FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

I've been performing some stress tests on the following environment:

- Redhat 8.0
- Apache web server 2.0.47
- openSSL 0.9.7c

the tests have involved accessing simple web pages many times using an
automated load generator.

Whilst memory utilization without mod_ssl load was seen to be flat (using
gkrellm) - as soon as I loaded mod_ssl and started to use SSL connections
memory increases and grows.

I've done tests with server authn and with client authn - there would appear
to be a memory leak in both cases.

In order to obtain more accurate memory utilization metrics due to httpd
with mod_ssl I've produced a utility that logged every minute the average
RSS over all of the httpd threads I had loaded (1074 in all).

In a period of 5 hours I had a leak of 25 Mbytes - per httpd thread


A few more details on the test:
- 100 "virtual" clients
- total load of about 45 trans/sec - because of a few embedded images this
results in about 70->80/sec HTTP GETs
- each HTTP GET in general will result in a new SSL connection
- in all about 500,000 trans where performed.


Please let me know if you would like any other information. I do have
output from the load generator and the utility that I can send anyone.


John

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

On Fri, Dec 19, 2003 at 09:19:15AM -0000, John Hughes wrote:
> Please let me know if you would like any other information. I do have
> output from the load generator and the utility that I can send anyone.
>
What type of SSLSessionCache are you using? Do you any any 3rd party
modules?
Please also note that the current release version is 2.0.48

vh

Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

I have no 3rd party modules loaded. The testing I did was with and without
mod_ssl loaded. Only when mod_ssl was loaded - and SSL was used - did I see
a memory leak under load.

My SSLSessionCache values are the default and are:

SSLSessionCache dbm:logs/ssl_scache
SSLSessionCacheTimeout 300

John

> -----Original Message-----
> From: owner-modssl-users@modssl.org
> [mailto:owner-modssl-users@modssl.org]On Behalf Of Mads Toftum
> Sent: 19 December 2003 09:37
> To: modssl-users@modssl.org
> Subject: Re: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c
>
>
> On Fri, Dec 19, 2003 at 09:19:15AM -0000, John Hughes wrote:
> > Please let me know if you would like any other information. I do have
> > output from the load generator and the utility that I can send anyone.
> >
> What type of SSLSessionCache are you using? Do you any any 3rd party
> modules?
> Please also note that the current release version is 2.0.48
>
> vh
>
> Mads Toftum
> --
> `Darn it, who spiked my coffee with water?!' - lwall
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

On Fri, Dec 19, 2003 at 11:01:57AM -0000, John Hughes wrote:
> I have no 3rd party modules loaded. The testing I did was with and without
> mod_ssl loaded. Only when mod_ssl was loaded - and SSL was used - did I see
> a memory leak under load.
>
> My SSLSessionCache values are the default and are:
>
> SSLSessionCache dbm:logs/ssl_scache
> SSLSessionCacheTimeout 300
>
On linux you really should be using a shared memory session cache - like
SSLSessionCache shmcb:logs/ssl_gcache_data(512000)
SSLSessionCacheTimeout 300


vh

Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

Mads,

that worked - thank you.

Had my test harness working for about 75 hours - and performed about 13
Million trans. Not a memory leak in sight.

Thanks again

John



> -----Original Message-----
> From: owner-modssl-users@modssl.org
> [mailto:owner-modssl-users@modssl.org]On Behalf Of Mads Toftum
> Sent: 19 December 2003 12:59
> To: modssl-users@modssl.org
> Subject: Re: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c
>
>
> On Fri, Dec 19, 2003 at 11:01:57AM -0000, John Hughes wrote:
> > I have no 3rd party modules loaded. The testing I did was with
> and without
> > mod_ssl loaded. Only when mod_ssl was loaded - and SSL was
> used - did I see
> > a memory leak under load.
> >
> > My SSLSessionCache values are the default and are:
> >
> > SSLSessionCache dbm:logs/ssl_scache
> > SSLSessionCacheTimeout 300
> >
> On linux you really should be using a shared memory session cache - like
> SSLSessionCache shmcb:logs/ssl_gcache_data(512000)
> SSLSessionCacheTimeout 300
>
>
> vh
>
> Mads Toftum
> --
> `Darn it, who spiked my coffee with water?!' - lwall
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org