Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 492444 - dev-lang/php with www-servers/apache-2.4* on hardened - random segmentation faults
Summary: dev-lang/php with www-servers/apache-2.4* on hardened - random segmentation f...
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: AMD64 Linux
: Normal normal (vote)
Assignee: Lars Wendler (Polynomial-C)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: apache-2.4-stable
  Show dependency tree
 
Reported: 2013-11-24 17:06 UTC by Dirk Best
Modified: 2015-03-27 20:07 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
emerge --info (file_492444.txt,4.67 KB, text/plain)
2013-11-24 17:06 UTC, Dirk Best
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Best 2013-11-24 17:06:19 UTC
Created attachment 363904 [details]
emerge --info

I recently upgraded Apache from 2.2 to 2.4. Everything seemed to work well, however then I noticed random segfaults, and Apache processes hanging after a while. I've recompiled Apache (and PHP) with symbols to try to figure out where it crashes, however there are several different places where it will crash. Here's an example backtrace:

Program terminated with signal 11, Segmentation fault.
(gdb) bt
#0  sapi_remove_header (l=0x2efb0000b10,
    name=name@entry=0x2efb00341e0 "\212\035GP\233\232\360\237\202\371\017#02\245\272\275\225BIy*\034\342\275C\236\354,\257\332\341o}\342@b\232'\362\241\064\233\340\205B\270\206\221\347\370>\303!\230#0@V\340C\226\313\300Qx<\\\306\354\333G\220\237\236WiB\325Qܻ\t\265!ǵm", len=7)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/main/SAPI.c:602
#1  0x000002eff6bf9dd2 in sapi_header_add_op (op=<optimized out>, sapi_header=0x2efda9ed600,
    tsrm_ls=0x2efb00008c0) at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/main/SAPI.c:650
#2  0x000002eff6bfb4df in sapi_header_op (op=SAPI_HEADER_REPLACE, arg=arg@entry=0x2efda9ed670,
    tsrm_ls=tsrm_ls@entry=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/main/SAPI.c:842
#3  0x000002eff6bfb94b in sapi_add_header_ex (
    header_line=header_line@entry=0x2eff710a298 "Expires: Thu, 19 Nov 1981 08:52:00 GMT",
    header_line_len=header_line_len@entry=38, duplicate=duplicate@entry=1 '\001', replace=replace@entry=1 '\001',
    tsrm_ls=tsrm_ls@entry=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/main/SAPI.c:630
#4  0x000002eff6ae4796 in _php_cache_limiter_nocache (tsrm_ls=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/ext/session/session.c:1212
#5  0x000002eff6ae9d16 in php_session_cache_limiter (tsrm_ls=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/ext/session/session.c:1250
#6  php_session_start (tsrm_ls=tsrm_ls@entry=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/ext/session/session.c:1543
#7  0x000002eff6aea47c in zif_session_start (ht=<optimized out>, return_value=0x2efb0032fe8,
    return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>,
    tsrm_ls=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/ext/session/session.c:2002
#8  0x000002eff6d37846 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>, tsrm_ls=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/Zend/zend_vm_execute.h:550
#9  0x000002eff6cf068b in execute_ex (execute_data=0x2efb0005be0, tsrm_ls=0x2efb00008c0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/Zend/zend_vm_execute.h:363
#10 0x000002eff6c6b5d7 in zend_execute_scripts (type=0, type@entry=2, tsrm_ls=0x0, tsrm_ls@entry=0x1,
    retval=retval@entry=0x0, file_count=0, file_count@entry=1)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/Zend/zend.c:1320
#11 0x000002eff6d3b3b2 in php_handler (r=0x0)
    at /var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/sapi/apache2handler/sapi_apache2.c:669
#12 0x0000000000000000 in ?? () 

Another one:

Program terminated with signal 11, Segmentation fault.
#0  0x000002c339a83bfc in i_create_execute_data_from_op_array
(tsrm_ls=0x2c2f0240730, nested=0 '\000',
    op_array=0x2c2f0247238)
    at
/var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/Zend/zend_execute.c:1632
#1  zend_execute (op_array=0x2c2f0247238, tsrm_ls=0x2c2f0240730)
    at
/var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/Zend/zend_vm_execute.h:388
#2  0x000002c3399b85d7 in zend_execute_scripts (type=type@entry=2,
tsrm_ls=0x2c2f0240730, tsrm_ls@entry=0x28,
    retval=0x0, retval@entry=0x2c30c00a538, file_count=file_count@entry=1)
    at
/var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/Zend/zend.c:1320
#3  0x000002c339a883b2 in php_handler (r=0x2c2f05b99a0)
    at
/var/tmp/portage/dev-lang/php-5.5.6/work/sapis-build/apache2/sapi/apache2handler/sapi_apache2.c:669
#4  0x000000675bb4c96d in ap_run_handler (r=r@entry=0x2c2f05b99a0) at
config.c:169
#5  0x000000675bb4cfcb in ap_invoke_handler (r=r@entry=0x2c2f05b99a0) at
config.c:432
#6  0x000000675bb6487a in ap_process_async_request (r=0x2c2f05b99a0) at
http_request.c:317
#7  0x000000675bb64b5f in ap_process_request (r=r@entry=0x2c2f05b99a0)
at http_request.c:363
#8  0x000000675bb607d5 in ap_process_http_sync_connection
(c=0x2c3240331b8) at http_core.c:190
#9  ap_process_http_connection (c=0x2c3240331b8) at http_core.c:231
#10 0x000000675bb5747d in ap_run_process_connection
(c=c@entry=0x2c3240331b8) at connection.c:41
#11 0x000000675bb579e0 in ap_process_connection
(c=c@entry=0x2c3240331b8, csd=csd@entry=0x2c324032fa0)
    at connection.c:202
#12 0x000000675bb6c28d in process_socket (bucket_alloc=<optimized out>,
my_thread_num=1, my_child_num=0,
    sock=0x2c324032fa0, p=0x2c324032f18, thd=0x675e664b48) at worker.c:620
#13 worker_thread (thd=0x675e664b48, dummy=<optimized out>) at worker.c:979
#14 0x000002c33ff4bec6 in start_thread () from /lib64/libpthread.so.0
#15 0x000002c33fa804bd in clone () from /lib64/libc.so.6

Those crashes are both in PHP, but it crashes in other places as well.

What I've tried so far:

- PHP 5.4.20 (stable), 5.5.4 (stable), 5.5.6 (latest)
- Switching from worker to prefork
- Turning off SSL

Installed versions are:

- www-servers/apache-2.4.6-r2
- app-admin/apache-tools-2.4.6
- dev-libs/apr-1.4.8-r1
- dev-libs/apr-util-1.5.2
Comment 1 Dirk Best 2015-01-11 17:47:11 UTC
I can't reproduce this anymore with kernel 3.14.17-hardened-r1, likely resolved by various package updates in the meantime. Please close the bug.
Comment 2 Hanno Böck gentoo-dev 2015-03-27 20:07:44 UTC
Seems this is fixed (also I'm using apache 2.4+php+hardened without any issues myself).