Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 106664
| Summary: | httpd segfaults with exec-shield disabled | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Nils Philippsen <nphilipp> | ||||
| Component: | kernel | Assignee: | Dave Jones <davej> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Brian Brock <bbrock> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | rawhide | CC: | jakub, jorton, mingo, pfrields | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2003-11-10 15:37:18 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 100644 | ||||||
| Attachments: |
|
||||||
I can't reproduce with httpd-2.0.47-8, can you update to that and try again? Hmm, still present: [...] root@wombat:~> rpm -q glibc httpd; uname -r glibc-2.3.2-98 httpd-2.0.47-8 2.4.22-1.2087.nptl root@wombat:~> sysctl -w kernel.exec-shield=0 kernel.exec-shield = 0 root@wombat:~> service httpd restart Stopping httpd: [ OK ] Starting httpd: [FAILED] root@wombat:~> httpd Segmentation fault root@wombat:~> sysctl -w kernel.exec-shield=1 kernel.exec-shield = 1 root@wombat:~> service httpd restart Stopping httpd: [FAILED] Starting httpd: [ OK ] root@wombat:~> [...] Any additional info you might need? FYI, the machine should have virtually all packages installed. Can you: strace httpd rpm -qf /etc/httpd/conf.d/*.conf I'd ask for a backtrace but gdb doesn't support PIE yet :( Here you are:
[...]
root@wombat:~> sysctl -w kernel.exec-shield=0
kernel.exec-shield = 0
root@wombat:~> service httpd stop
Stopping httpd: [ OK ]
root@wombat:~> strace httpd
execve("/usr/sbin/httpd", ["httpd"], [/* 28 vars */]) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
root@wombat:~> rpm -qf /etc/httpd/conf.d/*.conf
file /etc/httpd/conf.d/chorios.conf is not owned by any package
file /etc/httpd/conf.d/homedir.conf is not owned by any package
mod_perl-1.99_09-10
php-4.3.3-2
mod_python-3.0.3-3
squirrelmail-1.4.0-1
mod_ssl-2.0.47-8
mod_dav_svn-0.31.0-1
root@wombat:~>
[...]
It is very suspicious to me that it segfaults immediately before even trying to
load libraries etc. Correction to my previous post: prelink is _not_ installed
(I guessed that wrong prelinkage could be the culprit) -- shall I leave it like
that or install it?
You could try something like LD_DEBUG=all LD_DEBUG_OUTPUT=/tmp/httpd /usr/sbin/httpd Jakub, any ideas about this? Created attachment 95101 [details]
LD_DEBUG output of httpd run with exec-shield off
That was the file from strace, can you attach the one from httpd too? No, because running it on httpd alone doesn't produce a file. ld.so problem? toolchain problem? kernel problem? Calling QA people - can anyone reproduce these problems on Fedora Test 3? I still can't. If there is some problem with PIE then we need to get it fixed ASAP. [root@pepsi root]# rpm -q httpd httpd-2.0.47-8 [root@pepsi root]# uname -r 2.4.22-1.2088.nptl Ah ha. I *can* reproduce this on Test 3 if I "prelink -u /usr/sbin/httpd".
execve("/usr/sbin/httpd", ["/usr/sbin/httpd"], [/* 31 vars */]) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Interestingly (or maybe it isn't), I *can* start up httpd OK using:
# /lib/ld-linux.so.2 /usr/sbin/httpd
Jakub are you looking into this?
Ingo tracked this down to a kernel problem.
Reproduction case was having:
/lib/ld-linux.so.2 not prelinked
exec-shield off
executable with a large bss
e.g. int foo[30000]; int main() {return 0;}
*** Bug 105772 has been marked as a duplicate of this bug. *** Fix will be in tomorrows rawhide push. Fixed. |
Description of problem: root@gibraltar:~> sysctl -w kernel.exec-shield=0 kernel.exec-shield = 0 root@gibraltar:~> httpd Segmentation fault root@gibraltar:~> sysctl -w kernel.exec-shield=1 kernel.exec-shield = 1 root@gibraltar:~> httpd root@gibraltar:~> killall httpd root@gibraltar:~> sysctl -w kernel.exec-shield=0 kernel.exec-shield = 0 root@gibraltar:~> httpd Segmentation fault Version-Release number of selected component (if applicable): httpd-2.0.47-7 kernel-2.4.22-1.2087.nptl How reproducible: Always Steps to Reproduce: See description Actual results: httpd segfaults Expected results: httpd starts Additional info: Also look at bug #105772 (same bug with samba)