Package: apache2
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu hardy ubuntu-patch
Version: 2.2.8-4
Severity: important
Tags: patch
When torture testing an apache2-mpm-worker I get numerous segmentation
faults and sigbus errors:
[Tue May 27 14:16:40 2008] [notice] child pid 8848 exit signal
Segmentation fault (11)
[Tue May 27 14:18:35 2008] [notice] child pid 9075 exit signal
Segmentation fault (11)
[Tue May 27 14:19:37 2008] [notice] child pid 9159 exit signal
Segmentation fault (11)
[Tue May 27 14:19:37 2008] [notice] child pid 9215 exit signal
Segmentation fault (11)
[Tue May 27 14:20:19 2008] [notice] child pid 9495 exit signal
Segmentation fault (11)
[Tue May 27 14:22:52 2008] [notice] child pid 9523 exit signal
Segmentation fault (11)
See:
* https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/235294
Fix is commited in the apache cvs and in Ubuntu, we've applied the
attached
patch to achieve the following:
* debian/patches/100_mpm_wokers_crash.dpatch
- Fix for segmentation fault with mpm-worker is under load.
Backported from
http://svn.apache.org/viewvc?view=rev&revision=631362.
(LP: #235294)
We thought you might be interested in doing the same.
-- System Information:
Debian Release: lenny/sid
APT prefers hardy-updates
APT policy: (500, 'hardy-updates'), (500, 'hardy-security'), (500,
'hardy')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24-18-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
:-Dustin
Dustin Kirkland
Ubuntu Server Developer
Canonical, LTD
kirkland@canonical.com
GPG: 1024D/83A61194
diff -u apache2-2.2.8/debian/patches/00list apache2-2.2.8/debian/patches/00list
--- apache2-2.2.8/debian/patches/00list
+++ apache2-2.2.8/debian/patches/00list
@@ -24,0 +25 @@
+100_mpm_wokers_crash.dpatch
only in patch2:
unchanged:
--- apache2-2.2.8.orig/debian/patches/100_mpm_wokers_crash.dpatch
+++ apache2-2.2.8/debian/patches/100_mpm_wokers_crash.dpatch
@@ -0,0 +1,46 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+
+@DPATCH@
+diff -Naur httpd-2.2.8.orig/server/mpm/experimental/event/fdqueue.c httpd-2.2.8/server/mpm/experimental/event/fdqueue.c
+--- httpd-2.2.8.orig/server/mpm/experimental/event/fdqueue.c 2007-07-25 09:13:49.000000000 -0400
++++ httpd-2.2.8/server/mpm/experimental/event/fdqueue.c 2008-05-20 03:18:03.000000000 -0400
+@@ -194,10 +194,16 @@
+ (*new_recycle));
+ new_recycle->pool = pool_to_recycle;
+ for (;;) {
+- new_recycle->next = queue_info->recycled_pools;
++ /*
++ * Save queue_info->recycled_pool in local varaible next because
++ * new_recycle->next can be changed after apr_atomic_casptr
++ * function call. For gory details see PR 4402.
++ */
++ struct recycled_pool *next = queue_info->recycled_pools;
++ new_recycle->next = next;
+ if (apr_atomic_casptr
+ ((volatile void **) &(queue_info->recycled_pools),
+- new_recycle, new_recycle->next) == new_recycle->next) {
++ new_recycle, next) == next) {
+ break;
+ }
+ }
+diff -Naur httpd-2.2.8.orig/server/mpm/worker/fdqueue.c httpd-2.2.8/server/mpm/worker/fdqueue.c
+--- httpd-2.2.8.orig/server/mpm/worker/fdqueue.c 2007-07-25 09:13:49.000000000 -0400
++++ httpd-2.2.8/server/mpm/worker/fdqueue.c 2008-05-20 03:12:43.000000000 -0400
+@@ -94,10 +94,14 @@
+ sizeof(*new_recycle));
+ new_recycle->pool = pool_to_recycle;
+ for (;;) {
+- new_recycle->next = queue_info->recycled_pools;
++ /* Save queue_info->recycled_pool in local variable next because
++ * new_recycle->next can be changed after apr_atomic_casptr
++ * function call. For gory details see PR 44402.
++ */
++ struct recycled_pool *next = queue_info->recycled_pools;
++ new_recycle->next = next;
+ if (apr_atomic_casptr((volatile void**)&(queue_info->recycled_pools),
+- new_recycle, new_recycle->next) ==
+- new_recycle->next) {
++ new_recycle, next) == next) {
+ break;
+ }
+ }
Attachment:
signature.asc
Description: This is a digitally signed message part