Hello!
On Tue, Aug 07, 2012 at 10:38:59AM -0400, double wrote:
> Hello,
> "nginx" crashes in "ngx_http_limit_req_handler".
> This does not happen, if "limit_req" is not nested.
> We couldn't reproduce this issue in a testing environment.
> Thanks a lot
What does nginx -V show on the affected host? Any 3rd party
modules/patches? Which OS, which PCRE library version? Are
hardware problems ruled out (i.e. are you able to reproduce the
problem on another host)?
It would be cool if you could obtain debug log.
> _____Request_____
>
> GET / HTTP/1.1
> Host: hostname.com
> X-REAL-IP: 123.123.12.123
>
Is it actual request which corresponds to a backtrace below?
> _____Config_____ (simplified)
>
> http {
> # ipaddress + ipaddress/16 + ipaddress/24
> map $http_x_real_ip $ipaddress {
> default $remote_addr;
> "~^\d+\.\d+\.\d+\.\d+$" $http_x_real_ip;
> }
It would be better to see full actual config used.
[...]
> #1 0x000000000040535c in ngx_log_error_core (level=4, log=0x1b9f0e70,
> err=0, fmt=0x4822e0 "the value of the \"%V\" variable is more than 65535
> bytes: \"%v\"") at src/core/ngx_log.c:120
> args = {{gp_offset = 48, fp_offset = 48, overflow_arg_area =
> 0x7fff4f9bea70, reg_save_area = 0x7fff4f9be9a0}}
> p = 0x7fff4f9be19e "the value of the \"ipaddress\" variable is
> more than 65535 bytes: \""
> last = 0x7fff4f9be970 "0"
> msg = 0x7fff4f9be19e "the value of the \"ipaddress\" variable is
> more than 65535 bytes: \""
> errstr = "2012/08/07 16:17:42 [error] 30667#0: *1901681 the
> value of the \"ipaddress\" variable is more than 65535 bytes:
> \"\000\000\000\000\000\000\000\000\000>\001\000\006\000\000\000\000`\233\231\033\000\000\000\000\303)\000\000\000\000\000\000\341\346\233O\377\177\000\000he\233\033\000\000\000\000V\\\000\000\000\000\000\000\000\200\001\000\000\000\000\000pd\233\033\000\000\000\000p\312s\033\371*\000\000\000\000\000\000\000\000\000\000P\363\233O\377\177\000\000\020c\233\033\000\000\000\000"...
>
> #2 0x000000000046d5d2 in ngx_http_limit_req_handler (r=0x1b99faa0) at
> src/http/modules/ngx_http_limit_req_module.c:192
> len = 194343136
> hash = 4294967295
> rc = -5
> n = 0
> excess = 0
> delay = 463076000
> vv = 0x1b99a040
> ctx = 0x1b958128
> lrcf = 0x1b9594a0
> limit = 0x1b959f00
> limits = 0x1b959f00
It looks like the $ipaddress variable was corrupted somehow. Could
you please show
fr 2
p *limit
p *ctx
p *vv
p *r
output from gdb?
[...]
Maxim Dounin
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
