From: Willy Tarreau Date: Thu, 25 Apr 2019 17:12:26 +0000 (+0200) Subject: MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever X-Git-Tag: v2.0-dev3~164 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dcb0e1d37dc336be19ec306983c1cb4ddc3ba13c;p=thirdparty%2Fhaproxy.git MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever If an appctx is caught spinning over itself at more than 100000 loops per second and for more than one second, the process will be aborted and the offender reported on the console and logs. Typical figures usually are just a few tens to hundreds per second over a very short time so there is a huge margin here. Using even higher values could also work but there is the risk of not being able to catch offenders if multiple ones start to bug at the same time and share the load. This code should ideally be disabled for stable releases, though in theory nothing should ever trigger it. --- diff --git a/src/applet.c b/src/applet.c index aacc04b67a..4832a748f4 100644 --- a/src/applet.c +++ b/src/applet.c @@ -60,6 +60,7 @@ struct task *task_run_applet(struct task *t, void *context, unsigned short state { struct appctx *app = context; struct stream_interface *si = app->owner; + unsigned int rate; if (app->state & APPLET_WANT_DIE) { __appctx_free(app); @@ -74,7 +75,10 @@ struct task *task_run_applet(struct task *t, void *context, unsigned short state si_rx_endp_done(si); /* measure the call rate */ - update_freq_ctr(&app->call_rate, 1); + rate = update_freq_ctr(&app->call_rate, 1); + if (rate >= 100000 && app->call_rate.prev_ctr) { // make sure to wait at least a full second + stream_dump_and_crash(&app->obj_type, read_freq_ctr(&app->call_rate)); + } /* Now we'll try to allocate the input buffer. We wake up the applet in * all cases. So this is the applet's responsibility to check if this