sponsored by: Limelight Networks > > > > Modified: > > head/sys/kern/uipc_sockbuf.c > > > > Modified: head/sys/kern/uipc_sockbuf.c > > ============================================================================== > > --- head/sys/kern/uipc_sockbuf.c Tue Mar 7 00:13:53 2017 > > (r314812) > > +++ head/sys/kern/uipc_sockbuf.c Tue Mar 7 00:20:01 2017 > > (r314813) > > @@ -1043,6 +1043,11 @@ sbcut_internal(struct sockbuf *sb, int l > > { > > struct mbuf *m, *next, *mfree; > > > > + KASSERT(len > 0, ("%s: len is %d but it is supposed to be +ve", > > + __func__, len)); > > + KASSERT(len <= sb->sb_ccc, ("%s: len: %d is > ccc: %u", > > + __func__, len, sb->sb_ccc)); > > + > > next = (m = sb->sb_mb) ? m->m_nextpkt : 0; > > mfree = NULL; > > The KASSERT is bad ? please fix it. From > https://ci.freebsd.org/job/FreeBSD-head-amd64-test/1994/console : > > add host 127.0.0.1panic: sbcut_internal: len is 0 but it is supposed to be +ve
Thanks, fixed in r314838. Cheers, Hiren
pgpSjs8GsOtO4.pgp
Description: PGP signature
