You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/12/29 21:35:03 UTC
DO NOT REPLY [Bug 41262] New: - Embedded pcre causes runtime segfault
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
Summary: Embedded pcre causes runtime segfault
Product: Apache httpd-2
Version: 2.2.3
Platform: PC
OS/Version: Mac OS X 10.4
Status: NEW
Severity: normal
Priority: P2
Component: All
AssignedTo: bugs@httpd.apache.org
ReportedBy: roberto@connexer.com
When building the latest stable httpd on Mac OS X, the server segfaults if the
usertrack module is enabled. This can be corrected by upgrading the embedded
pcre or using an external pcre. I first tried to update the embedded pcre in
srclib to a newer version (7.0), but it caused the build to fail because of
unexpanded macros in the Makefile. However, by compiling it seperately and
installing it in /usr/local/pcre, I was able to recompile httpd and have it work
with all the modules loaded. I am using the Apple Developer tools and
configured with this command: './configure --enable-modules=all
--enable-mods-shared=all --with-included-apr --with-mpm=prefork --enable-ldap
--enable-authnz-ldap --enable-ssl --with-ldap --with-pcre=/usr/local/pcre' (To
reproduce the segfault, don't use --with-pcre). I did not modify any of the
configuration files after running 'make install' and before running
'/usr/local/apache2/bin/apachectl start'. I recommend updating the embedded
pcre in srclib.
Here is the gdb output of the segfaulted server:
$ gdb /usr/local/apache2/bin/httpd
GNU gdb 6.1-20040303 (Apple version gdb-437) (Fri Jan 13 18:45:48 GMT 2006)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-apple-darwin"...Reading symbols for shared
libraries ........ done
(gdb) run -k start
Starting program: /usr/local/apache2/bin/httpd -k start
Reading symbols for shared libraries ......+++ done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries .. done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x7fffd69b
0x0002da60 in compile_regex (options=0, oldims=0, brackets=0xbfffefe4,
codeptr=0xbfffeb10, ptrptr=0xbfffeb0c, errorptr=0xbffff03c, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffeb04, reqbyteptr=0xbfffeafc, bcptr=0xbfffeaf4,
cd=0xbfffef98) at pcre.c:2463
2463 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
(gdb) bt
#0 0x0002da60 in compile_regex (options=0, oldims=0, brackets=0xbfffefe4,
codeptr=0xbfffeb10, ptrptr=0xbfffeb0c, errorptr=0xbffff03c, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffeb04, reqbyteptr=0xbfffeafc, bcptr=0xbfffeaf4,
cd=0xbfffef98) at pcre.c:2463
#1 0x0002d6c7 in compile_regex (options=0, oldims=0, brackets=0xbfffefe4,
codeptr=0xbfffefe0, ptrptr=0xbfffefdc, errorptr=0xbffff03c, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffefec, reqbyteptr=0xbfffefe8, bcptr=0x0,
cd=0xbfffef98) at pcre.c:3666
#2 0x00030114 in pcre_compile (pattern=0x1849380 "^Apache=([^;,]+)|[;,][
\t]*Apache=([^;,]+)", options=0, errorptr=0xbffff03c, erroroffset=0xbffff038,
tables=0x3f2a0 "") at pcre.c:5509
#3 0x00008470 in ap_regcomp (preg=0x18493b0, pattern=0x1849380
"^Apache=([^;,]+)|[;,][ \t]*Apache=([^;,]+)", cflags=0) at util_pcre.c:135
