[jira] [Commented] (TS-2564) Segmentation fault in 4.2.0-rc0

Mon, 10 Feb 2014 17:13:34 -0800 

    [ 
https://issues.apache.org/jira/browse/TS-2564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13897395#comment-13897395
 ] 

Bryan Call commented on TS-2564:
--------------------------------

Details are below on the backtrace.  It looks like it is coring for request 
going to a group where they are using negative max-age values and multiple 
Cache-Control headers (yes, I know they are wrong).  We are not seeing this on 
our 4.0.2 servers (with some 4.1 backported patches).

{code}
(gdb) bt
#0  mime_hdr_set_accelerators_and_presence_bits (mh=0x2acd02e108c8, 
field=<value optimized out>, detach_all_dups=false) at MIME.cc:469
#1  mime_hdr_field_detach (mh=0x2acd02e108c8, field=<value optimized out>, 
detach_all_dups=false) at MIME.cc:1538
#2  0x00000000005c322c in mime_hdr_field_delete (heap=0x2acd02e10810, 
mh=0x2acd02e108c8, field=0x2acd02e10ab8, delete_all_dups=<value optimized out>) 
at MIME.cc:1586


      mime_hdr_field_detach(mh, field, 0);


(gdb) p next
$1 = (MIMEField *) 0x2b723a7d9ca8
(gdb) p *next
Cannot access memory at address 0x2b723a7d9ca8

#3  0x000000000053cb5b in field_delete (cached_header=0x2acde002fa40, 
response_header=0x2accc168b1d8) at ../../proxy/hdrs/MIME.h:1107
#4  field_delete (cached_header=0x2acde002fa40, response_header=0x2accc168b1d8) 
at ../../proxy/hdrs/MIME.h:1115

    field_delete(field);



#5  HttpTransact::merge_response_header_with_cached_header 
(cached_header=0x2acde002fa40, response_header=0x2accc168b1d8) at 
HttpTransact.cc:4914

          cached_header->field_delete(dname, dlen);



(gdb) p field
$19 = (MIMEField *) 0x2acd57070158
(gdb) p *field
$16 = {
  m_ptr_name = 0x2acebefa0068 "Cache-Control: public\r\nCache-Control: 
max-age=-1706125\r\nX-Cache: MISS from xxxxx\r\nX-Cache-Lookup: HIT from 
xxxxxx:3128\r\nX-Cache: MISS from xxxxx\r\nX-"...,
  m_ptr_value = 0x2acebefa0077 "public\r\nCache-Control: 
max-age=-1706125\r\nX-Cache: MISS from xxxxxx\r\nX-Cache-Lookup: HIT from 
xxxxx:3128\r\nX-Cache: MISS from xxxxxx\r\nX-Cache-Lookup: H"..., m_next_dup = 
0x2acd57070178, m_wks_idx = 10, m_len_name = 13, m_len_value = 6, 
m_n_v_raw_printable = 1 '\001', m_n_v_raw_printable_pad = 4 '\004',
  m_readiness = 2 '\002', m_flags = 3 '\003’}

(gdb) p field->m_next_dup
$20 = (MIMEField *) 0x2acd57070178
(gdb) p *field->m_next_dup
$18 = {
  m_ptr_name = 0x2acebefa007f "Cache-Control: max-age=-1706125\r\nX-Cache: MISS 
from xxxxx\r\nX-Cache-Lookup: HIT from xxxxx:3128\r\nX-Cache: MISS from 
xxxxx\r\nX-Cache-Lookup: HIT from "...,
  m_ptr_value = 0x2acebefa008e "max-age=-1706125\r\nX-Cache: MISS from 
xxxxx\r\nX-Cache-Lookup: HIT from xxxxxx:3128\r\nX-Cache: MISS from 
xxxxxx\r\nX-Cache-Lookup: HIT from is1.hkac.sg3.ya"..., m_next_dup = 0x0, 
m_wks_idx = 10, m_len_name = 13, m_len_value = 16, m_n_v_raw_printable = 1 
'\001', m_n_v_raw_printable_pad = 4 '\004', m_readiness = 2 '\002',
  m_flags = 2 '\002'}

(gdb) p *field->m_next_dup->m_next_dup
Cannot access memory at address 0x0

#6  0x000000000053f023 in 
HttpTransact::merge_and_update_headers_for_cache_update (s=0x2accc168aa78) at 
HttpTransact.cc:4660
#7  0x000000000054ebd2 in 
HttpTransact::handle_cache_operation_on_forward_server_response 
(s=0x2accc168aa78) at HttpTransact.cc:4463

  if ((s->cache_info.action == CACHE_DO_UPDATE) || (s->cache_info.action == 
CACHE_DO_SERVE_AND_UPDATE)) {
    DebugTxn("http_trans", "[hcoofsr] merge and update cached copy");
    merge_and_update_headers_for_cache_update(s);  <<————— this line
{code}

> Segmentation fault in 4.2.0-rc0
> -------------------------------
>
>                 Key: TS-2564
>                 URL: https://issues.apache.org/jira/browse/TS-2564
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>            Reporter: Bryan Call
>            Assignee: Bryan Call
>            Priority: Blocker
>             Fix For: 4.2.0
>
>
> Segmentation fault in mime_hdr_set_accelerators_and_presence_bits() in 
> 4.2.0-rc0:
> {code}
> (gdb) bt
> #0  mime_hdr_set_accelerators_and_presence_bits (mh=0x2acd02e108c8, 
> field=<value optimized out>, detach_all_dups=false) at MIME.cc:469
> #1  mime_hdr_field_detach (mh=0x2acd02e108c8, field=<value optimized out>, 
> detach_all_dups=false) at MIME.cc:1538
> #2  0x00000000005c322c in mime_hdr_field_delete (heap=0x2acd02e10810, 
> mh=0x2acd02e108c8, field=0x2acd02e10ab8, delete_all_dups=<value optimized 
> out>) at MIME.cc:1586
> #3  0x000000000053cb5b in field_delete (cached_header=0x2acde002fa40, 
> response_header=0x2accc168b1d8) at ../../proxy/hdrs/MIME.h:1107
> #4  field_delete (cached_header=0x2acde002fa40, 
> response_header=0x2accc168b1d8) at ../../proxy/hdrs/MIME.h:1115
> #5  HttpTransact::merge_response_header_with_cached_header 
> (cached_header=0x2acde002fa40, response_header=0x2accc168b1d8) at 
> HttpTransact.cc:4914
> {code}



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to