Hi Christopher,

You're right; that segfault happens with the build at the faulty commit and
not later versions such as v1.8.5.
However, version v1.8.5 does segfault with the attached modified Lua
script. As far as I can tell, the problem arises after any call to
"txn.res:set()".

In the attached Lua script, if you remove the call to either of
"txn.res:set(txn.res:get())" or "txn.res:forward(txn.res:get_in_len())",
the segfault will disappear.
Also, when I only have a call to "txn.res:set(txn.res:get())" in the
script, haproxy becomes unresponsive to all but the first request on each
persistent connection. That is, something like "curl -sig localhost:80
localhost:80" will only get the response for the first request; the second
one times out on the existing connection and succeeds only on a a second
connection established by curl.

--------------- Here is the output of "haproxy -vv" for the new segfault
---------------

HA-Proxy version 1.8.5 2018/03/23
Copyright 2000-2018 Willy Tarreau <wi...@haproxy.org>

Build options :
  TARGET  = linux26
  CPU     = generic
  CC      = gcc
  CFLAGS  = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement
-fwrapv -fno-strict-overflow -Wno-format-truncation -Wno-null-dereference
-Wno-unused-label
  OPTIONS = USE_THREAD=1 USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with OpenSSL version : OpenSSL 1.1.0h-fips  27 Mar 2018
Running on OpenSSL version : OpenSSL 1.1.0h-fips  27 Mar 2018
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.4
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.41 2017-07-05
Running on PCRE version : 8.41 2017-07-05
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built without compression support (neither USE_ZLIB nor USE_SLZ are set).
Compression algorithms supported : identity("identity")
Built with network namespace support.

Available polling systems :
      epoll : pref=300,  test result OK
       poll : pref=200,  test result OK
     select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace


Best,
Seyed


On Wed, Apr 11, 2018 at 5:46 AM, Christopher Faulet <cfau...@haproxy.com>
wrote:

> Le 11/04/2018 à 01:31, Hessam Mirsadeghi a écrit :
>
>> Hi,
>>
>> I have a simple Lua http-response action script that leads to
>> segmentation fault in haproxy. The Lua script is a simple call
>> to txn.res:forward(0).
>> A sample haproxy config and the Lua script files are attached. The
>> backend is simply an nginx instance which responds with 204 No Content.
>>
>> The commit that introduces this problem is:
>> commit 8a5949f2d74c3a3a6c6da25449992c312b183ef3
>>      BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier
>> as possible
>>
>> Any ideas?
>>
>>
> Hi,
>
> I'm unable to reproduce the segfault using your example. Could you provide
> the output of "haproxy -vv" and the full backtrace of your segfault ?
>
> Regards,
>
> --
> Christopher Faulet
>
function foo(txn)
    txn.res:set(txn.res:get())
    txn.res:forward(txn.res:get_in_len())
end

core.register_action("foo", {"http-res"}, foo)

Reply via email to