ocserv-worker 100% CPU USAGE
Farzad Fallah
farzad.fallah at gmail.com
Sun Aug 24 21:31:12 PDT 2014
Thanks for your efforts, but the new workaround :
http://git.infradead.org/ocserv.git/commit/6f4f60db5afaaeadfbabb648ccdb5991b15dfc00
causes the worker process to crash on my box (debian wheezy) with this error :
Aug 25 05:58:43 XX kernel: [61217.330915] ocserv-worker[32574]:
segfault at 10e8 ip 00007f9d53733960 sp 00007fffc4752b78 error 4 in
libgnutls-deb0.so.28.30.6[7f9d536dd000+104000]
I am using libgnutls28-dev to compile ocserv :
root at XX:~# apt-cache show libgnutls28-dev
Package: libgnutls28-dev
Source: gnutls28
Version: 3.2.15-2~bpo70+1
Installed-Size: 2800
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Architecture: amd64
Replaces: gnutls-dev
Provides: gnutls-dev
Depends: libgnutls-deb0-28 (= 3.2.15-2~bpo70+1), libgnutlsxx28 (=
3.2.15-2~bpo70+1), libgnutls-xssl0 (= 3.2.15-2~bpo70+1), nettle-dev
(>= 2.5), libc6-dev | libc-dev, zlib1g-dev, libtasn1-6-dev (>= 3.1),
libp11-kit-dev (>= 0.20)
Suggests: gnutls-doc, gnutls-bin, guile-gnutls
Conflicts: gnutls-dev
I dont know if it is related or not but libgnutls28-dev is a backport
for debian wheezy. the stable package libgnutls-dev is version 2.12.20
and can not be used to compile ocserv.
let me know if you need more information.
On Sat, Aug 23, 2014 at 11:09 PM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
> On Fri, 2014-08-22 at 18:41 +0200, Nikos Mavrogiannopoulos wrote:
>
>> The cause is here:
>> pselect6(22, [4 7 8 21], NULL, NULL, {10, 0}, {[], 8}) = 1 (in [7],
>> left {9, 999997763})
>> recvfrom(5, 0xad9330, 18780, 0, 0, 0) = -1 EBADF (Bad file descriptor)
>>
>> It is waiting for descriptors 4,7,8,21 and then receiving from
>> descriptor 5. That is an issue it should now be fixed in the
>> repository.
>> What I don't understand though is how it does get into an infinite
>> loop. All the callers of recvfrom() check for its return code. I will
>> check again later with a more clear head.
>
> It seems I figured it out. A work-around is included with ocserv-0.8.3,
> and a proper fix will be in the gnutls release.
>
> regards,
> Nikos
>
>
More information about the openconnect-devel
mailing list