#4 0x000053a7 in ap_pregcomp (p=0x1806418, pattern=0x1849380
"^Apache=([^;,]+)|[;,][ \t]*Apache=([^;,]+)", cflags=0) at util.c:268
#5 0x005a6b18 in set_and_comp_regexp (dcfg=0x1849368, p=0x1806418,
cookie_name=0x5a6ff4 "Apache") at mod_usertrack.c:203
#6 0x005a6c38 in make_cookie_dir (p=0x1806418, d=0x0) at mod_usertrack.c:268
#7 0x0001a3dc in ap_single_module_configure (p=0x1806418, s=0x180bda0,
m=0x5a7020) at config.c:2031
#8 0x00028eac in load_module (cmd=0xbffff668, dummy=0xbffff4b4,
modname=0x18491b0 "usertrack_module", filename=0x18491c8
"modules/mod_usertrack.so") at mod_so.c:294
#9 0x00017a36 in invoke_cmd (cmd=0x40060, parms=0xbffff668, mconfig=0xbffff4b4,
args=0x183d44c "") at config.c:768
#10 0x0001853a in ap_build_config_sub (p=0x180b878, temp_pool=0x184938d,
l=0xbfffe918 "h���", parms=0xbffff668, current=0xbffff51c,
curr_parent=0xbffff518, conftree=0x3f0a8) at config.c:1419
#11 0x00018b05 in ap_build_config (parms=0xbffff668, p=0x1806418,
temp_pool=0x1836418, conftree=0x3f0a8) at config.c:1202
#12 0x000192d0 in process_resource_config_nofnmatch (s=0x180bda0,
fname=0x1838ef0 "/usr/local/apache2/conf/httpd.conf", conftree=0x3f0a8,
p=0x1806418, ptemp=0x1836418, depth=0) at config.c:1612
#13 0x000195d8 in ap_process_resource_config (s=0x180bda0, fname=0x1838ef0
"/usr/local/apache2/conf/httpd.conf", conftree=0x3f0a8, p=0x1806418,
ptemp=0x1836418) at config.c:1644
#14 0x0001a1eb in ap_read_config (process=0x18044a0, ptemp=0x1836418,
filename=0x3567c "conf/httpd.conf", conftree=0x3f0a8) at config.c:2004
#15 0x00003272 in main (argc=3, argv=0xbffff98c) at main.c:610
(gdb)
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 41262] - Embedded pcre causes runtime segfault
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
------- Additional Comments From nick@webthing.com 2006-12-30 18:58 -------
This is an instance of a frequently-recurring problem that comes with bundling
*any* PCRE version. The solution is to unbundle it.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 41262] - Embedded pcre causes runtime segfault
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
------- Additional Comments From ianh@apache.org 2007-05-10 22:25 -------
is the 'solution' here to check at compile time on OS/X and refuse to build
unless the person has specified a external pcre?
The bug is marked as needsinfo. what other information is required?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 41262] - Embedded pcre causes runtime segfault
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
------- Additional Comments From roberto@connexer.com 2006-12-29 16:37 -------
$ gdb /usr/local/apache2-crash/bin/httpd GNU gdb 6.1-20040303 (Apple version
gdb-437) (Fri Jan 13 18:45:48 GMT 2006)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-apple-darwin"...Reading symbols for shared
libraries ........ done
(gdb) run -k start
Starting program: /usr/local/apache2-crash/bin/httpd -k start
Reading symbols for shared libraries ......+++ done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries .. done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x7fffd5fb
