Re: [squid-users] Squid crash on OpenBSD 5.2

From: Guy Helmer <guy.helmer_at_palisadesystems.com>
Date: Tue, 8 Jan 2013 13:55:57 -0600

On Jan 8, 2013, at 7:04 AM, Loïc Blot <loic.blot_at_unix-experience.fr> wrote:

> Le mercredi 09 janvier 2013 à 00:05 +1300, Amos Jeffries a écrit :
>> On 8/01/2013 8:06 p.m., Loïc BLOT wrote:
>>> In my case, it seems the ASSERT is thrown when GetAddrInfo look at
>>> inexistant DNS name. (in the backtrace the DNS name does'nt exists).
>>> Before there is 2 conditions for IPv4 and IPv6. This function is called
>>> before any helper i think (Comm::ConnOpener::start), squidGuard doesn't
>>> show anything about this case in the logs.
>>
>> IP::Address::GetAddrInfo() function is called to convert an IP address
>> from Squid internal storage format to POSIX address storage format for
>> passing to the operating system.
>> DNS and domain names are not relevant, this is purely an IP->IPv4 and
>> IP->IPv6 conversion. The ASSERT() is there to cause a crash for debug
>> when IPv6 address is forced into smaller IPv4 format and the reverse.
>
> Squid is compiled with --disable-ipv6 support, maybe some code disabled
> are necessary.
>
>>
>> The problem is apparently that AF_UNSPEC on OpenBSD is 0 when the
>> comm.cc part of Squid is built and non-0 when the src/ip/ library part
>> is built. Weird.
>>
>>> One thing is sure, when i resolve this problem my squid doesn't crash
>>> anymore, and my clients can work without any problem.
>>> For asserts, i understand your view. In my case, i prefer to handle code
>>> rather than force crash program, that's better for stability. I know
>>> assert means the program comes to an unattended area.
>>
>> How do you handle storing a 128-bit value into a 32-bit storage space?
> If you look my patch, i abort the request when the error comes by return
> -1 on comm.cc. Negative values causes request abord in comm.cc modified
> function, it's native.
> (http://bugs.squid-cache.org/show_bug.cgi?id=3732)
>>
>>> Since this patch, squid stability is now perfect
>>> 6104 _squid 2 0 3067M 3070M sleep/1 poll 20:53 0.73%
>>> squid
>>>
>>> 20h uptime, 0 crash, whereas before 2 min only.
>>> ~45000 requests were treated during uptime.
>>
>> How many connections were randomly aborted with no response?
>> How many were failed to IPv4 connections when IPv6 connectivity was
>> presented by the website?
>>
>> Amos
>>
> IPv6 isn't presented by the website because we don't have IPv6
> connectivity, and link-local addresses are disabled with -inet6 under
> OpenBSD. Moreover, as i say, the --disable-ipv6 compile option is
> enabled. I use many websites which have IPv6 connectivity (like my
> website) and there is no problem, and no abort. It seems the problem is
> under non existant domains.
> --
> Best regards,
>
> Loïc BLOT, Engineering
> UNIX Systems, Security and Networks
> http://www.unix-experience.fr

This appears similar to an issue I'm trying to resolve with squid 3.3.0.2 on FreeBSD, except this is during startup and is probably triggered by my use of --enable-ssl-crtd. I have tried building with both --disable-ipv6 and IPv6 enabled with the same results.

(gdb) where
#0 0x489b86e7 in kill () from /lib/libc.so.7
#1 0x488c02d7 in raise () from /lib/libthr.so.3
#2 0x489b721a in abort () from /lib/libc.so.7
#3 0x0816a884 in xassert (msg=Variable "msg" is not available.
) at debug.cc:566
#4 0x082ff258 in comm_connect_addr (sock=9, address=@0xbfbfe7d0)
    at comm.cc:800
#5 0x081fb35d in ipcCreate (type=1,
    prog=0x48aa4490 "/usr/local/libexec/squid/ssl_crtd", args=0xbfbfe864,
    name=0x48b52a90 "ssl_crtd", local_addr=@0x48aa2dc4, rfd=0xbfbfea08,
    wfd=0xbfbfea04, hIpc=0xbfbfea00) at ipc.cc:264
#6 0x081b6a10 in helperOpenServers (hlp=0x48aa2d90) at helper.cc:216
#7 0x083eb796 in Ssl::Helper::Init (this=0x85d2780) at helper.cc:76
#8 0x08203ec2 in mainInitialize () at main.cc:1052
#9 0x0820481f in SquidMain (argc=3, argv=0xbfbfebec) at main.cc:1488
#10 0x08204c81 in SquidMainSafe (argc=3, argv=0xbfbfebec) at main.cc:1251
#11 0x08204f42 in main (argc=Cannot access memory at address 0x3
) at main.cc:1243
(gdb) frame 4
#4 0x082ff258 in comm_connect_addr (sock=9, address=@0xbfbfe7d0)
    at comm.cc:800
800 assert(address.GetPort() != 0);
(gdb) print address
$1 = (const Ip::Address &) @0xbfbfe7d0: {m_SocketAddr = {sin6_len = 28 '\034',
    sin6_family = 28 '\034', sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {
      __u6_addr = {__u6_addr8 = '\0' <repeats 15 times>, __u6_addr16 = {0, 0,
          0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0},
  static STRLEN_IP4A = <optimized out>, static STRLEN_IP4R = 28,
  static STRLEN_IP4S = <optimized out>,
  static MAX_IP4_STRLEN = <optimized out>,
  static STRLEN_IP6A = <optimized out>, static STRLEN_IP6R = 75,
  static STRLEN_IP6S = <optimized out>,
  static MAX_IP6_STRLEN = <optimized out>, static v4_localhost = {__u6_addr = {
      __u6_addr8 = "\000\000\000\000\000\000\000\000\000\000??\177\000\000\001", __u6_addr16 = {0, 0, 0, 0, 0, 65535, 127, 256}, __u6_addr32 = {0, 0,
        4294901760, 16777343}}}, static v4_anyaddr = {__u6_addr = {
      __u6_addr8 = "\000\000\000\000\000\000\000\000\000\000??\000\000\000",
      __u6_addr16 = {0, 0, 0, 0, 0, 65535, 0, 0}, __u6_addr32 = {0, 0,
        4294901760, 0}}}, static v4_noaddr = {__u6_addr = {
      __u6_addr8 = "\000\000\000\000\000\000\000\000\000\000??????",
      __u6_addr16 = {0, 0, 0, 0, 0, 65535, 65535, 65535}, __u6_addr32 = {0, 0,
        4294901760, 4294967295}}}, static v6_noaddr = {__u6_addr = {
      __u6_addr8 = '?' <repeats 16 times>, __u6_addr16 = {65535, 65535, 65535,
        65535, 65535, 65535, 65535, 65535}, __u6_addr32 = {4294967295,
        4294967295, 4294967295, 4294967295}}}}
Received on Tue Jan 08 2013 - 19:56:13 MST

This archive was generated by hypermail 2.2.0 : Wed Jan 09 2013 - 12:00:07 MST