Re: [PATCH] Prevent idnsVCClosed segfaults during shutdown or reconfiguration from Amos Jeffries on 2010-01-10 (squid-dev)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sun, 10 Jan 2010 21:26:45 +1300

Alex Rousskov wrote:
> Prevent idnsVCClosed segfaults during shutdown or reconfiguration.
>
> idnsShutdown() schedules comm_close and then frees nameservers[] by
> calling idnsFreeNameservers. The closing handler tried to access freed
> nameservers[]. The patch prevents access to the freed nameservers[]
> array in idnsVCClosed and other functions.
>
> TODO: Nameservers[] array management should be rewritten. The array
> should not be freed while there are nameservers using it. It should be
> freed when the last entry is gone.
>
>
> The segfault was observed in Squid v3.1-based code:
>
>> Program terminated with signal 6, Aborted.
>> #0 0x0000003258230155 in raise () from /lib64/libc.so.6
>> (gdb) where
>> #0 0x0000003258230155 in raise () from /lib64/libc.so.6
>> #1 0x0000003258231bf0 in abort () from /lib64/libc.so.6
>> #2 0x00000000004f8838 in death (sig=11) at tools.cc:390
>> #3 <signal handler called>
>> #4 0x0000000000459d8b in idnsVCClosed (fd=1179, data=0x19c03958) at dns_internal.cc:724
>> #5 0x00000000005159e9 in CommCloseCbPtrFun::dial (this=0x1b426870) at CommCalls.cc:207
>> #6 0x0000000000513e05 in CommCbFunPtrCallT<CommCloseCbPtrFun>::fire (this=0x1b426840) at CommCalls.h:329
>> #7 0x00000000005065c2 in AsyncCall::make (this=0x1b426840) at AsyncCall.cc:34
>> #8 0x00000000005094d5 in AsyncCallQueue::fireNext (this=0x19277370) at AsyncCallQueue.cc:53
>> #9 0x00000000005095ab in AsyncCallQueue::fire (this=0x19277370) at AsyncCallQueue.cc:39
>> #10 0x00000000004622fd in EventLoop::dispatchCalls (this=0x7fffc82d92e0) at EventLoop.cc:154
>> #11 0x000000000046254e in EventLoop::runOnce (this=0x7fffc82d92e0) at EventLoop.cc:119
>> #12 0x0000000000462692 in EventLoop::run (this=0x7fffc82d92e0) at EventLoop.cc:95
>> #13 0x00000000004b3e9c in SquidMain (argc=1, argv=0x7fffc82d94d8) at main.cc:1385
>> #14 0x00000000004b3fc8 in SquidMainSafe (argc=1, argv=0x7fffc82d94d8) at main.cc:1146
>> #15 0x00000000004b40e9 in main (argc=1, argv=0x7fffc82d94d8) at main.cc:1139
>
>
> Alex.
>

+1.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21
   Current Beta Squid 3.1.0.15

Received on Sun Jan 10 2010 - 08:26:52 MST

This archive was generated by hypermail 2.2.0 : Sun Jan 10 2010 - 12:00:03 MST