Package: apache2-bin
Version: 2.4.66-1~deb12u1
Severity: important
Since installing Apache 2.4.66, I've had a number of segmentation faults
in mod_http2, on multiple servers (running similar config). The same
configuration
did not fault in 2.4.65.
gdb says
Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 c1_purge_streams (m=m@entry=0x7f2b7801d738) at ./modules/http2/h2_mplx.c:606
Download failed: Invalid argument. Continuing without source file
./modules/http2/./modules/http2/h2_mplx.c.
606 ./modules/http2/h2_mplx.c: No such file or directory.
[Current thread is 1 (Thread 0x7f2b5cff96c0 (LWP 67321))]
(gdb) bt
#0 c1_purge_streams (m=m@entry=0x7f2b7801d738) at ./modules/http2/h2_mplx.c:606
#1 0x00007f2b9797cfe0 in h2_mplx_c1_poll (m=0x7f2b7801d738,
timeout=timeout@entry=0, on_stream_input=on_stream_input@entry=0x7f2b97982230
<on_stream_input>,
on_stream_output=on_stream_output@entry=0x7f2b979820f0 <on_stream_output>,
on_ctx=on_ctx@entry=0x7f2b7801d0a0) at ./modules/http2/h2_mplx.c:659
#2 0x00007f2b979861bc in h2_session_process (session=0x7f2b7801d0a0, async=1,
pkeepalive=pkeepalive@entry=0x7f2b5cff8d44) at ./modules/http2/h2_session.c:2013
#3 0x00007f2b9796f81c in h2_c1_run (c=0x7f2b7805a360) at
./modules/http2/h2_c1.c:132
#4 0x000056427a468fd0 in ap_run_process_connection (c=c@entry=0x7f2b7805a360)
at ./server/connection.c:42
#5 0x00007f2b97c22743 in process_socket (thd=thd@entry=0x7f2b98f4e068,
p=<optimized out>, sock=<optimized out>, cs=<optimized out>,
my_child_num=my_child_num@entry=0,
my_thread_num=my_thread_num@entry=11) at ./server/mpm/event/event.c:1098
#6 0x00007f2b97c2359a in worker_thread (thd=0x7f2b98f4e068, dummy=<optimized
out>) at ./server/mpm/event/event.c:2252
#7 0x00007f2b990791f5 in start_thread (arg=<optimized out>) at
./nptl/pthread_create.c:442
#8 0x00007f2b990f98dc in clone3 () at
../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
This appears to be a known bug upstream:
https://bz.apache.org/bugzilla/show_bug.cgi
Hamish
-- Package-specific info:
-- System Information:
Debian Release: 12.13
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500,
'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-42-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages apache2-bin depends on:
ii libapr1 1.7.2-3+deb12u1
ii libaprutil1 1.6.3-1
ii libaprutil1-dbd-sqlite3 1.6.3-1
ii libaprutil1-ldap 1.6.3-1
ii libbrotli1 1.0.9-2+b6
ii libc6 2.36-9+deb12u13
ii libcrypt1 1:4.4.33-2
ii libcurl4 7.88.1-10+deb12u14
ii libjansson4 2.14-2
ii libldap-2.5-0 2.5.13+dfsg-5
ii liblua5.3-0 5.3.6-2
ii libnghttp2-14 1.52.0-1+deb12u2
ii libpcre2-8-0 10.42-1
ii libssl3 3.0.18-1~deb12u1
ii libxml2 2.9.14+dfsg-1.3~deb12u5
ii perl 5.36.0-7+deb12u3
ii zlib1g 1:1.2.13.dfsg-1
apache2-bin recommends no packages.
Versions of packages apache2-bin suggests:
pn apache2-doc <none>
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii elinks [www-browser] 0.13.2-1+b4
ii links [www-browser] 2.28-1+b2
ii lynx [www-browser] 2.9.0dev.12-1
ii netrik [www-browser] 1.16.1-2+b2
ii w3m [www-browser] 0.5.3+git20230121-2
Versions of packages apache2 depends on:
ii apache2-data 2.4.66-1~deb12u1
ii apache2-utils 2.4.66-1~deb12u1
ii init-system-helpers 1.65.2+deb12u1
ii lsb-base 11.6
ii media-types 10.0.0
ii perl 5.36.0-7+deb12u3
ii procps 2:4.0.2-3
ii sysvinit-utils [lsb-base] 3.06-4
Versions of packages apache2 recommends:
ii ssl-cert 1.1.2
Versions of packages apache2 suggests:
pn apache2-doc <none>
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii elinks [www-browser] 0.13.2-1+b4
ii links [www-browser] 2.28-1+b2
ii lynx [www-browser] 2.9.0dev.12-1
ii netrik [www-browser] 1.16.1-2+b2
ii w3m [www-browser] 0.5.3+git20230121-2
Versions of packages apache2-bin is related to:
ii apache2 2.4.66-1~deb12u1
ii apache2-bin 2.4.66-1~deb12u1
-- no debconf information
