From "David Eisner" <>
Subject [mp 2.0.4-dev] mod_perl segfaults httpd with simple CGI redirect
Date Wed, 21 Nov 2007 14:54:02 GMT
-------------8<---------- Start Bug Report ------------8<----------
1. Problem Description:

[System: Solaris 9, apache-2.0.61, Perl 5.8.8, mod_perl 2.0.3, and
also mod_perl 2.0.4-dev (from svn checkout yesterday).

httpd segfaults when I access this CGI, on the second or subsequent
access (but not the first) after restarting the server:

    use CGI qw/:standard/;
    use strict;

    my $q = CGI->new();

    sub handle_response() {
        $q->redirect( "" );

I'm accessing this at http://<server>/mp/crash_me

Note that if I get rid of handle_response() and just put the
$q->redirect() call directly where the call to handle_response()
call is, there is no segfault problem.

>From error_log:

    [Wed Nov 21 09:32:51 2007] [notice] Apache/2.0.61 (Unix)
mod_perl/2.0.4-dev Perl/v5.8.8 configured -- resuming normal
    ap_get_server_banner() not available until httpd/2.2.4 falling
back to ap_get_server_version() at
/data/software/perl/perl-5.8.8/lib/5.8.8/sun4-solaris/ line
    ap_get_server_description() not available until httpd/2.2.4
falling back to ap_get_server_version() at
/data/software/perl/perl-5.8.8/lib/5.8.8/sun4-solaris/ line
    ap_get_server_banner() not available until httpd/2.2.4 falling
back to ap_get_server_version() at
/data/software/perl/perl-5.8.8/lib/5.8.8/sun4-solaris/ line
    ap_get_server_description() not available until httpd/2.2.4
falling back to ap_get_server_version() at
/data/software/perl/perl-5.8.8/lib/5.8.8/sun4-solaris/ line
    [Wed Nov 21 09:33:13 2007] [notice] child pid 8842 exit signal
Segmentation fault (11), possible coredump in /tmp

>From httpd.conf:

    CoreDumpDirectory /tmp

    Alias /mp/ /data/software/www/mp/
    PerlRequire /data/software/www/mp/
    <Location /mp>
        SetHandler perl-script
        PerlResponseHandler ModPerl::Registry
        PerlOptions +ParseHeaders
        Options +ExecCGI
        Order allow,deny
        Allow from all
    </Location> is just:
    use lib qw(/data/software/www/mp/lib);

2. Used Components and their Configuration:

*** mod_perl version 2.000004

*** using /data/software/perl/perl-5.8.8/lib/site_perl/5.8.8/sun4-solaris/Apache2/

*** Makefile.PL options:
  MP_APR_LIB     => aprext
  MP_APXS        => /data/software/www/apache-2.0.61-maint/bin/apxs
  MP_COMPAT_1X   => 1
  MP_DEBUG       => 1
  MP_LIBNAME     => mod_perl
  MP_TRACE       => 1
  MP_USE_DSO     => 1

*** The httpd binary was not found

*** (apr|apu)-config linking info

 -L/data/software/www/apache-2.0.61-maint/lib -laprutil-0 -lexpat
 -L/data/software/www/apache-2.0.61-maint/lib -lapr-0 -lsendfile -lrt
-lm -lsocket -lnsl -lresolv  -lpthread -ldl

*** /data/software/perl/perl-5.8.8/bin/perl -V
Summary of my perl5 (revision 5 version 8 subversion 8) configuration:
    osname=solaris, osvers=2.9, archname=sun4-solaris
    uname='sunos 5.9 generic_122300-08 sun4u sparc
sunw,ultra-30 '
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
    cc='/opt/SUNWspro/bin/cc', ccflags =' -D_LARGEFILE_SOURCE
    ccversion='Sun C 5.8 Patch 121015-01 2006/01/26', gccversion='',
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=4321
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t',
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='/opt/SUNWspro/bin/cc', ldflags =' -L/usr/lib -L/usr/ccs/lib
u/software/sunstudio/11/SUNWspro/prod/lib -L/lib '
    libpth=/usr/lib /usr/ccs/lib
ib /lib
    libs=-lsocket -lnsl -ldl -lm -lc
    perllibs=-lsocket -lnsl -ldl -lm -lc
    libc=/lib/, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
    cccdlflags='-KPIC', lddlflags='-G -L/usr/lib -L/usr/ccs/lib
ftware/sunstudio/11/SUNWspro/prod/lib -L/lib'

