Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Alex Rousskov]

On 08/04/2015 04:27 PM, HackXBack wrote:
  I'm not sure how to fix that.  then who should i talk to.. 
 you guys should dig in source and found out 


Yes, somebody should dig in source and fix the bug. However, Amos (or
anybody else providing free support on this mailing list) is _not_
obligated to do that. You need to find somebody who is both willing and
able to fix the bug you suffer from. When the bug is complex, it is
often difficult to find such a person or company (unfortunately). FWIW,
The Squid Software Foundation is working on streamlining this search
process for Squid admins, but these improvements take time.


 its important tks any should i ask outside ?? 

If you cannot get help here, you may consider other support avenues:

http://www.squid-cache.org/Support/

http://wiki.squid-cache.org/SquidFaq/CompleteFaq#SquidFaq.2FAboutSquid.How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F


Good luck,

Alex.

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

 I'm not sure how to fix that.  then who should i talk to.. you guys
should dig in source and found out its important tks any should i ask
outside ?? 



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4672606.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 30/06/2015 7:57 p.m., HackXBack wrote:
 i copy from normal log to the assertion error\
 is this enough or you need more ?

Its leading me to a very horrible conclusion. This appears to be a
pinned connection with two transactions trying to read data out of the
server connection simultaneously. I'm not sure how to fix that.

Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

i copy from normal log to the assertion error\
is this enough or you need more ?
Thanks Amos.



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671959.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

2015/06/30 10:09:38.432 kid1| Acl.cc(138) matches: checking always_direct
2015/06/30 10:09:38.432 kid1| Acl.cc(138) matches: checking always_direct#1
2015/06/30 10:09:38.432 kid1| Acl.cc(138) matches: checking fakespeed
2015/06/30 10:09:38.432 kid1| RegexData.cc(51) match: aclRegexData::match:
checking
'https://r1---sn-4g57knls.googlevideo.com/videoplayback?mime=video/mp4key=yt5ms=aumt=1435651756mv=mupn=vXBl$
2015/06/30 10:09:38.432 kid1| RegexData.cc(62) match: aclRegexData::match:
looking for
'(\.*(speedtest|espeed).*\/((latency|random.*|upload)\.(jpg|txt|php)))'
2015/06/30 10:09:38.432 kid1| Acl.cc(158) matches: checked: fakespeed = 0
2015/06/30 10:09:38.432 kid1| Acl.cc(158) matches: checked: always_direct#1
= 0
2015/06/30 10:09:38.432 kid1| Acl.cc(138) matches: checking always_direct#2
2015/06/30 10:09:38.432 kid1| Acl.cc(138) matches: checking bau1
2015/06/30 10:09:38.432 kid1| DomainData.cc(108) match: aclMatchDomainList:
checking 'r1---sn-4g57knls.googlevideo.com'
2015/06/30 10:09:38.432 kid1| DomainData.cc(113) match: aclMatchDomainList:
'r1---sn-4g57knls.googlevideo.com' NOT found
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: bau1 = 0
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: always_direct#2
= 0
2015/06/30 10:09:38.433 kid1| Acl.cc(138) matches: checking always_direct#3
2015/06/30 10:09:38.433 kid1| Acl.cc(138) matches: checking betty1
2015/06/30 10:09:38.433 kid1| DomainData.cc(108) match: aclMatchDomainList:
checking 'r1---sn-4g57knls.googlevideo.com'
2015/06/30 10:09:38.433 kid1| DomainData.cc(113) match: aclMatchDomainList:
'r1---sn-4g57knls.googlevideo.com' NOT found
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: betty1 = 0
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: always_direct#3
= 0
2015/06/30 10:09:38.433 kid1| Acl.cc(138) matches: checking always_direct#4
2015/06/30 10:09:38.433 kid1| Acl.cc(138) matches: checking all
2015/06/30 10:09:38.433 kid1| Ip.cc(95) aclIpAddrNetworkCompare:
aclIpAddrNetworkCompare: compare: 10.11.20.1:15088/[::] ([::]:15088)  vs
[::]-[::]/[::]
2015/06/30 10:09:38.433 kid1| Ip.cc(539) match: aclIpMatchIp:
'10.11.20.1:15088' found
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: all = 1
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: always_direct#4
= 1
2015/06/30 10:09:38.433 kid1| Acl.cc(158) matches: checked: always_direct =
1
2015/06/30 10:09:38.433 kid1| Checklist.cc(61) markFinished: 0x2077cf098
answer ALLOWED for match
2015/06/30 10:09:38.433 kid1| cbdata.cc(426) cbdataInternalUnlock:
0x2038018=0
2015/06/30 10:09:38.433 kid1| Checklist.cc(161) checkCallback:
ACLChecklist::checkCallback: 0x2077cf098 answer=ALLOWED
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid: 0x38f7288
2015/06/30 10:09:38.433 kid1| cbdata.cc(426) cbdataInternalUnlock:
0x38f7288=0
2015/06/30 10:09:38.433 kid1| peer_select.cc(194) peerCheckAlwaysDirectDone:
peerCheckAlwaysDirectDone: ALLOWED
2015/06/30 10:09:38.433 kid1| peer_select.cc(200) peerCheckAlwaysDirectDone:
direct = DIRECT_YES (always_direct allow)
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid: 0x7abd088
2015/06/30 10:09:38.433 kid1| peer_select.cc(441) peerSelectFoo: GET
r1---sn-4g57knls.googlevideo.com
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid:
0x207709228
2015/06/30 10:09:38.433 kid1| client_side.cc(4974) validatePinnedConnection:
local=10.150.15.11:47595 remote=74.125.99.6:443 FD 132 flags=1
2015/06/30 10:09:38.433 kid1| peer_select.cc(940) peerAddFwdServer:
peerAddFwdServer: adding DIRECT PINNED
2015/06/30 10:09:38.433 kid1| peer_select.cc(940) peerAddFwdServer:
peerAddFwdServer: adding DIRECT HIER_DIRECT
2015/06/30 10:09:38.433 kid1| peer_select.cc(940) peerAddFwdServer:
peerAddFwdServer: adding DIRECT PINNED
2015/06/30 10:09:38.433 kid1| peer_select.cc(940) peerAddFwdServer:
peerAddFwdServer: adding DIRECT HIER_DIRECT
2015/06/30 10:09:38.433 kid1| cbdata.cc(492) cbdataReferenceValid: 0x7abd088
2015/06/30 10:09:38.433 kid1| peer_select.cc(258) peerSelectDnsPaths: Find
IP destination for:
http://cdn.youtube/id=o-ACQ6eJqVKCPZIUmKoUQvsHsrXismY31LLzsOB4swKbq-itag=135mime=video/mp4'
via r1--$
2015/06/30 10:09:38.433 kid1| ipcache.cc(501) ipcache_nbgethostbyname:
ipcache_nbgethostbyname: Name 'r1---sn-4g57knls.googlevideo.com'.
2015/06/30 10:09:38.433 kid1| 

