git.ipfire.org Git - thirdparty/suricata.git/commit

author	Victor Julien <victor@inliniac.net>
	Fri, 23 Oct 2015 16:29:10 +0000 (18:29 +0200)
committer	Victor Julien <victor@inliniac.net>
	Mon, 26 Oct 2015 08:12:59 +0000 (09:12 +0100)
commit	7f8795c7563827f090d8679cb35847af0085fc56
tree	d46a9c0144d7d7812ca668f4dc86e41cea44b6ac	tree
parent	8d06d7bccc431fda671bacca482fd98264b660fb	commit \| diff

threading: avoid autofp deadlock

When there are many threads and/or the packet pool (max-pending-packets) is
small, a potential dead lock exists between the packet pool return pool
logic and the capture threads. The autofp workers together can have all the
packets in their return pools, while the capture thread(s) are waiting at an
empty pool. A race between the worker threads and the capture thread, where
the latter signals the former, is lost by the capture thread. Now everyone
is waiting.

To avoid this scenario, this patch makes the previously hardcoded 'return
pool' threshold dynamic based on the number of threads and the packet pool
size.

It sets the threshold to the max pending packets value, divided by the number
of lister threads. The max value hasn't changed. Normally, in the autofp
runmode these are the stream/detect/log worker threads.

The max_pending_return_packets value needs to stay below the packet pool size
of the 'producers' (normally pkt capture threads but also flow timeout
injection) to avoid the deadlock.

As it's quite impossible at this time to learn how many threads will be
created before starting the runmodes, and thus spawning the threads and
already initializing the packet pools, this code sets a global variable
after runmode setup, but before the threads are 'unpaused'.

src/suricata.c		diff \| blob \| blame \| history
src/tmqh-packetpool.c		diff \| blob \| blame \| history
src/tmqh-packetpool.h		diff \| blob \| blame \| history