Characteristics of this binary (from libperl):
  Built under solaris
  Compiled at Nov 13 2007 15:43:13

*** Packages of interest status:

Apache2            : -
Apache2::Request   : -
CGI                : 3.15
ExtUtils::MakeMaker: 6.36
LWP                : 5.808
mod_perl           : -
mod_perl2          : 2.000004

3. This is the core dump trace: (if you get a core dump):

Core was generated by
`/data/software/www/apache-2.0.61-maint/bin/httpd -k start'.
Program terminated with signal 11, Segmentation fault.
#0  0x0008f85c in ap_get_module_config (cv=0x6565702d, m=0xfee81150)
at util_debug.c:106
106         return ((void **)cv)[m->module_index];
(gdb) bt
#0  0x0008f85c in ap_get_module_config (cv=0x6565702d, m=0xfee81150)
at util_debug.c:106
#1  0xfec436c8 in XS_Apache2__RequestRec_send_cgi_header (cv=0x251480)
    at /export/data/software/www/build/mod_perl-2.0-svn/WrapXS/Apache2/Response/Response.xs:149
#2  0xfeddc4d0 in Perl_pp_entersub () from
#3  0xfedd2d5c in Perl_runops_standard () from
#4  0xfed6fd30 in Perl_call_sv () from
#5  0xfed435b8 in modperl_callback (handler=0x1f7200, p=0x222898,
r=0x2228d0, s=0xf0458, args=0x276ac0)
    at modperl_callback.c:101
#6  0xfed441a4 in modperl_callback_run_handlers (idx=6, type=4,
r=0x2228d0, c=0x0, s=0xf0458, pconf=0x0, plog=0x0,
    ptemp=0x0, run_mode=MP_HOOK_RUN_FIRST) at modperl_callback.c:262
#7  0xfed44888 in modperl_callback_per_dir (idx=6, r=0x2228d0,
run_mode=MP_HOOK_RUN_FIRST) at modperl_callback.c:371
#8  0xfed3ce34 in modperl_response_handler_run (r=0x2228d0, finish=0)
at mod_perl.c:999
#9  0xfed3d204 in modperl_response_handler_cgi (r=0x2228d0) at mod_perl.c:1099
#10 0x00075c04 in ap_run_handler (r=0x2228d0) at config.c:153
#11 0x000768cc in ap_invoke_handler (r=0x2228d0) at config.c:364
#12 0x00054604 in ap_process_request (r=0x2228d0) at http_request.c:249
#13 0x0004b61c in ap_process_http_connection (c=0x21a988) at http_core.c:253
#14 0x0008be4c in ap_run_process_connection (c=0x21a988) at connection.c:43
#15 0x0008c470 in ap_process_connection (c=0x21a988, csd=0x21a8b0) at
#16 0x000735a4 in child_main (child_num_arg=1) at prefork.c:610
#17 0x000737d0 in make_child (s=0xf0458, slot=1) at prefork.c:704
#18 0x00073bb8 in perform_idle_server_maintenance (p=0xebcb8) at prefork.c:839
#19 0x00074240 in ap_mpm_run (_pconf=0xebcb8, plog=0x123d98,
s=0xf0458) at prefork.c:1040
#20 0x0007f468 in main (argc=3, argv=0xffbff764) at main.c:636
Current language:  auto; currently minimal

This report was generated by /data/software/perl/current/bin/mp2bug on
Wed Nov 21 14:34:03 2007 GMT.

-------------8<---------- End Bug Report --------------8<----------

