Bug 1143908

Summary: mod_gnutls crashes httpd if mod_php is loaded (CentOS 7)
Product: [Fedora] Fedora EPEL Reporter: Django <django>
Component: mod_gnutlsAssignee: Jiri Kastner <cz172638>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: epel7CC: cz172638, nmavrogi
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-14 08:53:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
valgrind output none

Description Django 2014-09-18 08:45:45 UTC 
Description of problem:

If I install httpd, php and mod_gnutls, httpd dies while reloading httpd.

Version-Release number of selected component (if applicable):
httpd-2.4.6-18.el7.centos.x86_64 (from CentOS-Base-Repository)
mod_gnutls-0.5.10-13.el7.x86_64  (from EPEL-Repository)
php-5.4.16-23.el7_0.x86_64       (from CentOS-Base-Repository)


How reproducible:
I have mad many tests last day with different CentOS 7 hosts. 

Steps to Reproduce:
1. Install httpd-2.4.6-18.el7.centos.x86_64 and php-5.4.16-23.el7_0.x86_64 from CentOS-Base-Repo:
 Step 1a) Start Apache 2.4:     # systemctl start httpd.service
 Step 2b) Ask status of httpd:  # systemctl status httpd.service
 Step 2c) Reload apache-config: # systemctl reload httpd.service

I can do step "2c" many times, there's no problem- everything works as I expected!

2. Install mod_gnutls-0.5.10-13.el7.x86_64 (from EPEL-Repository)

3. Reload apache-daemon: 
 Step 3a) Restart Apache 2.4:   # systemctl restart httpd.service
 Step 3b) Ask status of httpd:  # systemctl status httpd.service

# systemctl status httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
   Active: active (running) since Thu 2014-09-18 10:36:53 CEST; 4s ago
  Process: 6812 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 6808 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
 Main PID: 6843 (httpd)
   Status: "Processing requests..."
   CGroup: /system.slice/httpd.service
           ├─6843 /usr/sbin/httpd -DFOREGROUND
           ├─6845 /usr/sbin/httpd -DFOREGROUND
           ├─6846 /usr/sbin/httpd -DFOREGROUND
           ├─6847 /usr/sbin/httpd -DFOREGROUND
           ├─6848 /usr/sbin/httpd -DFOREGROUND
           └─6849 /usr/sbin/httpd -DFOREGROUND

Sep 18 10:36:53 vml000097.dmz.example.com systemd[1]: Started The Apache HTTP Server.

 Step 3c) Reload apache-config: # systemctl reload httpd.service
Job for httpd.service failed. See 'systemctl status httpd.service' and 'journalctl -xn' for details.

# systemctl status httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
   Active: failed (Result: signal) since Thu 2014-09-18 10:38:12 CEST; 18s ago
  Process: 6856 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 6855 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
  Process: 6843 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=killed, signal=SEGV)
 Main PID: 6843 (code=killed, signal=SEGV)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"

Sep 18 10:36:53 vml000097.dmz.example.com systemd[1]: Started The Apache HTTP Server.
Sep 18 10:38:11 vml000097.dmz.example.com systemd[1]: Reloading The Apache HTTP Server.
Sep 18 10:38:12 vml000097.dmz.example.com systemd[1]: httpd.service: main process exited, code=killed, status=11/SEGV
Sep 18 10:38:12 vml000097.dmz.example.com systemd[1]: Reload failed for The Apache HTTP Server.
Sep 18 10:38:12 vml000097.dmz.example.com systemd[1]: Unit httpd.service entered failed state.