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 29/06/2015 10:56 p.m., HackXBack wrote:
 i gave you backtrace report and i gave you my configure option ?
 what else you want from me ?

The backtrace shows where the assert is from. But without those symbols
the gdb cant seem to find in your builds we cant debug what state the
transaction is in. Thats what gives the best clues about where the fix
needs to be.

 when i use youtube mobile app that its content is 206 , then the server
 crashed immediately ...
 this problem need to be solved, 
 am ready for any info's you need.
 Thanks
 


All good clues to help inform the debug. But still lacking info about
whether the client disconnected already (or not), why that
halfClosedReader is unset (client still sending request payload?), and
what events are waiting to be processed for the transaction.

Since it seems so replicatable. Are you able to run a test install with
debug_options ALL,9 and only perform your known failing transaction
through it?
 Perhapse the resulting cache.log will have enough info to make up for
the symbols absence.

Sorry
Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 29/06/2015 3:40 p.m., HackXBack wrote:
 what you supposed me to do Amos, !!
 

Not sure. I have not been able to replicate or identify the source of
the problem you are having.

Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

dear friend, your conf make the same problem, and i dont have
half_closed_clients in my conf !
and this is my configure option maybe the problem from it ...

./configure --prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin
--libexecdir=/usr/lib/squid --sysconfdir=/etc/squid --localstatedir=/var
--libdir=/usr/lib --includedir=/usr/include --datadir=/usr/share/squid
--infodir=/usr/share/info --mandir=/usr/share/man
--disable-dependency-tracking --disable-strict-error-checking
--with-pthreads  --with-aufs-threads=512 --enable-storeio=ufs,aufs
--enable-removal-policies=lru,heap --with-aio --with-dl --disable-icmp
--enable-icap-client --disable-wccp --enable-wccpv2 --enable-cache-digests
--enable-http-violations --enable-linux-netfilter
--enable-follow-x-forwarded-for --enable-zph-qos --with-default-user=proxy
--with-logdir=/var/log/squid --with-pidfile=/var/run/squid.pid
--with-swapdir=/var/spool/squid --enable-ltdl-convenience
--with-filedescriptors=65536 --enable-ssl --enable-ssl-crtd --with-openssl
--enable-snmp --disable-auth --disable-ipv6 --enable-arp-acl --enable-epoll
--enable-referer-log --enable-truncate --disable-unlinkd
--enable-useragent-log --enable-eui --enable-large-cache-files
'CFLAGS=-march=native -mtune=native -pipe -DNUMTHREADS=512'
'CXXFLAGS=-march=native -mtune=native -pipe -DNUMTHREADS=512'
'LDFLAGS=-Wl,--no-as-needed -ldl' 'CPPFLAGS=-I/usr/include/openssl'




--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671924.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Yuri Voinov]

Better to use:

# Adobe/Java and other updates
acl adobe_java_updates urlpath_regex /usr/local/squid/etc/urlregex.updates

# Youtube  CDN store rewrite ACLs
acl store_rewrite_list urlpath_regex 
\/(watch\?|get_video|videoplayback\?) 
\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|webp|flv|f4f|mp4)\? \/ads\?
acl store_rewrite_list_web url_regex 
^https?:\/\/([A-Za-z-]+[0-9]+)*\.[A-Za-z]*\.[A-Za-z]* 
^https?:\/\/(khms|mt)[0-9]+\.google\.[a-z\.]+\/.*
acl store_rewrite_list_path urlpath_regex 
\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|webp|flv|f4f|mp4|ttf)$
acl store_rewrite_list_web_CDN url_regex 
^https?:\/\/[a-z]+[0-9]\.google\.com doubleclick\.net akamaihd\.net


range_offset_limit none adobe_java_updates store_rewrite_list 
store_rewrite_list_web store_rewrite_list_path store_rewrite_list_web_CDN


Also be sure half_closed_clients parameter is default.


27.06.15 3:29, HackXBack пишет:

acl Y-TUBE dstdomain .googlevideo.com
range_offset_limit -1 Y-TUBE

this conf make the assertion bug,
we need a solution
am still waiting Amos
Thanks.



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671919.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

acl Y-TUBE dstdomain .googlevideo.com
range_offset_limit -1 Y-TUBE

this conf make the assertion bug,
we need a solution 
am still waiting Amos
Thanks.



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671919.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

i install 3.5 and still the same problem ,
this assertion error exist when i use 

acl partial dstdomain .googlevideo.com
acl partial dstdomain .youtube.com
acl partial dstdomain .mgccw.com
range_offset_limit none partial



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671821.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

this patch didnt solve the problem :)



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671832.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

used the latest squid 3.5.5 and still the same assertion error
where is the patch for this bug ??



