threads/110306: apache 2.0 segmentation violation when calling gethostbyname

Wed Mar 14 23:10:03 UTC 2007

>Number:         110306
>Category:       threads
>Synopsis:       apache 2.0 segmentation violation when calling gethostbyname
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-threads
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 14 23:10:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Oles Hnatkevych
>Release:        6.2-STABLE
>Organization:
>Environment:
FreeBSD murzik.oles.net 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Thu Dec 28 17:06:26 EET 2006     root at murzik.oles.net:/usr/obj/usr/src/sys/MURZIK  i386

>Description:
"apachectl restart" causes apache httpd process to dump core:
Mar 15 00:32:27 murzik kernel: pid 95239 (httpd), uid 0: exited on signal 11 (core dumped)
The problem happens if php module is loaded and ServerName is not defined in httpd.conf.
It's believed that the problem happens on FreeBSD only and the cause of the problem is bug in threading functions, not the apache or php bug.
Apache is 2.0.59, php is 5.1.5 (but seems to be irrelevant)
The backtrace:

(gdb) bt full
#0  0x28d1a034 in ?? ()
No symbol table info available.
#1  0x28427832 in pthread_main_np_int () at /usr/src/lib/libc/gen/_pthread_stubs.c:183
No locals.
#2  0x2840595e in __hostdata_init () at /usr/src/lib/libc/net/gethostnamadr.c:67
        he = (struct hostdata *) 0xbfbfebf4
#3  0x28406264 in gethostbyname (name=0xbfbfe5b0 "murzik.oles.net") at /usr/src/lib/libc/net/gethostnamadr.c:363
        hd = (struct hostdata *) 0x0
        rval = (struct hostent *) 0xa
        ret_h_errno = 675506452
#4  0x08070f11 in ap_get_local_host (a=0x80a6018) at util.c:2045
        str = "murzik.oles.net\000\000\000\000\000\001\000\000\000\002\000\000\000N\2203(&#9618;&#24575;\n\000\000\002\000\000\000\000\004\000\000\000\001\000\000\000P&#9618;3(H&#28671;\031&#9618;2(y&#9618;\026\b0&#28671;\020\000\000\000\215&#9618;2(y4\vD&#9618;&#45055;\000&#9618;\026\bn&#9618;2(\204&#9618;\026\b4&#28671;\004\000\000\000X&#9618;2(h\2203(\001\000\000\000\002\000\000\000N\2203(7&#28671;\n\000\000\002\000\000\000\000\004\000\000\000\001\000\000\000P&#9618;3(x&#28671;\021&#9618;2(y&#9618;\026\b\204&#9618;\026\bH&#32767;&#9618;&#9618;2(@=I(&#9618;&#9618;\t\b\002\000\000\000\002\000\000\000\001\000\000\000P&#9618;3("...
        server_hostname = 0x0
        p = (struct hostent *) 0x816c500
#5  0x0806cdc7 in ap_fini_vhost_config (p=0x80a6018, main_s=0x80a7df8) at vhost.c:535
        sar = (server_addr_rec *) 0x0
        has_default_vhost_addr = 135445688
        s = (server_rec *) 0x80a7df8
        i = 134897688
        iphash_table_tail = {0x40, 0x80b2968, 0x0, 0x28438480, 0x2844d9e4, 0x82a8140, 0xbfbfe7c8, 0x283c2b29, 0x80a6018, 0x8, 0xbfbfe748, 0x806db14, 0x6c,
  0x80b29d0, 0x3, 0x80b29d0, 0x80b2858, 0x80b2000, 0x0, 0x0, 0x755, 0x41ed0008, 0xbfbfe778, 0x2832aec5, 0xbfbfe874, 0x45f849ec, 0x2832ae2c, 0x41ed,
