=================================================================
==25524==ERROR: AddressSanitizer: heap-use-after-free on address 0x6250002a4648 at pc 0x7ff7400a6750 bp 0x7ff7180f4280 sp 0x7ff7180f4270
READ of size 6 at 0x6250002a4648 thread T37
    #0 0x7ff7400a674f in find_entry tables/apr_hash.c:303
    #1 0x7ff7400a76da in apr_hash_get tables/apr_hash.c:367
    #2 0x55e54e in ap_method_number_of /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http/http_protocol.c:952
    #3 0x4760ee in ap_limit_section /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/core.c:2256
    #4 0x4a7eb8 in invoke_cmd /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/config.c:880
    #5 0x4ae0c6 in ap_walk_config_sub /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/config.c:1324
    #6 0x4ae0c6 in ap_walk_config /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/config.c:1357
    #7 0x4b1764 in ap_parse_htaccess /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/config.c:2194
    #8 0x4913c3 in ap_directory_walk /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/request.c:1026
    #9 0x481008 in core_map_to_storage /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/core.c:4556
    #10 0x48d6a3 in ap_run_map_to_storage /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/request.c:79
    #11 0x494faa in ap_process_request_internal /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/request.c:221
    #12 0x566817 in ap_process_async_request /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http/http_request.c:434
    #13 0x567031 in ap_process_request /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http/http_request.c:471
    #14 0x669485 in h2_task_process_request /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http2/h2_task.c:666
    #15 0x669485 in h2_task_process_conn /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http2/h2_task.c:713
    #16 0x4c4be3 in ap_run_process_connection /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/connection.c:42
    #17 0x66d7b9 in h2_task_do /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http2/h2_task.c:623
    #18 0x6790c9 in slot_run /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http2/h2_workers.c:228
    #19 0x7ff73f8283f3 in start_thread (/lib64/libpthread.so.0+0x73f3)
    #20 0x7ff73f36c59c in clone (/lib64/libc.so.6+0xe759c)

0x6250002a4648 is located 5448 bytes inside of 8192-byte region [0x6250002a3100,0x6250002a5100)
freed by thread T57 here:
    #0 0x7ff7420554e1 in __interceptor_free (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x574e1)
    #1 0x7ff7400c2e8b in apr_allocator_destroy memory/unix/apr_pools.c:152

previously allocated by thread T37 here:
    #0 0x7ff742055772 in malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x57772)
    #1 0x7ff7400c4495 in allocator_alloc memory/unix/apr_pools.c:349
    #2 0x7ff7400c4495 in apr_palloc memory/unix/apr_pools.c:696

Thread T37 created by T0 here:
    #0 0x7ff742021d1a in pthread_create (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x23d1a)
    #1 0x678db9 in activate_slot /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/modules/http2/h2_workers.c:103

Thread T57 created by T38 here:
    #0 0x7ff742021d1a in pthread_create (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x23d1a)
    #1 0x70b745 in start_threads /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/mpm/event/event.c:2005

Thread T38 created by T0 here:
    #0 0x7ff742021d1a in pthread_create (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x23d1a)
    #1 0x43c866 in child_main /var/tmp/portage/www-servers/apache-2.4.27/work/httpd-2.4.27/server/mpm/event/event.c:2204

SUMMARY: AddressSanitizer: heap-use-after-free tables/apr_hash.c:303 find_entry
Shadow bytes around the buggy address:
  0x0c4a8004c870: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c880: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c890: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c8a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c8b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c4a8004c8c0: fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd fd
  0x0c4a8004c8d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c8e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c8f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c900: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c4a8004c910: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Contiguous container OOB:fc
  ASan internal:           fe
==25524==ABORTING