Bug 50190 - apr_ring aliasing issue causes segfaults
Summary: apr_ring aliasing issue causes segfaults
Status: CLOSED FIXED
Alias: None
Product: APR
Classification: Unclassified
Component: APR (show other bugs)
Version: HEAD
Hardware: PC Linux
: P2 major (vote)
Target Milestone: ---
Assignee: Apache Portable Runtime bugs mailinglist
URL:
Keywords:
: 50520 50798 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-11-01 12:03 UTC by John Andrea
Modified: 2014-01-21 13:12 UTC (History)
5 users (show)


Attachments
possible workaround (446 bytes, patch)
2010-11-30 10:51 UTC, Joe Orton 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Andrea 2010-11-01 12:03:21 UTC 
Compiling a minimal httpd 2.2.17 on OpenSuse 11.3 which uses gcc 4.5 causes all HTTP POST requests to fail with an empty response and the following lines in error_log

[crit] file http_filters.c, line 523, assertion "totalread >= 0" failed
[notice] child pid 27403 exit signal Aborted (6)

This failure does not occur on OpenSuse 11.2 or any other distro which I've tested: Fedora 13, ScientificLinux 5.5, and Ubuntu Server 10.10. Note that those working tested distros all use gcc 4.4
   Behaviour is similar for at least Apache 2.2.16 and 2.2.14.

Reproducable with:
1: ./configure --prefix=/usr/local/2217-no-maint --enable-cgi --disable-maintainer-mode
2: make install
3: set ip address as ServerName, set cgi files to executable
4: start server
5: curl -d "item=abc" http://localhost/cgi-bin/test-cgi
6: result: curl: (52) Empty reply from server
7: test as a GET
8: curl http://localhost/cgi-bin/test-cgi?item=abc
9: result: expected environment variables displayed

Make it work by allowing maintainer mode
1: ./configure --prefix=/usr/local/2217-with-maint --enable-cgi --enable-maintainer-mode
then POST tests work. Binary is ~2k larger.

Found a semi-related note at the bottom of this page: http://code.google.com/p/modwsgi/wiki/InstallationIssues . But my build is without any external modules.
Comment 1 John Andrea 2010-11-02 16:34:19 UTC 
Using Fedora 14 beta with gcc 4.5.1 the problem is reproduced.
Comment 2 Frédéric Buclin 2010-11-27 17:59:08 UTC 
We have the same issue with the Mandriva Linux distro, see

 https://qa.mandriva.com/show_bug.cgi?id=61384

This is a pretty critical issue as it prevents e.g. the Bugzilla web application from working with Apache 2.2.17.
Comment 3 Frédéric Buclin 2010-11-27 18:21:21 UTC 
Seems related to http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46488
Comment 4 Stefan Fritsch 2010-11-28 17:42:47 UTC 
From reading through the bug reports, I got the impression that the APR_RING/APR_BRIGADE code is simply not safe WRT strict-aliasing rules and the only possible fix would be to add -fno-strict-alias to the default CFLAGS.

Is this correct?
Comment 5 Frédéric Buclin 2010-11-28 18:05:32 UTC 
Well, Eric in http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46488#c18 (comment 18) suggests a change which might fix the problem wrt strict aliasing. This would avoid the use of -fno-strict-alias.
Comment 6 Joe Orton 2010-11-30 10:51:26 UTC 
Created attachment 26357 [details]
possible workaround

Can someone test whether the attached patch makes a difference?

  $ (cd srclib/apr-util && patch -p0 < /path/to/apr_alias.diff)
  $ make clean && make
Comment 7 John Andrea 2010-12-02 16:48:48 UTC 
> Can someone test whether the attached patch makes a difference?

No change.
Comment 9 Joe Orton 2011-01-17 05:31:31 UTC 
*** Bug 50520 has been marked as a duplicate of this bug. ***
Comment 10 b3nder 2011-02-19 16:15:38 UTC 
Related bug with fix

https://issues.apache.org/bugzilla/show_bug.cgi?id=50798
Comment 11 Stefan Fritsch 2011-02-26 11:52:21 UTC 
*** Bug 50798 has been marked as a duplicate of this bug. ***
Comment 12 Stefan Fritsch 2011-02-26 12:01:18 UTC 
Fixed in r1074876, r1074877, r1074878.
Will be released with 1.4.3