lighttpd crush the system after r274463

From: Andrey Fesenko <f0andrey_at_gmail.com> Date: Fri, 19 Dec 2014 14:27:46 +0400 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:54 UTC

Hello,
I'm use lighttpd+SPAWNFCGI for moinmoin wiki.
Before r274463 work fine, after update r275317 and CURRENT system
crushed after start any python CGI script.

For test i'm install py27-flup and start simple

#!/usr/local/bin/python2.7
def myapp(environ, start_response):
    start_response('200 OK', [('Content-Type', 'text/plain')])
    return ['Hello World!\n']

if __name__ == '__main__':
    from flup.server.fcgi import WSGIServer
    WSGIServer(myapp).run()

Perl CGI test script work fine.

Workaround FreeBSD-r275317 and later

lighttpd-1.4.35_5
Options        :
        BZIP2          : on
        DOCS           : on
        FAM            : on
        GDBM           : off
        IPV6           : on
        LDAP           : off
        LIBEV          : on
        LUA            : on
        MEMCACHE       : off
        MYSQL          : off
        MYSQLAUTH      : off
        NODELAY        : on
        OPENSSL        : on
        SPAWNFCGI      : on
        VALGRIND       : off
        WEBDAV         : off
Shared Libs required:
        libpcre.so.1
        liblua-5.1.so
        libfam.so.0
        libev.so.4

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x8
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff809d44bd
stack pointer           = 0x28:0xfffffe00f77df700
frame pointer           = 0x28:0xfffffe00f77df730
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 658 (lighttpd)
[ thread pid 658 tid 100067 ]
Stopped at      sbappendstream_locked+0x2d:     cmpq    $0,0x8(%r14)
db> bt
Tracing pid 658 tid 100067 td 0xfffff8000ba3e940
sbappendstream_locked() at sbappendstream_locked+0x2d/frame 0xfffffe00f77df730
sbappendstream() at sbappendstream+0x3c/frame 0xfffffe00f77df760
tcp_usr_send() at tcp_usr_send+0x1ab/frame 0xfffffe00f77df7e0
sosend_generic() at sosend_generic+0x40b/frame 0xfffffe00f77df8a0
soo_write() at soo_write+0x42/frame 0xfffffe00f77df8d0
dofilewrite() at dofilewrite+0x88/frame 0xfffffe00f77df920
kern_writev() at kern_writev+0x68/frame 0xfffffe00f77df970
sys_writev() at sys_writev+0x36/frame 0xfffffe00f77df9a0
amd64_syscall() at amd64_syscall+0x25a/frame 0xfffffe00f77dfab0
Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe00f77dfab0
--- syscall (121, FreeBSD ELF64, sys_writev), rip = 0x80164cb8a, rsp =
0x7fffffffa658, rbp = 0x7fffffffe6
c0 ---