From dcb0e1d37dc336be19ec306983c1cb4ddc3ba13c Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Thu, 25 Apr 2019 19:12:26 +0200 Subject: [PATCH] MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever If an appctx is caught spinning over itself at more than 100000 loops per second and for more than one second, the process will be aborted and the offender reported on the console and logs. Typical figures usually are just a few tens to hundreds per second over a very short time so there is a huge margin here. Using even higher values could also work but there is the risk of not being able to catch offenders if multiple ones start to bug at the same time and share the load. This code should ideally be disabled for stable releases, though in theory nothing should ever trigger it. --- src/applet.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/applet.c b/src/applet.c index aacc04b67..4832a748f 100644 --- a/src/applet.c +++ b/src/applet.c @@ -60,6 +60,7 @@ struct task *task_run_applet(struct task *t, void *context, unsigned short state { struct appctx *app = context; struct stream_interface *si = app->owner; + unsigned int rate; if (app->state & APPLET_WANT_DIE) { __appctx_free(app); @@ -74,7 +75,10 @@ struct task *task_run_applet(struct task *t, void *context, unsigned short state si_rx_endp_done(si); /* measure the call rate */ - update_freq_ctr(&app->call_rate, 1); + rate = update_freq_ctr(&app->call_rate, 1); + if (rate >= 100000 && app->call_rate.prev_ctr) { // make sure to wait at least a full second + stream_dump_and_crash(&app->obj_type, read_freq_ctr(&app->call_rate)); + } /* Now we'll try to allocate the input buffer. We wake up the applet in * all cases. So this is the applet's responsibility to check if this