0x0002da58 in compile_regex (options=0, oldims=0, brackets=0xbfffef94,
codeptr=0xbfffeac0, ptrptr=0xbfffeabc, errorptr=0xbfffefec, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffeab4, reqbyteptr=0xbfffeaac, bcptr=0xbfffeaa4,
cd=0xbfffef48) at pcre.c:2463
2463 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
(gdb) bt full
#0 0x0002da58 in compile_regex (options=0, oldims=0, brackets=0xbfffef94,
codeptr=0xbfffeac0, ptrptr=0xbfffeabc, errorptr=0xbfffefec, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffeab4, reqbyteptr=0xbfffeaac, bcptr=0xbfffeaa4,
cd=0xbfffef48) at pcre.c:2463
cbits = (const uschar *) 0xbfffe8c8 "\030���"
possessive_quantifier = 0
is_quantifier = 0
subreqbyte = -1866673032
subfirstbyte = -1073746528
class_lastchar = 25465965
skipbytes = 16
repeat_max = 0
bravalue = 0
condcount = -1073747768
groupsetfirstbyte = 0
repeat_type = 0
req_caseopt = 0
tempcode = (uschar *) 0x8fe53840
"�P�\217�&�\2178Q�\217�6�\217\2046�\217�\027�\217h7�\217\214Q�\2176'�\217"
inescq = 0
ptr = (const uschar *) 0x184946d "]+)|[;,][ \t]*Apache=([^;,]+)"
tempptr = (const uschar *) 0x9114b3dc "/usr/lib/libSystem.B.dylib"
classbits = "\000\000\000\000\000\020\000\b", '\0' <repeats 23 times>
repeat_min = 0
after_manual_callout = 0
c = 16
op_type = -1073747768
reqvary = 0
tempreqvary = 0
ptr = (const uschar *) 0x184946d "]+)|[;,][ \t]*Apache=([^;,]+)"
code = (uschar *) 0x5d <Address 0x5d out of bounds>
last_branch = (uschar *) 0x400a1a "Q"
reverse_count = (uschar *) 0x0
firstbyte = -2
reqbyte = -2
branchfirstbyte = -2
branchreqbyte = -2
bc = {
outer = 0xbfffeaa4,
current = 0x400a1a "Q"
}
bcptr = (branch_chain *) 0x5d
#1 0x0002d6bf in compile_regex (options=0, oldims=0, brackets=0xbfffef94,
codeptr=0xbfffef90, ptrptr=0xbfffef8c, errorptr=0xbfffefec, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffef9c, reqbyteptr=0xbfffef98, bcptr=0x0,
cd=0xbfffef48) at pcre.c:3666
possessive_quantifier = -1880803264
is_quantifier = 0
subreqbyte = -1881125354
subfirstbyte = 0
class_lastchar = 25465965
skipbytes = 0
repeat_max = 0
bravalue = 81
condcount = -1073747768
groupsetfirstbyte = 0
repeat_type = 0
req_caseopt = 0
tempcode = (uschar *) 0x400a1a "Q"
inescq = 0
ptr = (const uschar *) 0x1849469 "[^;,]+)|[;,][ \t]*Apache=([^;,]+)"
tempptr = (const uschar *) 0x0
classbits =
"\000\000\000\000\000\000\000\000H$\000\220�\000\000\000\003\000\000\000����\217&\000\220\000\000\200\001"
repeat_min = 0
after_manual_callout = 0
c = 0
op_type = -1073747768
reqvary = 0
tempreqvary = 0
ptr = (const uschar *) 0x184946d "]+)|[;,][ \t]*Apache=([^;,]+)"
code = (uschar *) 0x5d <Address 0x5d out of bounds>
last_branch = (uschar *) 0x400a08 "P"
reverse_count = (uschar *) 0x0
firstbyte = -2
reqbyte = -2
branchfirstbyte = 65
branchreqbyte = 101
bc = {
outer = 0x0,
current = 0x400a08 "P"
}
bcptr = (branch_chain *) 0x5d
#2 0x0003010c in pcre_compile (pattern=0x1849460 "^Apache=([^;,]+)|[;,][
\t]*Apache=([^;,]+)", options=0, errorptr=0xbfffefec, erroroffset=0xbfffefe8,
tables=0x3f2a0 "") at pcre.c:5509
re = (real_pcre *) 0x4009e0
length = 182
c = 44
firstbyte = 46
reqbyte = 2118144
bracount = 1
branch_extra = 0
