httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 27751] - Segmentation Fault in shmcb_cyclic_cton_memcpy
Date Wed, 17 Mar 2004 17:27:41 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=27751>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=27751

Segmentation Fault in shmcb_cyclic_cton_memcpy





------- Additional Comments From ken.avery@hp.com  2004-03-17 17:27 -------
Here is inforamtion from one of our developers:

While attempting to locate the cause for what appears to be a memory 
consumption problem in the SSL code, the server segmentation faults. The first 
worker child & all of its child threads continue to consume memory while the 
parent stays the same or gets a little smaller.  The child threads never give 
the memory back unless restarted.  Please advise if this is an expected 
behavior.

Running with 'SSLSessionCache none' doesn't consume memory (and doesn't seg 
fault), but it performs poorly when using 2048 bit keys.

I observed the segmentation fault issue in mod_ssl while running the small 
script listed below.  Based on the stack information the issue appears to be 
in shmcb_cton_memcpy() during an attempt to remove a session id.  The server 
keeps on reponding, but all the child threads die and are restarted. I am not 
sure what is happening, but the following variables seem to get corrupted:

The stack trace shows these are supposed to be:

src_offset=6402 
src_len=10240

Inside the frame they have these values:

(gdb) print src_offset (in edi register)
$55 = 3183473748  
(gdb) print src_len    (in edx register) 
$56 = 3183464512

The configuration file, and my initial debug session are attached.

Apache error_log
...
[Mon Mar 15 11:21:33 2004] [notice] Apache/2.0.48 configured -- resuming 
normal operations [Mon Mar 15 11:25:28 2004] [error] server reached MaxClients 
setting, consider raising the MaxClients setting [Mon Mar 15 11:38:29 2004] 
[notice] child pid 1065 exit signal Segmentation fault (11) [Mon Mar 15 
12:06:28 2004] [notice] child pid 1154 exit signal Segmentation fault (11) 
[Mon Mar 15 12:44:49 2004] [notice] child pid 1258 exit signal Segmentation 
fault (11) [Mon Mar 15 13:04:40 2004] [notice] child pid 1315 exit signal 
Segmentation fault (11) [Mon Mar 15 13:17:29 2004] [notice] child pid 1363 
exit signal Segmentation fault (11) [Mon Mar 15 13:45:12 2004] [notice] child 
pid 1401 exit signal Segmentation fault (11) ...

OS RedHat 7.3 

gcc-2.96-113
glibc-2.2.5-43
openssl-0.9.6b-35.7

Apache 2.0.48 Build Script:

./configure  --with-program-name=leakd --with-port=9200 --with-mpm=worker --
enable-ssl=shared --enable-maintainer-mode \ --enable-proxy=shared --enable-
cgi=shared --enable-setenvif=shared --enable-cgi=shared --enable-access=shared 
\ --enable-rewrite=shared --enable-dir=shared --enable-actions=shared --enable-
mime=shared --enable-proxy_connect=shared \ --enable-proxy_http=shared --
enable-negotiation=shared --enable-alias=shared --enable-env=shared --enable-
dir=shared \ --enable-mod-actions=shared --enable-log-config=shared --enable-
imap=shared --enable-headers=shared \ --enable-layout=webserver --disable-
autoindex --disable-userdir --disable-usertrack --disable-cgid \ --disable-
asis --disable-auth --disable-auth_digest --disable-auth_dbm --disable-
auth_anon --disable-dav \ --disable-dav_fs --disable-vhost_alias --disable-
unique_id --disable-speling --disable-cern_meta --disable-include \ --disable-
expires --enable-status=shared --enable-info=shared

ldd leakd:

        libssl.so.2 => /lib/libssl.so.2 (0x40024000)
        libcrypto.so.2 => /lib/libcrypto.so.2 (0x40052000)
        libaprutil-0.so.0 => /usr/webserver/lib/libaprutil-0.so.0 (0x40119000)
        libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x4012d000)
        libdb-3.3.so => /lib/libdb-3.3.so (0x40133000)
        libexpat.so.0 => /usr/lib/libexpat.so.0 (0x401c2000)
        libapr-0.so.0 => /usr/webserver/lib/libapr-0.so.0 (0x401e1000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x40200000)
        librt.so.1 => /lib/librt.so.1 (0x40215000)
        libm.so.6 => /lib/libm.so.6 (0x40226000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x40247000)
        libnsl.so.1 => /lib/libnsl.so.1 (0x40274000)
        libdl.so.2 => /lib/libdl.so.2 (0x40288000)
        libc.so.6 => /lib/libc.so.6 (0x4028c000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)


Simple script on external machine downloads copies of the stock Apache 
index.html.en page under both unsecure & secure sites:

#!/bin/sh
counter=0
limit=32000
while [ "$counter" -lt "$limit" ]
do
  wget -O - http://myboxaddr:9200
  wget -O - https://myboxaddr:9201
  counter=`expr $counter + 1`
  echo "Count=> $counter"
done

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message