You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Jeff Trawick <tr...@bellsouth.net> on 2001/02/28 22:36:30 UTC
keepalive broken (?)
not debugged...
I can't reproduce with prefork. It breaks every time for me with
threaded.
Send an HTTP 1.1 request and the server hangs in the keepalive state.
The client has received the entire response but the server never
closes the socket. mod_status output (from non-HTTP 1.1 :) ) shows
the thread in keepalive. The client does shutdown() after sending
first and only request, so server shouldn't remain in keepalive
state.
--
Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
http://www.geocities.com/SiliconValley/Park/9289/
Born in Roswell... married an alien...
Re: keepalive broken (?)
Posted by Jeff Trawick <tr...@bellsouth.net>.
Greg Stein <gs...@lyra.org> writes:
> Looks like the IMMORTAL and TRANSIENT buckets' destory function should be
> switched over to apr_bucket_destroy_notimpl. They no longer have a separate
> sub-allocation (needing to be freed) for bkt->data.
yep, that is the patch I had, which Ryan just verified... now
committed...
But I didn't check the CVS logs to find the point at which the free()
stopped being valid for such buckets. I gather that is a recent
change?
--
Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
http://www.geocities.com/SiliconValley/Park/9289/
Born in Roswell... married an alien...
Re: keepalive broken (?)
Posted by Greg Stein <gs...@lyra.org>.
On Wed, Feb 28, 2001 at 06:20:08PM -0500, Jeff Trawick wrote:
> Jeff Trawick <tr...@bellsouth.net> writes:
>...
> > Send an HTTP 1.1 request and the server hangs in the keepalive state.
> > The client has received the entire response but the server never
> > closes the socket. mod_status output (from non-HTTP 1.1 :) ) shows
> > the thread in keepalive. The client does shutdown() after sending
> > first and only request, so server shouldn't remain in keepalive
> > state.
>
> socket_read() returns an immortal bucket pointing to "" once we reach
> FIN from the other side of the socket.
>
> But ap_getline() does an apr_bucket_delete() on the immortal bucket
> which calls free() on e->data (BAD!!!!!!) which then can hang or
> SIGSEGV (I saw one of these accessing a bad mutex down in glibc).
>
> We've only gotten to this path when keepalive is on AFAICT.
Hmm...
Looks like the IMMORTAL and TRANSIENT buckets' destory function should be
switched over to apr_bucket_destroy_notimpl. They no longer have a separate
sub-allocation (needing to be freed) for bkt->data.
Cheers,
-g
--
Greg Stein, http://www.lyra.org/
Re: keepalive broken (?)
Posted by Jeff Trawick <tr...@bellsouth.net>.
Jeff Trawick <tr...@bellsouth.net> writes:
> not debugged...
well, I'm getting there... (will trade 6-pack of Pilsner Urquell for
gdb+threads which will work on my Linux boxen)
> I can't reproduce with prefork. It breaks every time for me with
> threaded.
actually, we do bad stuff with free() and symptoms varied...
> Send an HTTP 1.1 request and the server hangs in the keepalive state.
> The client has received the entire response but the server never
> closes the socket. mod_status output (from non-HTTP 1.1 :) ) shows
> the thread in keepalive. The client does shutdown() after sending
> first and only request, so server shouldn't remain in keepalive
> state.
socket_read() returns an immortal bucket pointing to "" once we reach
FIN from the other side of the socket.
But ap_getline() does an apr_bucket_delete() on the immortal bucket
which calls free() on e->data (BAD!!!!!!) which then can hang or
SIGSEGV (I saw one of these accessing a bad mutex down in glibc).
We've only gotten to this path when keepalive is on AFAICT.
--
Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
http://www.geocities.com/SiliconValley/Park/9289/
Born in Roswell... married an alien...