Bug 97207 - segfault at startup in OpenSSL
Summary: segfault at startup in OpenSSL
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux Beta
Classification: Retired
Component: httpd
Version: beta1
Hardware: athlon
OS: Linux
medium
high
Target Milestone: ---
Assignee: Joe Orton
QA Contact: David Lawrence
URL:
Whiteboard:
: 97826 100531 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-06-11 16:03 UTC by Zach Gelnett
Modified: 2007-04-18 16:54 UTC (History)
3 users (show)

Fixed In Version: 2.0.47-3
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2003-07-24 15:10:00 UTC
Embargoed:


Attachments (Terms of Use)
gzip'ed trace of httpd (15.46 KB, text/plain)
2003-06-11 21:32 UTC, Zach Gelnett
no flags Details

Description Zach Gelnett 2003-06-11 16:03:17 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4b)
Gecko/20030516 Mozilla Firebird/0.6

Description of problem:
Running:

kernel-2.4.20-20.1.2013.nptl
gcc-3.3-5
gcc32-3.2.3-6
httpd-2.0.45-10
rpm-4.2.1-0.11

When I install the kernel version 2.4.20-20.1.2013.nptl httpd crashes upon
reboot.  issuing the command: service httpd start returns an "Ok" but immediatly
afterward service httpd status shows: "httpd dead but subsys locked"  

If i install kernel version 2.4.20-18.9 httpd works no problem.  Also the
current rawhide version of gcc is 3.3-5 yet the current kernel
2.4.20-30.1.2013.nptl is compiled with 3.2.3.

If i try to rebuild httpd for the kernel using rpmbuild --rebuild
httpd-2.0.45-10.src.rpm i get:
libtool: compile: unable to infer tagged configuration
libtool: compile: specify a tag with `--tag'
make[3]: *** [maketables.lo] Error 1
make[3]: Leaving directory `/usr/src/redhat/BUILD/httpd-2.0.45/prefork/srclib/pcre'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/src/redhat/BUILD/httpd-2.0.45/prefork/srclib/pcre'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/redhat/BUILD/httpd-2.0.45/prefork/srclib'
make: *** [all-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.14470 (%build)
 
 
RPM build errors:
    Bad exit status from /var/tmp/rpm-tmp.14470 (%build)

The /var/log/messages file contains only:

Jun 11 10:53:23 BigBox httpd: httpd startup succeeded

and no error from the httpd crash.  /var/log/httpd/error_log contains:

[Wed Jun 11 10:53:25 2003] [notice] Digest: generating secret for digest
authentication ...
[Wed Jun 11 10:53:29 2003] [notice] Digest: done
[Wed Jun 11 10:53:29 2003] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Wed Jun 11 10:53:29 2003] [notice] LDAP: SSL support unavailable

/var/log/httpd/ssl_error_log contains:

[Wed Jun 11 10:53:25 2003] [warn] RSA server certificate is a CA certificate
(BasicConstraints: CA == TRUE !?)





Version-Release number of selected component (if applicable):
kernel-2.4.20-20.1.2013.nptl

How reproducible:
Always

Steps to Reproduce:
1.install httpd
2.install ntpl kernel
3.httpd crashes
    

Additional info:

Comment 1 Joe Orton 2003-06-11 16:10:28 UTC
The libtool tag thing is a libtool-1.5 bug, downgrade to libtool-1.4.2.  I've
not seen httpd crashes though I've not tried recent Raw Hide kernels.

Comment 2 Zach Gelnett 2003-06-11 16:22:03 UTC
I can do that, but I'm able to recompile other things.  I honestly donât need 
to recompile the httpd package it's just that i was trying that to see if it 
would fix the httpd crashing issues.  I really just need to be able to run 
httpd.  I've tried earlier versions of httpd back to version 2.0.40 and they 
all crash immediatly after starting the service.

Comment 3 Zach Gelnett 2003-06-11 17:08:03 UTC
Another thing.  I removed the /var/lock/subsys/httpd file, started the service
and it came up with multiple pids running and seemed to be running fine.  I then
did a service httpd restart and it came up with 1 pid and then died with the
same error message from the status call (httpd dead but subsys locked).  I tried
to remove the httpd lock file and start it up again, but again i came up with
only 1 pid for an instant and the crashed.  When it's "up" with the 1 pid when
I, or someone else, attempts to access the server it appears to cause the crash.

Comment 4 Zach Gelnett 2003-06-11 20:45:02 UTC
I've downgraded libtool ot 1.4.3 and was able to compile the httpd 2.0.45-10 
src rpm successfully, but httpd still continues to crash.  It crashes very 
quickly, sometimes i'm not even able to type service httpd status to see the 
lone pid that is running before it crashes.

Comment 5 Joe Orton 2003-06-11 20:52:54 UTC
But still nothing crashes using the 2.4.20-18.9 kernel? What versions of

 $ rpm -q apr apr-util glibc

might be useful too.

Comment 6 Zach Gelnett 2003-06-11 21:03:14 UTC
correct if i go back to the 2.4.20-18.9 kernel httpd is stable.  Multiple pids 
running and looks normal.

Here's the version info:

rpm -q apr apr-util glibc
apr-0.9.3-5
apr-util-0.9.3-6
glibc-2.3.2-48

They match the current rawhide version...

Comment 7 Joe Orton 2003-06-11 21:19:44 UTC
It would be useful if you can do, with the problematic kernel:

  # strace -o /tmp/httpd.trace -f /usr/sbin/httpd

and upload the httpd.trace somewhere if it's big, otherwise attach it here.

Comment 8 Zach Gelnett 2003-06-11 21:32:42 UTC
Created attachment 92347 [details]
gzip'ed trace of httpd

Comment 9 Joe Orton 2003-06-11 21:40:50 UTC
It's a segfault probably in PHP or a PHP extension.  So the next tests are:

$ rpm -qa | grep php
$ php -v



Comment 10 Zach Gelnett 2003-06-11 21:55:21 UTC
rpm -qa | grep php
asp2php-0.76.2-6
php-odbc-4.3.2-3
php-ldap-4.3.2-3
php-imap-4.3.2-3
php-manual-4.3.2-3
php-devel-4.3.2-3
asp2php-gtk-0.76.2-6
php-snmp-4.3.2-3
php-4.3.2-3

php -v
PHP 4.3.2 (cgi), Copyright (c) 1997-2003 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2003 Zend Technologies


again these match the rawhide versions.

Comment 11 Joe Orton 2003-06-11 21:59:56 UTC
If you 

  mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php.disabled

and then restart the server, does it still fail?  Can you narrow down which
module (i.e. file in conf.d) causes the failure?

Comment 12 Zach Gelnett 2003-06-11 22:07:02 UTC
had to remove php and wordtrans (as it used the php module) and now it works.  
I brought back php without wordtrans and it crashed again.  Is there a way to 
make php work?  Like why would php cause httpd to crash with this kernel but 
not the 2.4.20-18.9 version?  is there a setting you'd recomend changing in 
the /etc/php.ini file?

Comment 13 Joe Orton 2003-06-11 22:18:21 UTC
Changes to the kernel can trigger bugs elsewhere.  I'll presume this is bug in a
PHP extension for the moment.  Does:

# echo '<?php phpinfo(); ?>' | php -Cq >/dev/null

also reproduce the segfault? 



Comment 14 Zach Gelnett 2003-06-11 22:21:48 UTC
No sir, no output from that at all.  If i dont redirect the output it looks to 
be a valid html source for the phpinfo page.

Comment 15 Zach Gelnett 2003-06-13 17:11:45 UTC
Ok, i need PHP in order to keep squirrelmail working so I've been playing with
it and found that moving the snmp.ini file from the /etc/php.d directory then i
can enable php (mv php.disabled php.conf) and httpd works.

Comment 16 Joe Orton 2003-07-24 09:58:17 UTC
The backtrace looks like this on a clean Severn install:

#0  0x006a15f0 in ?? ()
#1  0x00b4ad71 in RAND_SSLeay () from /lib/libcrypto.so.4
#2  0x00b4b9a2 in RAND_bytes () from /lib/libcrypto.so.4
#3  0x071301e7 in sc_random () from /usr/lib/libnetsnmp.so.5
#4  0x07146d00 in init_usm_post_config () from /usr/lib/libnetsnmp.so.5
#5  0x071315d7 in snmp_call_callbacks () from /usr/lib/libnetsnmp.so.5
#6  0x07128917 in read_premib_configs () from /usr/lib/libnetsnmp.so.5
#7  0x07108044 in init_snmp () from /usr/lib/libnetsnmp.so.5
#8  0x00538892 in zm_startup_snmp () from /usr/lib/php4/snmp.so
#9  0x013fab45 in php_dl () from /etc/httpd/modules/libphp4.so
#10 0x01456f4e in display_ini_entries () from /etc/httpd/modules/libphp4.so
#11 0x014799e8 in zend_llist_apply () from /etc/httpd/modules/libphp4.so
#12 0x01457857 in php_ini_delayed_modules_startup () from
/etc/httpd/modules/libphp4.so
#13 0x01452ee5 in php_module_startup () from /etc/httpd/modules/libphp4.so
#14 0x014930a1 in execute () from /etc/httpd/modules/libphp4.so
#15 0x014938db in execute () from /etc/httpd/modules/libphp4.so
#16 0x08067e3a in ap_run_post_config ()
#17 0x0806d4b8 in main ()
#18 0x00355678 in __libc_start_main () from /lib/tls/libc.so.6

Comment 17 Joe Orton 2003-07-24 09:58:43 UTC
*** Bug 100531 has been marked as a duplicate of this bug. ***

Comment 18 Joe Orton 2003-07-24 12:29:59 UTC
Turns out this is a mod_ssl bug; fix being built.

Comment 19 Joe Orton 2003-07-24 15:10:00 UTC
mod_ssl-2.0.47-3 has the fix for this issue.

Comment 20 Joe Orton 2003-09-08 09:40:47 UTC
*** Bug 97826 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.