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671827.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

but am not ready now to use 3.5.4
can i use this patch on 3.4 without any problem ?
Thanks Amos.



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670979p4671104.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

Thanks you amos for giving time,
but about this part :

for looping 302 on youtube
acl text-html rep_mime_type text/html
acl http302 http_status 302

store_miss deny text-html
store_miss deny http302
send_hit deny text-html
send_hit deny http302

i use this config with patch file to make youtube not making loop 302 and
then videos will not open and give tv old screen with error accrued ,



--- src/client_side_request.cc  2014-03-09 06:40:56.0 -0300
+++ src/client_side_request.cc  2014-04-21 02:53:11.277155130 -0300
@@ -545,6 +545,16 @@
 }
 debugs(85, 3, HERE  validate IP   clientConn-local  
non-match from Host: IP   ia-in_addrs[i]);
 }
+ 
+if (true) {
+unsigned short port = clientConn-local.port();
+debugs(85, 3, HERE  [anti-forgery] Host-non-matched remote
IP (  clientConn-local  ) was replaced with the first Host resolved
IP (  ia-in_addrs[0]  :  clientConn-local.port()  ));
+clientConn-local = ia-in_addrs[0];
+clientConn-local.port(port);
+http-request-flags.hostVerified = true;
+http-doCallouts();
+return;
+}
 }
 debugs(85, 3, HERE  FAIL: validate IP   clientConn-local  
possible from Host:);
 hostHeaderVerifyFailed(local IP, any domain IP);


--- src/Server.cc
+++ src/Server.cc
@@ -31,6 +31,7 @@
  */
 
 #include squid.h
+#include acl/FilledChecklist.h
 #include acl/Gadgets.h
 #include base/TextException.h
 #include comm/Connection.h
@@ -174,6 +175,8 @@
 // give entry the reply because haveParsedReplyHeaders() expects it
there
 entry-replaceHttpReply(theFinalReply, false); // but do not write yet
 haveParsedReplyHeaders(); // update the entry/reply (e.g., set
timestamps)
+if (EBIT_TEST(entry-flags, ENTRY_CACHABLE)  blockCaching())
+entry-release();
 entry-startWriting(); // write the updated entry to store
 
 return theFinalReply;
@@ -533,6 +536,24 @@
 currentOffset = partial ? theFinalReply-content_range-spec.offset :
0;
 }
 
+/// whether to prevent caching of an otherwise cachable response
+bool
+ServerStateData::blockCaching()
+{
+if (const Acl::Tree *acl = Config.accessList.storeMiss) {
+// This relatively expensive check is not in
StoreEntry::checkCachable:
+// That method lacks HttpRequest and may be called too many times.
+ACLFilledChecklist ch(acl, originalRequest(), NULL);
+ch.reply = const_castHttpReply*(entry-getReply()); //
ACLFilledChecklist API bug
+HTTPMSGLOCK(ch.reply);
+if (ch.fastCheck() != ACCESS_ALLOWED) { // when in doubt, block
+debugs(20, 3, store_miss prohibits caching);
+return true;
+}
+}
+return false;
+}
+
 HttpRequest *
 ServerStateData::originalRequest()
 {
--- src/Server.h
+++ src/Server.h
@@ -131,6 +131,8 @@
 /// Entry-dependent callbacks use this check to quit if the entry went
bad
 bool abortOnBadEntry(const char *abortReason);
 
+bool blockCaching();
+
 #if USE_ADAPTATION
 void startAdaptation(const Adaptation::ServiceGroupPointer group,
HttpRequest *cause);
 void adaptVirginReplyBody(const char *buf, ssize_t len);
--- src/SquidConfig.h
+++ src/SquidConfig.h
@@ -375,6 +375,8 @@
 acl_access *AlwaysDirect;
 acl_access *ASlists;
 acl_access *noCache;
+acl_access *sendHit;
+acl_access *storeMiss;
 acl_access *stats_collection;
 #if SQUID_SNMP
 
--- src/cf.data.pre
+++ src/cf.data.pre
@@ -4843,18 +4843,97 @@
 NAME: cache no_cache
 TYPE: acl_access
 DEFAULT: none
-DEFAULT_DOC: Allow caching, unless rules exist in squid.conf.
+DEFAULT_DOC: By default, this directive is unused and has no effect.
 LOC: Config.accessList.noCache
 DOC_START
-   A list of ACL elements which, if matched and denied, cause the request 
to
-   not be satisfied from the cache and the reply to not be cached.
-   In other words, use this to force certain objects to never be cached.
-
-   You must use the words 'allow' or 'deny' to indicate whether items
-   matching the ACL should be allowed or denied into the cache.
+   Requests denied by this directive will not be served from the cache
+   and their responses will not be stored in the cache. This directive
+   has no effect on other transactions and on already cached responses.
 
This clause supports both fast and slow acl types.
See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
+
+   This and the two other similar caching directives listed below are
+   checked at different transaction processing stages, have different
+   access to response information, affect different cache operations,
+   and differ in slow ACLs support:
+
+   * cache: Checked before Squid makes a hit/miss determination.
+   No access to reply information!
+   Denies both serving a hit and storing a miss.
+   

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 3/05/2015 10:59 a.m., HackXBack wrote:
 Thanks you amos for giving time,
 but about this part :
 
 for looping 302 on youtube
 acl text-html rep_mime_type text/html
 acl http302 http_status 302
 
 store_miss deny text-html
 store_miss deny http302
 send_hit deny text-html
 send_hit deny http302
 
 i use this config with patch file to make youtube not making loop 302 and
 then videos will not open and give tv old screen with error accrued ,
 

My comment was only about the single line:

 store_miss deny text-html


The oddness is thusly:


When forcing almost everything to cache you notice that many pages dont
show up right, dynamic ones dont always work right, or content is not
being updated properly when it should.

