[ovs-dev] [bug14616 1/5] vlog: Avoid calling worker_request() reentrantly.

Ben Pfaff blp at nicira.com
Fri Jan 11 04:00:58 UTC 2013


On Thu, Jan 10, 2013 at 05:29:19PM -0800, Ethan Jackson wrote:
> Out of curiosity, what happened? A crash?
> 
> Acked-by: Ethan Jackson <ethan at nicira.com>

It's kind of interesting, so I revised the commit message to give some
details:

vlog: Avoid calling worker_request() reentrantly.

The following call stack was possible:

    vlog
        -> worker_request()
            -> poll_block()
                -> vlog
                     -> worker_request()

which caused problems because worker_request() is not reentrant.  In a
little more detail, the second worker_request() shoves its RPC protocol
data into the middle of the first.  This means that, first, you get
some binary crud in the log (the header for the second RPC).  And,
second, text from the first RPC log message gets treated by the worker
as the subsequent RPC's header.  That, in turn, typically causes the
worker to try to xmalloc() a huge number of bytes (0x20000000 or more,
since "space" has ASCII value 0x20), which causes the worker to die
with "virtual memory exhausted".  The main process then dies because
the worker's death closes the socket it uses to communicate with it
("connection reset").

Bug #14616.
Signed-off-by: Ben Pfaff <blp at nicira.com>
Acked-by: Ethan Jackson <ethan at nicira.com>



More information about the dev mailing list