Opened 5 years ago
Last modified 5 years ago
#1786 closed defect
Send file from Perl module — at Initial Version
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-module | Version: | 1.15.x |
| Keywords: | Cc: | ||
| uname -a: | Linux hk0 4.4.0-145-generic #171-Ubuntu SMP Tue Mar 26 12:43:40 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.16.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) built with OpenSSL 1.1.1b 26 Feb 2019 TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-proxy-temp-path=/var/lib/nginx/proxy --user=httpd --group=robot --with-http_ssl_module --with-http_realip_module --with-http_sub_module --with-http_flv_module --with-http_mp4_module --with-http_stub_status_module --with-file-aio --with-threads --with-http_v2_module --with-http_geoip_module --with-http_image_filter_module --with-http_perl_module --without-http_fastcgi_module --without-http_uwsgi_module --without-http_scgi_module --without-http_memcached_module --with-openssl=../openssl-1.1.1b --with-debug |
||
Description
(CentOS 7 container in Ubuntu 16 Server's Host)
stack:
(gdb) bt
#0 ngx_http_perl_output (r=r@entry=0x1e77480, b=b@entry=0x1e521d8) at nginx.xs:76
#1 0x00007f8512e2fc91 in XS_nginx_sendfile (my_perl=0xc7b700, cv=<optimized out>) at nginx.xs:751
#2 0x00007f8515b4541f in Perl_pp_entersub () from /usr/lib64/perl5/CORE/libperl.so
#3 0x00007f8515b3db96 in Perl_runops_standard () from /usr/lib64/perl5/CORE/libperl.so
#4 0x00007f8515ad5168 in Perl_call_sv () from /usr/lib64/perl5/CORE/libperl.so
#5 0x00000000004f34f6 in ngx_http_perl_call_handler (my_perl=my_perl@entry=0xc7b700, r=r@entry=0x1e77480,
nginx=<optimized out>, sub=0xdb9528, args=args@entry=0x0, handler=0x13d4100, rv=rv@entry=0x0)
at src/http/modules/perl/ngx_http_perl_module.c:710
#6 0x00000000004f4c35 in ngx_http_perl_handle_request (r=0x1e77480)
at src/http/modules/perl/ngx_http_perl_module.c:223
#7 0x00000000004f4e38 in ngx_http_perl_handler (r=<optimized out>) at src/http/modules/perl/ngx_http_perl_module.c:174
#8 0x000000000049acaf in ngx_http_core_content_phase (r=0x1e77480, ph=<optimized out>)
at src/http/ngx_http_core_module.c:1169
#9 0x00000000004953c5 in ngx_http_core_run_phases (r=0x1e77480) at src/http/ngx_http_core_module.c:858
#10 0x00000000004d6da8 in ngx_http_v2_run_request (r=0x1e77480) at src/http/v2/ngx_http_v2.c:3789
#11 0x00000000004d6e55 in ngx_http_v2_state_header_complete (h2c=0x1d32a10,
pos=0x185006b "i\213\344\307\362\027\235iǚy\317\347h\226\337=\277J\t\325/\224\212\b\001y@\212\343-
d*bѿ%",
end=0x185006b "i\213\344\307\362\027\235iǚy\317\347h\226\337=\277J\t\325/\224\212\b\001y@\212\343-
d*bѿ%")
at src/http/v2/ngx_http_v2.c:1704
#12 0x00000000004d7fff in ngx_http_v2_state_header_block (h2c=0x1d32a10,
pos=0x185006b "i\213\344\307\362\027\235iǚy\317\347h\226\337=\277J\t\325/\224\212\b\001y@\212\343-
d*bѿ%",
end=0x185006b "i\213\344\307\362\027\235iǚy\317\347h\226\337=\277J\t\325/\224\212\b\001y@\212\343-
d*bѿ%")
at src/http/v2/ngx_http_v2.c:1273
#13 0x00000000004d58a0 in ngx_http_v2_read_handler (rev=0x1794560) at src/http/v2/ngx_http_v2.c:413
#14 0x0000000000487329 in ngx_epoll_process_events (cycle=0xc5dd00, timer=<optimized out>, flags=<optimized out>)
at src/event/modules/ngx_epoll_module.c:902
#15 0x000000000047c3f7 in ngx_process_events_and_timers (cycle=cycle@entry=0xc5dd00) at src/event/ngx_event.c:242
#16 0x0000000000485015 in ngx_worker_process_cycle (cycle=cycle@entry=0xc5dd00, data=data@entry=0x27)
at src/os/unix/ngx_process_cycle.c:750
#17 0x000000000048363c in ngx_spawn_process (cycle=cycle@entry=0xc5dd00,
proc=proc@entry=0x484fd0 <ngx_worker_process_cycle>, data=data@entry=0x27,
name=name@entry=0x6e780e "worker process", respawn=respawn@entry=-3) at src/os/unix/ngx_process.c:199
#18 0x00000000004847d4 in ngx_start_worker_processes (cycle=cycle@entry=0xc5dd00, n=40, type=type@entry=-3)
at src/os/unix/ngx_process_cycle.c:359
#19 0x0000000000485c5f in ngx_master_process_cycle (cycle=cycle@entry=0xc5dd00) at src/os/unix/ngx_process_cycle.c:131
#20 0x000000000045acd2 in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:382
details:
#0 ngx_http_perl_output (r=r@entry=0x1e77480, b=b@entry=0x1e521d8) at nginx.xs:76
out = {buf = 0x0, next = 0x1e77480}
cl = <optimized out>
ctx = 0x0
#1 0x00007f8512e2fc91 in XS_nginx_sendfile (my_perl=0xc7b700, cv=<optimized out>) at nginx.xs:751
bytes = 6519719
clcf = 0x13d42d8
r = 0x1e77480
filename = <optimized out>
offset = 0
path = {len = 124,
…
reason:
ctx is equal to 0x0 (AKA NULL)
from sources (nginx.xs:76):
ctx = ngx_http_get_module_ctx(r, ngx_http_perl_module); it looks ctx is equal to NULL here (maybe client is disconnected… who knows)
if (ctx->ssi) { there is no ctx check here, so it crached on NULL
cl = ngx_alloc_chain_link(r->pool);
if (cl == NULL) {
return NGX_ERROR;
}
defect:
nginx workers massive crash (perhaps on file range requests)
