httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 34301] - System DoS - 100% CPU load
Date Tue, 05 Apr 2005 13:40:19 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=34301>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34301





------- Additional Comments From ruhland@telmat.fr  2005-04-05 15:40 -------
(In reply to comment #1)
> Part of the info for diagnosing this is the strace results, which you have
> supplied (apparently a tight loop which doesn't involve syscalls).
> The other critical part is the backtrace of the process.
> gdb /path/to/httpd PID
> (gdb) bt full
> (gdb) detach
> (gdb) quit
> (This is probably a PHP problem which we can't do anything about, but just in
> case we should take a look at the backtrace.)

Thanks for your answer.

Here, the result with gdb :

(gdb) bt full
#0  0x406e993f in execute (op_array=0x824de24) at /root/sources/php-
5.0.4/Zend/zend_execute.c:1406
        execute_data = {opline = 0x825f2a4, function_state = 
{function_symbol_table = 0x140, function = 0x824de24, reserved = {0x403e0d24, 
0x403e0d05,
      0x82554e4, 0x824ddf4}}, fbc = 0x0, fbc_constructor = 0x406a98e0, op_array 
= 0x824de24, object = 0x0, Ts = 0xbfffc190,
  original_in_execution = 1 '\001', calling_scope = 0xbfffd300, 
prev_execute_data = 0xbfffd300}
#1  0x406ee195 in zend_include_or_eval_handler (execute_data=0xbfffd300, 
opline=0x82520b8, op_array=0x825f2a4)
    at /root/sources/php-5.0.4/Zend/zend_execute.c:3581
        new_op_array = (zend_op_array *) 0x824de24
        original_return_value = (zval **) 0xbfffd37c
        inc_filename = (zval *) 0x0
        tmp_inc_filename = {value = {lval = 136633720, dval = 
2.1895018180807644e-314, str = {val = 0x824dd78 "°d%\b@x%\b\005", len = 1}, ht 
= 0x824dd78,
    obj = {handle = 136633720, handlers = 0x1}}, refcount = 0, type = 172 '¬', 
is_ref = 223 'ß'}
        failure_retval = 0 '\0'
#2  0x406e9942 in execute (op_array=0x824dcf4) at /root/sources/php-
5.0.4/Zend/zend_execute.c:1406
        execute_data = {opline = 0x82520b8, function_state = 
{function_symbol_table = 0xbffff630, function = 0x824de24, reserved = {0x0, 
0x0, 0x0, 0x0}},
  fbc = 0x0, fbc_constructor = 0xbffff630, op_array = 0x824dcf4, object = 0x0, 
Ts = 0xbfffd2e0, original_in_execution = 0 '\0',
  calling_scope = 0xbffff630, prev_execute_data = 0x0}
#3  0x406cd08b in zend_execute_scripts (type=8, retval=0x0, file_count=3) 
at /root/sources/php-5.0.4/Zend/zend.c:1069
        files = 0xbfffd434 ""
        i = 1
        file_handle = (zend_file_handle *) 0xbffff630
        orig_op_array = (zend_op_array *) 0x0
        local_retval = (zval *) 0x0
#4  0x4069c3b8 in php_execute_script (primary_file=0xbffff630) 
at /root/sources/php-5.0.4/main/main.c:1632
        prepend_file_p = (zend_file_handle *) 0x0
        append_file_p = (zend_file_handle *) 0xbffff630
        prepend_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, 
handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, reader = 0, closer = 0,
      interactive = 0}}, free_filename = 0 '\0'}
        append_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle 
= {fd = 0, fp = 0x0, stream = {handle = 0x0, reader = 0, closer = 0,
      interactive = 0}}, free_filename = 0 '\0'}
        old_cwd = 0xbfffd440 "/"
        old_primary_file_path = 0x0
        retval = 0
#5  0x406f3320 in php_handler (r=0x8239e28) at /root/sources/php-
