34705 – mod_auth_ldap - repeated login failures result in high CPU usage

Bug 34705 - mod_auth_ldap - repeated login failures result in high CPU usage

Summary: mod_auth_ldap - repeated login failures result in high CPU usage

Status:	RESOLVED DUPLICATE of bug 34618

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_auth_ldap (show other bugs)
Version:	2.0.54
Hardware:	Other Linux

Importance:	P2 major (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-05-02 14:18 UTC by eric
Modified:	2005-05-04 06:03 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description eric 2005-05-02 14:18:56 UTC

Using https: (have not tested with http:), browser - Firefox, if user fails to
enter a valid username and password 2 or 3 times, the browser goes into a
waiting state, and the server thread spikes a processor (CPU usage goes to max).
 Even on a multiprocessor system, a couple of finger flubbing users can drive
the load of a system beyond preferred limits.  This behavior appears to be new
as of 2.0.54 (2.0.53 did not do this as far as I know).

System is: Dell 2650 2x2.8 Ghz w/2 GB RAM running Redhat Enterprise Linux 3.0.

Apache uses: PHP, mod_perl, mod_smbauth, and runs both http and SSL as vhosts.

Apache compiled with: ./configure --prefix=$APACHE_DIR \
  --enable-ldap --enable-auth-ldap --with-ldap \
  --enable-mods-shared="rewrite ssl auth_ldap ldap"

Below is a gdb/bt full of one of the runaway processes:

# gdb /usr/local/apache2/bin/httpd 669
GNU gdb Red Hat Linux (6.1post-1.20040607.52rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library
"/lib/tls/libthread_db.so.1".

