From branko@frost.ath.cx  Wed Oct 29 02:46:44 2003
Return-Path: <branko@frost.ath.cx>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8ACFD16A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 29 Oct 2003 02:46:44 -0800 (PST)
Received: from frost.ath.cx (BSN-95-242-77.dsl.siol.net [193.95.242.77])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CA9EC43FAF
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 29 Oct 2003 02:46:43 -0800 (PST)
	(envelope-from branko@frost.ath.cx)
Received: by frost.ath.cx (ESMTP, from userid 1001)
	id 931F879; Wed, 29 Oct 2003 11:46:43 +0100 (CET)
Message-Id: <20031029104643.931F879@frost.ath.cx>
Date: Wed, 29 Oct 2003 11:46:43 +0100 (CET)
From: Branko F.Gracnar <bfg@noviforum.si>
To: FreeBSD-gnats-submit@freebsd.org
Subject: FreeBSD 5.1-p10 can be remotely locked (crashed), when running apache2 with special configuration
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         58677
>Category:       kern
>Synopsis:       FreeBSD 5.1-p10 can be remotely locked (crashed), when running apache2 with special configuration
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    andre
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 29 02:50:10 PST 2003
>Closed-Date:    Thu Jan 01 06:03:54 PST 2004
>Last-Modified:  Thu Jan 01 06:03:54 PST 2004
>Originator:     Branko F. Gracnar
>Release:        FreeBSD 5.1-RELEASE-p10 i386
>Organization:
>Environment:
System: FreeBSD frost.lucky.si 5.1-RELEASE-p10 FreeBSD 5.1-RELEASE-p10 #0: Sat Oct 4 11:23:12 CEST 2003 root@frost.lucky.si:/export/system/usr.obj/export/system/usr.src/sys/FROST i386


	
>Description:
	
>How-To-Repeat:
FreeBSD 5.1-p10 (and also possible other 5.1-pX version) can be remotely locked up if the following criteria is met:

+ apache2 has mod_ssl loaded and enabled
+ apache2 has the following configuration directives set to the following values:

	SSLMutex sem
	SSLSessionCache shm:/some/file(1048576)

+ client connects via SSL/TLS to apache fast enough.

If all conditions above are satisfied except the last one, then lockup doesn't happen.

I tested on three 5.1-p10 machines (SMP, uniprocessor, uniprocessor with hypterthreading) with JMeter 1.9.1.
		
>Fix:

If SSLMutex is set to file:/path/somewhere and SSLSessionCache is set to dbm:/some/dbm lockup does not accour.



>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Oct 29 22:48:18 PST 2003 
Responsible-Changed-Why:  
Assign to proper category. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=58677 

From: "Paul Querna" <chip@force-elite.com>
To: freebsd-gnats-submit@FreeBSD.org, bfg@noviforum.si
Cc:  
Subject: Re: kern/58677: FreeBSD 5.1-p10 can be remotely locked (crashed), when running apache2 with special configuration
Date: Sat, 8 Nov 2003 14:59:20 -0700

 Using FreeBSD-CURRENT(As of October 28) and HTTPd 2.1(From CVS as of November
 6) , I am able to reproduce this bug using Apache Flood in about the same time
 span.
 
Responsible-Changed-From-To: freebsd-bugs->andre 
Responsible-Changed-By: andre 
Responsible-Changed-When: Sat Dec 27 09:01:15 PST 2003 
Responsible-Changed-Why:  
Take over. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=58677 

From: Andre Oppermann <andre@freebsd.org>
To: freebsd-gnats-submit@FreeBSD.org, bfg@noviforum.si,
	chip@force-elite.com
Cc:  
Subject: Re: kern/58677: FreeBSD 5.1-p10 can be remotely locked (crashed),
 when running apache2 with special configuration
Date: Mon, 29 Dec 2003 00:52:45 +0100

 Branko, Paul,
 
 could you please provide me with more information regarding the
 lockup.  In what way does FreeBSD lock up?  Are you still able
 to log into the machine from remote?  Do you have INVARIANTS
 and/or WITNESS enabled in you kernel?  Do you run a debugging
 kernel?  Are you able to break to ddb and do a ps?
 
 What is the thread library you've used for apache2?  Was it
 pre-forked or threaded (-libc_r or kse?)?
 
 Is is very hard to get a grip on this one without more detailed
 information.  Right from this information I'd suspect either
 a lockup in the vfs area or something with the new multi-
 threading libraries.  But in the end it could be anything and
 we have to track it down.
 
 -- 
 Andre
 
 
State-Changed-From-To: open->feedback 
State-Changed-By: andre 
State-Changed-When: Tue Dec 30 05:48:16 PST 2003 
State-Changed-Why:  
Waiting for Oringinator to provide more specifics. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=58677 

From: Paul Querna <chip@force-elite.com>
To: freebsd-gnats-submit@FreeBSD.org, bfg@noviforum.si
Cc:  
Subject: Re: kern/58677: FreeBSD 5.1-p10 can be remotely locked (crashed),
 when running apache2 with special configuration
Date: Thu, 01 Jan 2004 01:51:53 -0800

 Using the same configuration of Apache HTTPd and Apache Flood as I had 
 before, I am unable to reproduce this bug in 5.2-RC as of Dec 31.
 
 Same exact machine, same binaries.  Only upgraded kernel and world to 
 the RELENG_5_2 branch. It does not crash after pounding on it for over 
 an hour. (Before it was a matter of seconds.)
 
 -Paul Querna

From: Andre Oppermann <andre@freebsd.org>
To: Paul Querna <chip@force-elite.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/58677: FreeBSD 5.1-p10 can be remotely locked (crashed),when 
 running apache2 with special configuration
Date: Thu, 01 Jan 2004 14:14:55 +0100

 Paul Querna wrote:
 >  Using the same configuration of Apache HTTPd and Apache Flood as I had
 >  before, I am unable to reproduce this bug in 5.2-RC as of Dec 31.
 > 
 >  Same exact machine, same binaries.  Only upgraded kernel and world to
 >  the RELENG_5_2 branch. It does not crash after pounding on it for over
 >  an hour. (Before it was a matter of seconds.)
 
 Paul,
 
 I'm attributing this problem in 5.1-p10 to inferior locking either in
 the network code or filesystem/vm code.  There have been a lot of changes
 and it's impossible to track down exactly which one fixed it.
 
 I'm closing the PR now.  If you happen to run into this problem again
 please open a new one with all relevant information.
 
 Thanks for your quick response.
 
 -- 
 Andre
State-Changed-From-To: feedback->closed 
State-Changed-By: andre 
State-Changed-When: Thu Jan 1 06:03:13 PST 2004 
State-Changed-Why:  
Close PR.  Problem fixed for Originator. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=58677 
>Unformatted:
