after i updated my server, i cannot start apache with ZendOptimizer and glibc-2.9: www-servers/apache-2.2.11-r2 (2) dev-php5/ZendOptimizer-3.3.3-r1 (0) sys-libs/glibc-2.9_p20081201-r2 (2.2) apache silently fails and i cannot find any error message. without ZendOptimizer, apache starts without problems, but i have there apps running that are encrypted using some zend encryption so these need ZendOptimizer to be present. # emerge --info Portage 2.1.6.13 (hardened/x86, gcc-4.3.2, glibc-2.9_p20081201-r2, 2.6.28-hardened-r9 i686) ================================================================= System uname: Linux-2.6.28-hardened-r9-i686-Intel-R-_Pentium-R-_4_CPU_3.00GHz-with-glibc2.1.3 Timestamp of tree: Mon, 20 Jul 2009 18:15:02 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7-r1, 2.1.8-r1 dev-lang/python: 2.5.4-r3 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.63 sys-devel/automake: 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=prescott -O2 -pipe -fforce-addr" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /var/qmail/alias /var/qmail/control /var/vpopmail/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=prescott -O2 -pipe -fforce-addr" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.cz.gentoo.org/gentoo-portage" USE="apache2 berkdb crypt device-mapper hardened java5 mmx ncurses pam perl pic python readline snmp ssl tcpd vhosts x86 xml" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="mouse keyboard evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt intel mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
just a note, i think the problem is zend optimizer is not compatible with glibc-2.9 as this happened to me even before with new releases of glibc and slacking releases of zend optimizer that would work with new glibc.
I think I recall a comment saying that php upstream is aware that >=php-5.2.10 are incompatible with ZendOptimizer.
thx, i found that info: http://forums.zend.com/viewtopic.php?f=57&t=1655 tried to downgrade php to 5.2.9-r2 but did not help :-(
i searched the logs again and found this: Aug 5 23:02:31 titan apache2[6763]: segfault at 50d51ed0 ip 50d3c6d3 sp 5b598500 error 7 in ld-2.9.so[50d35000+1c000] Aug 5 23:02:31 titan grsec: From xxx.xxx.xxx.xxx: signal 11 sent to /usr/sbin/apache2[apache2:6763] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Please paste the output of 'emerge --info' into a bugzilla comment to assist the maintainers in resolving this issue
(In reply to comment #5) > Please paste the output of 'emerge --info' into a bugzilla comment to assist > the maintainers in resolving this issue > Ignore this please, what I do need however is the sequence of emerges you did. Did you emerge all 3 at the same time? If you updated, from what did you update on each of the 3. If you did not update one of these 3 and only updated two, or even only updated one, that information would be very useful. An additional test you can do if you are up to it is restore your machine to the original state, and emerge/update just one of the 3 and see if things work or not. Repeat until you get to the broken state. Doing so would allow us to identify which package is the issue or even which two packages are the issue.
state before update (probably): apache-apache-2.2.11 php-5.2.9-r2 ZendOptimizer-3.3.0 (installed manually, not from ebuild) glibc-2.8_p20080602-r1 state after update: apache-apache-2.2.11 php-5.2.10 (then downgraded back to 5.2.9-r2) ZendOptimizer-3.3.3-r1 (installed both manually, from ebuild, the same results) glibc-2.9_p20081201-r2 downgrading php to the original version did not help. i do not want to downgrade glibc as i don't want to risk my system will become unusable and i would have to go to the housing company and reinstall the whole server. apache is the same version, just different revision. the only thing i did not try to downgrade is zend optimizer. when trying to start apache, when php and zend optimizer are activated, i get this in kern.log when apache php5 module is being loaded: Aug 5 23:02:31 titan apache2[6763]: segfault at 50d51ed0 ip 50d3c6d3 sp 5b598500 error 7 in ld-2.9.so[50d35000+1c000] Aug 5 23:02:31 titan grsec: From xxx.xxx.xxx.xxx: signal 11 sent to /usr/sbin/apache2[apache2:6763] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 as apache with php starts without problems when zend optimizer is disabled, i guess the problem is zend optimizer is not compatible with glibc-2.9 and crashes when trying to access some address at ld-2.9.so. so i guess probably the only solution is to get some patch/updated library from zend. i emailed them tonight but got no response yet.