branch_newextra = 93
item_count = 26
name_count = 0
max_name_size = 93
lastitemlength = 1
inescq = 0
brastackptr = 0
size = 0
code = (uschar *) 0x400a08 "P"
codestart = (const uschar *) 0x400a08 "P"
ptr = (const uschar *) 0x1849460 "^Apache=([^;,]+)|[;,][
\t]*Apache=([^;,]+)"
compile_block = {
lcc = 0x3f2a0 "",
fcc = 0x3f3a0 "",
cbits = 0x3f4a0 "",
ctypes = 0x3f5e0 "\200",
start_code = 0x400a08 "P",
start_pattern = 0x1849460 "^Apache=([^;,]+)|[;,][ \t]*Apache=([^;,]+)",
name_table = 0x400a08 "P",
names_found = 0,
name_entry_size = 3,
top_backref = 0,
backref_map = 0,
req_varyopt = 0,
nopartial = 0
}
brastack = {142, 25465536, -1073747000, -1881125354, 0 <repeats 12
times>, -1073745932, -1073745872, 25465536, 0, 0, 0, 0, -1881125179, 0,
25465536, -1073745896, -1881125075, 0, 0, 0, -1881125628, -1073745680, 0,
-1073746904, 19822, 0, 0, 0, 0, 0, 0, 0, 2103264, 2103264, 0, 1, -1880969622,
2103264, 0, -1073746840, -1880928605, 8388608, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0,
302448, 2103264, 0, -1073746808, -1881105009, 8388608, 0, 0, 2113664, 2113664,
2103296, 0, 3154053, 2103296, 2103584, 0, 2, -1073745488, 654696, 11,
-1880947369, 3835618, 3466792, 172, -1881077209, 5942910, 3492403, 48,
-1881089198, -1879046316, -1073746720, 13, -1880969622, 1835166060, 5, 24,
-1880928605, 1831747, 46, 672912, -1881098623, 23, 48, 672912, 655464, 1,
3470204, 3272944, 3481620, 173, 171, 0, -1880947369, 1, 2, 0, -1880928605,
2118512, 48, -1073746296, -1879016158, 4196784, 48, 48, -1881131634, 2099984, 2,
0, 131072, -1073746260, 653400, 23, -1881076672, 5942857, 675941, -1073746504,
2118544, 2118544, 48, 0, -1880947369, 1, 651528, 11, -1881076672, 5942826,
707312, 0, 5251095, 16772780, 211008, 672912, 653124, 47, 3470204, 3272944,
3481620, 278, 278, 203, -1881077209, 5942928, 3481856, 672912, 651396, 23, 0,
1270440, -1881131938, 2097248, 0, -1073746312, -1881131634, 2097248, 653400, 0,
0, -1073746084, 98427, 672912, 655464, -1880982564, -1512901655, -1881085377,
-1881084870, -2035352088, 834625679, -1512901655, 834625791, 5931118, 1,
-1073746264, -1881084176, -1880803264, 5942857, -1073746280, -1881131329}
bralenstack = "\000���\006\000\000\000����\2165�\217\020\v
\000��4\000����[��\217�\000
\000X�\t\000\\����6�\217�{�\217�\210�?��\217:��\217�W�\206\217�R��\210���R��\200Z\000\b�\t\000\214���X�\t\000@8�\217\220�Z\000\b���0��\217I�Z\000 RZ\000x���i��\217�Q
\000n\200Z\000 RZ\000I�Z\000fS\000\000`\000
\000@8�\2170��\217\210�Z\000 RZ\000����n\000\000\000�Q
\000\017\200Z\000 RZ\000*�Z\000\a\000\000\000\020�Z"
#3 0x00008468 in ap_regcomp (preg=0x1849490, pattern=0x1849460
"^Apache=([^;,]+)|[;,][ \t]*Apache=([^;,]+)", cflags=0) at util_pcre.c:135
errorptr = 0x0
erroffset = 0
preg = (ap_regex_t *) 0x1849490
pattern = 0x5d <Address 0x5d out of bounds>
cflags = 93
#4 0x0000539f in ap_pregcomp (p=0x1806418, pattern=0x1849460
"^Apache=([^;,]+)|[;,][ \t]*Apache=([^;,]+)", cflags=0) at util.c:268
preg = (ap_regex_t *) 0x1849490
p = (struct apr_pool_t *) 0x1806418
pattern = 0x5d <Address 0x5d out of bounds>
cflags = 93
#5 0x005a6b18 in set_and_comp_regexp (dcfg=0x1849448, p=0x1806418,
