So, I updated one of my servers to Apache-2.2 and Mod_security-2.1.2, and now I'm getting intermittent segfaults, which I think might be related to uploads and mod_security. I've been posting a few symptoms to the mod_sec mailing list, which has to be one of the best mailing lists on the planet. And now, I'm corresponding with one of the devs.
They asked for a backtrace from a coredump.. and you know.. I've never done that. So I'll provide a small how-to for that.
Configure httpd.conf to know where to post the dump (I added this value in 00_default_settings.conf)
I didn't want to put into /tmp for obvious reasons. Just make sure you chown the directory apache:apache and you should be good to go.
Next we need to take limits off on the dump, so we can ensure we get everything.
ulimit -c unlimited
Remember to restart apache. Now when something bad happens you should see this in your error_log
[Tue Sep 25 11:49:47 2007] [notice] child pid 21500 exit signal Segmentation fault (11), possible coredump in /apache/writable/path/core
If you don't get anything, check the ulimit again, and/or make sure permissions are correct on the CoreDumpDirectory.
To get the backtrace, you need to emerge gdb and issue the following command:
gdb /usr/sbin/apache2 /apache/writable/path/core
and supply bt full for the backtrace. I'll keep you posted on the goings on with mod_sec and apache. I'm sure it's a weird configuration error on my end and not a problem with either apache or mod_sec since this is happening to only one of my servers.