You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2005/05/02 14:18:57 UTC
DO NOT REPLY [Bug 34705] New: -
mod_auth_ldap - repeated login failures result in high CPU usage
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=34705>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34705
Summary: mod_auth_ldap - repeated login failures result in high
CPU usage
Product: Apache httpd-2.0
Version: 2.0.54
Platform: Other
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_auth_ldap
AssignedTo: bugs@httpd.apache.org
ReportedBy: eric@lib.usf.edu
Using https: (have not tested with http:), browser - Firefox, if user fails to
enter a valid username and password 2 or 3 times, the browser goes into a
waiting state, and the server thread spikes a processor (CPU usage goes to max).
Even on a multiprocessor system, a couple of finger flubbing users can drive
the load of a system beyond preferred limits. This behavior appears to be new
as of 2.0.54 (2.0.53 did not do this as far as I know).
System is: Dell 2650 2x2.8 Ghz w/2 GB RAM running Redhat Enterprise Linux 3.0.
Apache uses: PHP, mod_perl, mod_smbauth, and runs both http and SSL as vhosts.
Apache compiled with: ./configure --prefix=$APACHE_DIR \
--enable-ldap --enable-auth-ldap --with-ldap \
--enable-mods-shared="rewrite ssl auth_ldap ldap"
Below is a gdb/bt full of one of the runaway processes:
# gdb /usr/local/apache2/bin/httpd 669
GNU gdb Red Hat Linux (6.1post-1.20040607.52rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library
"/lib/tls/libthread_db.so.1".
Attaching to program: /usr/local/apache2/bin/httpd, process 669
Reading symbols from /lib/libssl.so.4...done.
Loaded symbols for /lib/libssl.so.4
Reading symbols from /lib/libcrypto.so.4...done.
Loaded symbols for /lib/libcrypto.so.4
Reading symbols from /usr/kerberos/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/kerberos/lib/libgssapi_krb5.so.2
Reading symbols from /usr/kerberos/lib/libkrb5.so.3...done.
Loaded symbols for /usr/kerberos/lib/libkrb5.so.3
Reading symbols from /usr/kerberos/lib/libcom_err.so.3...done.
Loaded symbols for /usr/kerberos/lib/libcom_err.so.3
Reading symbols from /usr/kerberos/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/kerberos/lib/libk5crypto.so.3
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/local/apache2/lib/libaprutil-0.so.0...done.
Loaded symbols for /usr/local/apache2/lib/libaprutil-0.so.0
Reading symbols from /lib/libdb-4.1.so...done.
Loaded symbols for /lib/libdb-4.1.so
Reading symbols from /usr/lib/libexpat.so.0...done.
Loaded symbols for /usr/lib/libexpat.so.0
Reading symbols from /usr/local/apache2/lib/libapr-0.so.0...done.
Loaded symbols for /usr/local/apache2/lib/libapr-0.so.0
Reading symbols from /lib/tls/librt.so.1...done.
Loaded symbols for /lib/tls/librt.so.1
Reading symbols from
/usr/lib/perl5/5.8.0/i386-linux-thread-multi/CORE/libperl.so...done.
Loaded symbols for /usr/lib/perl5/5.8.0/i386-linux-thread-multi/CORE/libperl.so
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/tls/libpthread.so.0...done.
[Thread debugging using libthread_db enabled]
[New Thread -1218551680 (LWP 669)]
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libutil.so.1...done.
Loaded symbols for /lib/libutil.so.1
Reading symbols from /usr/lib/libgdbm.so.2...done.
Loaded symbols for /usr/lib/libgdbm.so.2
Reading symbols from /usr/lib/liblber.so.2...done.
Loaded symbols for /usr/lib/liblber.so.2
Reading symbols from /usr/lib/libldap.so.2...done.
Loaded symbols for /usr/lib/libldap.so.2
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/lib/libsasl.so.7...done.
Loaded symbols for /usr/lib/libsasl.so.7
Reading symbols from /lib/libpam.so.0...done.
Loaded symbols for /lib/libpam.so.0
Reading symbols from /lib/liblaus.so.1...done.
Loaded symbols for /lib/liblaus.so.1
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /usr/local/apache2/modules/mod_ldap.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_ldap.so
Reading symbols from /usr/local/apache2/modules/mod_auth_ldap.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_auth_ldap.so
Reading symbols from /usr/local/apache2/modules/mod_ssl.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_ssl.so
Reading symbols from /usr/local/apache2/modules/mod_rewrite.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_rewrite.so
Reading symbols from /usr/local/apache2/modules/mod_perl.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_perl.so
Reading symbols from /usr/local/apache2/modules/mod_smbauth.so...done.
