httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michele Mase'" <michele.m...@gmail.com>
Subject Re: [users@httpd] Unable to fork new process
Date Fri, 27 Jan 2017 08:02:30 GMT
(12)Cannot allocate memory: AH00283: fork: Unable to fork new process again!
I suppose that apache2.4 too shoul be affected by the same problem. Apache
2.4 crashed, in the same manner of apache2.2. The difference is between the
number of reloads: there are more than 10^6 times of reloads to crash
apache 2.4.x. I started the loop on Yesterday, at 13:49 and the system
crashed at 20:03, after 6h14minutes.
The impact of apache 2.4.x could be moderate, it's difficult to plan 10^6
of httpd reloads.
[Thu Jan 26 13:49:33.450510 2017] [mpm_worker:notice] [pid 18097:tid
140259330607072] AH00295: caught SIGTERM, shutting down
[Thu Jan 26 13:56:47.388838 2017] [core:notice] [pid 18517:tid
140237258659808] SELinux policy enabled; httpd running as context
unconfined_u:system_r:initrc_t:s0
[Thu Jan 26 13:56:47.442743 2017] [suexec:notice] [pid 18517:tid
140237258659808] AH01232: suEXEC mechanism enabled (wrapper:
/opt/rh/httpd24/root/usr/sbin/suexec)
[Thu Jan 26 13:56:47.673152 2017] [ssl:warn] [pid 18517:tid
140237258659808] AH02292: Init: Name-based SSL virtual hosts only work for
clients with TLS server name indication support (RFC 4366)
[Thu Jan 26 13:56:48.745210 2017] [auth_digest:notice] [pid 18825:tid
140237258659808] AH01757: generating secret for digest authentication ...
[Thu Jan 26 13:56:48.776278 2017] [lbmethod_heartbeat:notice] [pid
18825:tid 140237258659808] AH02282: No slotmem from mod_heartmonitor
[Thu Jan 26 13:56:48.835965 2017] [ssl:warn] [pid 18825:tid
140237258659808] AH01873: Init: Session Cache is not configured [hint:
SSLSessionCache]
[Thu Jan 26 13:56:49.040532 2017] [ssl:warn] [pid 18825:tid
140237258659808] AH02292: Init: Name-based SSL virtual hosts only work for
clients with TLS server name indication support (RFC 4366)
[Thu Jan 26 13:56:49.107329 2017] [mpm_worker:notice] [pid 18825:tid
140237258659808] AH00292: Apache/2.4.6 (Red Hat) OpenSSL/1.0.0-fips
configured -- resuming normal operations
[Thu Jan 26 13:56:49.112274 2017] [core:notice] [pid 18825:tid
140237258659808] AH00094: Command line:
'/opt/rh/httpd24/root/usr/sbin/httpd'
[root@kvm164 httpd]# tail -f /opt/rh/httpd24/root/var/log/httpd/error_log
[Thu Jan 26 13:49:33.450510 2017] [mpm_worker:notice] [pid 18097:tid
140259330607072] AH00295: caught SIGTERM, shutting down
......
and finally the crash
......
[Thu Jan 26 20:03:11.052290 2017] [mpm_worker:error] [pid 19594:tid
140421173676000] (12)Cannot allocate memory: AH00283: fork: Unable to fork
new process
[Thu Jan 26 20:03:11.126645 2017] [mpm_worker:notice] [pid 19594:tid
140421173676000] AH00292: Apache/2.4.6 (Red Hat) OpenSSL/1.0.0-fips
configured -- resuming normal operations
[Thu Jan 26 20:03:11.126958 2017] [core:notice] [pid 19594:tid
140421173676000] AH00094: Command line:
'/opt/rh/httpd24/root/usr/sbin/httpd'
[Thu Jan 26 20:03:11.187777 2017] [mpm_worker:notice] [pid 19594:tid
140421173676000] AH00298: SIGHUP received.  Attempting to restart
(12)Cannot allocate memory: AH00104: unable to start piped log program
'/usr/sbin/rotatelogs /etc/httpd/logs/
www.example.com/www.example.com_ssl_access_log_192.168.122.165 86400'
[Thu Jan 26 20:03:15.825822 2017] [:emerg] [pid 19594:tid 140421173676000]
AH00019: Unable to open logs, exiting

Maybe somebody sould fix the code.
Best Regards
Michele MAsè

On Thu, Jan 26, 2017 at 5:58 PM, Michele Mase' <michele.mase@gmail.com>
wrote:

> Ok, I've just tried the loop within apache2.4.x and I confirm it is not
> affected by the error.
> So, what could be the better solution?
> ASAP, I plan to migrate my system on apache 2.4.x.
> In the meantime it would be nice that version 2.2 was corrected.
> Best Regards
> Michele MAsè
>
> On Thu, Jan 26, 2017 at 1:27 AM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
>
>> Hi,
>>
>> On Wed, Jan 25, 2017 at 10:33 PM, Michele Mase' <michele.mase@gmail.com>
>> wrote:
>> > <?php
>>
>> I checked restarts with valgrind on latest 2.2.x and found this fixes:
>>
>> Index: modules/ssl/mod_ssl.c
>> ===================================================================
>> --- modules/ssl/mod_ssl.c    (revision 1778094)
>> +++ modules/ssl/mod_ssl.c    (working copy)
>> @@ -277,7 +277,12 @@ static apr_status_t ssl_cleanup_pre_config(void *d
>>      /* Don't call ERR_free_strings here; ERR_load_*_strings only
>>       * actually load the error strings once per process due to static
>>       * variable abuse in OpenSSL. */
>> +#if (OPENSSL_VERSION_NUMBER >= 0x00090805f)
>> +    ERR_free_strings();
>> +#endif
>>
>> +    sk_SSL_COMP_free(SSL_COMP_get_compression_methods());
>> +
>>      /* Also don't call CRYPTO_cleanup_all_ex_data here; any registered
>>       * ex_data indices may have been cached in static variables in
>>       * OpenSSL; removing them may cause havoc.  Notably, with OpenSSL
>> Index: modules/ssl/ssl_util_ssl.c
>> ===================================================================
>> --- modules/ssl/ssl_util_ssl.c    (revision 1778094)
>> +++ modules/ssl/ssl_util_ssl.c    (working copy)
>> @@ -311,6 +311,7 @@ BOOL SSL_X509_isSGC(X509 *cert)
>>                      break;
>>                  }
>>              }
>> +            EXTENDED_KEY_USAGE_free(sk);
>>          }
>>      }
>>      return is_sgc;
>> __
>>
>> > Tomorrow, probably i'll open a ticket with redhat.
>>
>> The first one (ERR_free_strings) is fixed in 2.4.x and seems to be
>> backported in redhat's 2.2.* already (at least in
>> "httpd-2.2.15-56.el6_8.3.src.rpm").
>>
>> The second one (sk_SSL_COMP_free) is nowhere, neither in httpd nor
>> redhat (AFAICT) releases.
>>
>> The last and biggest one (EXTENDED_KEY_USAGE_free) is 2.2 code only
>> (2.4 not concerned), and seems to affect both httpd-2.x and redhat's.
>>
>> I won't be able to verify how it affects the different openssl
>> versions (hence commit anything) in the next few days, just wanted to
>> notify before being away...
>>
>> Regards,
>> Yann.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

Mime
View raw message