Bug 10862 - PXE daemon can use 100% of available CPU time
PXE daemon can use 100% of available CPU time
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: pxe (Show other bugs)
6.1
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Erik Troan
:
: 11202 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-04-16 14:57 EDT by Timothy Dougherty
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-04-16 14:58:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Proposed patch (as in full description) as an attachment (600 bytes, patch)
2000-04-16 14:58 EDT, Timothy Dougherty
no flags Details | Diff

  None (edit)
Description Timothy Dougherty 2000-04-16 14:57:08 EDT
The PXE server contains a bug that can cause it to use 100% of available
CPU time. This bug is present in the pxe-0.1-14 for i386 RPM. It may be
present in other packages too.

The bug is visible when the PXE daemon is not allowed to grab the DHCP
port.

The bug is in pxe-linux/server/services/pxeservice.cc

At lines 54 and 55 the programmer declares two file descriptors to contain
the socket handles for the DHCP and BINL sockets. He initialises them both
to 0, which on the Windows platform (from which this code is clearly
derived; witness "SOCKET" everywhere instead of "int") may be an illegal
handle for a socket, but on Linux is a valid file descriptor.

Anyway, if one does not allow the program to use the DHCP socket (say, by
running a DHCP daemon on the system) then later on the code calls select()
like this (output from strace):

select(4, [0 3], NULL, NULL, NULL)      = 1 (in [0])

At some point fd 0 becomes readable, and this select call returns.
Unfortunately the coder made a thinko when checking the return status, and
basically calls select() again immediately, without reading from fd 0.
select() thus immediately returns again, and the program loops like this
consuming all available time on one CPU

The bug fix is easy; here's my patch:

--- pxeservice.cc.orig  Thu Sep 23 18:00:51 1999
+++ pxeservice.cc       Sun Apr 16 20:08:37 2000
@@ -52,6 +52,6 @@
        struct ip_mreq stIpMreq;

-       SOCKET scDhcp = 0;
-       SOCKET scBinl = 0;
+       SOCKET scDhcp = -1;
+       SOCKET scBinl = -1;
        SOCKADDR_IN siDhcp;
        SOCKADDR_IN siBinl;
@@ -266,5 +266,5 @@
                }

-               if ((n >= 1) && scDhcp && FD_ISSET(scDhcp, &rfd) )
+               if ((n >= 1) && (scDhcp>=0) && FD_ISSET(scDhcp, &rfd) )
                {

@@ -293,5 +293,5 @@
                        SendToClients(ClientData);
                }
-               if ((n >= 1) && scBinl && FD_ISSET(scBinl, &rfd) )
+               if ((n >= 1) && (scBinl>=0) && FD_ISSET(scBinl, &rfd) )
                {
                        n--;
Comment 1 Anonymous 2000-04-16 14:58:59 EDT
Created attachment 204 [details]
Proposed patch (as in full description) as an attachment
Comment 2 Erik Troan 2000-08-05 10:04:24 EDT
Added to pxe-0.1-20

Thanks!
Comment 3 Erik Troan 2000-08-05 10:05:36 EDT
*** Bug 11202 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.