Your solution then is obviously to prevent forcing of just the text/html
parts. Is *seems* the right thing to do - but isn't.


In doing that you overlook the fact that the text/html part is what
makes the other non-HTML parts so dynamic. Every single page load of
the text/html part may be pointing to different scripts, images, videos
etc causing the ones already in your cache to be ignored and the new
ones fetched. This is a drag on your cache now having to track N copies
of what the page *used* to look like, but those images/videos/etc may
never again be used.

What we call the cache control headers (date, cache-control, expires,
last-modified, etag etc) are not what makes the content dynamic, they
are just indications by the site author / server of how long the HTML
parts of the site are going to be making use of those objects. The
dynamic bit is usually the HTML and how it references things.


Store-ID gets around that a little bit by telling your cache that *you
think* certain objects are going to be used under multiple names with
some pattern regex can match _reliably_.

The *right* thing to be doing is to let sites determine their own
caching and only use the forced caching for specific sites (and if
possible specific URLs) which are found to be broken.

Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

squid.conf you can see it all , and the answer on your question is no i dont
have .


# should be allowed
acl localnet src 10.11.20.0/24
acl localnet src 10.150.15.0/24

# ACL for rewriter
acl fakespeed url_regex -i
\.*(speedtest|espeed).*\/((latency|random.*|upload)\.(jpg|txt|php)).*
acl rewriter-link url_regex -i
^http.*(google|googlesyndication)\.com\/(pagead|js)\/(bg|js)\/.*\.js

# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
#
-
cache_peer 10.11.20.100 parent 80 0
cache_peer_access 10.11.20.100 allow fakespeed
cache_peer_access 10.11.20.100 deny all

# OPTIONS INFLUENCING REQUEST FORWARDING
#
-
never_direct allow fakespeed
never_direct deny all
always_direct deny fakespeed





# add on squid.conf to remove ads

acl ads-block url_regex -i /etc/squid/ads.block
http_access deny ads-block
http_reply_access deny ads-block

acl SSL_ports port 443
acl Safe_ports port 80# http
acl Safe_ports port 21# ftp
acl Safe_ports port 443# https
acl Safe_ports port 70# gopher
acl Safe_ports port 210# wais
acl Safe_ports port 1025-65535# unregistered ports
acl Safe_ports port 280# http-mgmt
acl Safe_ports port 488# gss-http
acl Safe_ports port 591# filemaker
acl Safe_ports port 777# multiling http
acl CONNECT method CONNECT

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

##Redirect some sites to storeid



# Windows update acls
acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl windowsupdate dstdomain sls.microsoft.com
acl windowsupdate dstdomain productactivation.one.microsoft.com
acl windowsupdate dstdomain ntservicepack.microsoft.com

# Windows update methods
acl wuCONNECT dstdomain www.update.microsoft.com
acl wuCONNECT dstdomain sls.microsoft.com

# Windows updates rules
http_access allow CONNECT wuCONNECT localnet
http_access allow CONNECT wuCONNECT localhost
http_access allow windowsupdate localnet
http_access allow windowsupdate localhost

acl store_rewrite_list url_regex -i fbcdn\/.*(jpg|gif|png|swf)
acl store_rewrite_list url_regex -i (akamaihd|fbcdn|facebook)\.(net|com)\/.*
acl store_rewrite_list url_regex -i attachment\.fbsbx\.com
acl store_rewrite_list url_regex -i fbcdn-dragon-a\.akamaihd\.net
acl store_rewrite_list url_regex -i socialpointgames\.com
acl store_rewrite_list url_regex -i miniclipcdn\.com
acl store_rewrite_list url_regex -i
syntasia\.hs\.llnwd\.net\/[a-z][0-9]+\/baseballheroes\/.*
acl store_rewrite_list url_regex -i \.google\-analytics\.com
acl store_rewrite_list url_regex -i google\-analytics\.com
acl store_rewrite_list url_regex -i video\.google\.com\/ThumbnailServer
acl store_rewrite_list url_regex -i
(youtube|google).*(videoplayback|liveplay)
acl store_rewrite_list url_regex -i
youtube.*(ptracking|stream_204|player_204|gen_204).*
acl store_rewrite_list url_regex -i
(youtube|google|googlevideo).*videoplayback.*
acl store_rewrite_list url_regex -i c\.android\.clients\.google\.com
acl store_rewrite_list url_regex -i phobos\.apple\.com
acl store_rewrite_list url_regex -i \.apple\.com
acl store_rewrite_list url_regex -i \/speedtest\/.*(jpg|txt|png|swf)
acl store_rewrite_list url_regex -i speedtest.*\/.*(jpg|txt|png|swf)
acl store_rewrite_list url_regex -i \.youjizz\.com\/.*(3gp|mpg|flv|mp4)
acl store_rewrite_list url_regex -i \.phncdn\.com\/.*(mp4|flv|3gp|mpg|wmv)
acl store_rewrite_list url_regex -i \.cdn13\.com\/.*(flv|mp3|mp4|3gp|wmv)
acl store_rewrite_list url_regex -i \.filehippo\.com\/.*
acl store_rewrite_list url_regex -i filehippo\.com\/.*
acl store_rewrite_list url_regex -i dl\.sourceforge\.net\/project\/.*
acl store_rewrite_list url_regex -i googlevideo\.com
acl store_rewrite_list url_regex -i reverbnation\.com
acl store_rewrite_list url_regex -i
c2lo\.reverbnation\.com\/audio_player\/ec_stream_song\/.*
acl store_rewrite_list url_regex -i (4shared|4shared\-china)\.com
acl store_rewrite_list url_regex -i 

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 1/05/2015 10:09 p.m., HackXBack wrote:
 squid.conf you can see it all , and the answer on your question is no i dont
 have .
 

