Welcome! Log In Create A New Profile

Advanced

[nginx] 1.4.1 + spdy + centos 6 + openssl-1.0.1e (static), firefox 21 ajax requests ssl spdy = segfault

May 19, 2013 12:43PM
Hello, on one of my servers, nginx suddenly started crashing on some AJAX-heavy pages when accessed via SSL+SPDY. It seems to happen only when Firefox is the client (tested with Firefox 21), latest version of chrome uses SPDY without crashing.

uname -a:
Linux myserver.com 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

nginx compile flags:
CFLAGS="-g -O0" ./configure --with-pcre=/usr/local/src/nginx-1.4.1/pcre-8.32 --sbin-path=/usr/local/sbin --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-http_realip_module --with-http_ssl_module --with-openssl=/usr/local/src/nginx-1.4.1/openssl-1.0.1e --with-http_spdy_module --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_stub_status_module --with-debug

nginx log when crash happens:
2013/05/19 18:05:58 [notice] 26737#0: start worker process 26899
2013/05/19 18:05:58 [notice] 26737#0: signal 29 (SIGIO) received
2013/05/19 18:05:59 [notice] 26737#0: signal 17 (SIGCHLD) received
2013/05/19 18:05:59 [alert] 26737#0: worker process 26897 exited on signal 11 (core dumped)
2013/05/19 18:05:59 [notice] 26737#0: start worker process 26907
2013/05/19 18:05:59 [notice] 26737#0: signal 29 (SIGIO) received
2013/05/19 18:06:00 [notice] 26737#0: signal 17 (SIGCHLD) received
2013/05/19 18:06:00 [alert] 26737#0: worker process 26899 exited on signal 11 (core dumped)
2013/05/19 18:06:00 [notice] 26737#0: start worker process 26909
2013/05/19 18:06:00 [notice] 26737#0: signal 29 (SIGIO) received

nginx.conf
http://pastebin.com/G9wAgyeh

gdb backtrace:
# gdb /usr/local/sbin/nginx core.26899

... snip gpl stuff ...

Reading symbols from /usr/local/sbin/nginx...done.
[New Thread 26899]
Missing separate debuginfo for
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/50/fc20fea18a6f375789f0f86e28f463d50714fd
Reading symbols from /lib64/libpthread.so.0...(no debugging symbols found)...done.
[Thread debugging using libthread_db enabled]
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /lib64/libcrypt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libz.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libz.so.1
Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libfreebl3.so...(no debugging symbols found)...done.
Loaded symbols for /lib64/libfreebl3.so
Reading symbols from /lib64/libnss_files.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_files.so.2
Core was generated by `nginx: worker process '.
Program terminated with signal 11, Segmentation fault.
#0 0x0000003455283c56 in __memset_sse2 () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.107.el6.x86_64 nss-softokn-freebl-3.12.9-11.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 0x0000003455283c56 in __memset_sse2 () from /lib64/libc.so.6
#1 0x0000000000493a67 in ngx_http_spdy_state_data (sc=0x3035ba0, pos=0x37c78f8 "", end=0x37c78f8 "")
at src/http/ngx_http_spdy.c:1193
#2 0x0000000000492673 in ngx_http_spdy_state_head (sc=0x3035ba0, pos=0x37c78f8 "", end=0x37c78f8 "")
at src/http/ngx_http_spdy.c:699
#3 0x00000000004919e2 in ngx_http_spdy_read_handler (rev=0x7f0318ffe3b8) at src/http/ngx_http_spdy.c:364
#4 0x000000000042ac31 in ngx_event_process_posted (cycle=0x2893a30, posted=0x8d1b68)
at src/event/ngx_event_posted.c:40
#5 0x000000000042887c in ngx_process_events_and_timers (cycle=0x2893a30) at src/event/ngx_event.c:276
#6 0x0000000000435ebd in ngx_worker_process_cycle (cycle=0x2893a30, data=0x1)
at src/os/unix/ngx_process_cycle.c:807
#7 0x00000000004327ca in ngx_spawn_process (cycle=0x2893a30, proc=0x435cf7 <ngx_worker_process_cycle>,
data=0x1, name=0x609c9b "worker process", respawn=1) at src/os/unix/ngx_process.c:198
#8 0x0000000000435906 in ngx_reap_children (cycle=0x2893a30) at src/os/unix/ngx_process_cycle.c:619
#9 0x00000000004345ed in ngx_master_process_cycle (cycle=0x2893a30) at src/os/unix/ngx_process_cycle.c:180
#10 0x00000000004041b6 in main (argc=3, argv=0x7fffb6c2dbd8) at src/core/nginx.c:412

Server has a Core i3 540 with HT, OS is 64-bit CentOS 6 fully patched (as of date of this message).

- kernel log when error occurred:
May 19 18:06:00 saruman kernel: nginx[26899]: segfault at 0 ip 0000003455283c56 sp 00007fffb6c2d498 error 6 in libc-2.12.so[3455200000+18a000]

The crash is highly reproducible and when it crashes the ip and sp parameters and offsets are always the same.

I hope I've posted enough info for devs to fix this, sorry for the long message.
SubjectAuthorPosted

[nginx] 1.4.1 + spdy + centos 6 + openssl-1.0.1e (static), firefox 21 ajax requests ssl spdy = segfault

epsilon2930May 19, 2013 12:43PM

Re: [nginx] 1.4.1 + spdy + centos 6 + openssl-1.0.1e (static), firefox 21 ajax requests ssl spdy = segfault

epsilon2930May 19, 2013 09:20PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 101
Record Number of Users: 7 on March 06, 2014
Record Number of Guests: 229 on August 01, 2014
Powered by nginx    Powered by FreeBSD    PHP Powered    Powered by Percona     ipv6 ready