Bug 701972

Summary: httpd worker segmentation fault
Product: Red Hat Enterprise Linux 5 Reporter: Hervé COMMOWICK <hcommowick>
Component: httpdAssignee: Joe Orton <jorton>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.3CC: prc
Target Milestone: rcFlags: jorton: needinfo?
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-06 11:40:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
gdb backtrace 1
none
gdb backtrace 2 none

Description Hervé COMMOWICK 2011-05-04 12:47:02 UTC 
Created attachment 496779 [details]
gdb backtrace 1

Description of problem:
I encounter random segfault and 100%CPU on mod_proxy/mod_security/worker configuration, one per hour approximatively.

I can get 2 different backtrace, maybe there is two seperate bugs.

Thx for your help.

Hervé.
Comment 1 Hervé COMMOWICK 2011-05-04 12:47:51 UTC 
Created attachment 496780 [details]
gdb backtrace 2
Comment 2 Hervé COMMOWICK 2011-05-04 12:50:41 UTC 
Red Hat Enterprise Linux Server release 5.3 (Tikanga)
Linux SI-RP2 2.6.18-128.1.1.el5 #1 SMP Mon Jan 26 13:59:00 EST 2009 i686 i686 i386 GNU/Linux

httpd-2.2.3-45.el5
apr-util-1.2.7-11.el5_5.2
apr-1.2.7-11.el5_5.3
mod_security-2.5.12-1.el5
Comment 3 Joe Orton 2011-05-04 13:00:06 UTC 
Thanks for the report.   The first segfault is triggered within mod_security, and it is quite likely to be related to mod_security.  mod_security is not distributed with RHEL.

#1  0x008854b0 in ap_pass_brigade (next=0x1, bb=0xa6b7eb50)
#2  0x0088c165 in ap_byterange_filter (f=0xa24e340, bb=0xa6b7eb50)
#3  0x008854b0 in ap_pass_brigade (next=0x1, bb=0xa6b7eb50)
#4  0x00ad0554 in pdfp_output_filter (f=0xa24f220, bb_in=0xa6b7eb50) at pdf_protect.c:360
#5  0x008854b0 in ap_pass_brigade (next=0x1, bb=0xa6b7eb50)
#6  0x00af2aae in send_of_brigade (msr=0xa24e9e8, f=0x0) at apache2_io.c:408

The second segfault is in the proxy code.  The packages here:

http://people.redhat.com/jorton/Tikanga-httpd/

have some possibly-related fixes to the proxy; could you try those?
Comment 4 Hervé COMMOWICK 2011-05-04 13:58:31 UTC 
I just installed your package, we just have to wait for a few hour :)

for mod_security, it is the EPEL package, is there a separate bugtracker for it ?

Thx for your help.
Comment 5 Joe Orton 2011-05-04 14:02:59 UTC 
(In reply to comment #4)
> for mod_security, it is the EPEL package, is there a separate bugtracker for it
> ?

Use the "Fedora EPEL" product here, yes.
Comment 6 Hervé COMMOWICK 2011-05-06 07:46:34 UTC 
I encounter no segfault since i have updated, it seems to correct my issue.

Thanks !
Comment 7 Joe Orton 2011-05-06 11:40:48 UTC 
Thanks for testing it out.  I am going to dupe this against the proxy bug on the presumption you are seeing the same issue.

*** This bug has been marked as a duplicate of bug 552303 ***