Actually the answer was yes.

 ssl_bump server-first all
 

Which is good news. The bug will probably disappear when you move to the
3.5.4 version. Which will be available in a few hours.

Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 1/05/2015 10:09 p.m., HackXBack wrote:
 squid.conf you can see it all , and the answer on your question is no i dont
 have .
 

Okay, a bit of an audit...

 
 # should be allowed
 acl localnet src 10.11.20.0/24
 acl localnet src 10.150.15.0/24
 
 # ACL for rewriter
 acl fakespeed url_regex -i
 \.*(speedtest|espeed).*\/((latency|random.*|upload)\.(jpg|txt|php)).*

The trailing .* at the end of this is not useful.


 acl rewriter-link url_regex -i
 ^http.*(google|googlesyndication)\.com\/(pagead|js)\/(bg|js)\/.*\.js
 
 # OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
 #
 -
 cache_peer 10.11.20.100 parent 80 0
 cache_peer_access 10.11.20.100 allow fakespeed
 cache_peer_access 10.11.20.100 deny all
 
 # OPTIONS INFLUENCING REQUEST FORWARDING
 #
 -
 never_direct allow fakespeed
 never_direct deny all
 always_direct deny fakespeed
 
 
 # add on squid.conf to remove ads
 
 acl ads-block url_regex -i /etc/squid/ads.block
 http_access deny ads-block
 http_reply_access deny ads-block

Since you are denying requests being made to these URL the only possible
reply will be the Access Denied error page.

You are then denying that error page being delivered, and replacing it
with ... the Access Denied error page.

Sigh.

Hint #1:  Your Squid would operate a bit faster by removing that
http_reply_access deny ads-block line.

Hint #2: it is a deny using slow regex pattern. Your Squid would work
even faster by moving the http_access deny ads-block down below the
deny manager config line.

 
 acl SSL_ports port 443
 acl Safe_ports port 80# http
 acl Safe_ports port 21# ftp
 acl Safe_ports port 443# https
 acl Safe_ports port 70# gopher
 acl Safe_ports port 210# wais
 acl Safe_ports port 1025-65535# unregistered ports
 acl Safe_ports port 280# http-mgmt
 acl Safe_ports port 488# gss-http
 acl Safe_ports port 591# filemaker
 acl Safe_ports port 777# multiling http
 acl CONNECT method CONNECT
 
 # Deny requests to certain unsafe ports
 http_access deny !Safe_ports
 
 # Deny CONNECT to other than secure SSL ports
 http_access deny CONNECT !SSL_ports
 
 # Only allow cachemgr access from localhost
 http_access allow localhost manager
 http_access deny manager
 
 ##Redirect some sites to storeid
 
 
 
 # Windows update acls
 acl windowsupdate dstdomain windowsupdate.microsoft.com
 acl windowsupdate dstdomain .update.microsoft.com
 acl windowsupdate dstdomain download.windowsupdate.com
 acl windowsupdate dstdomain redir.metaservices.microsoft.com
 acl windowsupdate dstdomain images.metaservices.microsoft.com
 acl windowsupdate dstdomain c.microsoft.com
 acl windowsupdate dstdomain www.download.windowsupdate.com
 acl windowsupdate dstdomain wustat.windows.com
 acl windowsupdate dstdomain crl.microsoft.com
 acl windowsupdate dstdomain sls.microsoft.com
 acl windowsupdate dstdomain productactivation.one.microsoft.com
 acl windowsupdate dstdomain ntservicepack.microsoft.com
 
 # Windows update methods
 acl wuCONNECT dstdomain www.update.microsoft.com
 acl wuCONNECT dstdomain sls.microsoft.com
 
 # Windows updates rules
 http_access allow CONNECT wuCONNECT localnet
 http_access allow CONNECT wuCONNECT localhost
 http_access allow windowsupdate localnet
 http_access allow windowsupdate localhost
 

The below is one massively huge regex pattern for Squid to try and
compile then process. Lets see what can be removed...

Firstly, remove all the .* which are on the end of patterns.


 acl store_rewrite_list url_regex -i fbcdn\/.*(jpg|gif|png|swf)
 acl store_rewrite_list url_regex -i (akamaihd|fbcdn|facebook)\.(net|com)\/.*
 acl store_rewrite_list url_regex -i attachment\.fbsbx\.com
 acl store_rewrite_list url_regex -i fbcdn-dragon-a\.akamaihd\.net
 acl store_rewrite_list url_regex -i socialpointgames\.com
 acl store_rewrite_list url_regex -i miniclipcdn\.com
 acl store_rewrite_list url_regex -i
 syntasia\.hs\.llnwd\.net\/[a-z][0-9]+\/baseballheroes\/.*

 acl store_rewrite_list url_regex -i \.google\-analytics\.com
 acl store_rewrite_list url_regex -i google\-analytics\.com

The two above patterns overlap. The seconds one will match everything
the first one does, and more.
... Remove the -i \.google\-analytics\.com line.

 acl store_rewrite_list url_regex -i video\.google\.com\/ThumbnailServer
 acl store_rewrite_list url_regex -i
 (youtube|google).*(videoplayback|liveplay)
 acl store_rewrite_list url_regex -i
 youtube.*(ptracking|stream_204|player_204|gen_204).*
 acl store_rewrite_list url_regex -i
 

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

root@issa:~# netstat -anl | grep 80 | awk '/^tcp/ {t[$NF]++}END{for(state in
t){print state, t[state]} }'
FIN_WAIT2 12
LISTEN 1
CLOSE_WAIT 3
TIME_WAIT 809
ESTABLISHED 597
LAST_ACK 9
SYN_SENT 4
FIN_WAIT1 14




