httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 51747] New: mod_fcgid loads entire request into memory while passing to FCGI backend
Date Wed, 31 Aug 2011 16:27:20 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51747

             Bug #: 51747
           Summary: mod_fcgid loads entire request into memory while
                    passing to FCGI backend
           Product: Apache httpd-2
           Version: 2.2.19
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_fcgid
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: dominic.benson@thirdlight.com
    Classification: Unclassified


Created attachment 27448
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=27448
Patch to prevent memory explosion when  fcgid hands off to FCGI backend

While FcgidMaxRequestInMem limits the amount of memory used by the server while
the client request is being sent, the process of reading the file (via
APR_BUCKET_NEXT) to write via proc_write_ipc causes the entire contents to be
in memory in the server process simultaneously.

The problem seems to be that, while data is passed to the FCGI process in small
chunks, the apr_bucket_brigade keeps all its buckets as the file is read, and
they morph into heap type.

Buckets should be removed from the brigade as the data is delivered, per the
guidelines for writing output filters.

Steps to reproduce:
 httpd 2.2.19 on x86 with mod_fcgid 2.3.6
 Create a file of 2.5GB+
 Set FcgidMaxRequestLen to at least the size of this file
 Send the file in a request that will be handled by fcgid

What happens:
 A few seconds after the request body is transferred (depending on server
speed), the httpd child handling the request segfaults, as it exceeds the
process address limit

What should happen:
 The httpd process should stay at modest memory usage throughout, and the
request should be processed by the FCGI backend


The attached patch prevents the end-of-request explosion. I think it probably
ought to have some more checks on the added bucket/brigade processing, though.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message