Bug 58677

Summary:	FreeBSD 5.1-p10 can be remotely locked (crashed), when running apache2 with special configuration
Product:	Base System	Reporter:	Branko F.Gracnar <bfg>
Component:	kern	Assignee:	Andre Oppermann <andre>
Status:	Closed FIXED
Severity:	Affects Only Me
Priority:	Normal
Version:	5.1-RELEASE
Hardware:	Any
OS:	Any

Description Branko F.Gracnar 2003-10-29 10:50:10 UTC


Fix: 

If SSLMutex is set to file:/path/somewhere and SSLSessionCache is set to dbm:/some/dbm lockup does not accour.
How-To-Repeat: FreeBSD 5.1-p10 (and also possible other 5.1-pX version) can be remotely locked up if the following criteria is met:

+ apache2 has mod_ssl loaded and enabled
+ apache2 has the following configuration directives set to the following values:

	SSLMutex sem
	SSLSessionCache shm:/some/file(1048576)

+ client connects via SSL/TLS to apache fast enough.

If all conditions above are satisfied except the last one, then lockup doesn't happen.

I tested on three 5.1-p10 machines (SMP, uniprocessor, uniprocessor with hypterthreading) with JMeter 1.9.1.

Comment 1 Mark Linimon freebsd_committer

2003-10-30 06:48:18 UTC

Responsible Changed
From-To: gnats-admin->freebsd-bugs

Assign to proper category.

Comment 2 Paul Querna 2003-11-08 21:59:20 UTC

Using FreeBSD-CURRENT(As of October 28) and HTTPd 2.1(From CVS as of November
6) , I am able to reproduce this bug using Apache Flood in about the same time
span.

Comment 3 Andre Oppermann freebsd_committer

2003-12-27 17:01:15 UTC

Responsible Changed
From-To: freebsd-bugs->andre

Take over.

Comment 4 Andre Oppermann freebsd_committer

2003-12-28 23:52:45 UTC

Branko, Paul,

could you please provide me with more information regarding the
lockup.  In what way does FreeBSD lock up?  Are you still able
to log into the machine from remote?  Do you have INVARIANTS
and/or WITNESS enabled in you kernel?  Do you run a debugging
kernel?  Are you able to break to ddb and do a ps?

What is the thread library you've used for apache2?  Was it
pre-forked or threaded (-libc_r or kse?)?

Is is very hard to get a grip on this one without more detailed
information.  Right from this information I'd suspect either
a lockup in the vfs area or something with the new multi-
threading libraries.  But in the end it could be anything and
we have to track it down.

-- 
Andre

Comment 5 Andre Oppermann freebsd_committer

2003-12-30 13:48:16 UTC

State Changed
From-To: open->feedback

Waiting for Oringinator to provide more specifics.

Comment 6 Paul Querna 2004-01-01 09:51:53 UTC

Using the same configuration of Apache HTTPd and Apache Flood as I had 
before, I am unable to reproduce this bug in 5.2-RC as of Dec 31.

Same exact machine, same binaries.  Only upgraded kernel and world to 
the RELENG_5_2 branch. It does not crash after pounding on it for over 
an hour. (Before it was a matter of seconds.)

-Paul Querna

Comment 7 Andre Oppermann freebsd_committer

2004-01-01 13:14:55 UTC

Paul Querna wrote:
>  Using the same configuration of Apache HTTPd and Apache Flood as I had
>  before, I am unable to reproduce this bug in 5.2-RC as of Dec 31.
> 
>  Same exact machine, same binaries.  Only upgraded kernel and world to
>  the RELENG_5_2 branch. It does not crash after pounding on it for over
>  an hour. (Before it was a matter of seconds.)

Paul,

I'm attributing this problem in 5.1-p10 to inferior locking either in
the network code or filesystem/vm code.  There have been a lot of changes
and it's impossible to track down exactly which one fixed it.

I'm closing the PR now.  If you happen to run into this problem again
please open a new one with all relevant information.

Thanks for your quick response.

-- 
Andre

Comment 8 Andre Oppermann freebsd_committer

2004-01-01 14:03:13 UTC

State Changed
From-To: feedback->closed

Close PR.  Problem fixed for Originator.