You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2018/01/03 18:12:27 UTC
[Bug 61551] Event MPM loses track of connections not reported as
processed by modules
https://bz.apache.org/bugzilla/show_bug.cgi?id=61551
--- Comment #36 from Nic Jansma <ni...@nicj.net> ---
Hi Luca!
I attempted applying r1818804, r1818951, r1818960 and r1818960 against
server/mpm/event.c in 2.4.27, and got it to compile. However, there appear to
be a lot of other differences in event.c in 2.5.x vs 2.4.27, so I'm not sure
how complete my backport was.
After the patch, when start the server, and run a Slowloris attack:
> slowhttptest -H -u http://127.0.0.1/a -c 1000 -l 30
I pretty quickly see slots go into 'G', and subsequent 'systemctl reload httpd'
put them into Stopping (old gen) permanently:
Slot PID Stopping Connections Threads Async connections
total accepting busy idle writing keep-alive closing
0 24231 yes (old gen) 191 no 0 0 0 0
0
1 24396 yes (old gen) 146 no 0 0 0 0
0
2 23398 yes (old gen) 184 no 0 0 0 0
0
3 23442 yes (old gen) 119 no 0 0 0 0
0
4 23507 yes (old gen) 121 no 0 0 0 0
0
5 24397 yes (old gen) 191 no 0 0 0 0
0
6 24736 yes (old gen) 2 no 0 0 0 0
0
7 25056 yes (old gen) 166 no 0 0 0 0
0
8 25223 yes (old gen) 191 no 0 0 0 0
0
9 25224 yes (old gen) 193 no 0 0 0 0
0
10 25560 yes (old gen) 191 no 0 0 0 0
0
11 25726 yes (old gen) 91 no 0 0 0 0
0
12 25727 yes (old gen) 119 no 0 0 0 0
0
13 26086 no 0 yes 1 63 0 0 0
14 26087 no 0 yes 0 64 0 0 0
15 26090 no 0 yes 0 64 0 0 0
Sum 16 13 1905 1 191 0 0 0
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GG..............................................................
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
_W______________________________________________________________
________________________________________________________________
________________________________________________________________
I'm able to takeover all of the open connections in two cycles of
slowhttptest/reload on my test server.
The good news is this is easily reproducible via the following steps:
Apache 2.4.27
mod_security2 with config of https://pastebin.com/6tDXBBvY
run:
> slowhttptest -H -u http://127.0.0.1/a -c 1000 -l 30 # connections should go to 'G' quickly
> systemctl reload httpd
> slowhttptest -H -u http://127.0.0.1/a -c 1000 -l 30 # connections should go to 'G' quickly
> systemctl reload httpd # my test setup is now unresponsive
So I guess I would say that my attempt at backporting just the few changes
mentioned above to 2.4.27 doesn't seem to fix the issue, but I wasn't sure what
other changes might be needed before those revisions?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org