# journalctl -xn
-- Logs begin at Wed 2014-09-17 12:47:28 CEST, end at Thu 2014-09-18 10:38:12 CEST. --
Sep 18 10:01:01 vml000097.dmz.example.com run-parts(/etc/cron.hourly)[6823]: starting 0anacron
Sep 18 10:01:01 vml000097.dmz.example.com run-parts(/etc/cron.hourly)[6829]: finished 0anacron
Sep 18 10:01:01 vml000097.dmz.example.com run-parts(/etc/cron.hourly)[6831]: starting 0yum-hourly.cron
Sep 18 10:01:01 vml000097.dmz.example.com run-parts(/etc/cron.hourly)[6835]: finished 0yum-hourly.cron
Sep 18 10:36:53 vml000097.dmz.example.com systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit httpd.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit httpd.service has begun starting up.
Sep 18 10:36:53 vml000097.dmz.example.com systemd[1]: Started The Apache HTTP Server.
-- Subject: Unit httpd.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit httpd.service has finished starting up.
-- 
-- The start-up result is done.
Sep 18 10:38:11 vml000097.dmz.example.com systemd[1]: Reloading The Apache HTTP Server.
-- Subject: Unit httpd.service has begun with reloading its configuration
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit httpd.service has begun with reloading its configuration
Sep 18 10:38:12 vml000097.dmz.example.com systemd[1]: httpd.service: main process exited, code=killed, status=11/SEGV
Sep 18 10:38:12 vml000097.dmz.example.com systemd[1]: Reload failed for The Apache HTTP Server.
-- Subject: Unit httpd.service has finished reloading its configuration
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit httpd.service has finished reloading its configuration
-- 
-- The result is failed.
Sep 18 10:38:12 vml000097.dmz.example.com systemd[1]: Unit httpd.service entered failed state.


# cat /var/log/httpd/error_log
[Wed Sep 17 14:53:05.706634 2014] [suexec:notice] [pid 4737] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Sep 17 14:53:05.867889 2014] [auth_digest:notice] [pid 4737] AH01757: generating secret for digest authentication ...
[Wed Sep 17 14:53:05.869450 2014] [lbmethod_heartbeat:notice] [pid 4737] AH02282: No slotmem from mod_heartmonitor
[Wed Sep 17 14:53:06.063338 2014] [core:warn] [pid 4737] AH00098: pid file /run/httpd/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Wed Sep 17 14:53:06.098697 2014] [mpm_prefork:notice] [pid 4737] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 mod_gnutls/0.5.10 configured -- resuming normal operations
[Wed Sep 17 14:53:06.098804 2014] [core:notice] [pid 4737] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Wed Sep 17 14:53:23.408399 2014] [mpm_prefork:notice] [pid 4737] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Sep 17 14:53:24.426419 2014] [core:notice] [pid 4737] AH00060: seg fault or similar nasty error detected in the parent process
[Wed Sep 17 14:53:24.520783 2014] [suexec:notice] [pid 4751] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Sep 17 14:53:24.582705 2014] [auth_digest:notice] [pid 4751] AH01757: generating secret for digest authentication ...
[Wed Sep 17 14:53:24.583596 2014] [lbmethod_heartbeat:notice] [pid 4751] AH02282: No slotmem from mod_heartmonitor
[Wed Sep 17 14:53:24.669171 2014] [mpm_prefork:notice] [pid 4751] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 mod_gnutls/0.5.10 configured -- resuming normal operations
[Wed Sep 17 14:53:24.669216 2014] [core:notice] [pid 4751] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Wed Sep 17 14:53:38.628624 2014] [mpm_prefork:notice] [pid 4751] AH00171: Graceful restart requested, doing restart
[Wed Sep 17 14:53:38.649444 2014] [core:notice] [pid 4751] AH00060: seg fault or similar nasty error detected in the parent process 

