Bug 61028

Summary: mod_fcgid extensive memory allocations causes OOM
Product: Apache httpd-2 Reporter: koumes
Component: mod_fcgidAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: RESOLVED DUPLICATE    
Severity: normal CC: JBlond
Priority: P2    
Version: 2.4.6   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Attachments: Core dump backtrace

Description koumes 2017-04-23 11:37:12 UTC
Created attachment 34942 [details]
Core dump backtrace

OS: CentOS 7.3.1611
Package: mod_fcgid-2.3.9-4.el7.x86_64
Error: 
[ 8677.328169] Out of memory: Kill process 3314 (httpd) score 844 or sacrifice child
[ 8677.333848] Killed process 3314 (httpd) total-vm:836236kB, anon-rss:421320kB, file-rss:0kB, shmem-rss:12kB

# httpd -V
Server version: Apache/2.4.6 (CentOS)
Server built:   Apr 12 2017 21:03:28
Server's Module Magic Number: 20120211:24
Server loaded:  APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture:   64-bit
Server MPM:     event
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"


Also affected:
  Apache/2.2.15 (CentOS 6.9), package: mod_fcgid-2.3.9-1.el6.x86_64
  Apache/2.4.18 (Ubuntu 16.04.1), package: libapache2-mod-fcgid 2.3.9-1



Debug with memory limit (LimitAS=768M):

error.log:
[Sun Apr 23 13:11:19.986041 2017] [core:notice] [pid 3581:tid 139686508890240] AH00051: child pid 3584 exit signal Segmentation fault (11), possible coredump in /tmp

Core dump backtrace attached.
Comment 1 Joe Orton 2018-11-28 08:58:43 UTC
Likely a duplicate of bug 51747.

*** This bug has been marked as a duplicate of bug 51747 ***
Comment 2 koumes 2018-12-12 19:32:22 UTC
I don't know if this is a duplicate bug. I tested the package mod_fcgid-2.3.9-4.el7_4.1.x86_64.rpm (CentOS 7) that contains the patch from bug 51747 (https://git.centos.org/commitdiff/rpms!mod_fcgid.git/76b3cbd1a9886d1f5297cf40df6da61fd9d84f7d), but the problem persists.

I have a PoC script to demonstrate the issue, but it's dangerous to be publicly visible.