Bug 10862 - PXE daemon can use 100% of available CPU time
Summary: PXE daemon can use 100% of available CPU time
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: pxe   
(Show other bugs)
Version: 6.1
Hardware: i386
OS: Linux
medium
high
Target Milestone: ---
Assignee: Erik Troan
QA Contact:
URL:
Whiteboard:
Keywords:
: 11202 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-04-16 18:57 UTC by Timothy Dougherty
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-04-16 18:58:48 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch (as in full description) as an attachment (600 bytes, patch)
2000-04-16 18:58 UTC, Timothy Dougherty
no flags Details | Diff

Description Timothy Dougherty 2000-04-16 18:57:08 UTC
The PXE server contains a bug that can cause it to use 100% of available
CPU time. This bug is present in the pxe-0.1-14 for i386 RPM. It may be
present in other packages too.

The bug is visible when the PXE daemon is not allowed to grab the DHCP
port.

The bug is in pxe-linux/server/services/pxeservice.cc

At lines 54 and 55 the programmer declares two file descriptors to contain
the socket handles for the DHCP and BINL sockets. He initialises them both
to 0, which on the Windows platform (from which this code is clearly
derived; witness "SOCKET" everywhere instead of "int") may be an illegal
handle for a socket, but on Linux is a valid file descriptor.

Anyway, if one does not allow the program to use the DHCP socket (say, by
running a DHCP daemon on the system) then later on the code calls select()
like this (output from strace):

select(4, [0 3], NULL, NULL, NULL)      = 1 (in [0])

At some point fd 0 becomes readable, and this select call returns.
Unfortunately the coder made a thinko when checking the return status, and
basically calls select() again immediately, without reading from fd 0.
select() thus immediately returns again, and the program loops like this
consuming all available time on one CPU

The bug fix is easy; here's my patch:

--- pxeservice.cc.orig  Thu Sep 23 18:00:51 1999
+++ pxeservice.cc       Sun Apr 16 20:08:37 2000
@@ -52,6 +52,6 @@
        struct ip_mreq stIpMreq;

-       SOCKET scDhcp = 0;
-       SOCKET scBinl = 0;
+       SOCKET scDhcp = -1;
+       SOCKET scBinl = -1;
        SOCKADDR_IN siDhcp;
        SOCKADDR_IN siBinl;
@@ -266,5 +266,5 @@
                }

-               if ((n >= 1) && scDhcp && FD_ISSET(scDhcp, &rfd) )
+               if ((n >= 1) && (scDhcp>=0) && FD_ISSET(scDhcp, &rfd) )
                {

@@ -293,5 +293,5 @@
                        SendToClients(ClientData);
                }
-               if ((n >= 1) && scBinl && FD_ISSET(scBinl, &rfd) )
+               if ((n >= 1) && (scBinl>=0) && FD_ISSET(scBinl, &rfd) )
                {
                        n--;

Comment 1 Anonymous 2000-04-16 18:58:59 UTC
Created attachment 204 [details]
Proposed patch (as in full description) as an attachment

Comment 2 Erik Troan 2000-08-05 14:04:24 UTC
Added to pxe-0.1-20

Thanks!

Comment 3 Erik Troan 2000-08-05 14:05:36 UTC
*** Bug 11202 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.