Project

General

Profile

Bug #7424

epoll should not leave dangling polldat_t entries

Added by Robert Mustacchi almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Category:
kernel
Start date:
2016-09-27
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

While assisting some folks in IRC with epoll debugging, I encountered some strange polldat_t data:

> ffffff90f536d640::print vnode_t v_data | ::print sonode_t so_poll_list.ph_list | ::list polldat_t pd_next | ::print polldat_t
{
    pd_fd = 0x13
    pd_events = 0
    pd_fp = 0
    pd_php = 0xffffff6edad94938
    pd_thread = 0
    pd_pcache = 0xffffff731a5fd4e8
    pd_next = 0xffffff731a2a2c08
    pd_hashnext = 0
    pd_count = 0
    pd_nsets = 0
    pd_ref = 0
    pd_portev = 0
    pd_epolldata = 0xfa87786200000013
}
{
    pd_fd = 0x13
    pd_events = 0
    pd_fp = 0
    pd_php = 0xffffff6edad94938
    pd_thread = 0
    pd_pcache = 0xffffff70dfe76dc0
    pd_next = 0xffffff4a9f228790
    pd_hashnext = 0
    pd_count = 0
    pd_nsets = 0
    pd_ref = 0
    pd_portev = 0
    pd_epolldata = 0x61d78d800000013
}
{
    pd_fd = 0x13
    pd_events = 0
    pd_fp = 0
    pd_php = 0xffffff6edad94938
    pd_thread = 0
    pd_pcache = 0xffffff39025d07e8
    pd_next = 0
    pd_hashnext = 0
    pd_count = 0
    pd_nsets = 0
    pd_ref = 0
    pd_portev = 0
    pd_epolldata = 0xfab5570900000013
}

Here are polldat_t entries residing in the pollhead list of an active socket. Note that pd_events and pd_fp are both zeroed out. Looking through the logic in devpoll, this zeroing typically only occurs when the polldat_t is also removed from the pollhead. The pollhead removal logic appears to be flawed in several places.

These polldat_t entries don't cause much harm. They should be skipped for pollwakeup. If the caller modifies the fd association, the entry would be overwritten or deleted. The primary issue is confusing during debugging.

History

#1

Updated by Electric Monk over 3 years ago

  • Status changed from New to Closed

git commit 57a0264b71e479ed0dc19299607d662043907cb6

commit  57a0264b71e479ed0dc19299607d662043907cb6
Author: Patrick Mooney <pmooney@pfmooney.com>
Date:   2016-10-11T15:01:08.000Z

    7422 dpioctl should pay attention to FKIOCTL
    7423 epoll_ctl should throw EINVAL for loops
    7424 epoll should not leave dangling polldat_t entries
    7425 devpoll write feigns success in the face of EINTR
    7426 epoll_ctl not allowed to emit EINTR
    Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
    Reviewed by: Bryan Cantrill <bryan@joyent.com>
    Approved by: Dan McDonald <danmcd@omniti.com>

Also available in: Atom PDF