Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 363443

Summary: www-servers/apache-2.2.17 with sys-devel/gcc-4.5.2 gives PAX: terminating task /usr/sbin/apache2(apache2)
Product: Gentoo Linux Reporter: Marcin Mirosław <bug>
Component: HardenedAssignee: Apache Team - Bugzilla Reports <apache-bugs>
Status: RESOLVED DUPLICATE    
Severity: major CC: hardened, mjo
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://issues.apache.org/bugzilla/show_bug.cgi?id=50190
Whiteboard:
Package list:
Runtime testing required: ---

Description Marcin Mirosław 2011-04-13 08:57:24 UTC 
I'm using hardened, x86 Gentoo. Apache gives segfault when it's getting POST via http, GET works correctly. I'm not sure php does any common with it, but i;m testing on sites written in php (i've got installed php-5.3.6).
Problem doesn't appear with gcc optimalizations: -O0, -O1 . It appears with -O2, -O3 and -Os.
If apache is compiled with USE=debug i'm getting in apache error.log:
[crit] [Wed Apr 13 10:45:02 2011] file http_filters.c, line 523, assertion "totalread >= 0" failed                                                           
[Wed Apr 13 10:45:03 2011] [notice] child pid 23191 exit signal Aborted (6)

Without USE=debug, in dmesg:
[310423.629868] PAX: From 62.121.127.119: execution attempt in: (null), 00000000-00000000 00000000                                      
2011-04-13T10:49:40.345763+02:00 hermes kernel: [310423.629873] PAX: terminating task: /usr/sbin/apache2(apache2):4894, uid/euid: 81/81, PC: 00000058, SP: b71c96bc                     
2011-04-13T10:49:40.345766+02:00 hermes kernel: [310423.629878] PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ??                                           
2011-04-13T10:49:40.345770+02:00 hermes kernel: [310423.629925] PAX: bytes at SP-4: b71c9708 9ec37936 1c885574 b71c96e8 b71c96e4 00000000 b71c9740 1c8accec b71c96e8 b71c96e4 00000020 0
000007e 1c88d433 005880b5 1c700c50 00000fac 9ec37879 9e744894 00000000 1c8acce8 1c84da20

Apache compiled with gcc-4.4.5 works without such problem.

Reproducible: Always




# emerge --info
FEATURES variable contains unknown value(s): Xccache, Xfail-clean, Xkeepwork, Xnoclean, Xtest
Portage 2.1.9.42 (hardened/linux/x86, gcc-4.5.2, glibc-2.11.3-r0, 2.6.36-hardened-r9 i686)
=================================================================
System uname: Linux-2.6.36-hardened-r9-i686-Pentium-R-_Dual-Core_CPU_E6300_@_2.80GHz-with-gentoo-1.12.14
Timestamp of tree: Wed, 13 Apr 2011 07:45:01 +0000
ccache version 3.1.4 [disabled]
app-shells/bash:     4.1_p9
dev-lang/python:     2.6.6-r2, 3.1.3-r1
dev-util/ccache:     3.1.4
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 1.12.14-r1
sys-apps/sandbox:    2.4
sys-devel/autoconf:  2.65-r1
sys-devel/automake:  1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.5, 4.5.2
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.36.1 (sys-kernel/linux-headers)
ACCEPT_KEYWORDS="x86"
ACCEPT_LICENSE="* -@EULA"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=native -mfpmath=sse -g -ggdb -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=native -mfpmath=sse -g -ggdb -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="Xccache Xfail-clean Xkeepwork Xnoclean Xtest assume-digests binpkg-logs collision-protect distlocks fixlafiles fixpackages news nostrip parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://trumpetti.atm.tut.fi/gentoo/"
LANG="pl"
LC_ALL="pl_PL.utf-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="pl"
MAKEOPTS="-j1"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_EXTRA_OPTS="-6 -O"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/sunrise /usr/portage/local/layman/science /usr/portage/local/layman/sping /usr/portage/local/layman/steev /usr/portage/local/layman/gnustep /usr/portage/local/layman/mgorny /usr/portage/local /usr/local/portage/miro/staging /usr/local/portage/miro/portage"
SYNC="rsync://trumpetti.atm.tut.fi/gentoo-portage/"
USE="acl acpi adns aio apache2 ares bash-completion bcmath bzip2 caps chroot clamav clamdtop cli cracklib crypt curl custom-cflags cxx dkim dri dsn enscript exiscan exiscan-acl fastcgi force-cgi-redirect glibc-omitfp graphite hardened iconv idn imap iproute2 ipv6 logrotate maildir mmap mmx modules mudflap ncurses network-cron nls nptl nptlonly openmp openssl pam pcre pic pppd readline server session slang spell srs sse sse2 sse3 ssl ssse3 subversion suhosin sysfs syslog threads threadsafe tools unicode urandom vhosts vim vim-pager vim-syntax x86 xattr xorg zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon auth_digest authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user cache cgid dav dav_fs dav_lock dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif status unique_id usertrack vhost_alias" APACHE2_MPMS="prefork" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="pl" NGINX_MODULES_HTTP="access browser charset gzip map limit_zone proxy rewrite stub_status" PHP_TARGETS="php5-3" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 intel mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa via vmware nouveau" XTABLES_ADDONS="geoip ipset psd tarpit" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
Comment 1 Marcin Mirosław 2011-04-14 08:56:56 UTC 
Problem isn't related only to hardened Gentoo. I'm adding url to apache bugzilla.
Comment 2 Attila Tóth 2011-04-18 04:36:05 UTC 
I think the problem is related to toolchain and not on a particular version of apache. I have something similar here: PaX terminations of apache2.
In my case ssl connections stop working. Not just apache-2.2.17 is affected,
but recompiling 2.2.16 also results in a faulty httpd.
Compiling apache using gcc-4.5.2 with -O1 or switching to gcc-4.4.5 solves the
problem.
So there's something wrong with -O2 in case of gcc-4.5.2. No other components
of the system triggers PaX.

Dw.
Comment 3 Alexander Holler 2011-05-04 15:51:43 UTC 
I can confirm the problem (file http_filters.c, line 523, assertion "totalread >= 0" failed) with apache-2.2.17 compiled with gcc 4.6 (tried with -O3 and -O2)
Comment 4 Alexander Holler 2011-05-04 16:00:38 UTC 
Using apr-1.4.2-r1 AND recompiling apache fixed it here.
See bug #355171
Comment 5 Marcin Mirosław 2011-05-09 10:09:48 UTC 
The same for me, upgrade of apr and recompilation of apache solved problem for me.
Comment 6 Arfrever Frehtes Taifersar Arahesis (RETIRED) gentoo-dev 2011-05-09 14:14:00 UTC 

*** This bug has been marked as a duplicate of bug 355171 ***