Forum OpenACS Q&A: Re: naviserver signal 11 core backtrace (revproxy)

Posted by Gustaf Neumann on
Looks like the core dump happens on connchan.c line 551.

Exactly [1]:

550:    assert(cbPtr->connChanPtr->sockPtr != NULL);
551:    servPtr = cbPtr->connChanPtr->sockPtr->servPtr;

one sees from your output that cbPtr has a reasonable value. Since you are compiling with assertions activated, i would expect a failing assertion.

It would be interesting to see the members of this structure in more detail. In gdb, go with "up" to level #12 and do there a "print *cbPtr".

It is unusual, that instantclient_21_1 is doing the top-level exception handling (we don't have these in our configurations). However, my first suspicion would be either a race condition (some other thread deletes the channel information while the crashing thread works on it), or that some other callback being processed together with the crashing one in SockCallbackThread() calls some code that frees it.

Probably, activating debug for "connchan" can provide more insights.

ns_logctl severity Debug(connchan) on



Posted by Marty Israelsen on
Here is gdb up 12.   It looks like the script variable is ":" which seem odd.

(gdb) up 12
#12 NsTclConnChanProc (UNUSED_sock=24, arg=0x7f11b03c01d0, why=1) at connchan.c:551
551             servPtr = cbPtr->connChanPtr->sockPtr->servPtr;
(gdb) print *cbPtr
$1 = {connChanPtr = 0x7f11b035f410, threadName = 0x7f11b0000080 "\340V\003(\020\177", when = 13, scriptLength = 98, scriptCmdNameLength = 17, script = ":"}

Posted by Marty Israelsen on
Here is another core we received where I print out the *cbPtr.
#12 NsTclConnChanProc (UNUSED_sock=30, arg=0x7f2758a68b00, why=1) at connchan.c:551
551             servPtr = cbPtr->connChanPtr->sockPtr->servPtr;
(gdb) print *cbPtr
$1 = {connChanPtr = 0x7f27589b9170, threadName = 0x7f28740008d0 "\a", when = 1697543539, scriptLength = 7954877846452856179,
  scriptCmdNameLength = 7811909647110709364, script = "l"}