Bug#897218: marked as done (apache2: mod_http2 (32-bit, i386) segmentation fault while delivering large (2+ GiB) file)
Your message dated Sat, 05 May 2018 10:04:56 +0000
with message-id <E1fEu3k-000E1r-Ft@fasolo.debian.org>
and subject line Bug#897218: fixed in apache2 2.4.33-3
has caused the Debian Bug report #897218,
regarding apache2: mod_http2 (32-bit, i386) segmentation fault while delivering large (2+ GiB) file
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
897218: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897218
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apache2: mod_http2 (32-bit, i386) segmentation fault while delivering large (2+ GiB) file
- From: Horst Schirmeier <horst@schirmeier.com>
- Date: Mon, 30 Apr 2018 10:24:16 +0200
- Message-id: <152507665612.29246.2157541699501028639.reportbug@repos.cs.uni-dortmund.de>
Package: apache2
Version: 2.4.25-3+deb9u4
Severity: normal
Tags: patch upstream
While downloading a large (2200 MiB) file via HTTP/2.0, apache2 2.4.33 (Debian
unstable) reproducibly segfaults after delivering ~89% (1975 MiB) on 32-bit
i386. apache2 2.4.25-3+deb9u4 (Debian stable) exhibits a slightly different
failure mode, which is however assumed to originate in the same upstream bug.
Steps to reproduce:
- Install Debian unstable i386 in the "webserver" configuration, which installs
apache2 2.4.33. Install curl. (Firefox or Chrome works as well.)
- Enable SSL:
* a2enmod ssl
* a2ensite default-ssl
- Enable HTTP/2.0:
* echo 'Protocols h2 h2c http/1.1' > /etc/apache2/mods-available/http2.conf
* a2enmod http2
- Restart Apache: systemctl restart apache2
- Create test file in /var/www/html:
* dd if=/dev/zero of=/var/www/html/2200Mfile bs=1M count=2200
- Download the test file via curl (--http2 is redundant because curl uses
HTTP/2.0 anyways if it's available; --insecure is necessary because the above
steps do not install a proper SSL cert):
* curl --http2 --insecure -o /dev/null https://localhost/2200Mfile
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
89 2200M 89 1975M 0 0 22.2M 0 0:01:38 0:01:28 0:00:10 25.8M
curl: (56) Unexpected EOF
- Apache's error.log:
[Wed Apr 25 11:17:05.749002 2018] [core:notice] [pid 398:tid 3082986688] AH00052: child pid 646 exit signal Segmentation fault (11)
Side note: On 64-bit, everything works as expected. This seems to be a 32-bit
related bug.
This bug has been reported upstream, where Stefan Eissing already landed a fix
in apache2 trunk and suggested a backport to apache2 2.4.x:
https://bz.apache.org/bugzilla/show_bug.cgi?id=62325
-- Package-specific info:
-- System Information:
Debian Release: 9.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 4.9.0-6-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages apache2 depends on:
ii apache2-bin 2.4.25-3+deb9u4
ii apache2-data 2.4.25-3+deb9u4
ii apache2-utils 2.4.25-3+deb9u4
ii dpkg 1.18.24
ii init-system-helpers 1.48
ii lsb-base 9.20161125
ii mime-support 3.60
ii perl 5.24.1-3+deb9u3
ii procps 2:3.3.12-3
Versions of packages apache2 recommends:
ii ssl-cert 1.0.39
Versions of packages apache2 suggests:
ii apache2-doc 2.4.25-3+deb9u4
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii lynx [www-browser] 2.8.9dev11-1
ii w3m [www-browser] 0.5.3-34+deb9u1
Versions of packages apache2-bin depends on:
ii libapr1 1.5.2-5
ii libaprutil1 1.5.4-3
ii libaprutil1-dbd-sqlite3 1.5.4-3
ii libaprutil1-ldap 1.5.4-3
ii libc6 2.24-11+deb9u3
ii libldap-2.4-2 2.4.44+dfsg-5+deb9u1
ii liblua5.2-0 5.2.4-1.1+b2
ii libnghttp2-14 1.18.1-1
ii libpcre3 2:8.39-3
ii libssl1.0.2 1.0.2l-2+deb9u3
ii libxml2 2.9.4+dfsg1-2.2+deb9u2
ii perl 5.24.1-3+deb9u3
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages apache2-bin suggests:
ii apache2-doc 2.4.25-3+deb9u4
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii lynx [www-browser] 2.8.9dev11-1
ii w3m [www-browser] 0.5.3-34+deb9u1
Versions of packages apache2 is related to:
ii apache2 2.4.25-3+deb9u4
ii apache2-bin 2.4.25-3+deb9u4
-- Configuration Files:
/etc/apache2/apache2.conf changed [not included]
/etc/apache2/conf-available/security.conf changed [not included]
/etc/apache2/mods-available/ssl.conf changed [not included]
/etc/apache2/mods-available/userdir.conf changed [not included]
/etc/apache2/ports.conf changed [not included]
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.4.33-3
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 897218@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 05 May 2018 11:34:47 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: source amd64 all
Version: 2.4.33-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
apache2 - Apache HTTP Server
apache2-bin - Apache HTTP Server (modules and other binary files)
apache2-data - Apache HTTP Server (common files)
apache2-dbg - Apache debugging symbols
apache2-dev - Apache HTTP Server (development headers)
apache2-doc - Apache HTTP Server (on-site documentation)
apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
apache2-utils - Apache HTTP Server (utility programs for web servers)
libapache2-mod-md - transitional package
libapache2-mod-proxy-uwsgi - transitional package
Closes: 894785 897218
Changes:
apache2 (2.4.33-3) unstable; urgency=medium
.
