On 11/18/2015 10:23 PM, Stefan Priebe wrote: >> please try to get a backtrace with debugging information. It is likely >> that this is the make_request/__check_pf functionality in glibc, but it >> would be nice to get some certainty. >> >> Which glibc version do you use? Has it got a fix for CVE-2013-7423? > > It's Debians 2.13-38+deb7u8 Debians issue tracker says it is fixed: > https://security-tracker.debian.org/tracker/CVE-2013-7423 I checked, and the patch is there and applied. >> Theoretically, recvmsg could also hang if the Netlink query was dropped >> by the kernel, or the final packet in the response was dropped. We >> never saw that happen, even under extreme load, but I didn't test with >> recent kernels. > > The load is very low in this system. Just 30 phones and only 1-6 calling. This is rather odd. I'm not sure if we can do anything simple on the glibc to help to debug this. If something in the process consumes the Netlink message from the kernel (incorrectly reading from the internal glibc file descriptor), this is fairly difficult detect inside glibc (it would require rather large changes which do not currently exist at all). Florian -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