Loaded symbols for /usr/local/apache2/modules/mod_smbauth.so
Reading symbols from /usr/local/apache2/modules/libphp5.so...done.
Loaded symbols for /usr/local/apache2/modules/libphp5.so
Reading symbols from /usr/lib/libstdc++.so.5...done.
Loaded symbols for /usr/lib/libstdc++.so.5
Reading symbols from
/usr/local/mysql-4.1.11-i686-linux-rhel3/lib/mysql/libmysqlclient.so.14...done.
Loaded symbols for /usr/local/mysql/lib/mysql/libmysqlclient.so.14
Reading symbols from /usr/local/lib/libsybdb.so.3...done.
Loaded symbols for /usr/local/lib/libsybdb.so.3
Reading symbols from /usr/lib/libttf.so.2...done.
Loaded symbols for /usr/lib/libttf.so.2
Reading symbols from /usr/lib/libpng12.so.0...done.
Loaded symbols for /usr/lib/libpng12.so.0
Reading symbols from /usr/lib/libjpeg.so.62...done.
Loaded symbols for /usr/lib/libjpeg.so.62
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/libgcc_s.so.1...done.
Loaded symbols for /lib/libgcc_s.so.1
Reading symbols from /usr/lib/sasl/libanonymous.so...done.
Loaded symbols for /usr/lib/sasl/libanonymous.so
Reading symbols from /usr/lib/sasl/libcrammd5.so...done.
Loaded symbols for /usr/lib/sasl/libcrammd5.so
Reading symbols from /usr/lib/sasl/libdigestmd5.so...done.
Loaded symbols for /usr/lib/sasl/libdigestmd5.so
Reading symbols from /usr/kerberos/lib/libdes425.so.3...done.
Loaded symbols for /usr/kerberos/lib/libdes425.so.3
Reading symbols from /usr/lib/sasl/libgssapiv2.so...done.
Loaded symbols for /usr/lib/sasl/libgssapiv2.so
Reading symbols from /usr/lib/sasl/liblogin.so...done.
Loaded symbols for /usr/lib/sasl/liblogin.so
Reading symbols from /usr/lib/sasl/libplain.so...done.
Loaded symbols for /usr/lib/sasl/libplain.so
Reading symbols from /lib/libnss_winbind.so.2...done.
Loaded symbols for /lib/libnss_winbind.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
0x004972ff in malloc_consolidate () from /lib/tls/libc.so.6
(gdb) bt full
#0 0x004972ff in malloc_consolidate () from /lib/tls/libc.so.6
No symbol table info available.
#1 0x00496af9 in _int_malloc () from /lib/tls/libc.so.6
No symbol table info available.
#2 0x00495e9d in malloc () from /lib/tls/libc.so.6
No symbol table info available.
#3 0x011261b8 in _emalloc (size=5611904) at
/usr/local/src/apache2/php-5.0.4/Zend/zend_alloc.c:182
p = (zend_mem_header *) 0x559898
real_size = 1
cache_index = 464
#4 0x01146d3a in zend_objects_store_init (objects=0x11e2fd4, init_size=1024)
at /usr/local/src/apache2/php-5.0.4/Zend/zend_objects_API.c:32
No locals.
#5 0x0112d936 in init_executor () at
/usr/local/src/apache2/php-5.0.4/Zend/zend_execute_API.c:174
No locals.
#6 0x01136518 in zend_activate () at
/usr/local/src/apache2/php-5.0.4/Zend/zend.c:787
No locals.
#7 0x011090e0 in php_request_startup () at
/usr/local/src/apache2/php-5.0.4/main/main.c:1031
orig_bailout = {{__jmpbuf = {1, 18755292, -1073762564, -1073762536,
-1073762992,
18192962}, __mask_was_saved = 0, __saved_mask = {__val = {0 <repeats 32
times>}}}}
orig_bailout_set = 1 '\001'
retval = 0
#8 0x01159cdf in php_handler (r=0x96e14c8)
at /usr/local/src/apache2/php-5.0.4/sapi/apache2handler/sapi_apache2.c:527
orig_bailout = {{__jmpbuf = {0, 0, 0, 0, 0, 0}, __mask_was_saved = 0,
__saved_mask = {
__val = {0 <repeats 32 times>}}}}
ctx = (php_struct *) 0x96e2e70
brigade = (apr_bucket_brigade *) 0x96e2ee8
bucket = (apr_bucket *) 0x1
rv = 1
parent_req = (request_rec *) 0x0
#9 0x0807cc36 in ap_run_handler (r=0x96e14c8) at config.c:153
pHook = (ap_LINK_handler_t *) 0x1
n = 10
rv = 1
#10 0x0807d14e in ap_invoke_handler (r=0x96e14c8) at config.c:364
new_handler = 0x1d0 <Address 0x1d0 out of bounds>
p2 = 0x1 <Address 0x1 out of bounds>
handler = 0x951a000 "application/x-httpd-php"
result = 158209224
old_handler = 0x0
#11 0x0806cda4 in ap_internal_redirect (new_uri=0x953cd70
"/errormsgs/denied.html", r=0x96dd4f0)
at http_request.c:465
new = (request_rec *) 0x96e14c8
access_status = 1
#12 0x0806c862 in ap_process_request (r=0x96dd4f0) at http_request.c:262
access_status = 464
#13 0x08068939 in ap_process_http_connection (c=0x96d3078) at http_core.c:251
r = (request_rec *) 0x96dd4f0
---Type <return> to continue, or q <return> to quit---
csd_set = 1
csd = (apr_socket_t *) 0x96d2fa0
#14 0x08085ed6 in ap_run_process_connection (c=0x96d3078) at connection.c:43
pHook = (ap_LINK_process_connection_t *) 0x1
n = 1
rv = 1
#15 0x0807b7af in child_main (child_num_arg=1) at prefork.c:610
ret = 1
n = 1
ptrans = (apr_pool_t *) 0x96d2f68
allocator = (apr_allocator_t *) 0x96d0ed8
current_conn = (conn_rec *) 0x96d3078
status = 158150776
i = 464
lr = (ap_listen_rec *) 0x96d3078
curr_pollfd = 464
last_pollfd = 0
pollset = (apr_pollfd_t *) 0x96d1018
offset = 1
csd = (void *) 0x96d2fa0
sbh = (ap_sb_handle_t *) 0x96d0fe8
rv = 1
bucket_alloc = (apr_bucket_alloc_t *) 0x96d74a0
#16 0x0807b8cc in make_child (s=0x948b800, slot=7) at prefork.c:704
pid = 0
#17 0x0807bb12 in perform_idle_server_maintenance (p=0x94870a8) at prefork.c:839
status = 1
i = 1
idle_count = 3
ws = (worker_score *) 0x1
free_length = 2
free_slots = {7, 8, 10924584, 10887327, 0, 0, 0, 0, 0, 0, 0, 0,
10924584, 1000000, 0,
10901179, 0, 0, 0, 0, -1073762032, 0, 1000000, 0, 0, 0, -1073761976,
-1073761936, 0, 0,
-1073761976, 134769469}
last_non_dead = 16
total_non_dead = 12
#18 0x0807c0b2 in ap_mpm_run (_pconf=0x5, plog=0x94bf188, s=0x0) at prefork.c:1040
status = 0
pid = {pid = -1, in = 0x94c8190, out = 0x94c81a8, err = 0xa66a64}
child_slot = 5
exitwhy = APR_PROC_EXIT
processed_status = 0
index = 158325008
remaining_children_to_start = 0
rv = 1
#19 0x0808109a in main (argc=4, argv=0xbfffb284) at main.c:618
exit_status = 0
c = 68 'D'
configtestonly = 0
---Type <return> to continue, or q <return> to quit---
confname = 0x80a0e73 "conf/httpd.conf"
def_server_root = 0x80a1b18 "/usr/local/apache2"
temp_error_log = 0x0
process = (process_rec *) 0x9485120
server_conf = (server_rec *) 0x948b800
pglobal = (apr_pool_t *) 0x94850a0
pconf = (apr_pool_t *) 0x94870a8
plog = (apr_pool_t *) 0x94bf188
ptemp = (apr_pool_t *) 0x94c81a8
pcommands = (apr_pool_t *) 0x94890b0
opt = (apr_getopt_t *) 0x9489148
rv = 1
mod = (module **) 0x948b800
optarg = 0xbfffcf49 "SSL"
signal_server = (apr_OFN_ap_signal_server_t *) 0x1d0
(gdb)
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org