* Add Breaks for libapache2-mod-proxy-uwsgi and libapache2-mod-md, too.
Closes: #894785
* mod_http2: Avoid high memory usage with large files, causing crashes on
32bit archs. Closes: #897218
* Migrate from alioth to salsa.
Checksums-Sha1:
1957fd0155b84f53dcd0ed944df5f64df7235243 3268 apache2_2.4.33-3.dsc
0415b28a0fa674b076f913c6197ee09ec66d8fb3 786148 apache2_2.4.33-3.debian.tar.xz
3ae5987c83db08c01be37f4e83ea378e661d23c3 1302584 apache2-bin_2.4.33-3_amd64.deb
bea2433f022411365b836e6d0bbe1c32b6b238cd 161236 apache2-data_2.4.33-3_all.deb
7cfd3c085e8c7e9fb9bff4cd0459d39f3c71b981 4241652 apache2-dbg_2.4.33-3_amd64.deb
c35484a8824862def90031a4f13153f0ecdb63c1 323424 apache2-dev_2.4.33-3_amd64.deb
381e5b7c726dad90e7ed07538a0afd435c35771e 3938772 apache2-doc_2.4.33-3_all.deb
ca6118945cbe0ad8d591f75e1c03a65b69291032 2340 apache2-ssl-dev_2.4.33-3_amd64.deb
78c7419e4fbab4cdcc22250e453040463dcab069 164692 apache2-suexec-custom_2.4.33-3_amd64.deb
e35b8016b481b55a4cef285613838bbaafc9ec50 163216 apache2-suexec-pristine_2.4.33-3_amd64.deb
aeaebf8a1abecd97f9d96bd9d4fb84b61300aed8 228300 apache2-utils_2.4.33-3_amd64.deb
50168a8b725e63d7e06f7a5f4e5a8cd991ccbb2b 11012 apache2_2.4.33-3_amd64.buildinfo
1879fe023e80ff02e0218b6e6e46dc77978add61 244380 apache2_2.4.33-3_amd64.deb
2810b047f22f4d1a009e830b4ed6f4ac7acc5c2d 920 libapache2-mod-md_2.4.33-3_amd64.deb
bedfeeca8e0139c4fd0085d15490213ed48f5eaf 936 libapache2-mod-proxy-uwsgi_2.4.33-3_amd64.deb
Checksums-Sha256:
fbc087ccb70ba7ea93bab16dbcac9af520c786bf0173db462b66c6ae74b9938c 3268 apache2_2.4.33-3.dsc
a82cf51b05bad9142f1d839af0b4baae8ab99cad78949ae37e720b6c41b32766 786148 apache2_2.4.33-3.debian.tar.xz
69a6dd6dd05b68407e30fd039dd457db69d69c61cb500ec1165e485e04d6a1fb 1302584 apache2-bin_2.4.33-3_amd64.deb
59e7e50771e250ebf44ab130fe7c73d92c5a2d78bc895431ed73afc01c381d7c 161236 apache2-data_2.4.33-3_all.deb
a5fb832fac0ccde5b1d5a687062f300f214e72ed09ae4260042c54090174ce3e 4241652 apache2-dbg_2.4.33-3_amd64.deb
db8c5fe1f35de2d402f3040b822a4473a86318d82ef75fbd7045571e538ea6a1 323424 apache2-dev_2.4.33-3_amd64.deb
ec02f01c60ea6d7c84d959f16c05232700ae27c6ea44234422c1fdc3c4ee282f 3938772 apache2-doc_2.4.33-3_all.deb
e60cd63d31d63dfa40ba155eafd1f564c0cb90351ed37ab8501c8bfd6565aaf0 2340 apache2-ssl-dev_2.4.33-3_amd64.deb
eb8a0b66ebb61a71832c92209a0142bbb9a356096f12390e9166d4cd43a558e0 164692 apache2-suexec-custom_2.4.33-3_amd64.deb
7fc3aaba2018067966d242cf91846fc88eb1f552f8b13b016d361ebb364be176 163216 apache2-suexec-pristine_2.4.33-3_amd64.deb
a9d6e0b8d16b1dd5b6a3e0c765588d594ad27449c042c535c8d331825b3b6247 228300 apache2-utils_2.4.33-3_amd64.deb