*** Error in `/usr/sbin/httpd': munmap_chunk(): invalid pointer: 0x00007fa75e624b60 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x7bc07)[0x7fa75baadc07]
/lib64/libapr-1.so.0(apr_pool_destroy+0x1a7)[0x7fa75c22c2d7]
/etc/httpd/modules/mod_mpm_prefork.so(+0x321e)[0x7fa752ed421e]
/etc/httpd/modules/mod_mpm_prefork.so(+0x325b)[0x7fa752ed425b]
/lib64/libpthread.so.0(+0xf130)[0x7fa75c006130]
/lib64/libc.so.6(+0x7c4f2)[0x7fa75baae4f2]
/lib64/libc.so.6(+0x7d097)[0x7fa75baaf097]
/lib64/libapr-1.so.0(apr_allocator_destroy+0x1d)[0x7fa75c22b97d]
/etc/httpd/modules/mod_mpm_prefork.so(+0x321e)[0x7fa752ed421e]
/etc/httpd/modules/mod_mpm_prefork.so(+0x36c7)[0x7fa752ed46c7]
/etc/httpd/modules/mod_mpm_prefork.so(+0x3a26)[0x7fa752ed4a26]
/etc/httpd/modules/mod_mpm_prefork.so(+0x3a86)[0x7fa752ed4a86]
/etc/httpd/modules/mod_mpm_prefork.so(+0x4790)[0x7fa752ed5790]
/usr/sbin/httpd(ap_run_mpm+0x4e)[0x7fa75d5580fe]
/usr/sbin/httpd(main+0xa86)[0x7fa75d551726]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7fa75ba53af5]
/usr/sbin/httpd(+0x1e861)[0x7fa75d551861]
======= Memory map: ========
7fa730000000-7fa730021000 rw-p 00000000 00:00 0
7fa730021000-7fa734000000 ---p 00000000 00:00 0
7fa7360ab000-7fa7360ac000 ---p 00000000 00:00 0
7fa7360ac000-7fa7368ac000 rw-p 00000000 00:00 0
7fa736cb8000-7fa736cbd000 r-xp 00000000 fd:01 16787613                   /usr/lib64/libnss_dns-2.17.so
7fa736cbd000-7fa736ebc000 ---p 00005000 fd:01 16787613                   /usr/lib64/libnss_dns-2.17.so
7fa736ebc000-7fa736ebd000 r--p 00004000 fd:01 16787613                   /usr/lib64/libnss_dns-2.17.so
7fa736ebd000-7fa736ebe000 rw-p 00005000 fd:01 16787613                   /usr/lib64/libnss_dns-2.17.so
7fa73d0ce000-7fa73d1b7000 r-xp 00000000 fd:01 16790814                   /usr/lib64/libstdc++.so.6.0.19
7fa73d1b7000-7fa73d3b6000 ---p 000e9000 fd:01 16790814                   /usr/lib64/libstdc++.so.6.0.19
7fa73d3b6000-7fa73d3be000 r--p 000e8000 fd:01 16790814                   /usr/lib64/libstdc++.so.6.0.19
7fa73d3be000-7fa73d3c0000 rw-p 000f0000 fd:01 16790814                   /usr/lib64/libstdc++.so.6.0.19
7fa73d3c0000-7fa73d3d5000 rw-p 00000000 00:00 0
7fa7400cd000-7fa7400e2000 r-xp 00000000 fd:01 17619692                   /usr/lib64/libgcc_s-4.8.2-20140120.so.1
7fa7400e2000-7fa7402e1000 ---p 00015000 fd:01 17619692                   /usr/lib64/libgcc_s-4.8.2-20140120.so.1
7fa7402e1000-7fa7402e2000 r--p 00014000 fd:01 17619692                   /usr/lib64/libgcc_s-4.8.2-20140120.so.1
7fa7402e2000-7fa7402e3000 rw-p 00015000 fd:01 17619692                   /usr/lib64/libgcc_s-4.8.2-20140120.so.1
7fa745045000-7fa74b56c000 r--p 00000000 fd:01 34260954                   /usr/lib/locale/locale-archive
7fa74b56c000-7fa74b56e000 r-xp 00000000 fd:01 16797722                   /usr/lib64/apr-util-1/apr_ldap-1.so
7fa74b56e000-7fa74b76d000 ---p 00002000 fd:01 16797722                   /usr/lib64/apr-util-1/apr_ldap-1.so
7fa74b76d000-7fa74b76e000 r--p 00001000 fd:01 16797722                   /usr/lib64/apr-util-1/apr_ldap-1.so
7fa74b76e000-7fa74b76f000 rw-p 00002000 fd:01 16797722                   /usr/lib64/apr-util-1/apr_ldap-1.so
7fa74b76f000-7fa74b77a000 r-xp 00000000 fd:01 16787615                   /usr/lib64/libnss_files-2.17.so
7fa74b77a000-7fa74b979000 ---p 0000b000 fd:01 16787615                   /usr/lib64/libnss_files-2.17.so
