[APACHE DOCUMENTATION]

Known Bugs in Apache

The most up-to-date resource for bug tracking and information is the Apache bug database. All existing bugs will be noted there. Below is a synopsis of significant outstanding bugs at release time. In fact you really shouldn't trust anything this page says other than maybe the 1.2b8 information.

See Also: Compatibility notes

Version 1.2 (all)

  1. On some architectures if your configuration uses multiple Listen directives then it is possible that the server will starve one of the sockets while serving hits on another. The work-around is to add -DUSE_FLOCK_SERIALIZED_ACCEPT to the EXTRA_CFLAGS line in your Configuration and rebuild. (If you encounter problems with that, you can also try -DUSE_FCNTL_SERIALIZED_ACCEPT.) This affects any architecture that doesn't use one of the USE_xxxxx_SERIALIZED_ACCEPT definitions, see the source file conf.h for your architecture.

    This will be tracked as PR#467.

Version 1.2b8

There are several known bugs in 1.2b8. See the 1.2b8 patches directory for patches for some of the ones that have been fixed since the release of 1.2b8.

Version 1.2b1

  1. users have reported problems with many connections stuck in the FIN_WAIT_2 state due to server timeouts. This is a quite complicated problem; see our FIN_WAIT_2 page for details.
  2. hard_timeout() for request reads uses incorrect logic, and ends up waiting for an initial request read for the default "timeout" number of seconds, 1200, yet only the "KeepAliveTimeout" number of seconds on keepalive connections.
  3. mod_info output is not displaying current configuration as it should.
  4. Invalid commands in .htaccess files may cause segmentation faults.

Version 1.1.1

  1. Hostnames such as "123.hotwired.com" are valid, yet find_allowdeny does not properly handle them. This should be put on Known Bugs. Be careful when fixing this because just removing the isalpha() check creates a security hole, consider the DNS map "1.1.1.1.in-addr.arpa IN PTR 2.2.2." if the user has a config line "allow from 2.2.2" it will allow 1.1.1.1 in (unless -DMAXIMUM_DNS). -- which is bad because it breaks people who understand double reverse lookup and are trying to avoid it by using only IP addresses on allow/deny statements. - reported by Dean Gaudet, fixed in 1.2.

Version 1.1.0

  1. mod_auth_msql misbehaviors. Grab a newer version from the modules distribution directory. -fixed in 1.1
  2. Hanging on Netscape 2.0-3.0b4 on MSWindows (3.1 and 95) - we investigated pretty seriously, and as best we can tell this is a Netscape bug, and was fixed in 3.0b5. Please read our lab report.

Version 1.1b2 (beta)

  1. SunOS has trouble compiling mod_status.c . It'll be fixed before 1.1 is released.
  2. CGI which spawn background processes may fail to return immediately. No fix exists yet.
  3. mod_dir appears to have problems when the DocumentRoot has a trailing slash.

Version 1.1b1 (beta)

  1. The logfile can sometimes contain only part of a host address. This occurs if the Cookie module is compiled in and enabled.

Version 0.8.16 (beta)

  1. (Feature) You cannot use relative pathnames for the -f or -d flags to httpd.

  2. .asis files cannot be used for content-negotiation.

Version 0.8.13 (beta)

  1. AddDescription doesn't seem to work (a fix is imminent)

Version 0.8.11 (beta)

  1. http_main.c function accept_mutex_init() horrible bug, lock_fname should be defined larger, e.g.
    char lock_fname[30];
    Ooops.

  2. There's a bug with NeXT. Restarting the server causes an infinite loop. A fix has been provided by a user and should be included in a future update.

Version 0.8.10 (beta)

  1. Server side includes which include CGI output can have unbearable delays on some platforms. We're looking into a fix.

  2. NCSA 1.3 and beyond allow wildcards in <Directory> tags; e.g. <Directory /home/*/public_html> - Apache doesn't (yet), but we have a patch coming real soon now

  3. Buggy scripts can cause server misbehavior on Solaris at least.

  4. Some of the default directives in srm.conf-dist are outdated

  5. Descriptions of args to AddIcon and AddAlt are wrong in command table.

  6. DirectoryIndex sometimes gets spuriously reset to the default value.

  7. ErrorDocument is a little shaky, " Some text %s doesn't agree with the documentation.

  8. All Aliases are checked before any ScriptAliases --- the fully compatible behavior would be to check both in one pass, in the order in which they occur in srm.conf.

Version 0.8.8 (beta)

  1. There's a known compilation problem with NeXT. Knock out the 2nd argument to setjmp when your compiler complains.

  2. exec cgi="" produces reasonable malformed header responses when used to invoke non-CGI scripts.
    The NCSA code ignores the missing header. (bad idea)
    Solution: write CGI to the CGI spec or use exec cmd="" instead.

    We might add virtual support to exec cmd to make up for this difference.

  3. A scoreboard file for process management is currently created in /tmp. We now find this to be a bad idea, and have plans to move it into the /logs directory along with other