Bug 157832 - httpd segfault on logrotate
httpd segfault on logrotate
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: httpd (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
:
Depends On:
Blocks: 156320
  Show dependency treegraph
 
Reported: 2005-05-16 08:20 EDT by Neil Horman
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: RHBA-2005-621
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-09-28 13:05:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
customer provided core file from httpd crash (14.61 MB, application/octet-stream)
2005-05-16 08:20 EDT, Neil Horman
no flags Details
patch to avoid dereferencing of NULL pointer (1.19 KB, patch)
2005-05-16 08:26 EDT, Neil Horman
no flags Details | Diff

  None (edit)
Description Neil Horman 2005-05-16 08:20:52 EDT
Description of problem:
httpd appears to have race problems in its cleanup handlers, in that it appears
those cleanup handlers can be run from multiple threads in the httpd process.

Version-Release number of selected component (if applicable):
httpd-2.0.46

How reproducible:
not sure

Steps to Reproduce:
N/A/
  
Actual results:
when receiving SIGHUP, httpd segfaults

Expected results:
server should restart

Additional info:
Comment 1 Neil Horman 2005-05-16 08:21:04 EDT
Created attachment 114418 [details]
customer provided core file from httpd crash
Comment 2 Neil Horman 2005-05-16 08:26:34 EDT
Created attachment 114419 [details]
patch to avoid dereferencing of NULL pointer

This isn't the most graceful solution, given the problem description, but it
seems reasonable, since it seems that re-writing httpd to be thread safe in its
cleanup handlers could be fairly invasive.  It basically just checks for NULL
on calls to apr_file_close.  My other thought would be to add fields to
registered cleanup handlers to mark them as being "run" so as to prevent double
execution, but this seemed more appropriate to me.
Comment 3 Joe Orton 2005-05-16 08:30:05 EDT
Thanks for the report, but there is too much analysis here and not enough
information.

What version of the httpd package is being used?  Do you have a precise repro
case for this issue?  What configuration is being used, which triggers this? 
Why are you talking about "threads"?  (/usr/sbin/httpd does not use threads)
Comment 20 Red Hat Bugzilla 2005-09-28 13:05:05 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-621.html

Note You need to log in before you can comment on or make changes to this bug.