[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#902657: marked as done (graceful/restart results in segfault if libcap-ng0 is loaded)



Your message dated Mon, 22 Apr 2019 17:01:53 +0200
with message-id <20190422150153.v4e56hjh5m3di6ln@manul.sfritsch.de>
and subject line Bug#902658: graceful/restart results in segfault if libcap-ng0 is loaded
has caused the Debian Bug report #902658,
regarding graceful/restart results in segfault if libcap-ng0 is loaded
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
902658: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902658
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: apache2

Version: 2.4.33-3+b1
Severity: grave
Tags: a11y
Justification: renders package unusable

Dear Maintainer,

when i do an "apachectl graceful" or "apachectl restart", i get
segfaults.

[Fri Jun 29 10:22:38.726688 2018] [mpm_prefork:notice] [pid 31097] AH00163: Apache/2.4.33 (Debian) mpm-itk/2.4.7-04 OpenSSL/1.1.0h mod_perl/2.0.10 Perl/v5.26.2 configured -- resuming normal operations
[Fri Jun 29 10:22:38.726720 2018] [core:notice] [pid 31097] AH00094: Command line: '/usr/sbin/apache2'
[Fri Jun 29 10:22:49.076807 2018] [mpm_prefork:notice] [pid 31097] AH00171: Graceful restart requested, doing restart
[Fri Jun 29 10:22:49.168509 2018] [mpm_prefork:notice] [pid 31097] AH00163: Apache/2.4.33 (Debian) mpm-itk/2.4.7-04 OpenSSL/1.1.0h mod_perl/2.0.10 Perl/v5.26.2 configured -- resuming normal operations
[Fri Jun 29 10:22:49.168527 2018] [core:notice] [pid 31097] AH00094: Command line: '/usr/sbin/apache2'
[Fri Jun 29 10:22:50.172451 2018] [core:notice] [pid 31097] AH00051: child pid 32163 exit signal Segmentation fault (11), possible coredump in /etc/apache2
[Fri Jun 29 10:22:50.176057 2018] [mpm_prefork:warn] [pid 31097] AH00167: long lost child came home! (pid 32163)
[Fri Jun 29 10:22:50.176139 2018] [core:notice] [pid 31097] AH00051: child pid 32165 exit signal Segmentation fault (11), possible coredump in /etc/apache2
[Fri Jun 29 10:22:50.176158 2018] [core:error] [pid 31097] AH00546: no record of generation 0 of exiting child 32165
[Fri Jun 29 10:22:50.176214 2018] [core:notice] [pid 31097] AH00051: child pid 32167 exit signal Segmentation fault (11), possible coredump in /etc/apache2
[Fri Jun 29 10:22:50.176225 2018] [core:error] [pid 31097] AH00546: no record of generation 0 of exiting child 32167
[Fri Jun 29 10:22:50.176272 2018] [core:notice] [pid 31097] AH00051: child pid 32169 exit signal Segmentation fault (11), possible coredump in /etc/apache2
[Fri Jun 29 10:22:50.176304 2018] [core:error] [pid 31097] AH00546: no record of generation 0 of exiting child 32169
[Fri Jun 29 10:22:50.176362 2018] [core:notice] [pid 31097] AH00051: child pid 32171 exit signal Segmentation fault (11), possible coredump in /etc/apache2

if i then do a /etc/init.d/apache2 restart, it works normally
/etc/init.d/apache2 restart and systemctl restart apache2 do NOT result in a segfault.

here's a backtrace of a coredump:
coredumpctl gdb 20261

       PID: 20261 (/usr/sbin/apach)
       UID: 0 (root)
       GID: 0 (root)
    Signal: 11 (SEGV)
 Timestamp: Thu 2018-06-28 19:47:53 CEST (4min 18s ago)

Command Line: /usr/sbin/apache2 -k start
Executable: /usr/sbin/apache2
Control Group: /system.slice/apache2.service
Unit: apache2.service
Slice: system.slice
Boot ID: fb5bb58db2c4417db6cce49bb7b04435
Machine ID: 6eb9f0854f630f342494ccf20000000a
Hostname: sunnyserver
Storage: /var/lib/systemd/coredump/core.\x2fusr\x2fsbin\x2fapach.0.fb5bb58db2c4417db6cce49bb7b04435.20261.1530208073000000.lz4
Message: Process 20261 (/usr/sbin/apach) of user 0 dumped core.

            Stack trace of thread 20261:
            #0  0x00007fa235131677 n/a (libcap-ng.so.0)
            #1  0x00007fa2429e2a25 n/a (mod_mpm_prefork.so)
            #2  0x00007fa2429e3a0e n/a (mod_mpm_prefork.so)
            #3  0x0000561918c4cb7e ap_run_mpm (apache2)
            #4  0x0000561918c4546b main (apache2)
            #5  0x00007fa247386a87 __libc_start_main (libc.so.6)
            #6  0x0000561918c4556a _start (apache2)

GNU gdb (Debian 7.12-6+b2) 7.12.0.20161007-git
Copyright © 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type “show copying”
and “show warranty” for details.
This GDB was configured as “x86_64-linux-gnu”.
Type “show configuration” for configuration details.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type “help”.
Type “apropos word” to search for commands related to “word”…
Reading symbols from /usr/sbin/apache2…(no debugging symbols found)…done.