i just needed to set up zend optimizer on another machine (hardened amd64) with php-5.2.10, ZendOptimizer-3.3.3-r1 and glibc-2.9_p20081201-r2 and it works without any problem. so i have the problem only on hardened x86 system.
please try if this is still an issue with ZendOptimizer 3.3.9 (which has just been added to the tree) and reopen this bug if it still does not work
have the same problem in hardened x86 and zend: glibc 9, 10 zendoptimazer 3.2.8, 3.3.9 php -c ./php-zend328.ini Segmentation fault php -c php-zend339.ini Segmentation fault strace: munmap(0x4bfed000, 4096) = 0 stat64("php-zend339.ini", {st_mode=S_IFREG|0644, st_size=44482, ...}) = 0 open("php-zend339.ini", O_RDONLY) = 3 getcwd("/usr/local/Zend/lib", 4096) = 20 lstat64("/usr", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/usr/local", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/usr/local/Zend", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/usr/local/Zend/lib", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/usr/local/Zend/lib/php-zend339.ini", {st_mode=S_IFREG|0644, st_size=44482, ...}) = 0 ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0x5871f1a8) = -1 ENOTTY (Inappropriate ioctl for device) fstat64(3, {st_mode=S_IFREG|0644, st_size=44482, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4bfed000 read(3, "[PHP]\n\n;;;;;;;;;;;\n; WARNING ;\n;"..., 8192) = 8192 read(3, "refixes. In Safe Mode,\n; the us"..., 8192) = 8192 read(3, " Registration is done from left "..., 8192) = 8192 read(3, "onv.internal_encoding = ISO-8859"..., 8192) = 8192 read(3, "stent = -1\n\n; Maximum number of "..., 8192) = 8192 read(3, " false\n; show warnings on duplic"..., 8192) = 3522 read(3, "", 4096) = 0 read(3, "", 8192) = 0 close(3) = 0 munmap(0x4bfed000, 4096) = 0 brk(0x11154000) = 0x11154000 futex(0x4bb3202c, FUTEX_WAKE_PRIVATE, 2147483647) = 0 open("/usr/local/Zend/lib/ZendOptimizer.so", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300G\2\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1432456, ...}) = 0 mmap2(NULL, 1445164, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4b6a5000 mmap2(0x4b7f0000, 69632, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b) = 0x4b7f0000 mmap2(0x4b801000, 19756, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4b801000 mprotect(0x4c00b000, 3796, PROT_READ|PROT_WRITE) = -1 EACCES (Permission denied) --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ Segmentation fault
it was helpfull for me: paxctl -m php-cgi but, befor glibc upgrade all works fine without paxctl =(
the same problem here, i had to paxctl -m /usr/sbin/apache2 any better workaround? Portage 2.1.6.13 (hardened/linux/amd64/10.0/no-multilib, gcc-4.3.4, glibc-2.10.1-r1, 2.6.28-hardened-r9 x86_64) ================================================================= System uname: Linux-2.6.28-hardened-r9-x86_64-Intel-R-_Xeon-R-_CPU_X3430_@_2.40GHz-with-gentoo-1.12.13 Timestamp of tree: Fri, 22 Jan 2010 14:00:01 +0000 app-shells/bash: 4.0_p35 dev-lang/python: 2.6.4 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.63-r1 sys-devel/automake: 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -march=native -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acl amd64 berkdb bzip2 cli cracklib crypt cups cxx dri gdbm gpm hardened iconv justify mbox mmx modules mudflap ncurses nls nptl nptlonly openmp pam pcre perl pic pppd python readline reflection session spl sse sse2 ssl sysfs tcpd unicode urandom vhosts xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
It is a dupe of 264856
*** This bug has been marked as a duplicate of bug 264856 ***