https://issues.apache.org/bugzilla/show_bug.cgi?id=52856
Bug #: 52856 Summary: High CPU load when the underlying socket error in ssl_socket_send is EAGAIN Product: Tomcat Native Version: 1.1.22 Platform: PC OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: Library AssignedTo: dev@tomcat.apache.org ReportedBy: dmitry.kukush...@external.telekom.de Classification: Unclassified How to reproduce: Tomcat with the APR connector, using HTTPS scheme, when a client requests for some quite a big (~100K-200K) static file, and breaks the connection unexpectedly. Shell script to reproduce: #!/bin/bash # A way to reproduce the bug in the APR connector. # Must be run from a different machine, the Tomcat is running on. # Author: Andreas Florath ( andreas.florath at external.telekom.de ) for port in 17890 17891 17892 17893 17894 17895 17896 17897 17898 17899; do curl --local-port $port --insecure "https://<host>:<port>/<some big file>" & sleep 0.1 iptables -A OUTPUT -p tcp --sport $port -j REJECT done Connector enters a socket write loop, taking nearly 1 CPU core. A snippet from the strace log: ... [pid 32221] write(91, "\347\2\22\36\334\222\2525g\215\342\352A\324\246\340\7\265(\205n\362\215\34az\363>\37Up\213"..., 1789 <unfinished ...> [pid 32222] <... futex resumed> ) = 0 [pid 32221] <... write resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 32222] write(94, "\276\275\263zN\n\20^\35\200\3.\5\n\35\300o\364\373\305\356\35\24{\302\200\242\346\22\241\256\326"..., 2812 <unfinished ...> [pid 32221] write(91, "\347\2\22\36\334\222\2525g\215\342\352A\324\246\340\7\265(\205n\362\215\34az\363>\37Up\213"..., 1789 <unfinished ...> [pid 32222] <... write resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 32221] <... write resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 32222] write(94, "\276\275\263zN\n\20^\35\200\3.\5\n\35\300o\364\373\305\356\35\24{\302\200\242\346\22\241\256\326"..., 2812 <unfinished ...> [pid 32221] write(91, "\347\2\22\36\334\222\2525g\215\342\352A\324\246\340\7\265(\205n\362\215\34az\363>\37Up\213"..., 1789 <unfinished ...> [pid 32222] <... write resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 32221] <... write resumed> ) = -1 EAGAIN (Resource temporarily unavailable) ... Possible patch: Add polling for writing with the timeout before the next ssl socket write attempt in case of EAGAIN --- tomcat-native-1.1.22-src/jni/native/src/sslnetwork.c +++ tomcat-native-1.1.22-src/jni/native/src/sslnetwork.c @@ -471,7 +471,7 @@ break; case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_WRITE: - if (nb && i == SSL_ERROR_WANT_WRITE) { + if (nb && i == SSL_ERROR_WANT_WRITE && !APR_STATUS_IS_EAGAIN(os) ) { *len = 0; return APR_SUCCESS; } -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org