cookie_name=0x5a6ff4 "Apache") at mod_usertrack.c:203
danger_chars = 0
sp = 0x0
#6 0x005a6c38 in make_cookie_dir (p=0x1806418, d=0x0) at mod_usertrack.c:268
p = (struct apr_pool_t *) 0x1806418
#7 0x0001a3d4 in ap_single_module_configure (p=0x1806418, s=0x180bda0,
m=0x5a7020) at config.c:2031
m = (module *) 0x5a7020
#8 0x00028ea4 in load_module (cmd=0xbffff618, dummy=0xbffff464,
modname=0x1849288 "usertrack_module", filename=0x18492a0
"modules/mod_usertrack.so") at mod_so.c:294
modhandle = (struct apr_dso_handle_t *) 0x18492f8
modsym = 0x5a7020
modp = (module *) 0x5a7020
szModuleFile = 0x18492c0 "/usr/local/apache2-crash/modules/mod_usertrack.so"
modi = (ap_module_symbol_t *) 0x1838508
modie = (ap_module_symbol_t *) 0x5d
i = 5926944
error = 0x0
dummy = (void *) 0x5d
filename = 0x0
#9 0x00017a2e in invoke_cmd (cmd=0x40060, parms=0xbffff618, mconfig=0xbffff464,
args=0x183d44c "") at config.c:768
w = 0x40060 "(�\003"
w2 = 0x5d <Address 0x5d out of bounds>
w3 = 0x184946d "]+)|[;,][ \t]*Apache=([^;,]+)"
errmsg = 0x0
#10 0x00018532 in ap_build_config_sub (p=0x180b878, temp_pool=0x184946d,
l=0xbfffe8c8 "\030���", parms=0xbffff618, current=0xbffff4cc,
curr_parent=0xbffff4c8, conftree=0x3f0a8) at config.c:1419
ml = (ap_mod_list *) 0x180b878
dir = 0x180b878 ""
args = 0x183d423 "usertrack_module modules/mod_usertrack.so"
sub_tree = (ap_directive_t *) 0x0
retval = 0x184946d "]+)|[;,][ \t]*Apache=([^;,]+)"
args = 0x183d423 "usertrack_module modules/mod_usertrack.so"
cmd_name = 0x1849218 "LoadModule"
mod = (module *) 0x3f1e0
cmd = (const command_rec *) 0x5d
#11 0x00018afd in ap_build_config (parms=0xbffff618, p=0x1806418,
temp_pool=0x1836418, conftree=0x3f0a8) at config.c:1202
current = (ap_directive_t *) 0x183a0a0
curr_parent = (ap_directive_t *) 0x0
l = 0x183d418 "LoadModule usertrack_module modules/mod_usertrack.so"
errmsg = 0x184946d "]+)|[;,][ \t]*Apache=([^;,]+)"
conftree = (ap_directive_t **) 0x3f0a8
#12 0x000192c8 in process_resource_config_nofnmatch (s=0x180bda0,
fname=0x1838ef0 "/usr/local/apache2-crash/conf/httpd.conf", conftree=0x3f0a8,
p=0x1806418, ptemp=0x1836418, depth=0) at config.c:1612
parms = {
info = 0x0,
override = 150,
limited = -1,
limited_xmethods = 0x0,
xlimited = 0x0,
config_file = 0x1839fb0,
directive = 0x0,
pool = 0x1806418,
temp_pool = 0x1836418,
server = 0x180bda0,
path = 0x0,
cmd = 0x40060,
context = 0x0,
err_directive = 0x1849228,
override_opts = 239
}
cfp = (ap_configfile_t *) 0x1839fb0
error = 0x5d <Address 0x5d out of bounds>
rv = 25465965
#13 0x000195d0 in ap_process_resource_config (s=0x180bda0, fname=0x1838ef0
"/usr/local/apache2-crash/conf/httpd.conf", conftree=0x3f0a8, p=0x1806418,
ptemp=0x1836418) at config.c:1644
fname = 0x1838ef0 "/usr/local/apache2-crash/conf/httpd.conf"
dirp = (struct apr_dir_t *) 0x0
dirent = {
pool = 0x18,
valid = 25,
protection = 40,
filetype = 4294967295,
user = 4294967295,
group = 4294967295,
inode = 4294967295,
device = 232508,
nlink = 263868,
size = 436166814044096,
csize = 25398056,
atime = 436384783398840,
mtime = 939553087027116,
ctime = 137439172227,
fname = 0x1806418 "\030D\200\001\030d\204\001",
name = 0xef <Address 0xef out of bounds>,
