Am 17.05.2021 um 23:36 schrieb Christophe JAILLET:
Hi, all;
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/
I would like to call a VOTE over the next few days to release this
candidate tarball as 2.4.48:
[X] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.
The computed digests of the tarball up for vote are:
sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz
sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e
*httpd-2.4.48.tar.gz
sha512:
91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb
*httpd-2.4.48.tar.gz
The SVN tag is '2.4.48' at r1889975.
+1 to release and thanks a bunch for RM!
Summary: all OK except for
- one single crash on SLES 11 statically linked during SSL handshake.
- two crashes on Solaris with prefork MPM during shutdown. Only with
released APR/APU not with svn heads. Tests ongoing. I think I have seen
such before, so not a regression.
- minor nit: The following files in the tarballs contains french date
lines probably due to exporting them from svn with your local locale:
- ROADMAP
- VERSIONING
- maybe others?
Maybe already fixed, I saw some conversation about in the future
using a default locale in scripts.
Detailed report:
- Sigs and hashes OK
- contents of tarballs identical
- contents of tag and tarballs identical
except for expected deltas
Built on
- Solaris 10 Sparc as 32 Bit Binaries
- SLES 11+12+15 (64 Bits)
- RHEL 6+7+8 (64 Bits)
For all platforms built
- with default (shared) and static modules
- with module set reallyall
- using --enable-load-all-modules
- against
- bundled APR/APU from deps tarball
- external APR/APU 1.7.0/1.6.1 (expat)
- APR/APU 1.6.5/1.6.1 (expat)
- APR/APU 1.7.x r1889104/1.7.x r1889948 (expat)
- APR/APU 1.7.x r1889104/1.7.x r1889948 (libxml2)
- APR/APU 1.6.x r1876940/1.6.x r1889948 (expat)
- using external libraries
- expat 2.3.0
- pcre 8.44
- lua 5.4.3 (compiled with LUA_COMPAT_MODULE)
- libxml2 2.9.12
- libnghttp2 1.43.0
- brotli 1.0.9
- curl 7.76.1
- jansson 2.13.1
- libldap 2.4.58 (resp. 2.4.52 when using OpenSSL 0.9.8)
and
- openssl 0.9.8zh, 1.0.2, 1.0.2u, 1.1.1, 1.1.1k, 3.0.0alpha16
- Tool chain:
- platform gcc except on Solaris
(gcc 9.3.0 Solaris 10)
- CFLAGS: -O2 -g -Wall -fno-strict-aliasing
- on Solaris additionally -mpcu=v9, -D_XOPEN_SOURCE,
-D_XOPEN_SOURCE_EXTENDED=1, -D__EXTENSIONS__
and -D_XPG6
All of the 884 builds succeeded.
- compiler warnings: see earlier separate mail
Tested for
- SLES 11+12 done
- SLES 15 and RHEL 6+7+8 mostly done
- Solaris 10 Sparc about 12% done
- MPMs prefork, worker, event
- default and static module builds
- log level trace8
- module set reallyall (129 modules plus 3 MPMs)
- Perl client bundle build against OpenSSL 1.1.1g plus patches, 1.1.0l,
1.0.2u and 0.9.8zh
- OpenSSL once linked statically and once as a shared library
Every OpenSSL version in the client is tested with every OpenSSL version
in the server.
The total number of test suite runs until now is ~8000 (more still to
come, especially most of the Solaris ones and some of those with
statically linked OpenSSL in combination with statically linked server
on Linux).
Some local adjustments to tests were used:
- t/modules/buffer.t: removing huge buffer tests
- my $bigsize = 100000;
+ my $bigsize = 10000;
- fixing limitrequestline overwrite which does not yet really work in
Apache-Test/lib/Apache/TestConfig.pm
87d86
< limitrequestline => 'global LimitRequestLine setting (default is 128)',
96a96
> # limitrequestline => 'global LimitRequestLine setting (default is
128)',
372,373c372,373
< $vars->{limitrequestline} ||= 128;
< $vars->{limitrequestlinex2} = 2 * $vars->{limitrequestline};
---
> # $vars->{limitrequestline} ||= 128;
> # $vars->{limitrequestlinex2} = 2 * $vars->{limitrequestline};
- the temporary workaround for OpenSSL 3 when using "openssl crl -hash"
with STDIN in Apache-Test/lib/Apache/TestSSLCA.pm is no longer
necessary, problem fixed in OpenSSL 3.0.0alpha16
The following test failures were seen:
a A single crash in SLES 11 APU 1.6.1 APR 1.7.0 OpenSSL 1.0.2u
build statically using event.
Crash during ssl_io_filter_handshake calling ... CRYPTO_malloc and
finally "glibc detected *** /path/to/bin/httpd: malloc():
memory corruption: 0x0000000000faafe1"
gdb data see below.
b Two crashes on Solaris 10 Sparc,
once APU 1.6.1 APR 1.6.5 OpenSSL 3.0.0alpha16
and once APU 1.6.1 APR 1.7.0 OpenSSL 1.1.1k
build dynamically both using prefork.
Crash during shutdown when apr_pool_destroy() for the
pchild pool calls allocator_free() (invalid node->next).
Might be fixed in svn heads. I will check, whether the ongoing
Solaris tests give some more indication.
gdb data see below.
c All https tests fail between OpenSSL 0.9.8zh and 3.0.0alpha15
Not a regression.
Probably need to figure out how to load the legacy provider
during the tests.
d Tests 48, 51, 54 and once also 42 in t/modules/cgi.t line 232:
Not a regression
Only on Solaris
98 failed test runs out of 221 until now
Test checks log contents. Could be false positive due to
logs not being flushed.
e Probably still hangs on Solaris when using prefork and mod_ext_filter.
Not really checked, mod_ext_filter commented out
to let the tests not hang.
Would not be a regression.
Regards,
Rainer
GDB info single crash on SLES 11:
*** glibc detected *** /path/to/httpd/bin/httpd: malloc(): memory
corruption: 0x0000000000faafe1 ***
Thread 1 (Thread 11610):
#0 0x00007f49fc86c945 in raise () from /lib64/libc.so.6
#1 0x00007f49fc86df21 in abort () from /lib64/libc.so.6
#2 0x00007f49fc8a98ef in __libc_message () from /lib64/libc.so.6
#3 0x00007f49fc8af018 in malloc_printerr () from /lib64/libc.so.6
#4 0x00007f49fc8b1f7f in _int_malloc () from /lib64/libc.so.6
#5 0x00007f49fc8b4057 in malloc () from /lib64/libc.so.6
#6 0x00007f49fea2d0b8 in CRYPTO_malloc (num=11557, file=0x7f49feb78935
"digest.c", line=222) at mem.c:346
#7 0x00007f49fea5c28c in EVP_DigestInit_ex (ctx=0x7f49df4f6bc0,
type=0x7f49fedbf980, impl=0x0) at digest.c:222
#8 0x00007f49feaf8db4 in ssleay_rand_add (buf=0x7f49df4f6c80, num=8,
add=0) at md_rand.c:269
#9 0x00007f49fe9ef34c in ssl23_accept (s=0xf25900) at s23_srvr.c:156
#10 0x000000000057a695 in ssl_io_filter_handshake (filter_ctx=0xfc8198)
at /path/to/src/httpd/modules/ssl/ssl_engine_io.c:1340
#11 0x000000000057c09c in ssl_io_filter_input (f=0xfa0b98, bb=0xfa0eb8,
mode=6, block=4294967295, readbytes=0)
at /path/to/src/httpd/modules/ssl/ssl_engine_io.c:1528
#12 0x000000000056f665 in ssl_hook_process_connection (c=0xfc76e8) at
/path/to/src/httpd/modules/ssl/mod_ssl.c:707
#13 0x000000000049861a in ap_run_process_connection (c=0xfc76e8) at
/path/to/src/httpd/server/connection.c:42
#14 0x00007f49fbd4e807 in process_socket (thd=0xd97be8, p=0xfc73b8,
sock=0xfc7440, cs=0xfc7640, my_child_num=9505424, my_thread_num=-67799776)
at /path/to/src/httpd/server/mpm/event/event.c:1038
#15 0x00007f49fbd4f5a8 in worker_thread (thd=0xd97be8, dummy=<value
optimized out>)
at /path/to/src/httpd/server/mpm/event/event.c:2070
#16 0x00007f49fcda35f0 in start_thread () from /lib64/libpthread.so.0
#17 0x00007f49fc90e84d in clone () from /lib64/libc.so.6
#18 0x0000000000000000 in ?? ()
(gdb) bt full
#0 0x00007f49fc86c945 in raise () from /lib64/libc.so.6
No symbol table info available.
#1 0x00007f49fc86df21 in abort () from /lib64/libc.so.6
No symbol table info available.
