https://bz.apache.org/bugzilla/show_bug.cgi?id=59947
Bug ID: 59947
Summary: Crash under mod_cache_socache in run_cleanups
Product: Apache httpd-2
Version: 2.4.23
Hardware: PC
OS: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: All
Assignee: [email protected]
Reporter: [email protected]
Found this crash on a web server.
# httpd -V
Server version: Apache/2.4.23 (Unix)
Server built: Aug 4 2016 02:49:24
Server's Module Magic Number: 20120211:61
Server loaded: APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D BUFFERED_LOGS
-D PIPE_BUF=512
-D DYNAMIC_MODULE_LIMIT=256
(gdb) bt full
#0 0x0000000801c653b4 in run_cleanups (cref=0x70) at
memory/unix/apr_pools.c:2348
c = 0x802dbe238
#1 0x0000000801c642a5 in apr_pool_destroy (pool=0x0) at
memory/unix/apr_pools.c:804
active = 0x4a3d8b <invalidate_entity+155>
allocator = 0x80cc2e550
#2 0x00000000004a3e5f in commit_entity (r=0x80cc25bb0, h=<optimized out>) at
mod_cache_socache.c:1126
conf = 0x802db28e8
obj = 0x80cc2e380
sobj = 0x80cc2e3e8
rv = 0
#3 invalidate_entity (h=<optimized out>, r=0x80cc25bb0) at
mod_cache_socache.c:1165
No locals.
#4 0x0000000000498fb7 in cache_invalidate (cache=cache@entry=0x80cc25828,
r=r@entry=0x80cc25bb0) at cache_storage.c:748
list = 0x80cc25810
rv = <optimized out>
status = <optimized out>
h = 0x80cc2e368
location_uri = {scheme = 0x7ffff43a1930 "p\031:\364\377\177",
hostinfo = 0x8017e6bbd <apr_bucket_heap_make+253>
"H\211E\350H\213E\350H\213\025\224]\"", user = 0x43c170 <apr_bucket_free@plt>
"\377%\252\276=",
password = 0x1f40 <error: Cannot access memory at address 0x1f40>,
hostname = 0x80cc2f048 "HTTP/1.1 200 OK\r\nDate: Fri, 05 Aug 2016
03:05:15 GMT\r\nServer: Apache\r\nCache-Control: public, max-age=120,
s-maxage=120\r\nVary: Cookie,Accept-Encoding\r\nContent-Encoding:
gzip\r\nX-Frame-Options: SAMEORIGI"..., port_str = 0x80cc1e4c8
"\320\340\302\f\b",
path = 0x80cc1e548 "\240", query = 0x80cc1e568 "\001", fragment =
0x7ffff43a1970 " \032:\364\377\177",
hostent = 0x8017e6c4d <apr_bucket_heap_create+119>, port = 57384,
is_initialized = 1, dns_looked_up = 0, dns_resolved = 0}
content_location_uri = {scheme = 0x1f40 <error: Cannot access memory at
address 0x1f40>,
hostinfo = 0x80cc2f048 "HTTP/1.1 200 OK\r\nDate: Fri, 05 Aug 2016
03:05:15 GMT\r\nServer: Apache\r\nCache-Control: public, max-age=120,
s-maxage=120\r\nVary: Cookie,Accept-Encoding\r\nContent-Encoding:
gzip\r\nX-Frame-Options: SAMEORIGI"..., user = 0x80cc2dbf0 "text/html;
charset=UTF-8",
password = 0x80cc1e4c8 "\320\340\302\f\b", hostname = 0x7ffff43a1a20
"\310\340\302\f\b",
port_str = 0x8017e5880 <apr_brigade_writev+805>
"H\213E\330H\001E\250H\203E\240\001H\213E\240H;\205h\377\377\377r\236H\213E\270H\213P\030H\213E\230H\001\302H\213E\270H\211P\030\270",
path = 0x1000266eafc <error: Cannot access memory at address 0x1000266eafc>,
query = 0x20 <error: Cannot access memory at address 0x20>, fragment
= 0x80cc2e128 "\250\333\302\f\b", hostent = 0x0, port = 0,
is_initialized = 0, dns_looked_up = 0, dns_resolved = 0}
location = <optimized out>
location_key = 0x0
content_location = <optimized out>
content_location_key = 0x0
---Type <return> to continue, or q <return> to quit---
#5 0x0000000000493d9b in cache_invalidate_filter (f=0x80cc25930,
in=0x80cc2e0c8) at mod_cache.c:1682
r = 0x80cc25bb0
cache = 0x80cc25828
#6 0x00000000004cd9b3 in ap_http_header_filter (f=<optimized out>,
b=0x80cc2dd48) at http_filters.c:1354
r = 0x80cc25bb0
c = <optimized out>
clheader = <optimized out>
protocol = 0x5c0ae5 "HTTP/1.1"
e = <optimized out>
