Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 337453

Summary: net-proxy/squid-3.1.6-r1 segfaults in transparent mode
Product: Gentoo Linux Reporter: Tino <t.hendricks>
Component: [OLD] ServerAssignee: Gentoo Network Proxy Developers (OBSOLETE) <net-proxy+disabled>
Severity: normal CC: t.hendricks
Priority: High    
Version: 10.0   
Hardware: x86   
OS: Linux   
Package list:
Runtime testing required: ---
Attachments: tcpdump during segfault triggering request

Description Tino 2010-09-15 08:19:21 UTC
After world-upgrading to 3.1.6-r1 squid segfaults reliably on certain http requests, i.e. iTunes Store on two seperate machines
Kernel messages:
Sep 15 10:05:20 router kernel: squid[26680]: segfault at b7268fa8 ip 080fc6c3 sp bfce28d0 error 6 in squid[8048000+215000]
Sep 15 10:05:26 router kernel: squid[27267]: segfault at b7217fa8 ip 080fc6c3 sp bfb218f0 error 6 in squid[8048000+215000]
Sep 15 10:05:30 router kernel: squid[27272]: segfault at b7206fa8 ip 080fc6c3 sp bfd0f9e0 error 6 in squid[8048000+215000]
Sep 15 10:05:46 router kernel: squid[27275]: segfault at b71d6fa8 ip 080fc6c3 sp bfc4d060 error 6 in squid[8048000+215000]
Sep 15 10:05:56 router kernel: squid[27278]: segfault at b7209fa8 ip 080fc6c3 sp bfdff750 error 6 in squid[8048000+215000]
Sep 15 10:06:33 router kernel: squid[27281]: segfault at b7296fa8 ip 080fc6c3 sp bfeb0a10 error 6 in squid[8048000+215000]
Sep 15 10:06:39 router kernel: squid[27284]: segfault at b722dfa8 ip 080fc6c3 sp bfccbfd0 error 6 in squid[8048000+215000]
Sep 15 10:07:07 router kernel: squid[27287]: segfault at b7217fa8 ip 080fc6c3 sp bfcfa380 error 6 in squid[8048000+215000]
Comment 1 Tino 2010-09-15 08:20:10 UTC
 emerge --info
Portage (default/linux/x86/10.0, gcc-4.4.3, glibc-2.11.2-r0, 2.6.31-gentoo-r10 i686)
System uname: Linux-2.6.31-gentoo-r10-i686-AMD_Athlon-tm-_Processor-with-gentoo-1.12.13
Timestamp of tree: Fri, 10 Sep 2010 06:45:01 +0000
app-shells/bash:     4.1_p7
dev-lang/python:     2.6.5-r3, 3.1.2-r4
sys-apps/baselayout: 1.12.13
sys-apps/sandbox:    1.6-r2
sys-devel/autoconf:  2.65
sys-devel/automake:  1.10.1, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.3-r2
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.30-r1
CFLAGS="-march=athlon-xp -mtune=athlon-xp -O2 -pipe -fomit-frame-pointer"
CONFIG_PROTECT="/etc /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=athlon-xp -mtune=athlon-xp -O2 -pipe -fomit-frame-pointer"
FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="de en"
PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes --delete-excluded"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
USE="acl alsa apache2 bzip2 cracklib cups cxx dri fortran gdbm gpm iconv ipppd logrotate maildir modules mp3 mudflap ncurses nls nptl nptlonly openmp pam pcre perl pppd python readline reflection session ssl symlink sysfs tcpd tk unicode x86 xorg zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias authz_host autoindex cache deflate dir disk_cache env expires file_cache filter headers include info log_config mem_cache mime mime_magic negotiation unique_id" ELIBC="glibc" FRITZCAPI_CARDS="fcpci" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de en" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Comment 2 Tino 2010-09-15 08:31:31 UTC
acl manager proto cache_object
acl localhost src
acl to_localhost dst
acl localnet src # RFC1918 possible internal network
acl SSL_ports port 443 9000
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl blockedsites url_regex "/etc/squid/blockedSites.txt"
acl local-servers dst
acl nice2cu-dev url_regex  ^*
acl nice2cu-php5 url_regex  ^*
acl nice2cu-s3 url_regex  ^*
acl nice2cu-testing url_regex ^*
acl mcf url_regex ^http://.*mycodefactory..*
cache deny nice2cu-dev
cache deny nice2cu-php5
cache deny nice2cu-testing
cache deny mcf
always_direct allow local-servers
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny blockedsites
http_access allow localnet
http_access allow localhost
http_access allow localhost
http_access deny all
htcp_access allow localnet
htcp_access deny all
hierarchy_stoplist cgi-bin ?
http_port 3128 intercept
cache_dir ufs /var/cache/squid 500 16 256
coredump_dir /var/cache/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern .*t1\.nice2cu\.de.* 1440 100% 1440
refresh_pattern . 0 20% 4320
visible_hostname router.ip
error_directory /usr/share/squid/errors/de-de/
Comment 3 Tino 2010-09-15 08:33:22 UTC
Created attachment 247434 [details]
tcpdump during segfault triggering request
Comment 4 Joe Kane 2010-09-20 13:12:26 UTC
have squid deployed on gentoo in two seperate hotels. using iptables to DNAT http traffic to the squid cache.  can have up time of up to 7 days before a child process segfaults with error 6.  maximum ten days before squid parent segfaults.
doesn't matter if squid set to intercept (correct) or transparent (deprecated) same thing happens.

