Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 132089

Summary: apache with mpm-peruser crashes upon connection
Product: Gentoo Linux Reporter: Andrew Griffiths <andrewg>
Component: Current packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: 2006.0   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Andrew Griffiths 2006-05-02 23:19:44 UTC 
Hello,

Apache2 with mpm-peruser (yup, I'm aware its not currently suitable for production use, however, I'd like to be able to use it due to what it provides.) crashes from a null pointer dereference after recieving a http request.

To reproduce, gcc-config to vanilla, re-emerge with FEATURES="nostrip" and connect to the port its listening on, and give it a request like the following:

GET / HTTP/1.1
Host: 127.0.0.1

To catch the segfault, gdb the multiplexor process, and set follow-on-fork child in gdb. The resulting should happen:

Program received signal SIGSEGV, Segmentation fault.
0x08069f67 in peruser_post_read ()
(gdb) x/3i $eip
0x8069f67 <peruser_post_read+263>:      imul   $0xb4,(%eax),%eax
0x8069f6d <peruser_post_read+269>:      jmp    0x8069ebf <peruser_post_read+95>
0x8069f72 <peruser_post_read+274>:      cmp    %esi,(%edi)
(gdb) i r eax
eax            0x0      0
(gdb) bt
#0  0x08069f67 in peruser_post_read ()
#1  0x08079565 in ap_run_post_read_request ()
#2  0x080799ad in ap_read_request ()
#3  0x08061190 in ap_process_http_connection ()
#4  0x080752a5 in ap_run_process_connection ()
#5  0x08067d9b in child_main ()
#6  0x08068725 in make_child ()
#7  0x08066e00 in sig_coredump ()
Previous frame inner to this frame (corrupt stack?)
(gdb)

emerge info:

Portage 2203-svn (default-linux/x86/no-nptl, gcc-3.4.5-vanilla, glibc-2.3.6-r3, 2.6.14-hardened-r7-y0 i686)
=================================================================
System uname: 2.6.14-hardened-r7-y0 i686 Pentium III (Coppermine)
Gentoo Base System version 1.6.14
dev-lang/python:     2.4.2
dev-util/ccache:     [Not Present]
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.12
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i386-pc-linux-gnu"
CFLAGS="-O2 -mtune=i686 -pipe -Wa,--noexecstack"
CHOST="i386-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -mtune=i686 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig buildpkg distlocks sandbox sfperms strict"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 apache2 bash-completion berkdb bzip2 crypt hardened mmx ncurses pam perl pic python readline snmp ssl tcpd xml zlib userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTDIR_OVERLAY

Expected results would be that Apache would serve the request appropriately.

Thanks,
Andrew Griffiths

P.S As a side note, I'm not sure if the mpm-peruser chroot and mod_chroot are interacting well together (as in not chrooting some processes altogether). Will be investigating this bit later on and will fill a bug report as needed.
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2006-05-02 23:34:00 UTC 
<snip>
if use mpm-peruser; then
  ewarn " -BIG- -FAT- -WARNING-"
  ewarn ""
  ewarn "The peruser (USE=mpm-peruser) MPM is considered highly experimental"
  ewarn "and are not (yet) supported, nor are they recommended for production"
  ewarn "use.  You have been warned!"
</snip>