Attaching to program: /usr/local/apache2/bin/httpd, process 669
Reading symbols from /lib/libssl.so.4...done.
Loaded symbols for /lib/libssl.so.4
Reading symbols from /lib/libcrypto.so.4...done.
Loaded symbols for /lib/libcrypto.so.4
Reading symbols from /usr/kerberos/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/kerberos/lib/libgssapi_krb5.so.2
Reading symbols from /usr/kerberos/lib/libkrb5.so.3...done.
Loaded symbols for /usr/kerberos/lib/libkrb5.so.3
Reading symbols from /usr/kerberos/lib/libcom_err.so.3...done.
Loaded symbols for /usr/kerberos/lib/libcom_err.so.3
Reading symbols from /usr/kerberos/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/kerberos/lib/libk5crypto.so.3
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/local/apache2/lib/libaprutil-0.so.0...done.
Loaded symbols for /usr/local/apache2/lib/libaprutil-0.so.0
Reading symbols from /lib/libdb-4.1.so...done.
Loaded symbols for /lib/libdb-4.1.so
Reading symbols from /usr/lib/libexpat.so.0...done.
Loaded symbols for /usr/lib/libexpat.so.0
Reading symbols from /usr/local/apache2/lib/libapr-0.so.0...done.
Loaded symbols for /usr/local/apache2/lib/libapr-0.so.0
Reading symbols from /lib/tls/librt.so.1...done.
Loaded symbols for /lib/tls/librt.so.1
Reading symbols from
/usr/lib/perl5/5.8.0/i386-linux-thread-multi/CORE/libperl.so...done.
Loaded symbols for /usr/lib/perl5/5.8.0/i386-linux-thread-multi/CORE/libperl.so
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/tls/libpthread.so.0...done.
[Thread debugging using libthread_db enabled]
[New Thread -1218551680 (LWP 669)]
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libutil.so.1...done.
Loaded symbols for /lib/libutil.so.1
Reading symbols from /usr/lib/libgdbm.so.2...done.
Loaded symbols for /usr/lib/libgdbm.so.2
Reading symbols from /usr/lib/liblber.so.2...done.
Loaded symbols for /usr/lib/liblber.so.2
Reading symbols from /usr/lib/libldap.so.2...done.
Loaded symbols for /usr/lib/libldap.so.2
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/lib/libsasl.so.7...done.
Loaded symbols for /usr/lib/libsasl.so.7
Reading symbols from /lib/libpam.so.0...done.
Loaded symbols for /lib/libpam.so.0
Reading symbols from /lib/liblaus.so.1...done.
Loaded symbols for /lib/liblaus.so.1
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /usr/local/apache2/modules/mod_ldap.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_ldap.so
Reading symbols from /usr/local/apache2/modules/mod_auth_ldap.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_auth_ldap.so
Reading symbols from /usr/local/apache2/modules/mod_ssl.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_ssl.so
Reading symbols from /usr/local/apache2/modules/mod_rewrite.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_rewrite.so
Reading symbols from /usr/local/apache2/modules/mod_perl.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_perl.so
Reading symbols from /usr/local/apache2/modules/mod_smbauth.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_smbauth.so
Reading symbols from /usr/local/apache2/modules/libphp5.so...done.
Loaded symbols for /usr/local/apache2/modules/libphp5.so
Reading symbols from /usr/lib/libstdc++.so.5...done.
Loaded symbols for /usr/lib/libstdc++.so.5
Reading symbols from
/usr/local/mysql-4.1.11-i686-linux-rhel3/lib/mysql/libmysqlclient.so.14...done.
Loaded symbols for /usr/local/mysql/lib/mysql/libmysqlclient.so.14
Reading symbols from /usr/local/lib/libsybdb.so.3...done.
Loaded symbols for /usr/local/lib/libsybdb.so.3
Reading symbols from /usr/lib/libttf.so.2...done.
Loaded symbols for /usr/lib/libttf.so.2
Reading symbols from /usr/lib/libpng12.so.0...done.
Loaded symbols for /usr/lib/libpng12.so.0
Reading symbols from /usr/lib/libjpeg.so.62...done.
Loaded symbols for /usr/lib/libjpeg.so.62
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/libgcc_s.so.1...done.
Loaded symbols for /lib/libgcc_s.so.1
Reading symbols from /usr/lib/sasl/libanonymous.so...done.
Loaded symbols for /usr/lib/sasl/libanonymous.so
Reading symbols from /usr/lib/sasl/libcrammd5.so...done.
Loaded symbols for /usr/lib/sasl/libcrammd5.so
Reading symbols from /usr/lib/sasl/libdigestmd5.so...done.
Loaded symbols for /usr/lib/sasl/libdigestmd5.so
Reading symbols from /usr/kerberos/lib/libdes425.so.3...done.
Loaded symbols for /usr/kerberos/lib/libdes425.so.3
Reading symbols from /usr/lib/sasl/libgssapiv2.so...done.
Loaded symbols for /usr/lib/sasl/libgssapiv2.so
Reading symbols from /usr/lib/sasl/liblogin.so...done.
Loaded symbols for /usr/lib/sasl/liblogin.so
Reading symbols from /usr/lib/sasl/libplain.so...done.
Loaded symbols for /usr/lib/sasl/libplain.so
Reading symbols from /lib/libnss_winbind.so.2...done.
Loaded symbols for /lib/libnss_winbind.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
0x004972ff in malloc_consolidate () from /lib/tls/libc.so.6
(gdb) bt full
#0  0x004972ff in malloc_consolidate () from /lib/tls/libc.so.6
No symbol table info available.
#1  0x00496af9 in _int_malloc () from /lib/tls/libc.so.6
No symbol table info available.
#2  0x00495e9d in malloc () from /lib/tls/libc.so.6
No symbol table info available.
#3  0x011261b8 in _emalloc (size=5611904) at
/usr/local/src/apache2/php-5.0.4/Zend/zend_alloc.c:182