b2 = 0x80cc2e0c8
h = {pool = 0x80cc20028, bb = 0x80cc2e0c8}
ctx = 0x0
ctype = <optimized out>
eb = <optimized out>
#7 0x0000000000454528 in ap_content_length_filter (f=0x80cc21710,
b=0x80cc2dd48) at protocol.c:1443
r = 0x80cc25bb0
ctx = 0x80cc2de00
e = 0x80cc1e248
eos = <optimized out>
eblock = <optimized out>
#8 0x00000000004cfceb in ap_byterange_filter (f=0x80cc216e8, bb=<optimized
out>) at byterange_filter.c:494
r = 0x80cc25bb0
c = 0x80b0e0338
e = <optimized out>
bsend = <optimized out>
tmpbb = <optimized out>
range_start = <optimized out>
range_end = <optimized out>
clength = <optimized out>
rv = <optimized out>
found = 0
bound_head = 0x0
indexes = <optimized out>
idx = <optimized out>
i = <optimized out>
original_status = <optimized out>
---Type <return> to continue, or q <return> to quit---
max_ranges = <optimized out>
max_overlaps = <optimized out>
max_reversals = 20
overlaps = <optimized out>
reversals = <optimized out>
core_conf = <optimized out>
#9 0x000000000050a957 in session_output_filter (f=0x80cc2a160, in=0x80cc2dd48)
at mod_session.c:478
r = 0x0
#10 0x00000000004c2c97 in deflate_out_filter (f=0x80cc2a138, bb=<optimized
out>) at mod_deflate.c:893
buf = <optimized out>
b = <optimized out>
e = 0x80cc1e248
r = 0x80cc25bb0
ctx = 0x80cc2dc60
zRC = <optimized out>
len = 0
blen = 34359738368
data = 0x20 <error: Cannot access memory at address 0x20>
c = 0x802c99738
#11 0x00000000004b9c1d in filter_harness (f=0x80cc2a138, bb=0x80cc2dda8) at
mod_filter.c:323
ret = <optimized out>
cachecontrol = <optimized out>
ctx = 0x80cc2a1c8
filter = <optimized out>
#12 0x0000000000574196 in action_handler (r=0x80cc200a0) at mod_actions.c:205
conf = <optimized out>
t = <optimized out>
action = <optimized out>
script = 0x802daf741
i = <optimized out>
#13 0x000000000046e60a in ap_run_handler (r=0x80cc200a0) at config.c:170
pHook = <optimized out>
n = 15
rv = -1
#14 ap_invoke_handler (r=r@entry=0x80cc200a0) at config.c:434
handler = <optimized out>
---Type <return> to continue, or q <return> to quit---
p = <optimized out>
result = <optimized out>
old_handler = 0x802daf240 "php-fcgi"
ignore = <optimized out>
#15 0x00000000004ca8db in ap_process_async_request (r=r@entry=0x80cc200a0) at
http_request.c:410
c = 0x80b0e0338
access_status = 0
#16 0x00000000004c6181 in ap_process_http_async_connection (c=0x80b0e0338) at
http_core.c:154
r = 0x80cc200a0
cs = 0x80b0e0310
#17 ap_process_http_connection (c=0x80b0e0338) at http_core.c:248
No locals.
#18 0x0000000000478e6a in ap_run_process_connection (c=c@entry=0x80b0e0338) at
connection.c:42
pHook = <optimized out>
n = 4
rv = -1
#19 0x0000000000583b40 in process_socket (my_thread_num=42, my_child_num=2,
cs=0x80b0e02a8, sock=0x80b0e00a0, p=0x80b0e0028, thd=0x80b0119d8) at
event.c:1102
c = 0x80b0e0338
sbh = 0x80b0e0290
conn_id = <optimized out>
rc = <optimized out>
#20 worker_thread (thd=0x80b0119d8, dummy=<optimized out>) at event.c:1963
ti = <optimized out>
process_slot = 2
thread_slot = 42
csd = 0x80b0e00a0
cs = 0x0
ptrans = 0x80b0e0028
rv = <optimized out>
is_idle = 0
te = 0x0
#21 0x0000000801c73125 in dummy_worker (opaque=0x80b0119d8) at
threadproc/unix/thread.c:142
thread = 0x80b0119d8
#22 0x00000008020a8585 in thread_start (curthread=0x80b020c00) at
/usr/src/lib/libthr/thread/thr_create.c:284
set = {__bits = {0, 0, 0, 0}}
#23 0x0000000000000000 in ?? ()
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
Backtrace stopped: Cannot access memory at address 0x7ffff43a2000
(gdb)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