filehand = 0x1808450
}
current = 25399024
candidates = (apr_array_header_t *) 0x5
rv = 25465965
path = 0x200080 "0\002 "
finfo = {
pool = 0x18,
valid = 25,
protection = 40,
filetype = 4294967295,
user = 4294967295,
group = 4294967295,
inode = 4294967295,
device = 232508,
nlink = 263868,
size = 436166814044096,
csize = 25398056,
atime = 436384783398840,
mtime = 939553087027116,
ctime = 137439172227,
fname = 0x1806418 "\030D\200\001\030d\204\001",
name = 0xef <Address 0xef out of bounds>,
filehand = 0x1808450
}
dirp = (struct apr_dir_t *) 0x0
dirent = {
pool = 0x18,
valid = 25,
protection = 40,
filetype = 4294967295,
user = 4294967295,
group = 4294967295,
inode = 4294967295,
device = 232508,
nlink = 263868,
size = 436166814044096,
csize = 25398056,
atime = 436384783398840,
mtime = 939553087027116,
ctime = 137439172227,
fname = 0x1806418 "\030D\200\001\030d\204\001",
name = 0xef <Address 0xef out of bounds>,
filehand = 0x1808450
}
candidates = (apr_array_header_t *) 0x5
path = 0x200080 "0\002 "
dirp = (struct apr_dir_t *) 0x0
dirent = {
pool = 0x18,
valid = 25,
protection = 40,
filetype = 4294967295,
user = 4294967295,
group = 4294967295,
inode = 4294967295,
device = 232508,
nlink = 263868,
size = 436166814044096,
csize = 25398056,
atime = 436384783398840,
mtime = 939553087027116,
ctime = 137439172227,
fname = 0x1806418 "\030D\200\001\030d\204\001",
name = 0xef <Address 0xef out of bounds>,
filehand = 0x1808450
}
candidates = (apr_array_header_t *) 0x5
path = 0x200080 "0\002 "
dirp = (struct apr_dir_t *) 0x0
dirent = {
pool = 0x18,
valid = 25,
protection = 40,
filetype = 4294967295,
user = 4294967295,
group = 4294967295,
inode = 4294967295,
device = 232508,
nlink = 263868,
size = 436166814044096,
csize = 25398056,
atime = 436384783398840,
mtime = 939553087027116,
ctime = 137439172227,
fname = 0x1806418 "\030D\200\001\030d\204\001",
name = 0xef <Address 0xef out of bounds>,
filehand = 0x1808450
}
candidates = (apr_array_header_t *) 0x5
path = 0x200080 "0\002 "
#14 0x0001a1e3 in ap_read_config (process=0x18044a0, ptemp=0x1836418,
filename=0x35674 "conf/httpd.conf", conftree=0x3f0a8) at config.c:2004
confname = 0x5d <Address 0x5d out of bounds>
error = 0x5d <Address 0x5d out of bounds>
p = (struct apr_pool_t *) 0x1806418
s = (server_rec *) 0x180bda0
process = (process_rec *) 0x1838b28
#15 0x0000326a in main (argc=3, argv=0xbffff940) at main.c:610
c = 0 '\0'
configtestonly = 0
confname = 0x35674 "conf/httpd.conf"
def_server_root = 0x35684 "/usr/local/apache2-crash"
temp_error_log = 0x0
error = 0x5d <Address 0x5d out of bounds>
process = (process_rec *) 0x18044a0
server_conf = (server_rec *) 0x18044a0
pglobal = (struct apr_pool_t *) 0x1804418
pconf = (struct apr_pool_t *) 0x1806418
plog = (struct apr_pool_t *) 0x1834418
ptemp = (struct apr_pool_t *) 0x1836418
pcommands = (struct apr_pool_t *) 0x1808418
opt = (apr_getopt_t *) 0x18084b0
rv = 258216
optarg = 0x79645f5f <Address 0x79645f5f out of bounds>
(gdb) info frame
Stack level 0, frame at 0xbfffe950:
eip = 0x2da58 in compile_regex (pcre.c:2463); saved eip 0x2d6bf
called by frame at 0xbfffeaf0
source language c.