warning: core file may not match specified executable file.
[New LWP 20261]
[Thread debugging using libthread_db enabled]
Using host libthread_db library “/lib/x86_64-linux-gnu/libthread_db.so.1”.
Core was generated by `/usr/sbin/apache2 -k start’.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007fa235131677 in ?? () from /lib/x86_64-linux-gnu/libcap-ng.so.0

(gdb) bt
#0 0x00007fa235131677 in ?? () from /lib/x86_64-linux-gnu/libcap-ng.so.0
#1 0x00007fa24742962e in __libc_fork () at …/sysdeps/nptl/fork.c:204
#2 0x00007fa2429e2a25 in ?? () from /usr/lib/apache2/modules/mod_mpm_prefork.so
#3 0x00007fa2429e3a0e in ?? () from /usr/lib/apache2/modules/mod_mpm_prefork.so
#4 0x0000561918c4cb7e in ap_run_mpm ()
#5 0x0000561918c4546b in main ()
(gdb)



-- Package-specific info:

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apache2 depends on:
ii  apache2-bin    2.4.33-3+b1
ii  apache2-data   2.4.33-3
ii  apache2-utils  2.4.33-3+b1
ii  dpkg           1.19.0.5+b1
ii  lsb-base       9.20170808
ii  mime-support   3.61
ii  perl           5.26.2-6
ii  procps         2:3.3.15-2

Versions of packages apache2 recommends:
ii  ssl-cert  1.0.39

Versions of packages apache2 suggests:
ii  apache2-doc                                      2.4.33-3
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  epiphany-browser [www-browser]                   3.28.2.1-1
ii  google-chrome-stable [www-browser]               67.0.3396.99-1
ii  links2 [www-browser]                             2.14-5
ii  midori [www-browser]                             0.5.11-ds1-4+b1
ii  w3m [www-browser]                                0.5.3-36+b1

Versions of packages apache2-bin depends on:
ii  libapr1                  1.6.3-2
ii  libaprutil1              1.6.1-2
ii  libaprutil1-dbd-sqlite3  1.6.1-2
ii  libaprutil1-ldap         1.6.1-2
ii  libbrotli1               1.0.4-1
ii  libc6                    2.27-3
ii  libcurl4                 7.60.0-2
ii  libjansson4              2.11-1
ii  libldap-2.4-2            2.4.46+dfsg-5
ii  liblua5.2-0              5.2.4-1.1+b2
ii  libnghttp2-14            1.32.0-1
ii  libpcre3                 2:8.39-9
ii  libssl1.1                1.1.0h-4
ii  libxml2                  2.9.4+dfsg1-7
ii  perl                     5.26.2-6
ii  zlib1g                   1:1.2.11.dfsg-1

Versions of packages apache2-bin suggests:
ii  apache2-doc                                      2.4.33-3
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  epiphany-browser [www-browser]                   3.28.2.1-1
ii  google-chrome-stable [www-browser]               67.0.3396.99-1
ii  links2 [www-browser]                             2.14-5
ii  midori [www-browser]                             0.5.11-ds1-4+b1
ii  w3m [www-browser]                                0.5.3-36+b1

Versions of packages apache2 is related to:
ii  apache2      2.4.33-3+b1
ii  apache2-bin  2.4.33-3+b1

-- Configuration Files:
/etc/apache2/apache2.conf changed:
DefaultRuntimeDir ${APACHE_RUN_DIR}
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
	Options FollowSymLinks
	AllowOverride None
	Require all denied
</Directory>
<Directory /usr/share>
	AllowOverride None
	Require all granted
</Directory>
<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
	Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf

/etc/apache2/ports.conf changed:
Listen 443

/etc/apache2/sites-available/default-ssl.conf changed:
<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName sunnydale.russenmafia.at
	ServerAdmin webmaster@localhost
	<IfModule mod_headers.c>
		Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
	</IfModule>
	DocumentRoot /var/www
	<Directory />
		Options -Indexes +FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options -Indexes +FollowSymLinks +MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>
	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options -Indexes +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>
	ErrorLog ${APACHE_LOG_DIR}/error.log
	LogLevel warn
	CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
	SSLEngine on
	SSLProtocol all -SSLv2 -SSLv3
    SSLStrictSNIVHostCheck on
	SSLHonorCipherOrder on
	SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
	SSLCertificateFile 		/etc/letsencrypt/live/sunnydale.russenmafia.at/cert.pem
	SSLCertificateChainFile 	/etc/letsencrypt/live/sunnydale.russenmafia.at/fullchain.pem
	SSLCertificateKeyFile 		/etc/letsencrypt/live/sunnydale.russenmafia.at/privkey.pem
	<FilesMatch "\.(cgi|shtml|phtml|php)$">
		SSLOptions +StdEnvVars
	</FilesMatch>
	<Directory /usr/lib/cgi-bin>
		SSLOptions +StdEnvVars
	</Directory>
	BrowserMatch "MSIE [2-6]" \
		nokeepalive ssl-unclean-shutdown \
		downgrade-1.0 force-response-1.0
	# MSIE 7 and newer should be able to use keepalive
	BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>


-- no debconf information

--- End Message ---
--- Begin Message ---
This has been fixed in libcap-ng 0.7.9-2, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904808

Closing the apache2 bug.

--- End Message ---

Reply to: