httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 56081] New: Apache 2.2.26 SIGSEGVs when POST'ing data
Date Tue, 28 Jan 2014 22:22:29 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=56081

            Bug ID: 56081
           Summary: Apache 2.2.26 SIGSEGVs when POST'ing data
           Product: Apache httpd-2
           Version: 2.2.26
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: All
          Assignee: bugs@httpd.apache.org
          Reporter: gary@cpanel.net

1.) Starting apache, for the first x minutes POST data works
2.) After say, 5+ minutes, POST data stops working (using CURL to test out the
posts and the likes)

Inital bt:

#0  0x00007f524f8cc86f in ?? ()
#1  0x0000000000440cdf in ap_is_recursion_limit_exceeded ()
#2  0x00000000004b8ade in ap_byterange_filter ()
#3  0x000000000045bbbf in get_ptoken ()
#4  0x000000000045c070 in parse_expr ()
#5  0x00000000004e49c9 in ?? ()
#6  0x00007f524fb3c710 in ?? ()
#7  0x0000000000000000 in ?? ()

Detailed bt:

#0  0x00007f125e3f3451 in ?? ()
No symbol table info available.
#1  0x0000000000440ad8 in server_hostname_port (cmd=0x2525638,
dummy=0x11e1a300, arg=0x250c7e0 "x\305P\002") at core.c:2360
        err = 0x0
        portstr = 0x250d028 "\360\305P\002"
        part = 0x2526cb8 "8VR\002"
        scheme = 0x250c5f0 "x\305P\002"
        port = 0
#2  0x00000000004b496a in extract_dn (t=0x0, nids=0x25256b0, pfx=0x2525638
"x\305P\002", xn=0x11e1a300, p=0x250c7e0) at ssl_engine_vars.c:701
        ents = 0x2526cb8
        xsne = 0x250c5f0
        count = 0x0
        i = 32767
        nid = 0
#3  0x000000000045b9b7 in get_basic_auth (r=0x45b9b7, user=0x7fff256c9f80,
pw=0x0) at mod_auth_basic.c:159
        auth_line = 0x24bde18 "\vHK"
        decoded_line = 0x250c7e0 "x\305P\002"
        length = -1
#4  0x000000000045be68 in cache_url_handler (r=0x45b9b7, lookup=32767) at
mod_cache.c:73
        rv = 0
        auth = 0x250c7e0 "x\305P\002"
        providers = 0x24bde18
        cache = 0xffffffff00000000
        conf = 0x7fff256c9fb0
        out = 0x45be68
        next = 0x250c5f0
        cache_out_handle = 0x250c7e0
#5  0x00000000004e0855 in subst_prefix_path (r=0xffffffff00000000,
input=0x250c578 "h\245P\002", match=0x250a470 "\002", subst=0x250a7b0
"h\245P\002") at mod_rewrite.c:930
        len = 7831192
#6  0x00000000004e0a3a in set_cache_value (name=0x4e0a3a
"\211\307\350\317\303\364\377H\213\005\340n%", t=140733821264032,
key=0x7fff256ca1f4 "\002", 
    val=0xc3562 <Address 0xc3562 out of bounds>) at mod_rewrite.c:982
        map = 0x781908
#7  0x00000000004e0cdf in get_cache_value (name=0x7f12600efb80 "\v",
t=4294967295, key=0x2256ca1f8 <Address 0x2256ca1f8 out of bounds>,
p=0x7fff256ca1f4)
    at mod_rewrite.c:1062
        map = 0x700000004
        val = 0x8 <Address 0x8 out of bounds>
#8  0x00000000004e123c in run_rewritemap_programs (s=0x0, p=0x0) at
mod_rewrite.c:1240
        fpin = 0x7f125ed7edbb
        fpout = 0x0
        map = 0x787300
        val = 0x773080
        conf = 0x78d358
        hi = 0x787328
---Type <return> to continue, or q <return> to quit--- 
        rc = 37338344
        lock_warning_issued = 0
#9  0x000000000042fff9 in main (argc=4, argv=0x7fff256ca408) at main.c:527
        new = 0x77b2a0
        c = 68 'D'
        configtestonly = 0
        ap_dump_loaded_directives = 0
        confname = 0x4e3c9b
"\001E\220H\213E\260H\203\300\001H\211E\230\351@\002"
        def_server_root = 0x4e3cab "@\002"
        temp_error_log = 0x0
        error = 0x0
        process = 0x777288
        server_conf = 0x781908
        pglobal = 0x777198
        pconf = 0x7791a8
        plog = 0x78d358
        ptemp = 0x787328
        pcommands = 0x77b1b8
        opt = 0x77b2a8
        rv = 0
        mod = 0x71e5d0
        optarg = 0x7fff256caf59 "SSL"
        signal_server = 0x45e589 <add_cache_enable+71>