7fa74b979000-7fa74b97a000 r--p 0000a000 fd:01 16787615                   /usr/lib64/libnss_files-2.17.so
7fa74b97a000-7fa74b97b000 rw-p 0000b000 fd:01 16787615                   /usr/lib64/libnss_files-2.17.so
7fa74b97b000-7fa74b9a1000 r-xp 00000000 fd:01 61336                      /usr/lib64/pkcs11/p11-kit-trust.so
7fa74b9a1000-7fa74bba1000 ---p 00026000 fd:01 61336                      /usr/lib64/pkcs11/p11-kit-trust.so
7fa74bba1000-7fa74bba6000 r--p 00026000 fd:01 61336                      /usr/lib64/pkcs11/p11-kit-trust.so
7fa74bba6000-7fa74bba7000 rw-p 0002b000 fd:01 61336                      /usr/lib64/pkcs11/p11-kit-trust.so
7fa74bba7000-7fa74bbcd000 r-xp 00000000 fd:01 16968608                   /usr/lib64/libhogweed.so.2.5
7fa74bbcd000-7fa74bdcc000 ---p 00026000 fd:01 16968608                   /usr/lib64/libhogweed.so.2.5
7fa74bdcc000-7fa74bdcd000 r--p 00025000 fd:01 16968608                   /usr/lib64/libhogweed.so.2.5
7fa74bdcd000-7fa74bdce000 rw-p 00026000 fd:01 16968608                   /usr/lib64/libhogweed.so.2.5
7fa74bdce000-7fa74bdfd000 r-xp 00000000 fd:01 16968610                   /usr/lib64/libnettle.so.4.7
7fa74bdfd000-7fa74bffd000 ---p 0002f000 fd:01 16968610                   /usr/lib64/libnettle.so.4.7
7fa74bffd000-7fa74bffe000 r--p 0002f000 fd:01 16968610                   /usr/lib64/libnettle.so.4.7
7fa74bffe000-7fa74bfff000 rw-p 00030000 fd:01 16968610                   /usr/lib64/libnettle.so.4.7
7fa74bfff000-7fa74c011000 r-xp 00000000 fd:01 16820519                   /usr/lib64/libtasn1.so.6.1.1
7fa74c011000-7fa74c211000 ---p 00012000 fd:01 16820519                   /usr/lib64/libtasn1.so.6.1.1
7fa74c211000-7fa74c212000 r--p 00012000 fd:01 16820519                   /usr/lib64/libtasn1.so.6.1.1
7fa74c212000-7fa74c213000 rw-p 00013000 fd:01 16820519                   /usr/lib64/libtasn1.so.6.1.1
7fa74c213000-7fa74c232000 r-xp 00000000 fd:01 16820531                   /usr/lib64/libp11-kit.so.0.0.0
7fa74c232000-7fa74c432000 ---p 0001f000 fd:01 16820531                   /usr/lib64/libp11-kit.so.0.0.0
7fa74c432000-7fa74c434000 r--p 0001f000 fd:01 16820531                   /usr/lib64/libp11-kit.so.0.0.0
7fa74c434000-7fa74c435000 rw-p 00021000 fd:01 16820531                   /usr/lib64/libp11-kit.so.0.0.0
7fa74c435000-7fa74c53a000 r-xp 00000000 fd:01 16968622                   /usr/lib64/libgnutls.so.28.20.4
7fa74c53a000-7fa74c73a000 ---p 00105000 fd:01 16968622                   /usr/lib64/libgnutls.so.28.20.4
7fa74c73a000-7fa74c742000 r--p 00105000 fd:01 16968622                   /usr/lib64/libgnutls.so.28.20.4
7fa74c742000-7fa74c744000 rw-p 0010d000 fd:01 16968622                   /usr/lib64/libgnutls.so.28.20.4
7fa74c744000-7fa74c745000 rw-p 00000000 00:00 0
7fa74c745000-7fa74c753000 r-xp 00000000 fd:01 18507008                   /usr/lib64/httpd/modules/mod_gnutls.so
7fa74c753000-7fa74c953000 ---p 0000e000 fd:01 18507008                   /usr/lib64/httpd/modules/mod_gnutls.so
7fa74c953000-7fa74c954000 r--p 0000e000 fd:01 18507008                   /usr/lib64/httpd/modules/mod_gnutls.so
7fa74c954000-7fa74c955000 rw-p 0000f000 fd:01 18507008                   /usr/lib64/httpd/modules/mod_gnutls.so
7fa74c955000-7fa74c958000 r-xp 00000000 fd:01 16883017                   /usr/lib64/libkeyutils.so.1.5
7fa74c958000-7fa74cb57000 ---p 00003000 fd:01 16883017                   /usr/lib64/libkeyutils.so.1.5Segmentation fault (core dumped) 

