Hi Maxsim, On Mon, Mar 05, 2018 at 03:08:11PM +0300, ?????? ????????? wrote: > Hi! > > I have a backtrace for segfault in haproxy=1.8.4 with 4 threads. It happens > usually under heavy load. Can you take a look? > > Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". > Core was generated by `/usr/sbin/haproxy -f /etc/haproxy/haproxy-market.cfg > -p /var/run/haproxy-market'. > Program terminated with signal SIGSEGV, Segmentation fault. > #0 __pendconn_free (p=0x55d61e970cd8) at src/queue.c:292 > 292 HA_ATOMIC_SUB(&p->srv->nbpend, 1); > (gdb) bt > #0 __pendconn_free (p=0x55d61e970cd8) at src/queue.c:292 > #1 0x000055d61be491de in pendconn_get_next_strm (px=0x55d61e96fea0, > srv=0x55d61ea3d950) at src/queue.c:122 > #2 process_srv_queue (s=0x55d61ea3d950) at src/queue.c:153
It looks very likely that this could be directly related to the threads indeed, and pendconns can be recycled very quickly, so maybe we're reusing one a bit too fast (or maybe we have a very old use-after-free there that is magnified by the threads). Did you have the opportunity to get this one without threads, or conversely do you know if it works fine without threads ? I guess you have maxconn enabled on your servers, could you tell us a bit more about the way the farm is set up (LB algo, #servers, average maxconn, stickiness or not). Thanks, Willy