2e2981240bbcdc6c5373fcc4677f5f5b213a8353465384fb34f9729fab67edd2 11012 apache2_2.4.33-3_amd64.buildinfo
8f162b660f576015a4b5be0b79b647f4a416dcb533490e8c8a88b2c007141ea2 244380 apache2_2.4.33-3_amd64.deb
c8354cbd60ab57083f519210e18727ada14b38fb9c25bd06ebc88208a5ee26dd 920 libapache2-mod-md_2.4.33-3_amd64.deb
597a32a6593e79a3ae0bd936b2f25dbabe3f0621109aa8cf2f86e48c3844c925 936 libapache2-mod-proxy-uwsgi_2.4.33-3_amd64.deb
Files:
d6ea6be65b8b2bd4210648f6ec4031b7 3268 httpd optional apache2_2.4.33-3.dsc
7f7d00b6f6ae80389bdbc0a8713ae558 786148 httpd optional apache2_2.4.33-3.debian.tar.xz
6f966dfea716eb3317e28a2df2d67dec 1302584 httpd optional apache2-bin_2.4.33-3_amd64.deb
c7b2501ec8b21f4b731e840c7c1ca633 161236 httpd optional apache2-data_2.4.33-3_all.deb
b74f259e7be7c0da5438db5deddfcd3c 4241652 debug optional apache2-dbg_2.4.33-3_amd64.deb
b31aa12ae166c1e915fbcf9086b8d4ca 323424 httpd optional apache2-dev_2.4.33-3_amd64.deb
cfee732ccefdad8e6fe67fb47e404b96 3938772 doc optional apache2-doc_2.4.33-3_all.deb
81b873d2f8795f2c59e51c4eb769fa75 2340 httpd optional apache2-ssl-dev_2.4.33-3_amd64.deb
39f77d092154da0b22130fea96e824c3 164692 httpd optional apache2-suexec-custom_2.4.33-3_amd64.deb
ba0e4e056bbed90a0e172a3521cfe761 163216 httpd optional apache2-suexec-pristine_2.4.33-3_amd64.deb
149332b3020a92b1b06060028184da3d 228300 httpd optional apache2-utils_2.4.33-3_amd64.deb
0323ad6e6220d5ee6f8608a1c83b4cf7 11012 httpd optional apache2_2.4.33-3_amd64.buildinfo
89a7d709a0b7a921fd4bb69af5988d95 244380 httpd optional apache2_2.4.33-3_amd64.deb
e21e63764b1b61385157aea662e0f8cc 920 oldlibs optional libapache2-mod-md_2.4.33-3_amd64.deb
2b5bbd1f60c43bbd354cd0b8de251913 936 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.33-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAlrtfBwACgkQxodfNUHO
/eBLXw//dtsGNJwrU7R3lbNS5LraWPdpy9gkuU0JkFlvXCxmQfxpeuMdcZSMTMp3
YjZ1aeZD04YflobtM3ED0PsYh9l5q6e9inhHY6GOLWynLejkdjoxvk6b202BcLd0
noQF6ZnMX5xvPMl4sRoJ9aHPv/cjcBTixe5tXtUVM67g2/sN+GTCuVIBQ7ls56Xw
AE5LF457LY+8JE4L8+DFaCkQNDoOr1CepPvqERxy5//GJf6e4h02LiYdIRrgyNG6
lO6M6g5jl6EUeJ2udXCqMv5Rk/hRy7JPj/nnqsgWOqrfInPiYmaLbrgzZramK2nR
Dr9hj+QLnRcYQCAzvC4ygPhmzDg13dt+XkywnClLPlkqJM8mKkUJqkYRTMfqykJ5
5hIuY2Z0eRU6/ounFgKCkJ/c7K4ByjO2EEKTp0Sg+ePnYPaTtwuM7NKh4grh6KgU
bEkeAG67VaYmvDgulTnVY5ZQRfog8HDo3hr/n1UkZvjlNy0Ynx9c/B2CozQAVVOP
CyJ0YEs71jhK0n3AFE+tq3psN4CHNvj4BSosqSaJA4W0oOPQCGNjPW+4VQkJXzaF
y8l3tu7ZV5O6WWloWEpvWaCwTNILOmvA5KAb7UpLzb5H53/EYyIwpS10NbSLOprz
+m0gXZdWt2E47B7rRcX53pJtfOJBAvq8oiwuFLf5ozyH5An7uaY=
=tS1w
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: