httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Crash inside worker mpm's ap_mpm_pod_check()
Date Tue, 14 Dec 2010 01:06:59 GMT
Hi all,

I am currently trying to get to the bottom of a crash that is  
occurring under load (during an Avalanche load test, most  
specifically) inside the worker mpm, with the stacktrace as below.

Most specifically, it segfaults inside the read() below:

AP_DECLARE(int) ap_mpm_pod_check(ap_pod_t *pod)
     char c;
     apr_os_file_t fd;
     int rc;

     /* we need to surface EINTR so we'll have to grab the
      * native file descriptor and do the OS read() ourselves
     apr_os_file_get(&fd, pod->pod_in);
     rc = read(fd, &c, 1);

In theory, looking at the parameters of read(), &c and 1 are  
calculated by the compiler, which leaves the possibility that the fd  
is invalid, although fd does seem to have a sensible value (4).

What does seem strange is this line in the backtrace:

#1  0x00002aca224a5e77 in read (pod=<value optimized out>)

The parameters of read() are (int fd, void *buf, size_t nbytes), not  
(ap_pod_t *pod), this looks a bit odd.

The next step for me is to attempt to deploy a non optimised httpd to  
see if I can reproduce it, in the mean time, does this ring any bells  
with anybody?

(gdb) bt full
#0  0x00002aca23d3491b in read () from /lib64/
No symbol table info available.
#1  0x00002aca224a5e77 in read (pod=<value optimized out>)
     at /usr/include/bits/unistd.h:35
No locals.
#2  ap_mpm_pod_check (pod=<value optimized out>)
     at /usr/src/debug/httpd-2.2.17/server/mpm/worker/pod.c:54
         c = <value optimized out>
         fd = 4
#3  0x00002aca224a3e42 in child_main (child_num_arg=<value optimized  
     at /usr/src/debug/httpd-2.2.17/server/mpm/worker/worker.c:1258
         threads = <value optimized out>
         rv = 577498496
         ts = 0x2aca2c4883f8
         thread_attr = 0x2aca2c488418
         start_thread_id = <value optimized out>
#4  0x00002aca224a3ff5 in make_child (s=0x2aca287d5848, slot=2)
     at /usr/src/debug/httpd-2.2.17/server/mpm/worker/worker.c:1341
         pid = 0
#5  0x00002aca224a40af in startup_children (number_to_start=8)
     at /usr/src/debug/httpd-2.2.17/server/mpm/worker/worker.c:1375
         i = 2
#6  0x00002aca224a4b7f in ap_mpm_run (_pconf=0x2aca287ce138,
---Type <return> to continue, or q <return> to quit---
     plog=<value optimized out>, s=0x2aca287d5848)
     at /usr/src/debug/httpd-2.2.17/server/mpm/worker/worker.c:1742
         remaining_children_to_start = 10
         rv = <value optimized out>
#7  0x00002aca2247dc73 in main (argc=4, argv=0x7fff25e2ca78)
     at /usr/src/debug/httpd-2.2.17/server/main.c:739
         c = 68 'D'
         configtestonly = 0
         confname = 0x2aca224a7478 "conf/httpd.conf"
         def_server_root = 0x2aca224a7488 "/etc/httpd"
         temp_error_log = 0x0
         error = <value optimized out>
         process = 0x2aca287cc218
         server_conf = <value optimized out>
         pglobal = 0x2aca287cc128
         pconf = 0x2aca287ce138
         plog = 0x2aca288002c8
         ptemp = 0x2aca287d2158
         pcommands = 0x2aca287d0148
         opt = 0x2aca287d0238
         rv = <value optimized out>
         optarg = 0x7fff25e2cf32 "SERVER_CLASS_STATICP"


View raw message