I have a problem with haproxy in multiprocess mode, when i enable h2 with directive " alpn h2,http/1.1 " the haproxy randomly thorow segfault error and stop working . I have more than 10 servers with this setup and all have this same problem.
[1811922.431684] haproxy[19168]: segfault at 8 ip 0000000000475cb2 sp 00007ffe0d869a20 error 4 in haproxy[400000+12b000]
[1816536.073834] haproxy[46776]: segfault at 8 ip 0000000000475cb2 sp 00007ffd8bc48f40 error 4 in haproxy[400000+12b000]
Haproxy has been comiled with :
ibkadm5-1.15.1-8.el7.x86_64,libsepol-devel-2.5-6.el7.x86_64,pcre-devel-8.32-17.el7.x86_64,libselinux-devel-2.5-11.el7.x86_64,libcom_err-devel-1.42.9-10.el7.x86_64,libverto-devel-0.2.5-4.el7.x86_64,keyutils-libs-devel-1.5.8-3.el7.x86_64,krb5-devel-1.15.1-8.el7.x86_64, zlib-devel-1.2.7-17.el7.x86_64
,openssl-devel-1.0.2k-8.el7.x86_64,glibc-2.17-196.el7_4.2.x86_64
Iā ve comiled haroxy with debug symbols and enabled coredump
This is full backtrace from gdb :
bt full
#0 0x0000000000475cb2 in h2_process_mux (h2c=0x2495650) at src/mux_h2.c:2107
h2s = 0x38ff770
h2s_back = 0x2c49f30
#1 h2_send (conn=) at src/mux_h2.c:2225
flags =
h2c = 0x2495650
done =
#2 0x00000000004c65b2 in conn_fd_handler (fd=) at src/connection.c:128
conn = 0x2acb6c0
flags = 0
#3 0x00000000004d4cd3 in fd_process_cached_events () at src/fd.c:271
fd = 2119
entry = 0
e =
#4 0x0000000000486c9f in run_poll_loop () at src/haproxy.c:2425
next =
exp =
#5 run_thread_poll_loop (data=data@entry=0x1db8620) at src/haproxy.c:2460
ptif = 0x734110 <per_thread_init_list>
ptdf =
start_lock = 0
#6 0x000000000040a1db in main (argc=, argv=) at src/haproxy.c:3049
tids = 0x1db8620
threads = 0x1da2f60
i =
err =
retry =
limit = {rlim_cur = 500144, rlim_max = 500144}
errmsg = ā\000\000\000\000wā, ā\000ā <repeats 11 times>, "O\001\062\036\376\177\000\000\240fP\000\000\000\000\000\v\330P\000\000\000\000\000\v\330P\000\000\000\000\000|\000\000\000\000\000\000\000g\371\324f\177\000\000\340ÓÆ\001\000\000\000\000
g\371\324f\177\000\000 ĖÆ\001\000\000\000\000pk\001\000\000\000\000\000\200\000\000"
pidfd =
HA-Proxy version 1.8.4-1deb90d 2018/02/08
Copyright 2000-2018 Willy Tarreau willy@haproxy.org
Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -Wno-unused-label -DTCP_USER_TIMEOUT=18
OPTIONS = USE_LINUX_TPROXY=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017
Running on OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.32 2012-11-30
Running on PCRE version : 8.32 2012-11-30
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity(āidentityā), deflate(ādeflateā), raw-deflate(ādeflateā), gzip(āgzipā)
Built with network namespace support.
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace