id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 945 when setting master_process off, nginx segmentation fault when sent mutiple HUP singals tianchaijz@… "A simple configuration is shown below: {{{ worker_processes 1; master_process off; daemon off; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 1200; server_name localhost; location / { root html; index index.html index.htm; } } } }}} After starting nginx process, send multiple HUP signals to it, it will segmentation fault: {{{ watch -n 1 'kill -HUP PID' }}} After inspecting the core, I found the code dereference a NULL pointer which leads the process segmentation fault: {{{ (gdb) frame #0 0x00000000004194e7 in ngx_clean_old_cycles (ev=0x6a5c00 ) at src/core/ngx_cycle.c:1313 1313 if (cycle[i]->connections[n].fd != (ngx_socket_t) -1) { (gdb) bt #0 0x00000000004194e7 in ngx_clean_old_cycles (ev=0x6a5c00 ) at src/core/ngx_cycle.c:1313 #1 0x0000000000425f09 in ngx_event_expire_timers () at src/event/ngx_event_timer.c:94 #2 0x0000000000425b87 in ngx_process_events_and_timers (cycle=cycle@entry=0x1687010) at src/event/ngx_event.c:256 #3 0x000000000042ca91 in ngx_single_process_cycle (cycle=0x1687010, cycle@entry=0x138f480) at src/os/unix/ngx_process_cycle.c:309 #4 0x000000000040c615 in main (argc=, argv=) at src/core/nginx.c:364 (gdb) p i $10 = 1 (gdb) p n $11 = 0 (gdb) p cycle[1]->connections[0] Cannot access memory at address 0x0 (gdb) p cycle[1]->connections $12 = (ngx_connection_t *) 0x0 (gdb) }}} {{{ nginx version: nginx/1.9.13 built by gcc 5.3.0 (GCC) configure arguments: --prefix=/tmp/nginx Linux tianchaijz 4.4.3-1 #12 SMP PREEMPT Sun Feb 28 17:55:31 CST 2016 x86_64 GNU/Linux }}}" defect closed minor documentation 1.9.x wontfix "nginx version: nginx/1.9.13 built by gcc 5.3.0 (GCC) configure arguments: --prefix=/tmp/nginx"