Bug 1708248

Summary: Segfaults in Apache after updating packages (using mod_cluster and mod_ssl)
Product: [Fedora] Fedora Reporter: Michal Karm Babacek <mbabacek>
Component: mod_clusterAssignee: Michal Karm Babacek <mbabacek>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 30CC: anon.amish, bperkins, csutherl, jkaluza, jorton, lef, luhliari, mbabacek, mgoldman, pahan, patdung100+redhat, puntogil
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: mod_cluster-1.3.11-1.fc30 mod_cluster-1.3.11-1.fc28 mod_cluster-1.3.11-1.fc29 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1705574 Environment:
Last Closed: 2019-05-10 00:47:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1705574    
Bug Blocks:    

Description Michal Karm Babacek 2019-05-09 13:04:32 UTC 
+++ This bug was initially created as a clone of Bug #1705574 +++

Description of problem:
After updating RPM in Fedora 29, the apache instance with mod_ssl and mod_cluster would segfault but no core dump is produced.

Version-Release number of selected component (if applicable):
Fedora 29
httpd-2.4.39-2.fc29.x86_64
httpd-debuginfo-2.4.39-2.fc29.x86_64
httpd-devel-2.4.39-2.fc29.x86_64
httpd-filesystem-2.4.39-2.fc29.noarch
httpd-tools-2.4.39-2.fc29.x86_64
mod_ssl-debuginfo-2.4.39-2.fc29.x86_64
mod_ssl-2.4.39-2.fc29.x86_64
openssl-1.1.1b-5.fc29.x86_64
openssl-devel-1.1.1b-5.fc29.x86_64
openssl-libs-1.1.1b-5.fc29.i686
openssl-libs-1.1.1b-5.fc29.x86_64
openssl-perl-1.1.1b-5.fc29.x86_64
openssl-pkcs11-0.4.10-1.fc29.i686
openssl-pkcs11-0.4.10-1.fc29.x86_64
Originally I use mod_cluster-1.3.3 from FC27. Still have problem after I compile mod_cluster-1.3.10 from Git Hub.

How reproducible:
Always

Steps to Reproduce:
Upgrade RPM and start apache.

Actual results:
It segfaults.

Expected results:
It should not segfault.

Additional info:

Kernel log:
segfault at 298 ip 00007f2d5afb2957 sp 00007f2d587c1a48 error 4 in mod_ssl.so[7f2d5af94000+22000]

Apache log:
[Thu May 02 21:32:47.706671 2019] [core:notice] [pid 14040] AH00052: child pid 14401 exit signal Segmentation fault (11)

Thread 2.5 "httpd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f96995f9700 (LWP 14665)]
0x00007f969cd91957 in modssl_request_is_tls (r=0x7f9688000bc0, scout=scout@entry=0x0) at ssl_util.c:105
105     ssl_util.c: No such file or directory.

(gdb) bt
#0  0x00007f969cd91957 in modssl_request_is_tls (r=0x7f9688000bc0, scout=scout@entry=0x0) at ssl_util.c:105
#1  0x00007f969cd774ef in ssl_hook_default_port (r=<optimized out>) at mod_ssl.c:633
#2  0x00005630ce0ec458 in ap_run_default_port (r=0x7f9688000bc0) at protocol.c:2441
#3  0x00005630ce0f33bb in ap_get_server_port (r=r@entry=0x7f9688000bc0) at core.c:1186
#4  0x00007f969ce79f91 in ap_proxy_determine_connection (p=0x7f9688000b48, r=0x7f9688000bc0, conf=0x5630ce58fb08, worker=<optimized out>,
    conn=0x5630ce679810, uri=0x7f96880012a0, url=0x7f96995f8b58, proxyname=0x0, proxyport=0, server_portstr=0x7f96995f8b60 "",
    server_portstr_size=32) at proxy_util.c:2533
#5  0x00007f969c7bc312 in ?? () from /etc/httpd/modules/mod_proxy_cluster.so
#6  0x00007f969c7bd21d in ?? () from /etc/httpd/modules/mod_proxy_cluster.so
#7  0x00007f969d75058e in start_thread () from /lib64/libpthread.so.0
#8  0x00007f969d679683 in clone () from /lib64/libc.so.6

(gdb) backtrace full
#0  0x00007f969cd91957 in modssl_request_is_tls (r=0x7f9688000bc0, scout=scout@entry=0x0) at ssl_util.c:105
        sslconn = <optimized out>
        sc = <optimized out>
#1  0x00007f969cd774ef in ssl_hook_default_port (r=<optimized out>) at mod_ssl.c:633
No locals.
#2  0x00005630ce0ec458 in ap_run_default_port (r=0x7f9688000bc0) at protocol.c:2441
        pHook = <optimized out>
        n = 0
        rv = 0
#3  0x00005630ce0f33bb in ap_get_server_port (r=r@entry=0x7f9688000bc0) at core.c:1186
        port = 0
        d = <optimized out>
#4  0x00007f969ce79f91 in ap_proxy_determine_connection (p=0x7f9688000b48, r=0x7f9688000bc0, conf=0x5630ce58fb08, worker=<optimized out>,
    conn=0x5630ce679810, uri=0x7f96880012a0, url=0x7f96995f8b58, proxyname=0x0, proxyport=0, server_portstr=0x7f96995f8b60 "",
    server_portstr_size=32) at proxy_util.c:2533
        server_port = <optimized out>
        err = <optimized out>
        uerr = <optimized out>
        uds_path = <optimized out>
#5  0x00007f969c7bc312 in ?? () from /etc/httpd/modules/mod_proxy_cluster.so
No symbol table info available.
#6  0x00007f969c7bd21d in ?? () from /etc/httpd/modules/mod_proxy_cluster.so
No symbol table info available.
#7  0x00007f969d75058e in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#8  0x00007f969d679683 in clone () from /lib64/libc.so.6
No symbol table info available.

--- Additional comment from Patrick Dung on 2019-05-02 14:04:02 UTC ---

I tried to disable loading of mod_ssl and the Apache instance does not have segfaults.
So changing the component from mod_cluster to httpd (mod_ssl).

--- Additional comment from Joe Orton on 2019-05-02 14:21:18 UTC ---

If the backtrace is correct this is dumping core on the line:

    SSLConnRec *sslconn = myConnConfig(r->connection);


this is almost certainly caused by mod_cluster's "fake" conn_rec/request_rec not being set up properly.

--- Additional comment from Patrick Dung on 2019-05-02 14:53:04 UTC ---

Please kindly note my configuration files were used since 2018 and did not change. Only packages update ub today and the problem occurs.
Comment 1 Fedora Update System 2019-05-09 14:17:12 UTC 
mod_cluster-1.3.11-1.fc30 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-7813edd5a2
Comment 2 Fedora Update System 2019-05-09 14:17:54 UTC 
mod_cluster-1.3.11-1.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-17556e2ad6
Comment 3 Fedora Update System 2019-05-09 14:18:22 UTC 
mod_cluster-1.3.11-1.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2019-3877efca99
Comment 4 Fedora Update System 2019-05-10 00:47:38 UTC 
mod_cluster-1.3.11-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.
Comment 5 Fedora Update System 2019-05-10 01:35:16 UTC 
mod_cluster-1.3.11-1.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.
Comment 6 Fedora Update System 2019-05-10 02:22:06 UTC 
mod_cluster-1.3.11-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.