[Issues] [mod_gnutls 0000106]: mod_gnutls >= 0.5.6 always crashes while accessing Horde's pages on FreeBSD
Mantis Bug Tracker
issues at outoforder.cc
Wed Aug 18 11:07:02 EDT 2010
A NOTE has been added to this issue.
======================================================================
http://issues.outoforder.cc/view.php?id=106
======================================================================
Reported By: tinlans
Assigned To:
======================================================================
Project: mod_gnutls
Issue ID: 106
Category: Apache Integration
Reproducibility: always
Severity: crash
Priority: normal
Status: new
Apache Version: 2.2.16 (MPM=worker)
======================================================================
Date Submitted: 2010-08-05 13:19 EDT
Last Modified: 2010-08-18 11:07 EDT
======================================================================
Summary: mod_gnutls >= 0.5.6 always crashes while accessing
Horde's pages on FreeBSD
Description:
OS: FreeBSD 8.1-STABLE amd64
Apache: apache-worker-2.2.16
Apache Info: Apache/2.2.16 (FreeBSD) DAV/2 PHP/5.2.14 with Suhosin-Patch
SVN/1.6.12 mod_gnutls/0.5.7
APR: apr-devrandom-db46-ldap24-mysql55-1.4.2.1.3.9_1
gnutls: gnutls-devel-2.11.0_1
Horde is a well-known PHP-based Horde Application Framework.
It's often used for providing webmail service via Horde/IMP.
A large set of PEAR packages are used by it.
Everything works properly on mod_gnutls-0.5.5.
Since mod_gnutls-0.5.6, to access my web's Horde pages causes Apache
crashed.
This problem is also occured on mod_gnutls-0.5.7.
Here is the backtrace info of my crash dump:
http://issues.outoforder.cc/view.php?id=0 0x0000000807177b22 in
_gnutls_recv_int () from
/usr/local/lib/libgnutls.so.43
http://issues.outoforder.cc/view.php?id=1 0x0000000807057706 in
gnutls_io_input_read (ctxt=0x81041e028,
buf=0x81041e070 "\r\nokie: default_imp_view=imp;
ITHorde=83d0j2gu59itsc4pn2irurdg36;
auth_key=155e3ae9df0ace4698270f0c1dfd02f9;
imp_key=f7235d305b37b51f6c6d9380c0302a02\r\n\r\nb51f6c6d9380c0302a02\r\n\r\nb37b51f6c6d9380c0302a02"...,
len=0x7fffff7fcd68) at gnutls_io.c:227
http://issues.outoforder.cc/view.php?id=2 0x0000000807057ba2 in
mgs_filter_input (f=0x810422120, bb=0x810712740,
mode=Variable "mode" is not available.
) at gnutls_io.c:323
http://issues.outoforder.cc/view.php?id=3 0x000000000042ab98 in
ap_rgetline_core (s=0x8107110d0, n=8192,
read=0x7fffff7fce70, r=0x8107110a0, fold=0, bb=0x810712740) at
protocol.c:231
http://issues.outoforder.cc/view.php?id=4 0x000000000042b4d5 in ap_read_request
(conn=0x81041a2b8) at
protocol.c:596
http://issues.outoforder.cc/view.php?id=5 0x0000000000440ce3 in
ap_process_http_connection (c=0x81041a2b8) at
http_core.c:183
http://issues.outoforder.cc/view.php?id=6 0x000000000043d562 in
ap_run_process_connection (c=0x81041a2b8) at
connection.c:43
http://issues.outoforder.cc/view.php?id=7 0x0000000000448992 in worker_thread
(thd=0x80827b880, dummy=Variable
"dummy" is not available.
) at worker.c:544
http://issues.outoforder.cc/view.php?id=8 0x00000008011b7511 in pthread_getprio
() from /lib/libthr.so.3
http://issues.outoforder.cc/view.php?id=9 0x0000000000000000 in ?? ()
Error accessing memory address 0x7fffff7fd000: Bad address.
======================================================================
----------------------------------------------------------------------
(0000213) nmav (manager) - 2010-08-17 13:06
http://issues.outoforder.cc/view.php?id=106#c213
----------------------------------------------------------------------
Hi. Does the attached patch solve your issue?
