ngx_quic_create_stream segfault

Clima Gabriel clima.gabrielphoto at gmail.com
Fri Dec 22 15:02:02 UTC 2023


Hello Maxim,
You're right.
Disabling the ssl-ja3 module was sufficient to stop the segfaults.
Thanks!

On Fri, Dec 22, 2023 at 4:14 PM Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Fri, Dec 22, 2023 at 11:59:22AM +0200, Clima Gabriel wrote:
>
> > Thanks.
> > I ended up using valgrind and got much closer to the answer.
> > Arguments I used:
> > valgrind --leak-check=full --show-leak-kinds=all --trace-children=yes
> > --track-origins=yes --verbose --log-file=valgrind-output.txt
> > /root/nginx/objs/nginx -c /etc/nginx/nginx.conf
> > That led me to find that the HTTP and QUIC  requests somehow end upsing
> the
> > same pointer to http_connection_t, which seems obviously wrong.
>
> This might be perfectly correct as long as the original connection
> was closed.
>
> > #0  ngx_SSL_early_cb_fn (s=0x55ae3ad5cae0, al=0x7fff1cf4c8f4,
> > arg=0x7f3417bf4b00) at src/event/ngx_event_openssl.c:1949
>
> There is no such function in nginx, so it looks like you are using
> some 3rd party modifications.
>
> You may want to start with compiling vanilla nginx as available
> from nginx.org without any 3rd party modules and/or patches and
> testing if you are able to reproduce the problem.
>
> [...]
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20231222/acb0db6b/attachment.htm>


More information about the nginx mailing list