#2 0x00007f49fc8a98ef in __libc_message () from /lib64/libc.so.6
No symbol table info available.
#3 0x00007f49fc8af018 in malloc_printerr () from /lib64/libc.so.6
No symbol table info available.
#4 0x00007f49fc8b1f7f in _int_malloc () from /lib64/libc.so.6
No symbol table info available.
#5 0x00007f49fc8b4057 in malloc () from /lib64/libc.so.6
No symbol table info available.
#6 0x00007f49fea2d0b8 in CRYPTO_malloc (num=11557, file=0x7f49feb78935
"digest.c", line=222) at mem.c:346
ret = 0x0
#7 0x00007f49fea5c28c in EVP_DigestInit_ex (ctx=0x7f49df4f6bc0,
type=0x7f49fedbf980, impl=0x0) at digest.c:222
No locals.
#8 0x00007f49feaf8db4 in ssleay_rand_add (buf=0x7f49df4f6c80, num=8,
add=0) at md_rand.c:269
i = 0
j = 0
k = <value optimized out>
st_idx = 889
md_c = {657, 1446}
local_md = "@\321?P\352`\352\356\357\245tKd\210'=\235(p",
<incomplete sequence \304>
m = {digest = 0x7f49fedbf980, engine = 0x0, flags = 0, md_data
= 0x0, pctx = 0x0, update = 0x7f49fea62a30 <update>}
do_not_lock = 0
#9 0x00007f49fe9ef34c in ssl23_accept (s=0xf25900) at s23_srvr.c:156
buf = <value optimized out>
Time = 1621645884
cb = <value optimized out>
ret = <value optimized out>
state = <value optimized out>
#10 0x000000000057a695 in ssl_io_filter_handshake (filter_ctx=0xfc8198)
at /path/to/src/httpd/modules/ssl/ssl_engine_io.c:1340
c = 0xfc76e8
sc = <value optimized out>
cert = <value optimized out>
n = <value optimized out>
ssl_err = <value optimized out>
verify_result = <value optimized out>
server = 0xc01398
#11 0x000000000057c09c in ssl_io_filter_input (f=0xfa0b98, bb=0xfa0eb8,
mode=6, block=4294967295, readbytes=0)
at /path/to/src/httpd/modules/ssl/ssl_engine_io.c:1528
status = <value optimized out>
start = <value optimized out>
len = 8192
is_init = 1
bucket = <value optimized out>
#12 0x000000000056f665 in ssl_hook_process_connection (c=0xfc76e8) at
/path/to/src/httpd/modules/ssl/mod_ssl.c:707
temp = 0xfa0eb8
sslconn = <value optimized out>
#13 0x000000000049861a in ap_run_process_connection (c=0xfc76e8) at
/path/to/src/httpd/server/connection.c:42
n = 4
rv = 6
#14 0x00007f49fbd4e807 in process_socket (thd=0xd97be8, p=0xfc73b8,
sock=0xfc7440, cs=0xfc7640, my_child_num=9505424, my_thread_num=-67799776)
at /path/to/src/httpd/server/mpm/event/event.c:1038
c = 0xfc76e8
conn_id = 205
rv = <value optimized out>
rc = <value optimized out>
#15 0x00007f49fbd4f5a8 in worker_thread (thd=0xd97be8, dummy=<value
optimized out>)
at /path/to/src/httpd/server/mpm/event/event.c:2070
csd = 0xfc7440
cs = 0x0
te = 0x0
ptrans = 0xfc73b8
process_slot = 3
thread_slot = 13
rv = <value optimized out>
is_idle = 0
#16 0x00007f49fcda35f0 in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#17 0x00007f49fc90e84d in clone () from /lib64/libc.so.6
No symbol table info available.
GDB info crash on Solaris 10 (both cases same gdb info):
Program terminated with signal SIGSEGV, Segmentation fault.
#0 allocator_free (node=0x1d278, allocator=0x419330) at
/path/to/src/apr-1.6.5/memory/unix/apr_pools.c:462
462 node->next = freelist;
[Current thread is 3 (Thread 1 (LWP 1))]
(gdb) bt full
#0 allocator_free (node=0x1d278, allocator=0x419330) at
/path/to/src/apr-1.6.5/memory/unix/apr_pools.c:462
freelist = 0x578010
max_index = 1823568
max_free_index = 1
next = 0x4
index = 34911
current_free_index = 0
#1 apr_pool_destroy (pool=0x41f490) at
/path/to/src/apr-1.6.5/memory/unix/apr_pools.c:1043
active = <optimized out>
allocator = 0x419330
#2 0xfed629e8 in clean_child_exit (code=7) at
/path/to/src/httpd/server/mpm/prefork/prefork.c:227
No locals.
