"Mutex file:${APACHE_LOCK_DIR} default" should be disabled by default on Linux because it leads to errors
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Low
|
Unassigned |
Bug Description
[Impact]
The default apache2.conf causes apache to issue streams of error
messages about deadlocks acquiring the SSL session cache lock.
Users are still reporting seeing this flaw in production (Xenial-based)
hosts.
[Test Case]
Reproduction steps TBD. Problem exhibits on high load systems. Verification will need to be done by those seeing the issue in production.
[Regression Potential]
Since this only changes the config installed by default, it won't impact existing installations, however behaviors to watch for would be SSL-related or configuration-
[Fix]
Backport a fix applied in bionic and newer, that modifies the makes
Apache use pthread mutexes by default on Linux, or fctnl on other
architectures that lack robust pthread muxexes.
[Other Info]
Users should be aware that if they haven't changed /etc/apache2/
[Original Report]
OS:
Ubuntu 14.04 LTS
Kernel:
3.13.0-79-generic x86_64
Apache:
2.4.7-1ubuntu4.5
In the default Apache 2.4 config on Ubuntu 14.04 LTS is the following set in /etc/apache2/
Mutex file:${
(/debian/
which leads to the following output of "apache2ctl -t -D DUMP_RUN_CFG":
Mutex default: dir="/var/
This leads constantly to a lot of these warning/emergency messages on a server with 200 busy worker threads, 100 Requests/s, 300 KB/s:
[Tue Mar 08 16:08:18.596653 2016] [ssl:warn] [pid 8339:tid 140182179256064] (35)Resource deadlock avoided: AH02026: Failed to acquire SSL session cache lock
[Wed Mar 09 07:09:31.099331 2016] [mpm_worker:emerg] [pid 26526:tid 139668485949184] (35)Resource deadlock avoided: AH00273: apr_proc_mutex_lock failed. Attempting to shutdown process gracefully.
Solution (as suggested by Yann Ylavic from Apache):
Commenting (removing) the Mutex directive, which leads to the following output of "apache2ctl -t -D DUMP_RUN_CFG":
Mutex default: dir="/var/
Then, there are no error messages anymore.
For the discussion, see the corresponding Apache httpd-users mailing list thread:
http://
(thread subject 'Lots of messages "[ssl:warn] Resource deadlock avoided: AH02026: Failed to acquire SSL session cache lock"' from 2016-03-08)
Here some more information:
# apache2ctl -V
Server version: Apache/2.4.7 (Ubuntu)
Server built: Jul 24 2015 17:25:11
Server's Module Magic Number: 20120211:27
Server loaded: APR 1.5.1-dev, APR-UTIL 1.5.3
Compiled using: APR 1.5.1-dev, APR-UTIL 1.5.3
Architecture: 64-bit
Server MPM: worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_
-D APR_USE_
-D SINGLE_
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_
-D DYNAMIC_
-D HTTPD_ROOT=
-D SUEXEC_
-D DEFAULT_
-D DEFAULT_
-D DEFAULT_
-D AP_TYPES_
-D SERVER_
Related branches
- Andreas Hasenack: Approve
- Canonical Server: Pending requested
-
Diff: 58 lines (+23/-2)3 files modifieddebian/changelog (+8/-0)
debian/config-dir/apache2.conf.in (+1/-1)
debian/rules (+14/-1)
Changed in apache2 (Ubuntu Xenial): | |
status: | Confirmed → Triaged |
importance: | Undecided → Low |
tags: | added: server-next |
description: | updated |
description: | updated |
Status changed to 'Confirmed' because the bug affects multiple users.