You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/09/11 23:02:20 UTC
[jira] [Work logged] (TS-3743) Crash Under Heavy Load and Sending
Plugin Error Page
[ https://issues.apache.org/jira/browse/TS-3743?focusedWorklogId=28754&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-28754 ]
ASF GitHub Bot logged work on TS-3743:
--------------------------------------
Author: ASF GitHub Bot
Created on: 11/Sep/16 23:02
Start Date: 11/Sep/16 23:02
Worklog Time Spent: 10m
Work Description: GitHub user niq opened a pull request:
https://github.com/apache/trafficserver/pull/1006
TS-3743: Avoid crash due to accessing dead session under load
Patch by Sam Baskinger
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/niq/trafficserver TS-3743
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafficserver/pull/1006.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1006
----
commit a30ed2c69250a0d092efdb0b931bd5f007d2aa93
Author: Nick Kew <ni...@apache.org>
Date: 2016-09-11T22:55:06Z
TS-3743: Avoid crash due to accessing dead session under load
Patch by Sam Baskinger
----
Issue Time Tracking
-------------------
Worklog Id: (was: 28754)
Time Spent: 10m
Remaining Estimate: 0h
> Crash Under Heavy Load and Sending Plugin Error Page
> ----------------------------------------------------
>
> Key: TS-3743
> URL: https://issues.apache.org/jira/browse/TS-3743
> Project: Traffic Server
> Issue Type: Bug
> Components: Core
> Reporter: Sam Baskinger
> Assignee: Nick Kew
> Labels: review
> Fix For: 7.1.0
>
> Attachments: TS-3743.patch, stacktrace.txt
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> One of the tests done on the [IronBee|http://www.ironbee.com] plugin for TrafficServer is to send a [OWASP Zap|https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project] scan through the proxy at a DokuWiki server. When this is done TrafficServer will crash. The crash is not always at the same point in the scan, but is always when IronBee is generating a custom block page. We've reviewed IronBee and cannot find anything it is doing to provoke the crash.
> The crash is always in {{HttpTunnel::producer_run (this=this@entry=0xaf6021c8, p=p@entry=0xaf6022f8)}} and in all cases {{c->vc}} is invalid.
> Our investigations correlated the crash with HttpSM's {{ua_session->m_active}} being false. More specifically we suspect that {{Http::SM::setup_internal_transfer()}} starts with {{ua_session->m_active}} as true and then closes it -- setting {{ua_session->m_active}} to false -- before {{tunnel.tunnel_run(p)}} is called at the end of the function.
> Please refer to two attachments. The first is a copy of the stack trace we've been working off of. Every crash has a remarkably similar call stack. The second attachment is a patch that is working in our labs.
> This crash also appears in the TrafficServer 4.x code, and the same patch seems to resolve it.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)