zero size buf in output(Bug?)
Maxim Dounin
mdounin at mdounin.ru
Wed Oct 10 11:01:14 UTC 2012
Hello!
On Wed, Oct 10, 2012 at 02:07:43AM +0400, Andrey Feldman wrote:
> Tried your patch, but after few minutes workers starts crashing.
> GDB:
>
> Core was generated by `nginx: worker process '.
> Program terminated with signal 11, Segmentation fault.
> #0 0x000000000040ab19 in ngx_vslprintf (buf=0x7fff9e5f2785 <Address
> 0x7fff9e5f2785 out of bounds>,
> last=0x7fff9e5f2f50 <Address 0x7fff9e5f2f50 out of bounds>,
> fmt=<value optimized out>, args=0x7fff9e5f2730) at
> src/core/ngx_string.c:178
> 178 while (*fmt >= '0' && *fmt <= '9') {
Strange. What's in backtrace?
>
>
>
>
> On 10/09/2012 11:36 PM, Maxim Dounin wrote:
> >Thank you for report. From debug log it's more or less clear what
> >goes on here, it indeed affects HEAD (as well as other header
> >only) requests while loading cache entry.
> >
> >I'm able to reproduce it here with the following config:
> >
> > location = /proxy {
> > proxy_pass http://127.0.0.1:8080/10m;
> > proxy_cache one;
> > proxy_cache_valid any 5s;
> > sendfile off;
> > output_buffers 1 1024;
> > }
> >
> >It's more or less harmless (i.e. no bad things happen, worst one
> >is log entry).
> >
> >Quick fix would be to do something like this:
> >
> >--- a/src/http/ngx_http_upstream.c
> >+++ b/src/http/ngx_http_upstream.c
> >@@ -2075,6 +2075,8 @@ ngx_http_upstream_send_response(ngx_http
> > r->write_event_handler = ngx_http_request_empty_handler;
> > c->error = 1;
> >
> >+ u->pipe->downstream_error = 1;
> >+
> > } else {
> > ngx_http_upstream_finalize_request(r, u, rc);
> > return;
> >
> >Though it probably needs more attention. I'll take a look as time
> >permits.
> >
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
--
Maxim Dounin
http://nginx.com/support.html
More information about the nginx
mailing list