From:
Operating system: Debian testing (kern. 3.2.2)
PHP version: 5.3.9
Package: Reproducible crash
Bug Type: Bug
Bug description:Constant memory leaking, segfaults
Description:
------------
Both fpm and apache2 module leak memory constantly in our application, have
to
set max_requests to around 100 to prevent the machine from crashing -
server
memory is overcommited by a factor of 1.5.
Situation was normal in PHP 5.3.6, but it broke in 5.3.8-9 and 5.4
RC6/trunk
(5.4 was compiled without suhosin).
Currently using PHP 5.3.9-1 packages from dotdeb.org, but can reproduce it
on
latest 5.4.
Jan 30 16:06:55 ns214205 kernel: apache2[30073]: segfault at 7f6ebd094ace
ip
00007f6ebd094ace sp 00007f6e9a82ce78 error 14
Jan 30 16:06:55 ns214205 kernel: apache2[30069]: segfault at 7f6ebd094ace
ip
00007f6ebd094ace sp 00007f6e9c830e78 error 14 in
pdo_mysql.so[7f6ebf935000+7000]
Jan 30 16:06:55 ns214205 kernel: in pdo_mysql.so[7f6ebf935000+7000]
Jan 30 16:13:22 ns214205 kernel: apache2[44953]: segfault at 7f6ebd094ace
ip
00007f6ebd094ace sp 00007f6e9de75e78 error 14
Jan 30 16:13:22 ns214205 kernel: apache2[44958]: segfault at 7f6ebd094ace
ip
00007f6ebd094ace sp 00007f6e9b1dfe78 error 14 in
libgcc_s.so.1[7f6ec05ca000+15000]
Jan 30 16:13:22 ns214205 kernel: in libgcc_s.so.1[7f6ec05ca000+15000]
Jan 30 16:24:21 ns214205 kernel: apache2[3946]: segfault at 7f6ebd094ace ip
00007f6ebd094ace sp 00007f6e9ca63e78 error 14 in
pdo_mysql.so[7f6ebf935000+7000]
Jan 30 16:28:04 ns214205 kernel: apache2[12686]: segfault at 7f6ebd094ace
ip
00007f6ebd094ace sp 00007f6e9de75e78 error 14 in
libmysqlclient_r.so.16.0.0[7f6ebfd58000+1cf000]
Backtrace of 16:13:22 core dump:
warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal 11, Segmentation fault.
#0 malloc_consolidate (av=0x7f6ec6d7fe60) at malloc.c:5157
5157 malloc.c: No such file or directory.
in malloc.c
(gdb) bt
#0 malloc_consolidate (av=0x7f6ec6d7fe60) at malloc.c:5157
#1 0x00007f6ec6a73f88 in _int_free (av=0x7f6ec6d7fe60, p=0x7f6ec964ec50)
at
malloc.c:5034
#2 0x00007f6ec6a7738c in *__GI___libc_free (mem=<optimized out>) at
malloc.c:3738
#3 0x00007f6ec4e88e01 in __zend_mm_shutdown_canary (heap=0x7f6ec93b67a0,
full_shutdown=1, silent=97) at /tmp/buildd/php5-
5.3.9/Zend/zend_alloc_canary.c:1724
#4 0x00007f6ec4e16b1f in php_module_shutdown () at /tmp/buildd/php5-
5.3.9/main/main.c:2214
#5 0x00007f6ec4e16b99 in php_module_shutdown_wrapper
(sapi_globals=0x7f6ec6d7fe60) at /tmp/buildd/php5-5.3.9/main/main.c:2169
#6 0x00007f6ec4ef88b1 in php_apache_child_shutdown (tmp=0x7f6ec6d7fe60) at
/tmp/buildd/php5-5.3.9/sapi/apache2handler/sapi_apache2.c:399
#7 0x00007f6ec6fba8ae in apr_pool_destroy () from /usr/lib/libapr-1.so.0
#8 0x00007f6ec78ae19e in clean_child_exit (code=0) at prefork.c:196
#9 0x00007f6ec78ae58c in child_main (child_num_arg=<optimized out>) at
prefork.c:692
#10 0x00007f6ec78aec5a in make_child (slot=59, s=0x7f6ec78417f8) at
prefork.c:768
#11 make_child (s=0x7f6ec78417f8, slot=59) at prefork.c:696
#12 0x00007f6ec78af80f in perform_idle_server_maintenance (p=<optimized
out>) at
prefork.c:903
#13 ap_mpm_run (_pconf=<optimized out>, plog=<optimized out>, s=<optimized
out>)
at prefork.c:1107
#14 0x00007f6ec7884a1a in main (argc=3, argv=0x7fffa6794d28) at main.c:741
(gdb) bt full
#0 malloc_consolidate (av=0x7f6ec6d7fe60) at malloc.c:5157
fb = 0x7f6ec6d7fe88
maxfb = 0x7f6ec6d7feb0
p = 0x7f6ec943f870
nextp = 0x7f6ec943f810
unsorted_bin = 0x7f6ec6d7feb8
first_unsorted = <optimized out>
nextchunk = 0x7f6ec943f8d0
size = 96
nextsize = 176
prevsize = <optimized out>
bck = <optimized out>
fwd = 0x7f6ec95b1600
__func__ = "malloc_consolidate"
#1 0x00007f6ec6a73f88 in _int_free (av=0x7f6ec6d7fe60, p=0x7f6ec964ec50)
at
malloc.c:5034
size = 262160
nextchunk = 0x7f6ec968ec60
nextsize = 5648
prevsize = <optimized out>
bck = <optimized out>
fwd = 0x61
errstr = <optimized out>
__func__ = "_int_free"
#2 0x00007f6ec6a7738c in *__GI___libc_free (mem=<optimized out>) at
malloc.c:3738
ar_ptr = 0x7f6ec6d7fe60
p = 0x61
#3 0x00007f6ec4e88e01 in __zend_mm_shutdown_canary (heap=0x7f6ec93b67a0,
full_shutdown=1, silent=97) at /tmp/buildd/php5-
5.3.9/Zend/zend_alloc_canary.c:1724
internal = 0
#4 0x00007f6ec4e16b1f in php_module_shutdown () at /tmp/buildd/php5-
5.3.9/main/main.c:2214
No locals.
#5 0x00007f6ec4e16b99 in php_module_shutdown_wrapper
(sapi_globals=0x7f6ec6d7fe60) at /tmp/buildd/php5-5.3.9/main/main.c:2169
No locals.
#6 0x00007f6ec4ef88b1 in php_apache_child_shutdown (tmp=0x7f6ec6d7fe60) at
/tmp/buildd/php5-5.3.9/sapi/apache2handler/sapi_apache2.c:399
No locals.
#7 0x00007f6ec6fba8ae in apr_pool_destroy () from /usr/lib/libapr-1.so.0
Using apc 3.1.9, PDO, PDO Mysql, mongo, imagick, memcached, igbinary, json,
filter extensions - latest from pecl (if not provided with php). Build is
not
thread-safe. Disabling Mongo, imagick, memcached, igbinary does not seem to
help
the situation in any way.
--
Edit bug report at https://bugs.php.net/bug.php?id=60935&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=60935&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=60935&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=60935&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=60935&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=60935&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=60935&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=60935&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=60935&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=60935&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=60935&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=60935&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=60935&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=60935&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=60935&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=60935&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=60935&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=60935&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=60935&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=60935&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=60935&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=60935&r=mysqlcfg