5.0.4/sapi/apache2handler/sapi_apache2.c:555
        ctx = (php_struct *) 0x8241e58
        brigade = (apr_bucket_brigade *) 0x8241ed0
        bucket = (apr_bucket *) 0x825f2a4
        rv = 136704676
        parent_req = (request_rec *) 0x0
#6  0x08067c06 in ap_run_handler (r=0x8239e28) at config.c:153
        pHook = (ap_LINK_handler_t *) 0x825f2a4
        n = 10
        rv = 136704676
#7  0x080681d8 in ap_invoke_handler (r=0x8239e28) at config.c:364
        handler = 0x8142cf8 "application/x-httpd-php"
        result = 136583672
        old_handler = 0x0
#8  0x08065696 in ap_internal_redirect (new_uri=0x81430c8 "/error.php3?
error=502", r=0x8238840) at http_request.c:462
        new = (request_rec *) 0x8239e28
        access_status = 136704676
#9  0x0806512a in ap_process_request (r=0x8238840) at http_request.c:262
        access_status = 136646948
#10 0x08060cb9 in ap_process_http_connection (c=0x8232800) at http_core.c:251
        r = (request_rec *) 0x8238840
        csd_set = 0
        csd = (apr_socket_t *) 0x0
#11 0x08070d96 in ap_run_process_connection (c=0x8232800) at connection.c:43
        pHook = (ap_LINK_process_connection_t *) 0x3
        n = 0
        rv = 3
#12 0x08066574 in child_main (child_num_arg=3) at prefork.c:610
        ptrans = (apr_pool_t *) 0x82326f0
        allocator = (apr_allocator_t *) 0x8230660
---Type <return> to continue, or q <return> to quit---
        current_conn = (conn_rec *) 0x8232800
        status = 136521728
        i = 136646948
        lr = (ap_listen_rec *) 0x8232800
        curr_pollfd = 136646948
        last_pollfd = 2
        pollset = (apr_pollfd_t *) 0x82307b8
        offset = 3
        csd = (void *) 0x8232728
        sbh = (ap_sb_handle_t *) 0x8230760
        rv = 3
        bucket_alloc = (apr_bucket_alloc_t *) 0x8236800
#13 0x080666a0 in make_child (s=0x809fb88, slot=15) at prefork.c:704
        pid = 0
#14 0x08066927 in perform_idle_server_maintenance (p=0x809ddd8) at prefork.c:839
        i = 0
        idle_count = 0
        ws = (worker_score *) 0x3
        free_length = 8
        free_slots = {12, 13, 14, 15, 16, 17, 18, 19, 0, 0, 0, 0, 1075714220, 
1000000, 0, 1075685459, 0, 0, 0, 0, -1073743584, 0, 1000000, 0, 0, 0,
  -1073743528, -1073743488, 134871944, 0, -1073743528, 134682967}
        last_non_dead = 11
        total_non_dead = 12
#15 0x08066f2e in ap_mpm_run (_pconf=0x809ddd8, plog=0x80c7e80, s=0x809fb88) at 
prefork.c:1040
        index = 0
        remaining_children_to_start = 0
        rv = 3
#16 0x0806c6f8 in main (argc=4, argv=0xbffffa64) at main.c:618
        c = 68 'D'
        configtestonly = 0
        confname = 0x8089b5f "conf/httpd.conf"
        def_server_root = 0x808aa85 "/usr/local/apache"
        temp_error_log = 0x0
        process = (process_rec *) 0x809be50
        server_conf = (server_rec *) 0x809fb88
        pglobal = (apr_pool_t *) 0x809bdd0
        pconf = (apr_pool_t *) 0x809ddd8
        plog = (apr_pool_t *) 0x80c7e80
        ptemp = (apr_pool_t *) 0x80b7e40
        pcommands = (apr_pool_t *) 0x809fde0
        opt = (apr_getopt_t *) 0x809fe78
        rv = 3
        mod = (module **) 0x809fb88
        optarg = 0xbffffb93 "SSL"
        signal_server = (apr_OFN_ap_signal_server_t *) 0x8251124
#17 0x402c3d06 in __libc_start_main () from /lib/libc.so.6
No symbol table info available.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message