--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670872.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

root@fibernet:~# netstat -anl | grep 80 | awk '/^tcp/ {t[$NF]++}END{for(state
in t){print state, t[state]} }'
FIN_WAIT2 1
LISTEN 1
CLOSE_WAIT 7
TIME_WAIT 71
ESTABLISHED 125
LAST_ACK 2
FIN_WAIT1 2


Every 2.0s: netstat -antop | grep -iE --regexp=TIME_WAIT  


Thu Apr 23 00:55:30 2015

tcp0  0 192.168.50.4:51215  173.194.19.46:80   
TIME_WAIT   -timewait (26.22/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.10:50743
TIME_WAIT   -timewait (44.26/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.12:39998
TIME_WAIT   -timewait (46.49/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.10:55848
TIME_WAIT   -timewait (43.78/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.12:52532
TIME_WAIT   -timewait (56.49/0/0)
tcp0  0 192.168.50.4:42185  216.58.210.238:80  
TIME_WAIT   -timewait (7.83/0/0)
tcp0  0 192.168.50.4:58706  216.58.210.227:443 
TIME_WAIT   -timewait (42.02/0/0)
tcp0  0 192.168.50.4:42561  216.58.210.238:80  
TIME_WAIT   -timewait (38.87/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.5:53853 
TIME_WAIT   -timewait (23.04/0/0)
tcp0  0 192.168.50.4:58811  216.58.210.227:443 
TIME_WAIT   -timewait (46.92/0/0)
tcp0  0 192.168.70.4:3127   192.168.70.2:62584 
TIME_WAIT   -timewait (53.05/0/0)
tcp0  0 192.168.50.4:42527  216.58.210.238:80  
TIME_WAIT   -timewait (37.18/0/0)
tcp0  0 192.168.50.4:42314  216.58.210.238:80  
TIME_WAIT   -timewait (26.43/0/0)
tcp0  0 192.168.50.4:55684  216.58.210.227:80  
TIME_WAIT   -timewait (17.38/0/0)
tcp0  0 192.168.50.4:58818  216.58.210.227:443 
TIME_WAIT   -timewait (48.92/0/0)
tcp0  0 192.168.70.4:3127   192.168.70.2:62570 
TIME_WAIT   -timewait (33.05/0/0)
tcp0  0 192.168.70.4:3127   192.168.70.2:62583 
TIME_WAIT   -timewait (53.03/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.5:7455  
TIME_WAIT   -timewait (8.54/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.5:57256 
TIME_WAIT   -timewait (29.57/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.12:34464
TIME_WAIT   -timewait (8.40/0/0)
tcp0  0 192.168.50.4:42526  216.58.210.238:80  
TIME_WAIT   -timewait (38.41/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.10:55847
TIME_WAIT   -timewait (43.78/0/0)
tcp0  0 192.168.50.4:38569  216.58.210.206:443 
TIME_WAIT   -timewait (3.68/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.12:54650
TIME_WAIT   -timewait (30.83/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.2:2878  
TIME_WAIT   -timewait (25.28/0/0)
tcp0  0 192.168.50.4:42206  216.58.210.238:80  
TIME_WAIT   -timewait (11.61/0/0)
tcp0  0 192.168.70.4:3127   192.168.70.2:62580 
TIME_WAIT   -timewait (43.26/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.10:33557
TIME_WAIT   -timewait (23.61/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.12:1993 
TIME_WAIT   -timewait (54.87/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.2:59544 
TIME_WAIT   -timewait (4.64/0/0)
tcp0  0 192.168.50.4:34515  173.194.19.10:80   
TIME_WAIT   -timewait (19.42/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.5:53841 
TIME_WAIT   -timewait (3.04/0/0)
tcp0  0 192.168.50.4:38739  216.58.210.206:443 
TIME_WAIT   -timewait (36.13/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.11:41881
TIME_WAIT   -timewait (53.06/0/0)
tcp0  0 192.168.50.4:42516  216.58.210.238:80  
TIME_WAIT   -timewait (36.41/0/0)
tcp0  0 192.168.50.4:51155  173.194.19.46:80   
TIME_WAIT   -timewait (22.97/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.2:49507 
TIME_WAIT   -timewait (9.66/0/0)
tcp0  0 192.168.50.4:42239  216.58.210.238:80  
TIME_WAIT   -timewait (14.34/0/0)
tcp0  0 192.168.70.4:3128   192.168.70.10:55849
TIME_WAIT   -timewait (43.78/0/0)
tcp

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

i installed squid from source code
http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.12-20150414-r13219.tar.gz
this is my configure option

./configure --prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin
--libexecdir=/usr/lib/squid --sysconfdir=/etc/squid --localstatedir=/var
--libdir=/usr/lib --includedir=/usr/include --datadir=/usr/share/squid
--infodir=/usr/share/info --mandir=/usr/share/man
--disable-dependency-tracking --disable-strict-error-checking
--with-pthreads  --with-aufs-threads=512 --enable-storeio=ufs,aufs
--enable-removal-policies=lru,heap --with-aio --with-dl --disable-icmp
--enable-icap-client --disable-wccp --enable-wccpv2 --enable-cache-digests
--enable-http-violations --enable-linux-netfilter
--enable-follow-x-forwarded-for --enable-zph-qos --with-default-user=proxy
--with-logdir=/var/log/squid --with-pidfile=/var/run/squid.pid
--with-swapdir=/var/spool/squid --enable-ltdl-convenience
--with-filedescriptors=65536 --enable-ssl --enable-ssl-crtd --with-openssl
--enable-snmp --disable-auth --disable-ipv6 --enable-arp-acl --enable-epoll
--enable-referer-log --enable-truncate --disable-unlinkd
--enable-useragent-log --enable-eui --enable-large-cache-files
'CFLAGS=-march=native -mtune=native -pipe -DNUMTHREADS=512'
'CXXFLAGS=-march=native -mtune=native -pipe -DNUMTHREADS=512'
'LDFLAGS=-Wl,--no-as-needed -ldl' 'CPPFLAGS=-I/usr/include/openssl'



