agentzh
crash with nginx/1.2.3 and HttpDavModule
I'm seeing a crash when generating a PUT to nginx/1.2.3:
mdb: stop on SIGSEGV
mdb: target stopped at:
ngx_ext_rename_file+0x22: movl 0x4(%esi),%eax
> ::stack
ngx_ext_rename_file+0x22(4, 80473f4, 804734c, 0, 805da43, fef804d8)
ngx_http_dav_put_handler+0x1a8(81017c0, 81125c8, 80474f8, 80c29ba, 80fe380, 80474c8)
ngx_http_read_client_request_body+0x39(81017c0, 80aa73f, feb65528, 80fe9ec, e, 0)
ngx_http_dav_handler+0xeb(81017c0, 0, fec85200, 81017c0, 810a2c8, 810195c)
ngx_http_core_content_phase+0x44(81017c0, 810a2f8, fec81000, fead2a40, ffffffff, 80fe888)
ngx_http_core_run_phases+0x25(81017c0, fec0b8ec, fec85200, 0, 81017c0)
ngx_http_handler+0xe5(81017c0, 0, a0, 8101a70, 81017c0, 4c)
ngx_http_chunkin_internal_redirect+0x14d(81017c0, 810195c, 8101964, 80fe888, 810a2e0, 81017c0)
ngx_http_chunkin_resume_handler+0x12e(81017c0, fefdba75, feffc880, 81017c0, 810a2c8, 8047700)
ngx_http_core_content_phase+0x28(81017c0, 810a2e0, 1, feb63598, 81017c0, 8108f5c)
ngx_http_core_run_phases+0x25(81017c0, 0, a0, fef517b4, fef5c43a, fef80b50)
ngx_http_named_location+0x143(81017c0, 8047700, 8047700, 0, 0, 3)
ngx_http_special_response_handler+0x1db(81017c0, 19b, 8047758, 81017c0, 80fe678, 0)
ngx_http_finalize_request+0x186(81017c0, 19b, 0, c, 81125c8, 812a578)
ngx_http_process_request_headers+0x4c1(812a578, 8, 80477e8, 80fe380, 80f8e8c, 80f8e00)
ngx_http_process_request_line+0x4ac(812a578, 38, fec136b5, fec016fa, 3, 80f8b00)
ngx_http_init_request+0x447(812a578, d001, 80478ac, 807fad8, 1, 1)
ngx_devpoll_process_events+0x485(80f9368, ea60, 1, fec01d37, 0, 0)
ngx_process_events_and_timers+0x97(80f9368, 80f9368, 8047948, fec01d93, 0, 0)
ngx_worker_process_cycle+0xb6(80f9368, 0, 1, 80ebb28, fec02c17, 4000)
ngx_spawn_process+0x4ab(80f9368, 807d579, 0, 80cd4ac, fffffffd, 19)
ngx_start_worker_processes+0x81(810e510, 80f58f0, 28, febe955c, febe955c, 5)
ngx_master_process_cycle+0x1e8(80f9368, 2, 0, feffc880, 0, 2)
main+0xa94(1, 8047bec, 8047bf4, 80c4820, 0, 0)
_start+0x83(1, 8047cb4, 0, 80f8f20, 80f8f31, 80f8f45)
> ::status
debugging PID 28965 (32-bit)
file: /root/src/mako/build/nginx/sbin/nginx
threading model: native threads
status: stopped on SIGSEGV (Segmentation Fault)
event: stop on SIGSEGV
I'm not sure yet if this is an issue in the chunkin module itself, the HttpDavModule, or the nginx core. I'm continuing to debug.
The relevant parts of my nginx.conf contain:
server {
listen 80;
server_name localhost;
chunkin on;
error_page 411 = @my_411_error;
location @my_411_error {
chunkin_resume;
}
root /storage;
autoindex on;
location /
{
expires max;
client_body_temp_path /storage/nginx_temp;
dav_methods PUT DELETE;
create_full_put_path on;
dav_access user:rw group:r all:r;
}
...
}
and I caused this error with:
# curl -isS http://localhost/123 -X PUT --data-binary 'hello world ' -H 'transfer-encoding: chunked'
I'm running on SmartOS -- a distribution of the illumos operating system. It's a derivative of Solaris, so likely just Solaris/SunOS for the purpose of this issue.
I'm seeing the same issue with nginx/1.1.19 and nginx/1.1.5. I suspect it's the presence of HttpDavModule which is inducing the problem.
Hello!
Thanks for the report! This is because the ngx_dav module assumes the configuration
client_body_in_file_only on;
but ngx_chunkin does not support it yet. I'm going to rewrite ngx_chunkin as a patch for the nginx core and this limitation will also go away :)
Best regards, -agentzh
Thanks! If you would like a tester, I'm happy to test your changes.
I also inadvertently closed this issue, reopening it for now.