        p = (zend_mem_header *) 0x559898
        real_size = 1
        cache_index = 464
#4  0x01146d3a in zend_objects_store_init (objects=0x11e2fd4, init_size=1024)
    at /usr/local/src/apache2/php-5.0.4/Zend/zend_objects_API.c:32
No locals.
#5  0x0112d936 in init_executor () at
/usr/local/src/apache2/php-5.0.4/Zend/zend_execute_API.c:174
No locals.
#6  0x01136518 in zend_activate () at
/usr/local/src/apache2/php-5.0.4/Zend/zend.c:787
No locals.
#7  0x011090e0 in php_request_startup () at
/usr/local/src/apache2/php-5.0.4/main/main.c:1031
        orig_bailout = {{__jmpbuf = {1, 18755292, -1073762564, -1073762536,
-1073762992, 
      18192962}, __mask_was_saved = 0, __saved_mask = {__val = {0 <repeats 32
times>}}}}
        orig_bailout_set = 1 '\001'
        retval = 0
#8  0x01159cdf in php_handler (r=0x96e14c8)
    at /usr/local/src/apache2/php-5.0.4/sapi/apache2handler/sapi_apache2.c:527
        orig_bailout = {{__jmpbuf = {0, 0, 0, 0, 0, 0}, __mask_was_saved = 0,
__saved_mask = {
      __val = {0 <repeats 32 times>}}}}
        ctx = (php_struct *) 0x96e2e70
        brigade = (apr_bucket_brigade *) 0x96e2ee8
        bucket = (apr_bucket *) 0x1
        rv = 1
        parent_req = (request_rec *) 0x0
#9  0x0807cc36 in ap_run_handler (r=0x96e14c8) at config.c:153
        pHook = (ap_LINK_handler_t *) 0x1
        n = 10
        rv = 1
#10 0x0807d14e in ap_invoke_handler (r=0x96e14c8) at config.c:364
        new_handler = 0x1d0 <Address 0x1d0 out of bounds>
        p2 = 0x1 <Address 0x1 out of bounds>
        handler = 0x951a000 "application/x-httpd-php"
        result = 158209224
        old_handler = 0x0
#11 0x0806cda4 in ap_internal_redirect (new_uri=0x953cd70
"/errormsgs/denied.html", r=0x96dd4f0)
    at http_request.c:465
        new = (request_rec *) 0x96e14c8
        access_status = 1
#12 0x0806c862 in ap_process_request (r=0x96dd4f0) at http_request.c:262
        access_status = 464
#13 0x08068939 in ap_process_http_connection (c=0x96d3078) at http_core.c:251
        r = (request_rec *) 0x96dd4f0
---Type <return> to continue, or q <return> to quit---
        csd_set = 1
        csd = (apr_socket_t *) 0x96d2fa0
#14 0x08085ed6 in ap_run_process_connection (c=0x96d3078) at connection.c:43
        pHook = (ap_LINK_process_connection_t *) 0x1
        n = 1
        rv = 1
#15 0x0807b7af in child_main (child_num_arg=1) at prefork.c:610
        ret = 1
        n = 1
        ptrans = (apr_pool_t *) 0x96d2f68
        allocator = (apr_allocator_t *) 0x96d0ed8
        current_conn = (conn_rec *) 0x96d3078
        status = 158150776
        i = 464
        lr = (ap_listen_rec *) 0x96d3078
        curr_pollfd = 464
        last_pollfd = 0
        pollset = (apr_pollfd_t *) 0x96d1018
        offset = 1
        csd = (void *) 0x96d2fa0
        sbh = (ap_sb_handle_t *) 0x96d0fe8
        rv = 1
        bucket_alloc = (apr_bucket_alloc_t *) 0x96d74a0
#16 0x0807b8cc in make_child (s=0x948b800, slot=7) at prefork.c:704
        pid = 0
#17 0x0807bb12 in perform_idle_server_maintenance (p=0x94870a8) at prefork.c:839
        status = 1
        i = 1
        idle_count = 3
        ws = (worker_score *) 0x1
        free_length = 2
        free_slots = {7, 8, 10924584, 10887327, 0, 0, 0, 0, 0, 0, 0, 0,
10924584, 1000000, 0, 
  10901179, 0, 0, 0, 0, -1073762032, 0, 1000000, 0, 0, 0, -1073761976,
-1073761936, 0, 0, 
  -1073761976, 134769469}
        last_non_dead = 16
        total_non_dead = 12
#18 0x0807c0b2 in ap_mpm_run (_pconf=0x5, plog=0x94bf188, s=0x0) at prefork.c:1040
        status = 0
        pid = {pid = -1, in = 0x94c8190, out = 0x94c81a8, err = 0xa66a64}
        child_slot = 5
        exitwhy = APR_PROC_EXIT
        processed_status = 0
        index = 158325008
        remaining_children_to_start = 0
        rv = 1
#19 0x0808109a in main (argc=4, argv=0xbfffb284) at main.c:618
        exit_status = 0
        c = 68 'D'
        configtestonly = 0
---Type <return> to continue, or q <return> to quit---
        confname = 0x80a0e73 "conf/httpd.conf"
        def_server_root = 0x80a1b18 "/usr/local/apache2"
        temp_error_log = 0x0
        process = (process_rec *) 0x9485120
        server_conf = (server_rec *) 0x948b800
        pglobal = (apr_pool_t *) 0x94850a0
        pconf = (apr_pool_t *) 0x94870a8
        plog = (apr_pool_t *) 0x94bf188
        ptemp = (apr_pool_t *) 0x94c81a8
        pcommands = (apr_pool_t *) 0x94890b0
        opt = (apr_getopt_t *) 0x9489148
        rv = 1
        mod = (module **) 0x948b800
        optarg = 0xbfffcf49 "SSL"
        signal_server = (apr_OFN_ap_signal_server_t *) 0x1d0
(gdb)

Comment 1 Joe Orton 2005-05-02 20:26:11 UTC

The crash is in PHP, but it looks like some kind of memory corruption: I don't
know if bug 34618 could have this symptom but it may be worth trying the patch
which fixes that bug:

http://issues.apache.org/bugzilla/attachment.cgi?id=14873

otherwise, restarting with "export MALLOC_TRACE_=2" in the environment and
getting a new backtrace might help narrow it down.

Comment 2 eric 2005-05-04 13:43:59 UTC

The suggested patch appears to have fixed the issue.

I assume we'll see it in 2.0.55?

Comment 3 Joe Orton 2005-05-04 14:03:12 UTC


*** This bug has been marked as a duplicate of 34618 ***