Hi, I work on mod_pagespeed, where we use a forked version of apr_memcache.c ( https://github.com/pagespeed/mod_pagespeed/blob/master/third_party/aprutil/apr_memcache2.c) to interact with memcached.
Recently we've become aware of a bug where we end up hanging in apr_memcache2_multigetp, pinning cpu at 100%. We have some patches which were created in an attempt to fix some signed bugs in the original code that I think may be causing our issue. Namely here: https://github.com/pagespeed/mod_pagespeed/blob/master/third_party/aprutil/apr_memcache2.c#L1453 vs here https://gist.github.com/crowell/59bfa1bb9f0cda30c48a#file-multiget-c-L192 The original code uses an atoi(), which has undefined behavior when called on non integer strings, leaving len to be 0. Second, the check here https://github.com/pagespeed/mod_pagespeed/blob/master/third_party/aprutil/apr_memcache2.c#L1457 vs https://gist.github.com/crowell/59bfa1bb9f0cda30c48a#file-multiget-c-L199 In the original apr code, this check will never fail. len is an apr_size_t, and will never be < 0. The issue here now is that the check in the "server sent back a key that i didn't ask for" https://github.com/pagespeed/mod_pagespeed/blob/master/third_party/aprutil/apr_memcache2.c#L1507 (same in both forked and upstream), apr_pollset_remove, is never called, and the number of queries sent is never changed. Does it seem possible that this is causing the server to spin here, and would apr be interested in accepting a patch to fix the signedness issues? Thanks, Jeff
