Bug 2119280 - Core dumped upon file upload >= 1GB
Summary: Core dumped upon file upload >= 1GB
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: mod_wsgi
Version: 35
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Matthias Runge
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-08-18 07:38 UTC by Pavel Raiskup
Modified: 2022-09-12 17:39 UTC (History)
10 users (show)

Fixed In Version: mod_wsgi-4.9.0-3.fc36 mod_wsgi-4.9.0-2.fc35 mod_wsgi-4.9.1-4.fc37
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-09-04 22:45:51 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Pavel Raiskup 2022-08-18 07:38:37 UTC 
After some of the recent CVE updates (automatic, dnf-automatic for
security fixes), Apache started returning error 413 with the default
configuration.  We realized there's a default LimitRequestBody set to 1GB.

We tried to re-configure apache after that update back to
"LimitRequestBody 0", the error 413 no longer appears - but instead we
face some core dumps now in apache processes.  As a reaction to that, the
wsgi scripts (python3-mod_wsgi) receive SIGPIPE, etc..  and the client
simply keeps uploading the files, and once uploaded it receives error 500.

Current log output:
[Tue Aug 16 09:52:02.897511 2022] [wsgi:error] [pid 3280240:tid 3280628] [client 185.5.70.80:33012] mod_wsgi (pid=3280240): Request data write error when proxying data to daemon process: Broken pipe.
[Tue Aug 16 09:52:03.360715 2022] [core:notice] [pid 3274151:tid 3274151] AH00051: child pid 3280239 exit signal Segmentation fault (11), possible coredump in /etc/httpd

The corresponding configuration is:

    WSGIDaemonProcess upload user=copr-fe group=copr-fe processes=2 threads=10 display-name=upload maximum-requests=100 graceful-timeout=1800
    <VirtualHost ...
    <LocationMatch "^/api.*upload.*">
        WSGIProcessGroup upload
        LimitRequestBody 0
    </LocationMatch>


Components:

  $ rpm -q httpd python3-mod_wsgi
  httpd-2.4.54-1.fc35.x86_64
  python3-mod_wsgi-4.9.0-1.fc35.x86_64


My bet is on:
[root@copr-fe-dev ~][STG]# dnf history info 196
Transaction ID : 196
Begin time     : Wed 06 Jul 2022 06:53:36 AM UTC
Begin rpmdb    : f905e6022c35e8869b8a790c91fd7a2924beef16
End time       : Wed 06 Jul 2022 06:53:38 AM UTC (2 seconds)
End rpmdb      : 223d022e037fd93d1d117e595c5b1d9d6f94afea
User           : System <unset>
Return-Code    : Success
Releasever     : 35
Command Line   : 
Comment        : 
Packages Altered:
    Upgrade  httpd-2.4.54-1.fc35.x86_64            @updates
    Upgraded httpd-2.4.53-1.fc35.x86_64            @@System
    Upgrade  httpd-filesystem-2.4.54-1.fc35.noarch @updates
    Upgraded httpd-filesystem-2.4.53-1.fc35.noarch @@System
    Upgrade  httpd-tools-2.4.54-1.fc35.x86_64      @updates
    Upgraded httpd-tools-2.4.53-1.fc35.x86_64      @@System
    Upgrade  mod_lua-2.4.54-1.fc35.x86_64          @updates
    Upgraded mod_lua-2.4.53-1.fc35.x86_64          @@System
    Upgrade  mod_ssl-1:2.4.54-1.fc35.x86_64        @updates
    Upgraded mod_ssl-1:2.4.53-1.fc35.x86_64        @@System
Scriptlet output:
   1 /usr/lib/tmpfiles.d/setup.conf:2: Duplicate line for path "/run/motd.d", ignoring.


Related reports from Copr:
https://pagure.io/copr/copr/issue/2249
https://pagure.io/copr/copr/issue/2268
https://pagure.io/copr/copr/issue/2275
Comment 1 Luboš Uhliarik 2022-08-19 09:14:43 UTC 
Already pushed to RAWHIDE: https://src.fedoraproject.org/rpms/mod_wsgi/c/78b3c8cccea90a4871725f6b750e86bd34d00f4e?branch=rawhide

I will update it in other fedora versions soon.
Comment 2 Fedora Update System 2022-08-25 21:35:21 UTC 
FEDORA-2022-fc56bb7e88 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-fc56bb7e88
Comment 3 Fedora Update System 2022-08-25 21:35:22 UTC 
FEDORA-2022-6083fc7faa has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2022-6083fc7faa
Comment 4 Fedora Update System 2022-08-25 21:35:23 UTC 
FEDORA-2022-7c7233ccfa has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-7c7233ccfa
Comment 5 Fedora Update System 2022-08-26 10:33:20 UTC 
FEDORA-2022-6083fc7faa has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-6083fc7faa`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-6083fc7faa

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 6 Fedora Update System 2022-08-26 11:56:54 UTC 
FEDORA-2022-fc56bb7e88 has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-fc56bb7e88`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-fc56bb7e88

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 7 Fedora Update System 2022-08-26 12:45:02 UTC 
FEDORA-2022-7c7233ccfa has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-7c7233ccfa`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-7c7233ccfa

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 8 Fedora Update System 2022-09-04 22:45:51 UTC 
FEDORA-2022-fc56bb7e88 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 9 Fedora Update System 2022-09-04 22:56:33 UTC 
FEDORA-2022-7c7233ccfa has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 10 Fedora Update System 2022-09-12 17:39:54 UTC 
FEDORA-2022-6083fc7faa has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.