Actual results:
crashing httpd after step "3c" reloading apache-config with "systemctl reload httpd.service":
Job for httpd.service failed. See 'systemctl status httpd.service' and 'journalctl -xn' for details.

Expected results:
not crashing! ;)

Additional info:
Comment 1 Jiri Kastner 2014-09-18 09:33:21 UTC 
can you try comment in /etc/httpd/conf.d/mod_gnutls.conf this:
GnuTLSPriorities "@SYSTEM"
Comment 2 Django 2014-09-18 09:58:04 UTC 
(In reply to Jiri Kastner from comment #1)
> can you try comment in /etc/httpd/conf.d/mod_gnutls.conf this:
> GnuTLSPriorities "@SYSTEM"

# cat /etc/httpd/conf.d/mod_gnutls.conf
LoadModule gnutls_module modules/mod_gnutls.so

GnuTLSCache dbm "/var/cache/mod_gnutls"
GnuTLSCacheTimeout 300
GnuTLSPriorities "@SYSTEM"

# apachectl -t
AH00526: Syntax error on line 5 of /etc/httpd/conf.d/mod_gnutls.conf:
GnuTLS: Syntax error parsing priorities string at: "@SYSTEM"

without GnuTLSPriorities "@SYSTEM" httpd crashes
Comment 3 Jiri Kastner 2014-09-19 14:37:46 UTC 
(In reply to Django from comment #2)
> # cat /etc/httpd/conf.d/mod_gnutls.conf
> LoadModule gnutls_module modules/mod_gnutls.so
> 
> GnuTLSCache dbm "/var/cache/mod_gnutls"
> GnuTLSCacheTimeout 300
> GnuTLSPriorities "@SYSTEM"
> 
> # apachectl -t
> AH00526: Syntax error on line 5 of /etc/httpd/conf.d/mod_gnutls.conf:
> GnuTLS: Syntax error parsing priorities string at: "@SYSTEM"
> 
> without GnuTLSPriorities "@SYSTEM" httpd crashes

please remove that line (it is supposed to work only in fedora 21 and rawhide) to have this:
# cat /etc/httpd/conf.d/mod_gnutls.conf
LoadModule gnutls_module modules/mod_gnutls.so

GnuTLSCache dbm "/var/cache/mod_gnutls"
GnuTLSCacheTimeout 300
Comment 4 Django 2014-09-19 15:01:41 UTC 
(In reply to Jiri Kastner from comment #3)
> please remove that line (it is supposed to work only in fedora 21 and
> rawhide) to have this:
> # cat /etc/httpd/conf.d/mod_gnutls.conf
> LoadModule gnutls_module modules/mod_gnutls.so
> 
> GnuTLSCache dbm "/var/cache/mod_gnutls"
> GnuTLSCacheTimeout 300

O.K. I've done. like you told me. But the daemon crashes whil I reload the configuration.

If I prevent loading the php5_module, like here. 

# vim /etc/httpd/conf.modules.d/10-php.conf

#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
<IfModule prefork.c>
  #LoadModule php5_module modules/libphp5.so
</IfModule>

http-daemon won't crash while reloading the daemon. But without PHP makes horde no more fun :/
Comment 5 Nikos Mavrogiannopoulos 2014-10-02 11:35:30 UTC 
Could you provide the output of 'valgrind apache -X'? (when apache isn't running)
Comment 6 Nikos Mavrogiannopoulos 2014-10-02 11:59:51 UTC 
sorry I meant 'valgrind httpd -X' and then from another terminal try to restart it using httpd -k graceful (I believe it simulates your scenario).
Comment 7 Django 2014-10-02 20:04:30 UTC 
(In reply to Nikos Mavrogiannopoulos from comment #6)
> sorry I meant 'valgrind httpd -X' and then from another terminal try to
> restart it using httpd -k graceful (I believe it simulates your scenario).

O.K. I've done, how you told me. After restarting httpd via 'httpd -k graceful' nothing happens on valgrind's terminal. After pressing STRG+C following lines are reported:

