Subject: httpd blocked in sokva
To: None <firstname.lastname@example.org>
From: Paul Mather <email@example.com>
Date: 04/02/2004 10:21:47
I just noticed a number of httpd children all blocked on the "sokva"
wait channel. A "ps axO wchan" gives me about 50 of the following:
4061 sokva ?? DW 0:00.01 /usr/pkg/sbin/httpd -DSSL
I tried bumping up kern.somaxkva from its default 16 MB to 24 MB, but
that didn't appear to have any effect on unblocking any of these.
Alas, they're unkillable, and are holding the ports bound. (I tried
restarting Apache but it refused to start up again because it couldn't
bind to port 80.) I guess my only remedy now is to reboot. :-(
This httpd issue hasn't happened to me before, but I notice there is
now a candidate vulnerability for the version of Apache I'm running:
Package apache-1.3.29 has a remote-code-execution vulnerability, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
The WWW server doesn't get much load, so maybe I just was an unlucky
DoS/probe victim that triggered this "sokva" problem.
I did a little searching and it appears others have had this problem.
Someone reported that building a kernel with the SOSEND_NO_LOAN option
enabled (to disable zero-copy sockets on the send side) appeared to
solve the problem they had. I'll try that, although it may be hard to
tell if this does solve the problem, as it is likely quite hard to
reproduce it in my case.
Has anyone else noticed this having happened on their system? With
release engineering about to begin for NetBSD 2.0, it would be sad to
have that ship with a bug like this.
BTW, I'm running NetBSD/alpha 1.6ZK, along with a userland
contemporary to it:
NetBSD chumby.dlib.vt.edu 1.6ZK NetBSD 1.6ZK (CHUMBY) #0: Sat Mar 6 18:11:27 EST 2004 firstname.lastname@example.org:/usr/obj/sys/arch/alpha/compile/CHUMBY alpha
"Without music to decorate it, time is just a bunch of boring production
deadlines or dates by which bills must be paid."
--- Frank Vincent Zappa