ctrl-x 2 gives

Cannot access memory at address 0x7f125e3f3451
(gdb) 

null pointer?

# egrep 7f125e3 maps
7f125e16f000-7f125e36f000 ---p 00041000 08:05 40963                     
/lib64/libgssapi_krb5.so.2.2
7f125e36f000-7f125e370000 r--p 00041000 08:05 40963                     
/lib64/libgssapi_krb5.so.2.2
7f125e370000-7f125e372000 rw-p 00042000 08:05 40963                     
/lib64/libgssapi_krb5.so.2.2
7f125e372000-7f125e4fd000 r-xp 00000000 08:05 41104                     
/lib64/libc-2.12.so

 (gdb) up
#1  0x0000000000440ad8 in server_hostname_port (cmd=0x2525638,
dummy=0x11e1a300, arg=0x250c7e0 "x\305P\002") at core.c:2360
2360          ap_str_tolower(scheme);
(gdb) l
2355
2356        part = ap_strstr_c(arg, "://");
2357
2358        if (part) {
2359          scheme = apr_pstrmemdup(cmd->pool, arg, part - arg);
2360          ap_str_tolower(scheme);
2361          cmd->server->server_scheme = scheme;
2362          part += 3;
2363        } else {
2364          part = arg;
(gdb)

(gdb) down
#1  0x0000000000440ad8 in server_hostname_port (cmd=0x252abf8,
dummy=0x11e1a300, arg=0x2510da0 "8\vQ\002") at core.c:2360
2360          ap_str_tolower(scheme);
(gdb) list
2355
2356        part = ap_strstr_c(arg, "://");
2357
2358        if (part) {
2359          scheme = apr_pstrmemdup(cmd->pool, arg, part - arg);
2360          ap_str_tolower(scheme);
2361          cmd->server->server_scheme = scheme;
2362          part += 3;
2363        } else {
2364          part = arg;
(gdb) print cmd->pool
$2 = (apr_pool_t *) 0x0
(gdb) print cmd
$3 = (cmd_parms *) 0x252abf8
(gdb) ptype cmd
type = struct cmd_parms_struct {
    void *info;
    int override;
    apr_int64_t limited;
    apr_array_header_t *limited_xmethods;
    ap_method_list_t *xlimited;
    ap_configfile_t *config_file;
    ap_directive_t *directive;
    apr_pool_t *pool;
    apr_pool_t *temp_pool;
    server_rec *server;
    char *path;
    const command_rec *cmd;
    struct ap_conf_vector_t *context;
    const ap_directive_t *err_directive;
    int override_opts;
} *
(gdb) print *cmd
$4 = {info = 0x2510b38, override = 0, limited = 0, limited_xmethods =
0x2510b40, xlimited = 0x252c1b8, config_file = 0x252c298, directive =
0x250ea30, pool = 0x0, temp_pool = 0x0, server = 0x0, 
  path = 0x4e52a8 "\225", cmd = 0x252abd0, context = 0x252abd0, err_directive =
0x252ac70, override_opts = 0}

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message