[root@vml000097 ~]# valgrind httpd -X
==6020== Memcheck, a memory error detector
==6020== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==6020== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info
==6020== Command: httpd -X
==6020== 
^C==6020== 
==6020== HEAP SUMMARY:
==6020==     in use at exit: 2,464,831 bytes in 4,748 blocks
==6020==   total heap usage: 39,496 allocs, 34,748 frees, 8,389,797 bytes allocated
==6020== 
==6020== LEAK SUMMARY:
==6020==    definitely lost: 6,555 bytes in 49 blocks
==6020==    indirectly lost: 150,694 bytes in 429 blocks
==6020==      possibly lost: 1,643,192 bytes in 1,735 blocks
==6020==    still reachable: 664,390 bytes in 2,535 blocks
==6020==         suppressed: 0 bytes in 0 blocks
==6020== Rerun with --leak-check=full to see details of leaked memory
==6020== 
==6020== For counts of detected and suppressed errors, rerun with: -v
==6020== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 3 from 3)
==6020== could not unlink /tmp/vgdb-pipe-from-vgdb-to-6020-by-root-on-vml000097.dmz.example.org
==6020== could not unlink /tmp/vgdb-pipe-to-vgdb-from-6020-by-root-on-vml000097.dmz.example.org
==6020== could not unlink /tmp/vgdb-pipe-shared-mem-vgdb-6020-by-root-on-vml000097.dmz.example.org
Comment 8 Nikos Mavrogiannopoulos 2014-10-03 07:16:27 UTC 
Created attachment 943631 [details]
valgrind output

Ok the output that you list isn't informative, but the output that you sent me (in attachment shows the issue). The issue is on mod_php which overrides the gmp memory allocation functions. As gnutls uses gmp too, that creates a mess with memory half being allocated with php's memory allocation functions, and some without. When everything is deinitialized (on reload), there is the crash you see.

It is a known bug upstream:
https://bugs.php.net/bug.php?id=63595
Comment 9 Nikos Mavrogiannopoulos 2014-10-03 07:18:37 UTC 
I don't think that mod_php is in epel7, so you'd have to open this bug to rhel7, or to centos7.
Comment 10 Nikos Mavrogiannopoulos 2014-10-03 07:21:17 UTC 
A work-around that could work, would be to load mod_php prior to mod_gnutls.
Comment 11 Jiri Kastner 2014-10-03 12:05:18 UTC 
i use rhel7 and i tried that combination. was that 'clean installation'? i see there dmz.example.com, which are not part of clean install configs.
Comment 12 Django 2014-10-03 12:54:45 UTC 
(In reply to Nikos Mavrogiannopoulos from comment #10)
> A work-around that could work, would be to load mod_php prior to mod_gnutls.

Nope, the same sh*t :/
Comment 13 Django 2014-10-03 13:24:19 UTC 
(In reply to Jiri Kastner from comment #11)
> i use rhel7 and i tried that combination. was that 'clean installation'?

Yes, I tested it on three different CentOS 7 KVM-Hosts. Everytime the same sh*t. :/
 
> see there dmz.example.com, which are not part of clean install configs.

I edited the outputs. :) The real name is the FQDN of the virtual host. 
A few minutes ago I tried to install:
  httpd-2.4.6-18.el7.centos.x86_64 (from CentOS-Base-Repository)
  mod_gnutls-0.5.10-13.el7.x86_64  (from EPEL-Repository)
  php-5.4.16-23.el7_0.1.x86_64     (from CentOS-Base-Repository)
on my ThinkPad T410, but someone has removed mod_gnutls-0.5.10-13.el7.x86_64, so I cant test, if there's the same problem.
Comment 14 Jiri Kastner 2014-10-03 14:35:14 UTC 
new update is on the way as GnuTLSPriorities is only for fedora 21+.
Comment 15 Nikos Mavrogiannopoulos 2014-10-03 17:15:21 UTC 
(In reply to Django from comment #12)
> (In reply to Nikos Mavrogiannopoulos from comment #10)
> > A work-around that could work, would be to load mod_php prior to mod_gnutls.
> Nope, the same sh*t :/

In that case, I don't think there is anything that can be done in mod_gnutls to solve the issue. Please open a bug on mod_php.
Comment 16 Django 2014-10-03 18:07:20 UTC 
(In reply to Nikos Mavrogiannopoulos from comment #9)
> I don't think that mod_php is in epel7, so you'd have to open this bug to
> rhel7, or to centos7.

O.K. I've done, how you told me: https://bugs.centos.org/view.php?id=7669
Comment 17 Django 2014-10-07 07:13:10 UTC 
Feedback from
Comment 18 Django 2014-10-07 07:17:47 UTC 
Feedback from tigalch (developer) 2014-10-06 13:33

I've just retried your steps, and they happen here as well. I'Ve also went through the bugzilla entry from EPEL re. that issue. IMHO the best course of action would be to resubmit your bugreport against RHEL7, and see what comes from that. Once it gets fixed upstream, CentOS will inherit the fix.