this is on i686 and x86_64 with 2.6.34-gentoo-r1 

x86_64 [SMP Fri Aug 13 15:50:29 BST 2010 x86_64 Intel(R) Atom(TM) CPU 330 @ 1.60GHz GenuineIntel GNU/Linux]
Sep 20 07:06:10 [kernel] [3241219.854796] squid[12114]: segfault at 7fbecc632f6]
Sep 20 07:06:22 [kernel] [3241232.193245] squid[30155]: segfault at 7f4e3dc08f6]

i686 [1 Thu Aug 19 13:45:09 BST 2010 i686 VIA Esther processor 1200MHz CentaurHauls GNU/Linux]
/var/log/everything/log-2010-09-11-00:09:01:Sep 11 00:55:39 [kernel] squid[13935]: segfault at b7317fa8 ip 080fc93e sp bfeb3300 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-13-00:09:01:Sep 12 20:42:52 [kernel] squid[15378]: segfault at b7384fa8 ip 080fc93e sp bf8d4f70 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-14-00:09:01:Sep 13 08:12:28 [kernel] squid[28590]: segfault at b720afa8 ip 080fc93e sp bf925420 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-20-00:09:01:Sep 19 23:45:53 [kernel] squid[32571]: segfault at b738dfa8 ip 080fc93e sp bfacd150 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-20-00:09:01:Sep 19 23:46:02 [kernel] squid[26488]: segfault at b7289fa8 ip 080fc93e sp bfe8f0c0 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-20-00:09:01:Sep 19 23:46:09 [kernel] squid[26491]: segfault at b7287fa8 ip 080fc93e sp bff1d150 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-20-00:09:01:Sep 19 23:46:17 [kernel] squid[26494]: segfault at b71dbfa8 ip 080fc93e sp bfc65190 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-20-00:09:01:Sep 19 23:46:24 [kernel] squid[26497]: segfault at b71c1fa8 ip 080fc93e sp bf8e3960 error 6 in squid[8048000+215000]
/var/log/everything/log-2010-09-20-00:09:01:Sep 19 23:46:36 [kernel] squid[26500]: segfault at b7251fa8 ip 080fc93e sp bfbff3a0 error 6 in squid[8048000+215000]
Comment 5 Joe Kane 2010-09-20 13:21:28 UTC
sorry for x86_64 error looks like this

Sep 20 07:06:10 [kernel] [3241219.854796] squid[12114]: segfault at 7fbecc632f60 ip 00007fbecc7ccb5d sp 00007fffe0a6c010 error 6 in squid[7fbecc6ea000+22f00]
Sep 20 07:06:22 [kernel] [3241232.193245] squid[30155]: segfault at 7f4e3dc08f60 ip 00007f4e3dda2b5d sp 00007fff709212f0 error 6 in squid[7f4e3dcc0000+22f00]
Comment 6 Han Boetes 2010-09-22 08:37:46 UTC
I just upgraded to 3.1.8; copy the 3.1.6 patches and apply this patch to the ebuild. Maybe it helps. I can't tell so far since I just restarted squid.

--- squid-3.1.6-r1.ebuild       2010-09-06 22:36:47.000000000 +0200
+++ squid-3.1.8.ebuild  2010-09-22 10:27:37.355298872 +0200
@@ -65,10 +65,11 @@ pkg_setup() {
 src_prepare() {
-       epatch "${FILESDIR}"/${P}-gentoo.patch
+       # epatch "${FILESDIR}"/${P}-gentoo.patch
+       patch -p1 -i "${FILESDIR}"/${P}-gentoo.patch
        epatch "${FILESDIR}"/${P}-qafixes.patch
        epatch "${FILESDIR}"/${P}-libmd5.patch
-       epatch "${FILESDIR}"/${P}-bug3011.patch
+       # epatch "${FILESDIR}"/${P}-bug3011.patch
        # eautoreconf breaks lib/libLtdl/libtool script
        ./ || die "autoreconf failed"
Comment 7 Alin Năstac (RETIRED) gentoo-dev 2010-09-23 22:32:59 UTC
Please check if squid-3.1.8 fixed this issue.
If not, reopen this bug.