#3 0xfed62f34 in child_main (child_num_arg=<optimized out>,
child_bucket=<optimized out>)
at /path/to/src/httpd/server/mpm/prefork/prefork.c:481
pfd = <optimized out>
thd = 0x41f4d0
osthd = 1
ptrans = 0x421498
allocator = 0x419330
status = <optimized out>
i = <optimized out>
lr = <optimized out>
pollset = 0x421080
sbh = 0x421078
bucket_alloc = <optimized out>
last_poll_idx = <optimized out>
lockfile = <optimized out>
#4 0xfed63604 in make_child (s=0xce5b8, slot=4) at
/path/to/src/httpd/server/mpm/prefork/prefork.c:717
bucket = 0
pid = <optimized out>
#5 0xfed645e0 in perform_idle_server_maintenance (p=<optimized out>)
at /path/to/src/httpd/server/mpm/prefork/prefork.c:821
i = <optimized out>
idle_count = <optimized out>
ws = <optimized out>
free_length = <optimized out>
free_slots = {3, 4, 11, 12, 13, 14, 15, 16, 0, 0, 0, 0, 0, 0,
0, -49782816, 0, 7168, -18130688, 0, -15783424, 0, -4198992, 364012,
1000, -30700224, -42489328,
1000, 2456008, -53053124, 0, 1000}
last_non_dead = <optimized out>
total_non_dead = <optimized out>
bucket_kill_child_record = 0
#6 prefork_run (_pconf=<optimized out>, plog=<optimized out>,
s=<optimized out>)
at /path/to/src/httpd/server/mpm/prefork/prefork.c:1014
status = 0
pid = {pid = -1, in = 0xffbfed98, out = 0x3defe0, err = 0x0}
child_slot = <optimized out>
exitwhy = APR_PROC_EXIT
processed_status = <optimized out>
index = <optimized out>
remaining_children_to_start = 0
i = <optimized out>
#7 0x0003aa8c in ap_run_mpm (pconf=0xa9440, plog=0xd0110, s=0xce5b8) at
/path/to/src/httpd/server/mpm_common.c:94
pHook = <optimized out>
n = 0
rv = -1
#8 0x00077924 in main (argc=<optimized out>, argv=<optimized out>) at
/path/to/src/httpd/server/main.c:819
c = 68 'D'
showcompile = <optimized out>
showdirectives = 0
confname = 0xffbff278 "*redacted*"...
def_server_root = 0xffbff176 "/*redacted*"...
temp_error_log = <optimized out>
error = 0x9df48 <ap_server_conf> ""
process = 0xa74c8
pconf = 0xa9440
plog = 0xd0110
ptemp = 0xd7138
pcommands = 0xcb4c8
opt = 0xcb568
rv = <optimized out>
mod = <optimized out>
opt_arg = 0xffbff395 "APACHE2_4"
signal_server = 0x885f
rc = <optimized out>
(gdb) print *node
$1 = {next = 0x4, ref = 0x11000012, index = 34911, free_index = 630500,
first_avail = 0x0, endp = 0x12000000 <error: Cannot access memory at
address 0x12000000>}
(gdb) print *node->next
Cannot access memory at address 0x4
(gdb) print *allocator
$2 = {max_index = 1823568, max_free_index = 1, current_free_index = 0,
mutex = 0x0, owner = 0x361678, free = {0x0 <repeats 20 times>}}
(gdb) up
#1 apr_pool_destroy (pool=0x41f490) at
/path/to/src/apr-1.6.5/memory/unix/apr_pools.c:1043
1043 allocator_free(allocator, active);
(gdb) print *pool
$3 = {parent = 0x0, child = 0x0, sibling = 0x41d488, ref = 0xa9444,
cleanups = 0x0, free_cleanups = 0x0, allocator = 0x419330, subprocesses
= 0x0,
abort_fn = 0x32410 <abort_on_oom>, user_data = 0x526250, tag =
0xfed6a4e8 "pchild", active = 0x525890, self = 0x41f478,
self_first_avail = 0x41f4d0 "",
pre_cleanups = 0x0}
