Package: libapache2-mod Version: 5.2.4-2+b1 Severity: important When I migrated to Apache 2.2.6-3 + PHP 5.2.4-2+b1 (mpm-prefork) from testing at about January 29, I started experiencing Apache Segmentation faults very frequently. Using strace I narrowed down the problem's cause which was .htaccess file containing: php_value error_log somelogfile.log This (relative path) was working on this very same server before the update, by that time the server was running PHP 5.2.3-1+lenny1. I suspect this is related to the Suhosin patch, though this is just a feeling.
It seems that the updated PHP and the usage of the (previously working) "relative path"+safe mode+not www-data uid generally only creates a "PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0" in the log file [note root "/"], however, under heavy stress, UID mixups occur, and eventually some of this ends up in segfaulting the apache child - [which then might stuck in the memory and taking up heavy CPU resources]. Please note that UID (bold/red) gets screwed up too, under heavy stress [5163 is the "legal" user id for that virtual host and 5152 is a totally different and unrelated one]. [Fri Feb 01 23:10:28 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0 [Fri Feb 01 23:10:29 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:10:29 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:10:29 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:10:30 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5152 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:10:30 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:10:30 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:10:30 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5152 is not allowed to access / owned by uid 0 in Unknown on line 0, [Fri Feb 01 23:11:39 2008] [error] [client 91.83.33.155] PHP Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 5163 is not allowed to access / owned by uid 0 in Unknown on line 0, Since this is a "production server" with heavy load, I didn't have too much resource to do thorough testing, but I was able to get some strace when segfault occurred: [Wed Jan 30 11:38:23 2008] [notice] child pid 13940 exit signal Segmentation fault (11) Strace excerpt from pid 13940: accept(3, {sa_family=AF_INET, sin_port=htons(30925), sin_addr=inet_addr("212.72.104.203")}, [16]) = 980 semop(1703943, 0xb7cd1cfa, 1) = 0 gettimeofday({1201689547, 25972}, NULL) = 0 fcntl64(980, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(980, F_SETFL, O_RDWR|O_NONBLOCK) = 0 gettimeofday({1201689547, 28806}, NULL) = 0 read(980, "GET /components/com_virtuemart/show_image_in_imgtag.php?filename=e5017277e9d2f8df84e0c89fffe67834.jpg&newxsize=100&newys"..., 8000) = 603 gettimeofday({1201689547, 172482}, NULL) = 0 gettimeofday({1201689547, 174219}, NULL) = 0 gettimeofday({1201689547, 176043}, NULL) = 0 stat64("/var/www/somedomain.hu/components/com_virtuemart/show_image_in_imgtag.php", {st_mode=S_IFREG|0640, st_size=3477, ...}) = 0 lstat64("/var", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/var/www", {st_mode=S_IFDIR|0755, st_size=20480, ...}) = 0 open("/var/www/.htaccess", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) open("/var/www/somedomain.hu/.htaccess", O_RDONLY|O_LARGEFILE) = 981 fstat64(981, {st_mode=S_IFREG|0640, st_size=5014, ...}) = 0 read(981, "#agocsp\nphp_value register_globals OFF\n\nphp_flag display_errors on\n\nphp_value log_errors 1\nphp_value error_log #_php_err"..., 4096) = 4096 read(981, " the operations listed below\n## This attempts to block the most common type of exploit `attempts` to Joomla!\n#\n# Block o"..., 4096) = 918 read(981, "", 4096) = 0 read(981, "", 4096) = 0 close(981) = 0 open("/var/www/somedomain.hu/components/.htaccess", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) open("/var/www/somedomain.hu/components/com_virtuemart/.htaccess", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) open("/var/www/somedomain.hu/components/com_virtuemart/show_image_in_imgtag.php/.htaccess", O_RDONLY|O_LARGEFILE) = -1 ENOTDIR (Not a directory) getcwd("/", 4096) = 2 lstat64("/#_php_error.log", 0xbfe2032c) = -1 ENOENT (No such file or directory) stat64("/#_php_error.log", 0xbfe254ac) = -1 ENOENT (No such file or directory) stat64("/", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- chdir("/etc/apache2") = 0 rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 0 kill(13828, SIGSEGV) = 0 sigreturn() = ? (mask now []) --- SIGSEGV (Segmentation fault) @ 0 (0) ---