i didnt install squid from aptitude 
and this is the backtrace report



warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1.
Core was generated by `(squid-1) -YC -f /etc/squid/squid.conf'.
Program terminated with signal 6, Aborted.
#0  0x7f609f457165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) backtrace
#0  0x7f609f457165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x7f609f45a3e0 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2  0x0063bcd2 in xassert ()
#3  0x007996b7 in comm_read(RefCountComm::Connection const,
char*, int, RefCountAsyncCall) ()
#4  0x00709f51 in
StoreEntry::delayAwareRead(RefCountComm::Connection const, char*, int,
RefCountAsyncCall) ()
#5  0x00697b72 in HttpStateData::maybeReadVirginBody() ()
#6  0x0069a101 in HttpStateData::sendRequest() ()
#7  0x0069adea in HttpStateData::start() ()
#8  0x0079610f in NullaryMemFunTAsyncJob::doDial() ()
#9  0x0079615b in JobDialerAsyncJob::dial(AsyncCall) ()
#10 0x00795dbf in AsyncCallTNullaryMemFunTlt;AsyncJob ::fire()
()
#11 0x007933a8 in AsyncCall::make() ()
#12 0x007968d3 in AsyncCallQueue::fireNext() ()
#13 0x0079665e in AsyncCallQueue::fire() ()
#14 0x0064df2b in EventLoop::dispatchCalls() ()
#15 0x0064ddc3 in EventLoop::runOnce() ()
#16 0x0064dbd1 in EventLoop::run() ()
#17 0x006c967b in SquidMain(int, char**) ()
#18 0x006c8d52 in SquidMainSafe(int, char**) ()
#19 0x006c8d2f in main () 





now what i should do to solve this assertion error ?



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670835.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

[New LWP 20933]
[New LWP 20907]
[New LWP 20918]
[New LWP 20922]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1.
Core was generated by `(squid-1) -YC -f /etc/squid/squid.conf'.
Program terminated with signal 6, Aborted.
#0  0x7f51ea275165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) frame 3
#3  0x007996a3 in comm_read(RefCountComm::Connection const,
char*, int, RefCountAsyncCall) ()
(gdb) print ccb-conn.p_
No symbol table is loaded.  Use the file command.
(gdb) print ccb-conn.p_-fd
No symbol table is loaded.  Use the file command.
(gdb) print conn.p_
No symbol table is loaded.  Use the file command.
(gdb) print conn.p_-fd
No symbol table is loaded.  Use the file command.
(gdb)




--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670803.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Nathan Hoad]

As I mentioned earlier, this hasn't worked the because the debug
symbols you're running gdb against don't quite match the binary in
which the crash occurred. I would check the version of the debug
symbols you're running gdb against versus the version of the squid
binary that was installed. These changes can include patches and
--configure changes, not just version changes of Squid.

I'm not sure how debug symbols are shipped with packages in Debian -
under CentOS for example they are shipped separately from the squid
package, as squid-debuginfo-version.rpm.

On 18 April 2015 at 18:49, HackXBack hack.b...@hotmail.com wrote:
 [New LWP 20933]
 [New LWP 20907]
 [New LWP 20918]
 [New LWP 20922]

 warning: Can't read pathname for load map: Input/output error.
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1.
 Core was generated by `(squid-1) -YC -f /etc/squid/squid.conf'.
 Program terminated with signal 6, Aborted.
 #0  0x7f51ea275165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
 (gdb) frame 3
 #3  0x007996a3 in comm_read(RefCountComm::Connection const,
 char*, int, RefCountAsyncCall) ()
 (gdb) print ccb-conn.p_
 No symbol table is loaded.  Use the file command.
 (gdb) print ccb-conn.p_-fd
 No symbol table is loaded.  Use the file command.
 (gdb) print conn.p_
 No symbol table is loaded.  Use the file command.
 (gdb) print conn.p_-fd
 No symbol table is loaded.  Use the file command.
 (gdb)




 --
 View this message in context: 
 http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670803.html
 Sent from the Squid - Users mailing list archive at Nabble.com.
 ___
 squid-users mailing list
 squid-users@lists.squid-cache.org
 http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Amos Jeffries]

On 17/04/2015 1:12 a.m., HackXBack wrote:
 i changed the squid version to last updated one 
 squid-3.4.12-20150414-r13219
 and also the same assertion error ...
 

Good. Now you can start working on what the assertion is secure in the
knowledge that the ssl_crtd corruption is not getting subtly in the way.

Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

i changed the squid version to last updated one 
squid-3.4.12-20150414-r13219
and also the same assertion error ...



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670781.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

Thank you Amos for answer,
but can you please tell me what may cause this assertion error so i can
solve it ?



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670785.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

this bug exist after changing in certificate_db.cc from flock to lockf

=== modified file 'src/ssl/certificate_db.cc'
--- src/ssl/certificate_db.cc   2014-12-03 11:58:37 +
+++ src/ssl/certificate_db.cc   2015-01-09 10:27:12 +
@@ -55,7 +55,7 @@
 #if _SQUID_WINDOWS_
 if (!LockFile(hFile, 0, 0, 1, 0))
 #else
-if (flock(fd, LOCK_EX) != 0)
+if (lockf(fd, F_LOCK, 0) != 0)
 #endif
 throw std::runtime_error(Failed to get a lock of  + filename);
 }
@@ -70,7 +70,7 @@
 }
 #else
 if (fd != -1) {
-flock(fd, LOCK_UN);
+lockf(fd, F_ULOCK, 0);
 close(fd);
 fd = -1;
 }



after stopping ssl_crtd corruption i got now assertion failed every 10 min..
!!!



