Bug#450581: [php-maint] Bug#450581: libapache2-mod-php5: ob_start (with gzhandler?) takes 100% mem+swap within a few seconds

Thu, 08 Nov 2007 05:53:14 -0800 

severity 450581 normal
thank you

It's normal bug in php.  Certainly not critical.  Linux systems has
several ways how to prevent processes eating all the available memory.

For the record:

Finally I found out what it was AND it was / is (using this script) a
major flaw in the (gz) output handler; a user on the server uses in his
code;

ob_start("ob_gzhandler", 9);

something();

ob_flush();

If something() generates a certain amounts of data, the ob_gzhandler
will get stuck in a loop, eating all memory. 

In the user his particular case, because his database was not working,
some pages always have this 'magic size' (probably some factor of 9 in
this case). 

I tried this on the latest stable of PHP 5 and the bug is still there;
you can crash any php hosting machine on the net with this :(

As to prevent this kind of thing from happening, I put the following
code on the machines; 




#!/usr/bin/perl

$maxmem=10;

while(1) {
  @r=`ps auxwhww|awk '{print \$4,\$2,\$11,\$12,\$13,\$15}'|grep 
httpd-users|grep -v grep`;
  foreach(@r) {
   chomp;
   /(.*?)\ (.*?)\ (.*)/;
   if ($1>$maxmem) {
    print "$_ killed\n";
    `kill -9 $2`;
   }
  sleep 1;
}


Update: Only PHP5.x is affected, not lower (tested); didn't try higher.
I have code to reproduce it every run.


tluyben píše v Čt 08. 11. 2007 v 11:42 +0100:
> Package: libapache2-mod-php5
> Version: 5.x
> Severity: critical
> Justification: breaks the whole system
> 
> More info; 
> 
> http://brainfish-eat-fishbrain.blogspot.com/2007/11/checking-what-is-eating-your-memory_08.html
> 
> -- System Information:
> Debian Release: 4.0
>   APT prefers stable
>   APT policy: (500, 'stable')
> Architecture: i386 (i686)
> Shell:  /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.18-3-686-bigmem
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> 
> 
> 
> _______________________________________________
> pkg-php-maint mailing list
> [EMAIL PROTECTED]
> http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint
-- 
Ondřej Surý <[EMAIL PROTECTED]>  ***  http://blog.rfc1925.org/
Kulturní občasník              ***  http://www.obcasnik.cz/
Nehoupat, prosím               ***  http://nehoupat.blogspot.com/

Reply via email to