My initial reply has been the way it is because 3rd party packages are not supported in this buzgilla (meaning mod_gnutls). Not shure how this will be handled upstream, might be interesting.
Comment 19 Jiri Kastner 2014-10-13 07:36:06 UTC 
can you try http://kojipkgs.fedoraproject.org/packages/mod_gnutls/0.6/1.el7/x86_64/mod_gnutls-0.6-1.el7.x86_64.rpm
Comment 20 Django 2014-10-13 09:24:40 UTC 
short answer: the same holy shit

detailed answer (with configuration: mod_gnutls loaded but not listening an port 443):
[root@vml000097 ~]# systemctl status httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
   Active: active (running) since Mon 2014-10-13 11:07:53 CEST; 43s ago
  Process: 15399 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 15397 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
 Main PID: 15412 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           ├─15412 /usr/sbin/httpd -DFOREGROUND
           ├─15414 /usr/sbin/httpd -DFOREGROUND
           ├─15415 /usr/sbin/httpd -DFOREGROUND
           ├─15416 /usr/sbin/httpd -DFOREGROUND
           ├─15417 /usr/sbin/httpd -DFOREGROUND
           └─15418 /usr/sbin/httpd -DFOREGROUND

Oct 13 11:07:53 vml000097.dmz.example.org systemd[1]: Started The Apache HTTP Server.
[root@vml000097 ~]# systemctl reload httpd.service
[root@vml000097 ~]# systemctl status httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
   Active: failed (Result: signal) since Mon 2014-10-13 11:08:47 CEST; 3s ago
  Process: 15426 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 15424 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
  Process: 15412 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=killed, signal=SEGV)
 Main PID: 15412 (code=killed, signal=SEGV)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"

Oct 13 11:07:53 vml000097.dmz.example.org systemd[1]: Started The Apache HTTP Server.
Oct 13 11:08:47 vml000097.dmz.example.org systemd[1]: Reloading The Apache HTTP Server.
Oct 13 11:08:47 vml000097.dmz.example.org systemd[1]: Reloaded The Apache HTTP Server.
Oct 13 11:08:47 vml000097.dmz.example.org systemd[1]: httpd.service: main process exited, code=killed, status=11/SEGV
Oct 13 11:08:47 vml000097.dmz.example.org systemd[1]: Unit httpd.service entered failed state.
[root@vml000097 ~]# tail -n10 /var/log/httpd/error_log
[Mon Oct 13 11:07:53.795677 2014] [proxy:debug] [pid 15417] proxy_util.c(1785): AH00931: initialized single connection worker in child 15417 for (*)
[Mon Oct 13 11:07:53.796145 2014] [mpm_prefork:notice] [pid 15412] AH00163: Apache/2.4.6 (CentOS) mod_gnutls/0.6 GnuTLS/3.1.18 configured -- resuming normal operations
[Mon Oct 13 11:07:53.796184 2014] [mpm_prefork:info] [pid 15412] AH00164: Server built: Jul 23 2014 14:48:00
[Mon Oct 13 11:07:53.796195 2014] [core:notice] [pid 15412] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Mon Oct 13 11:07:53.796207 2014] [mpm_prefork:debug] [pid 15412] prefork.c(995): AH00165: Accept mutex: sysvsem (default: sysvsem)
[Mon Oct 13 11:07:53.802170 2014] [proxy:debug] [pid 15418] proxy_util.c(1694): AH00925: initializing worker proxy:reverse shared
[Mon Oct 13 11:07:53.802216 2014] [proxy:debug] [pid 15418] proxy_util.c(1734): AH00927: initializing worker proxy:reverse local
[Mon Oct 13 11:07:53.802281 2014] [proxy:debug] [pid 15418] proxy_util.c(1785): AH00931: initialized single connection worker in child 15418 for (*)
[Mon Oct 13 11:08:47.784162 2014] [mpm_prefork:notice] [pid 15412] AH00171: Graceful restart requested, doing restart
[Mon Oct 13 11:08:47.793707 2014] [core:notice] [pid 15412] AH00060: seg fault or similar nasty error detected in the parent process
Comment 21 Nikos Mavrogiannopoulos 2017-08-14 08:53:41 UTC 

*** This bug has been marked as a duplicate of bug 1149991 ***