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670756.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

same issue with your patch , this didnt solve the problem and i still have it
.. 



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670737.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[HackXBack]

am running squid 3.4.12 under debian7




--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670749.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Nathan Hoad]

What version of Squid are you running, and in what environment?

Based on the fact that the output of the gdb backtrace doesn't show
function parameters (debug symbols don't quite match up to the
binary), this may not work, but if you could run these commands in gdb
and show the output, that would be good...

frame 3
print ccb-conn.p_
print ccb-conn.p_-fd
print conn.p_
print conn.p_-fd

Nathan.

On 15 April 2015 at 18:43, HackXBack hack.b...@hotmail.com wrote:
 same issue with your patch , this didnt solve the problem and i still have it
 ..



 --
 View this message in context: 
 http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726p4670737.html
 Sent from the Squid - Users mailing list archive at Nabble.com.
 ___
 squid-users mailing list
 squid-users@lists.squid-cache.org
 http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] assertion failed: comm.cc:178: fd_table[conn-fd].halfClosedReader != NULL

[Nathan Hoad]

Hello,

I believe you're experiencing bug 3329:
http://bugs.squid-cache.org/show_bug.cgi?id=3329

Please try the patch that I have on there and see if that helps your issue.

Thank you,

Nathan.

On 15 April 2015 at 07:16, HackXBack hack.b...@hotmail.com wrote:
 [New LWP 4677]
 [New LWP 4704]
 [New LWP 4687]
 [New LWP 4702]
 [New LWP 4695]
 [New LWP 4725]
 [New LWP 4697]
 [New LWP 4490]
 [New LWP 4493]
 [New LWP 4473]
 [New LWP 4508]
 [New LWP 4495]
 [New LWP 4460]
 [New LWP 4511]
 [New LWP 4516]

 warning: Can't read pathname for load map: Input/output error.
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1.
 Core was generated by `(squid-1) -YC -f /etc/squid/squid.conf'.
 Program terminated with signal 6, Aborted.
 #0  0x7f609f457165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
 (gdb) backtrace
 #0  0x7f609f457165 in raise () from /lib/x86_64-linux-gnu/libc.so.6
 #1  0x7f609f45a3e0 in abort () from /lib/x86_64-linux-gnu/libc.so.6
 #2  0x0063bcd2 in xassert ()
 #3  0x007996b7 in comm_read(RefCountComm::Connection const,
 char*, int, RefCountAsyncCall) ()
 #4  0x00709f51 in
 StoreEntry::delayAwareRead(RefCountComm::Connection const, char*, int,
 RefCountAsyncCall) ()
 #5  0x00697b72 in HttpStateData::maybeReadVirginBody() ()
 #6  0x0069a101 in HttpStateData::sendRequest() ()
 #7  0x0069adea in HttpStateData::start() ()
 #8  0x0079610f in NullaryMemFunTAsyncJob::doDial() ()
 #9  0x0079615b in JobDialerAsyncJob::dial(AsyncCall) ()
 #10 0x00795dbf in AsyncCallTNullaryMemFunTAsyncJob ::fire()
 ()
 #11 0x007933a8 in AsyncCall::make() ()
 #12 0x007968d3 in AsyncCallQueue::fireNext() ()
 #13 0x0079665e in AsyncCallQueue::fire() ()
 #14 0x0064df2b in EventLoop::dispatchCalls() ()
 #15 0x0064ddc3 in EventLoop::runOnce() ()
 #16 0x0064dbd1 in EventLoop::run() ()
 #17 0x006c967b in SquidMain(int, char**) ()
 #18 0x006c8d52 in SquidMainSafe(int, char**) ()
 #19 0x006c8d2f in main ()
 (gdb) ^CQuit









 ./configure --prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin
 --libexecdir=/usr/lib/squid --sysconfdir=/etc/squid --localstatedir=/var
 --libdir=/usr/lib --includedir=/usr/include --datadir=/usr/share/squid
 --infodir=/usr/share/info --mandir=/usr/share/man
 --disable-dependency-tracking --disable-strict-error-checking
 --with-pthreads  --with-aufs-threads=512 --enable-storeio=ufs,aufs
 --enable-removal-policies=lru,heap --with-aio --with-dl --disable-icmp
 --enable-icap-client --disable-wccp --enable-wccpv2 --enable-cache-digests
 --enable-http-violations --enable-linux-netfilter
 --enable-follow-x-forwarded-for --enable-zph-qos --with-default-user=proxy
 --with-logdir=/var/log/squid --with-pidfile=/var/run/squid.pid
 --with-swapdir=/var/spool/squid --enable-ltdl-convenience
 --with-filedescriptors=65536 --enable-ssl --enable-ssl-crtd --with-openssl
 --enable-snmp --disable-auth --disable-ipv6 --enable-arp-acl --enable-epoll
 --enable-referer-log --enable-truncate --disable-unlinkd
 --enable-useragent-log --enable-eui --enable-large-cache-files
 'CFLAGS=-march=native -mtune=native -pipe -DNUMTHREADS=512'
 'CXXFLAGS=-march=native -mtune=native -pipe -DNUMTHREADS=512'
 'LDFLAGS=-Wl,--no-as-needed -ldl' 'CPPFLAGS=-I/usr/include/openssl'




 --
 View this message in context: 
 http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedReader-NULL-tp4670726.html
 Sent from the Squid - Users mailing list archive at Nabble.com.
 ___
 squid-users mailing list
 squid-users@lists.squid-cache.org
 http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users