----------------------------------------------------------------------
(0000214) tinlans (reporter) - 2010-08-17 15:32
http://issues.outoforder.cc/view.php?id=106#c214
----------------------------------------------------------------------
This patch solves a lot of "segmentation fault" issues,
but I also find some new issues.
Some contents of a page cannot show in Horde/IMP randomly.
For example, icons randomly displayed as red "X", sub-pages (or partial
pages) in a table (or a frame) randomly displayed as "connection
refused".
I cannot find any error messages in httpd-error.log.
----------------------------------------------------------------------
(0000215) nmav (manager) - 2010-08-17 15:35
http://issues.outoforder.cc/view.php?id=106#c215
----------------------------------------------------------------------
By "a lot" do you mean that some segmentation faults remain?
----------------------------------------------------------------------
(0000216) tinlans (reporter) - 2010-08-17 15:40
http://issues.outoforder.cc/view.php?id=106#c216
----------------------------------------------------------------------
Yes, some segmentation faults remain.
They're very hard to be repeated so that I cannot catch it by gdb.
----------------------------------------------------------------------
(0000217) nmav (manager) - 2010-08-17 15:44
http://issues.outoforder.cc/view.php?id=106#c217
----------------------------------------------------------------------
This is strange. I've updated the patch in patch2.txt to try (it applies to
clean 0.5.7). If the problem persists, could you try increasing your ulimit
-c, to allow the server to create core file, and check that with gdb?
Thanks.
----------------------------------------------------------------------
(0000218) tinlans (reporter) - 2010-08-17 15:57
http://issues.outoforder.cc/view.php?id=106#c218
----------------------------------------------------------------------
Yes, I can configure it to allow to dump core files.
I've been applied the patch2.txt.
In a rare case, I could find this error (it's also hard to be repeated):
Program terminated with signal 11, Segmentation fault.
(gdb) where
http://issues.outoforder.cc/view.php?id=0 0x0000000000000000 in ?? ()
http://issues.outoforder.cc/view.php?id=1 0x000000080705aba2 in mgs_hook_fixups
(r=0x0) at gnutls_hooks.c:752
Cannot access memory at address 0x800000000868
(gdb) frame 1
http://issues.outoforder.cc/view.php?id=1 0x000000080705aba2 in mgs_hook_fixups
(r=0x0) at gnutls_hooks.c:752
752 apr_table_setn(env, "SSL_PROTOCOL",
(gdb) list
747 apr_table_setn(env, "SSL_VERSION_LIBRARY",
748 "GnuTLS/" LIBGNUTLS_VERSION);
749 apr_table_setn(env, "SSL_VERSION_INTERFACE",
750 "mod_gnutls/" MOD_GNUTLS_VERSION);
751
752 apr_table_setn(env, "SSL_PROTOCOL",
753
gnutls_protocol_get_name(gnutls_protocol_get_version
754 (ctxt->session)));
755
756 /* should have been called SSL_CIPHERSUITE instead */
(gdb) print env
$1 = (apr_table_t *) 0x0
----------------------------------------------------------------------
(0000219) nmav (manager) - 2010-08-18 11:07
http://issues.outoforder.cc/view.php?id=106#c219
----------------------------------------------------------------------
I've understood where the problem is for this case, but it shouldn't
happen. Which apache do you use? Does patch3 solve the issue?
Issue History
Date Modified Username Field Change
======================================================================
2010-08-05 13:19 tinlans New Issue
2010-08-05 13:19 tinlans Apache Version => 2.2.16 (MPM=worker)
2010-08-17 13:06 nmav File Added: patch.txt
2010-08-17 13:06 nmav Note Added: 0000213
2010-08-17 15:32 tinlans Note Added: 0000214
2010-08-17 15:35 nmav Note Added: 0000215
2010-08-17 15:40 tinlans Note Added: 0000216
2010-08-17 15:42 nmav File Added: patch2.txt
2010-08-17 15:44 nmav Note Added: 0000217
2010-08-17 15:57 tinlans Note Added: 0000218
2010-08-18 11:05 nmav File Deleted: patch.txt
2010-08-18 11:06 nmav File Added: patch3.txt
2010-08-18 11:06 nmav File Deleted: patch2.txt
2010-08-18 11:07 nmav Note Added: 0000219
======================================================================
More information about the Issues
mailing list