[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #2 from abhishek.pa...@diligenta.co.uk ---
Created attachment 36719
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36719=edit
Contains Apache configurations and gdb bt full

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63666] Should take the OS buffers into account when timing lingering

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63666

--- Comment #2 from Sjoerd Simons  ---
Unsure how to get those statistics in a good way. I'm not fully aware of which
DOS it's protecting against (I assume leaving orphaned connection open in
FIN-WAIT-2?). 

However a DOS that can trigger this with staying in FIN-WAIT-1 with data queued
by stalling the download seems equivalent to an attacker stalling the
connection at any other time (e.g. half way through the download rather then at
the end). Unsure if apache has protection against that, but if so the
protection for this corner should probably be equivalent.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #3 from Eric Covener  ---
Can you share the `thread apply all bt full` output too?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #7 from abhishek.pa...@diligenta.co.uk ---
I can't see any core file getting generated but logs are getting filled with
said errors and child processes are getting closed and new processes are
getting spawned continuously.

I have also added below directive to generate core dumps in specific file but
still not core dump file getting generated.

CoreDumpDirectory /app/test/conf

I can confirm that lots of disk space is available on server and there isn't
any permission issue as well.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #8 from Eric Covener  ---
CoreDumpDirectory only has affect of /proc/sys/kernel/core_pattern isn't
absolute or a pipe because CoreDumpDirectory is really just "the working
directory during fatal signal".  /proc/sys/kernel/core_pattern may be sending
cores elsewhere or to a program that filters them (saves only a few, sends them
off somewhere remote, etc)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #10 from abhishek.pa...@diligenta.co.uk ---
Also I have checked inside /app and /var, no core dump file any where.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #5 from abhishek.pa...@diligenta.co.uk ---
Created attachment 36721
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36721=edit
Detailed backtrace

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

abhishek.pa...@diligenta.co.uk changed:

   What|Removed |Added

  Attachment #36719|0   |1
is obsolete||

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #4 from abhishek.pa...@diligenta.co.uk ---
Created attachment 36720
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36720=edit
Contains Apache configurations and gdb trace

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #9 from abhishek.pa...@diligenta.co.uk ---
I am not that expert on OS level stuff but this is what we have on hosting
server. If that helps,

[http@server-hostname conf]$ cat /proc/sys/kernel/core_pattern
|/usr/libexec/abrt-hook-ccpp %s %c %p %u %g %t e

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

--- Comment #6 from Eric Covener  ---
It looks like you are attaching to a running process rather than getting info
from the core file.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63666] New: Should take the OS buffers into account when timing lingering

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63666

Bug ID: 63666
   Summary: Should take the OS buffers into account when timing
lingering
   Product: Apache httpd-2
   Version: 2.4-HEAD
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Platform
  Assignee: bugs@httpd.apache.org
  Reporter: sjoerd.sim...@collabora.co.uk
  Target Milestone: ---

Created attachment 36718
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36718=edit
python test case

Note version tested is 2.4.41, however the version field doesn't seem to have
that one.

For context; we're using bmaptool (https://github.com/intel/bmap-tools) to
flasy embedded boards over the network; bmap can on the fly download an image,
uncompress it and write to storage (e.g. SD card). As the input image is
compressed the amount work bmaptool needs to do fluctutes heavily (e.g. towards
the end of an image the content will mosty be zeros, which means for a very
amount of small compressed data transfer you get a big amount of compressed
data).

What we saw practically happening is on some specific boards/images apache ends
up resetting the connection when the data transfer was nearly finished.


Tracing this down what happens is that the connection ens up in FIN-WAIT-1
(iotw. apache has shutdown its write side of the connection already) with quite
some amount of data left in the send queue as the connection was stalled at
that time, after 30 seconds the connection gets reset.

On the apache site what happens is that it simply finishing writing all its
data to the socket, shuts down the write side, lingers for maximally 30 seconds
and then closes, which
https://svn.apache.org/viewvc?view=revision=1802875 forces a
connection reset (on older versions it would "linger"/be "orphaned" on the OS
side).


On the network side what happens is that download is stalled (bmaptool is busy)
as the recevier window is full, which means that even though apache is already
lingering not all data has been transferred and FIN hasn't been sent yet. This
is then followed by RST packet as Apache causes the connection to be dropped,
with the receiver never having a chance to see all data (or the FIN).


What should probably happen is that when apache does it's lingering it should
check the send queue size on the OS side before hard terminating the connection
(or leave it up to the OS which is what happened previously) as the connection
simply might have slowed down enough to not be able to drain the send queues
within 30 seconds...


I've attached a minimal python test case that shows the issue; The key there is
to tweak the code a bit the setup such that apache is lingering with a good
amount of data left in the send queue when the 40 seconds sleep happens.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63666] Should take the OS buffers into account when timing lingering

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63666

--- Comment #1 from Joe Orton  ---
Interesting problem.

Is there a portable way to determine the length of the TCP send queue? 
Apparently the ioctl TIOCOUTQ might do it for (some?) Unix, tho we've got no
experience with using that in APR/httpd.

Even if we can determine that length, I'm not sure what the right logic would
be here.  The existence of a non-zero send queue is not sufficient to delay the
lingering close, since that's indistinguishable from a DoS which this is
supposed to protect against.  Maybe a *decreasing* length send queue would be
sufficient, but possibly we'd need some heuristic on how fast it should to
decrease to keep the socket open.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] New: AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

Bug ID: 63667
   Summary: AH00051: child pid 28416 exit signal Segmentation
fault
   Product: Apache httpd-2
   Version: 2.4.39
  Hardware: Other
OS: Linux
Status: NEW
  Severity: critical
  Priority: P2
 Component: All
  Assignee: bugs@httpd.apache.org
  Reporter: abhishek.pa...@diligenta.co.uk
  Target Milestone: ---

We were facing segmentation fault with 2.4.39 and now also getting same error
with this latest 2.4.41 version

Below is the error we are getting,
[Thu Aug 15 11:36:39.942478 2019] [core:notice] [pid 14702:tid 47528871867744]
AH00051: child pid 28416 exit signal Segmentation fault (11), possible coredump
in /apache/instance/home/path/

We are using Apache with below supporting binaries on RHEL 6.10 (Santiago).

•   apr-1.7.0
•   apr-util-1.6.1
•   pcre-8.43
•   openssl-1.1.1c
•   mod_cluster-1.3.1
•   httpd-2.4.41

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 63667] AH00051: child pid 28416 exit signal Segmentation fault

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63667

Eric Covener  changed:

   What|Removed |Added

 Status|NEW |NEEDINFO

--- Comment #1 from Eric Covener  ---
Can you share your configuration and backtraces from the core?

https://httpd.apache.org/dev/debugging.html#crashes

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 60681] Increase severity of "request failed: error reading the headers"

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60681

--- Comment #17 from rapclimber  ---
Kindly share update or progress on this.
https://zohomaillogin.com/aol-mail-login/

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org



[Bug 60846] PR34014 / r903052 changed date format for autoindex

2019-08-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60846

--- Comment #18 from mandiken  ---
Assignments are given as we initially start our homework at a young age. These
undertakings empower us to make sense of how to be competent. Achieving
something the right way doesn't commonly mean taking the straightforward
course. You should do the assignment well the main go through around paying
little respect to the posiibility that it implies you will battle a bit.
Understudies https://www.assignmentspot.co.uk/ take in the most when they are
fairly awkward – so handle it and be grateful that you have this open entryway
in school to learn. Utilizing the techniques our task administration offers,
you are certain to have a finished task without such a significant number of
battles.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org