Arglist at 0xbfffe948, args: options=0, oldims=0, brackets=0xbfffef94,
codeptr=0xbfffeac0, ptrptr=0xbfffeabc, errorptr=0xbfffefec, lookbehind=0,
skipbytes=0, firstbyteptr=0xbfffeab4, reqbyteptr=0xbfffeaac, bcptr=0xbfffeaa4,
cd=0xbfffef48
Locals at 0xbfffe948, Previous frame's sp is 0xbfffe950
Saved registers:
ebx at 0xbfffe93c, ebp at 0xbfffe948, esi at 0xbfffe940, edi at 0xbfffe944,
eip at 0xbfffe94c
(gdb) info registers
eax 0x5d 93
ecx 0xbfffe8c8 -1073747768
edx 0x184946d 25465965
ebx 0x2d0e7 184551
esp 0xbfffe7b0 0xbfffe7b0
ebp 0xbfffe948 0xbfffe948
esi 0xbfffecf4 -1073746700
edi 0x10 16
eip 0x2da58 0x2da58
eflags 0x10246 66118
cs 0x17 23
ss 0x1f 31
ds 0x1f 31
es 0x1f 31
fs 0x0 0
gs 0x37 55
(gdb) p *cd
$1 = {
lcc = 0x3f2a0 "",
fcc = 0x3f3a0 "",
cbits = 0x3f4a0 "",
ctypes = 0x3f5e0 "\200",
start_code = 0x400a08 "P",
start_pattern = 0x1849460 "^Apache=([^;,]+)|[;,][ \t]*Apache=([^;,]+)",
name_table = 0x400a08 "P",
names_found = 0,
name_entry_size = 3,
top_backref = 0,
backref_map = 0,
req_varyopt = 0,
nopartial = 0
}
Hope this helps.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 41262] - Embedded pcre causes runtime segfault
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
------- Additional Comments From roberto@connexer.com 2006-12-30 07:11 -------
No problem. I don't understand either. However, it appears that the embedded
version of pcre in the httpd source is version 5.0, which is now over two years
old. I have apache successfully working with the latest upstream, version 7.0.
Of course, this would need to be tested thouroughly to ensure that it does not
introduce any regressions. I'd recommend updating the pcre included with httpd.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 41262] - Embedded pcre causes runtime segfault
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
------- Additional Comments From rpluem@apache.org 2006-12-30 01:27 -------
Thanks for the quick update, but to be honest at the moment I have no idea why
this happens.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 41262] - Embedded pcre causes runtime segfault
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41262>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41262
rpluem@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
------- Additional Comments From rpluem@apache.org 2006-12-29 15:41 -------
Please execute the following additional gdb commands in the case of a crash:
bt full
info frame
info registers
p *cd
This will help us to find out which of the variables points to the offending
address (0x7fffd69b in the case below).
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org