  0x2833a150, 0x809817c, 0xbfbfe808, 0x2832b236, 0xbfbfe830, 0xbfbfe7a0, 0x8000, 0x2832b1d0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x12b197, 0x1d41ed, 0x3ed, 0x50,
  0x4ab48d, 0x45f877e2, 0x0, 0x45f849ec, 0x0, 0x45f849ec, 0x0, 0x600, 0x8134c08, 0x4, 0x8134c08, 0x1000, 0x8134000, 0xbfbfe818, 0x284732ae, 0x80a6018, 0x8,
  0xbfbfe828, 0x28473259, 0x81349a8, 0x2833a150, 0x8134c09, 0x28474f99, 0x28476470, 0x81347f8, 0xbfbfe858, 0x284733e1, 0x80a6018, 0x81349bc, 0xbfbfe894,
  0x284733b9, 0x8134990, 0x80a6018, 0x1e, 0x28327688, 0x1, 0x18, 0xbfbfe868, 0x28474f98, 0x28476470, 0x2833a150, 0xbfbfe898, 0x283283c1, 0x8134c18,
  0xbfbfeafc, 0x809817c, 0x2832815d, 0x8134f40, 0x48, 0x8134f3b, 0x10, 0x50415448, 0x4, 0x8134f40, 0x8134d30, 0x2847b178, 0x809817c, 0xbfbfe8c8, 0x2847abef,
  0x8134c18, 0x8134f38, 0x8134f40, 0x2847aba0, 0x8134da8, 0x8091f20, 0xbfbfedf8, 0x8134c18, 0x8134c10, 0x81260e4, 0xbfbfe938, 0x8067cc1, 0x80a6018,
  0xbfbfe94c, 0x8134f38, 0x2847aa48, 0x2847b020, 0xa, 0xbfbfe908, 0x2847aa09, 0x81260b0, 0x2847ae41, 0x8134580, 0x8134c10, 0x1, 0x809817c, 0xbfbfe928,
  0x8067fd4, 0x81341b0, 0x2847b080, 0x8134c10, 0x0, 0x0, 0x0, 0xbfbfe968, 0x806851e, 0x8091f20, 0x1, 0xbfbfe968, 0x8068550, 0x2847b020, 0xbfbfeac0,
  0x8134c10, 0x81260e4, 0x80a6018, 0x0, 0x0, 0x8134c10, 0x2847b020, 0x2847b080, 0xbfbfe998, 0x80685e4, 0x81260c0, 0xbfbfeac0, 0x81341b0, 0x8069823,
  0x80a6018, 0x80b3ea3, 0x80b3ea8, 0x0, 0x0, 0x80f34d8, 0xbfbfe9d8, 0x807c264, 0x0, 0xbfbfeac0, 0x81341b0, 0xbfbfe9d0, 0x0, 0x8095300, 0x0, 0x0, 0x0,
  0x80a6018, 0x8122ed3, 0x0, 0x80b3ea8, 0x80a7df8, 0xbfbfea48, 0x80676a0, 0xbfbfeac0, 0x80f35e8, 0x80b3e98, 0x1, 0x8095330, 0xbfbfeafc, 0xbfbfea18,
  0x8067ee2, 0x8122e98, 0x8094196, 0xa, 0x28327436, 0x1, 0x80b4720, 0xbfbfea48, 0x80799c4...}
#6  0x0806c478 in main (argc=1, argv=0xbfbfebec) at main.c:623
        c = 0 '\0'
        configtestonly = 0
        confname = 0x809184c "etc/apache2/httpd.conf"
        def_server_root = 0x8091863 "/usr/local"
        temp_error_log = 0x0
        process = (process_rec *) 0x80a4090
        server_conf = (server_rec *) 0x80a7df8
        pglobal = (apr_pool_t *) 0x80a4018
        pconf = (apr_pool_t *) 0x80a6018
        plog = (apr_pool_t *) 0x80d2018
        ptemp = (apr_pool_t *) 0x80f1018
        pcommands = (apr_pool_t *) 0x80a8018
        opt = (apr_getopt_t *) 0x80a80b0
        rv = 70014
        mod = (module **) 0x809801c
        optarg = 0x2809e9a1 "\215e&#9618;[\211&#9618;^_&#9618;&#9618;&#9618;\214&#9618;&#9618;&#9618;&#9618;&#9618;\211&#9618;U\211&#9618;WVS\203&#9618;8&#9618;"
        signal_server = (apr_OFN_ap_signal_server_t *) 0
(gdb)


>How-To-Repeat:
Install ports www/apache20 and lang/php5, run apache server, run "apachectl restart"
>Fix:
Only workaround is known: define ServerName in httpd.conf
>Release-Note:
>Audit-Trail:
>Unformatted: