|
From: Rainer J. <rai...@ki...> - 2013-02-13 02:22:59
|
On 12.02.2013 22:26, Curtis Wood wrote: > Hi All, > > We seem to have found a potential issue with mod security - we are using > cPanel along with Apache 2.2.23/mod_security 2.7.1. We noticed a strange > issue with Apache last year where it would be getting caught in an > internal loop with the apr_pool_cleanup routines - essentially trying to > clear the same pool over and over. Initially it was thought to only be > with this customers particular website/setup - although recently we saw > the same issues on our production servers and have verified it is same > issue. > > We have disabled modsec2 fleet wide (2500+ servers) and the problem has > ceased to exist at this time. Unfortunately we have no idea what > triggers this, if it's a particular URL being accessed or what. Pool cleanup loops typically indicate a corruption in the pool data structures due to unsynchronized pool use by multiple threads. APR pools are not thread-safe. Regards, Rainer |
