FS#53934 - [apache] 2.4.25-2 and openssl 1.1.0.e-1, broken 'ab' command

Attached to Project: Arch Linux
Opened by Steven Noonan (neunon) - Friday, 05 May 2017, 09:17 GMT
Last edited by Jan de Groot (JGC) - Sunday, 21 May 2017, 22:10 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Jan de Groot (JGC)
Anatol Pomozov (anatolik)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

I have apache 2.4.25-2 and openssl 1.1.0.e-1 installed (latest from extra and core, respectively).

The 'ab' command that comes with Apache gets stuck in an infinite loop when starting up. For example, if I start running:

$ ab "https://elbereth.uplinklabs.net/"

It will never exit. "perf record" shows that it's spending all of its time in CRYPTO_malloc despite its memory utilization apparently not increasing. If I break it while it's running this is the call stack:

^C
Program received signal SIGINT, Interrupt.
0x00007ffff784bb70 in CRYPTO_malloc (num=56, file=0x7ffff78fb4e4 "crypto/threads_pthread.c", line=21) at crypto/mem.c:75
75 crypto/mem.c: No such file or directory.
(gdb) bt
#0 0x00007ffff784bb70 in CRYPTO_malloc (num=56, file=0x7ffff78fb4e4 "crypto/threads_pthread.c", line=21) at crypto/mem.c:75
#1 0x00007ffff784bc9e in CRYPTO_zalloc (num=num@entry=56, file=file@entry=0x7ffff78fb4e4 "crypto/threads_pthread.c", line=line@entry=21) at crypto/mem.c:100
#2 0x00007ffff789df97 in CRYPTO_THREAD_lock_new () at crypto/threads_pthread.c:21
#3 0x00007ffff7847f88 in ossl_init_base () at crypto/init.c:79
#4 ossl_init_base_ossl_ () at crypto/init.c:66
#5 0x00007ffff6d76399 in __pthread_once_slow () from /usr/lib/libpthread.so.0
#6 0x00007ffff789e069 in CRYPTO_THREAD_run_once (once=once@entry=0x7ffff7b6d158 <base>, init=init@entry=0x7ffff7847f60 <ossl_init_base_ossl_>) at crypto/threads_pthread.c:106
#7 0x00007ffff784831b in OPENSSL_init_crypto (opts=opts@entry=2097166, settings=0x0) at crypto/init.c:513
#8 0x00007ffff7b9b074 in OPENSSL_init_ssl (opts=opts@entry=2097154, settings=settings@entry=0x0) at ssl/ssl_init.c:194
#9 0x0000000000403aae in main (argc=<optimized out>, argv=<optimized out>) at ab.c:2508
(gdb)

I suspect this is an issue with httpd-2.4.23-openssl11.patch in the Apache package. I notice that if I remove the OPENSSL_malloc_init() call, then ab runs as expected.
This task depends upon

Closed by  Jan de Groot (JGC)
Sunday, 21 May 2017, 22:10 GMT
Reason for closing:  Fixed
Comment by Jim Duchek (jimduchek) - Thursday, 18 May 2017, 20:32 GMT
See: https://github.com/openssl/openssl/issues/2865 -- I don't have time to test this right now, but according to this issue the calls are in the wrong order in the patch neunon mentions.
Comment by Jan de Groot (JGC) - Friday, 19 May 2017, 07:31 GMT
Thanks. That link also describes the same bug in Apache serf. When I rebuilt that it went into infinite loop during the test suite. Compiling against OpenSSL 1.0 also failed the test suite (in a different way though), so your comment is useful for two bugs.

Loading...