PHP segfault

I am getting quite often notification emails since I installed OSSEC on my Linode, about segmentation fault errors with PHP, such as

php-fpm[7816]: segfault at 9 ip 083be865 sp bff3de00 error 6 in php-fpm[8048000+849000]

I only use php-fpm with nginx for my blog and have had a look around but I am not sure of what could be causing these errors and, more importantly, how to fix.

I've also noticed that I never see errors in the browser when pages are generated (I mean admin pages since I use caching plugins for user-visible pages), but sometimes a page takes longer than usual and right then I get one or more notifications of segfaults.

Any ideas/suggestions?

Thanks

Note: I have already tried with Google, thanks.

15 Replies

@Vito Botta:

Any ideas/suggestions?

I googled and found thousands of results for:

php-fpm segfault

and I also used Ad-Blocker Plus to get rid of the annoying "Vito's journal" advertisement that keeps flashing at the bottom of your posts.

James

Let's try again: Any useful ideas/suggestions?

I find that suggestion quite helpful. Have you hit google and exhausted that resource? The first few results are talking specifically about nginx, heck there's even a bug listed on php's site that talks about that.

http://www.google.com/search?q=php-fpm+segfault

Thank you both for your replies, and I mean it.

However, just so it is clear: I have been trying for a week or so tons of configuration settings and whatever else I found by googling. I think I have tried perhaps everything I found in the first 4-5 pages for any search keyphrase I could think of.

I only posted it here now since I am still getting the same notifications, and here I know there are many people with experience with these things.

BTW, I must say that I am a bit surprised to see the kind of responses one can get here; not long ago I just said my $0.02 in a post to say that "nginx is lighter and faster than apache" and lol - a few users hit back to me as if I had offended someone!

Here I ask for a little help and I am told to use Google. Thanks!

@zunzun, as for the "annoying" image, I have removed it hoping this will mean people are more likely to post to give me some help with the topic.

What distribution? What version? Compiled from source or installed as a package? Is it producing core files anywhere? Can you correlate it against your web access logs to see if it is a particular page?

Thanks hoopycat, I should have given this information in the first post.

On my Linode I am using ubuntu 10.04 32bit, with nginx 0.8.53 and php5-fpm 5.3.3.

I installed the package php5-fpm; I am not sure of which core files you mean - do you mean configuration files?

As for the site logs, I can see that each time OSSEC generates a notification for segfault, my site's errors log shows something like this:

2011/01/24 22:08:25 [error] 30738#0: *86745 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: xxx.xxx.xxx.xxx, server: mydomain.com, request: "GET /a-php-page.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "mydomain.com", referrer: "http://mydomain.com/a-php-page.php"

I forgot to mention that

1) I am using APC 3.1.5 beta

2) because of what is added to the site's errors log, I first thought it was something about timeouts when requests are proxied to PHP via fastcgi (OK, I don't mean "proxied" but I can't think of a better term). However in my nginx's virtual host setting I have:

location ~ \.php$ {
    fastcgi_pass                        127.0.0.1:9000;
    fastcgi_index                       index.php;
    fastcgi_connect_timeout     300;
    fastcgi_param                       SCRIPT_FILENAME $root$fastcgi_script_name;
    fastcgi_param                           WP_ENV                  $environment;  
    fastcgi_param                           WP_ROOT                 $root;     

    include fastcgi_params;
}

So the timeout - unless I should be using other settings - is 300 seconds as it is now.

Also, in the site's errors log there are errors for multiple PHP pages. It's a Wordpress blog, so I can see errors for the admin index as well as the PHP pages involved in writing posts etc.

Update:

After checking the versions of the stuff I have installed on my Linode as per hoopycat's request, I got wondering about the APC beta version, so I have installed with PECL the 3.1.6 stable. Will see if this makes any difference.

@Vito Botta:

On my Linode I am using ubuntu 10.04 32bit, with nginx 0.8.53 and php5-fpm 5.3.3.

I installed the package php5-fpm

Ubuntu 10.04 doesn't come with PHP 5.3.3, nginx 0.8.53 or the php5-fpm package. You must have installed the newer versions from a different repository. Include the name of that repository in your searches, to see if other users of the same unofficial packages are having the same problem.

Also, if you don't absolutely need the newer version of PHP, consider downgrading to the official packages. Those LTS packages are labeled "stable" for a good reason.

Sorry for the confusion, hybinet. I installed Nginx from source, while for php & php5-fpm I installed packages.

Since it was months ago, I can't be sure 100%, but I don't think I used any third party repositories for those packages. Here's my sources.list, I enabled everything but I don't see other stuff in there:

## main & restricted repositories
deb http://gb.archive.ubuntu.com/ubuntu/ lucid main restricted
deb-src http://gb.archive.ubuntu.com/ubuntu/ lucid main restricted

deb http://security.ubuntu.com/ubuntu lucid-updates main restricted
deb-src http://security.ubuntu.com/ubuntu lucid-updates main restricted

deb http://security.ubuntu.com/ubuntu lucid-security main restricted
deb-src http://security.ubuntu.com/ubuntu lucid-security main restricted

## universe repositories - uncomment to enable
deb http://gb.archive.ubuntu.com/ubuntu/ lucid universe
deb-src http://gb.archive.ubuntu.com/ubuntu/ lucid universe

deb http://gb.archive.ubuntu.com/ubuntu/ lucid-updates universe
deb-src http://gb.archive.ubuntu.com/ubuntu/ lucid-updates universe

deb http://security.ubuntu.com/ubuntu lucid-security universe
deb-src http://security.ubuntu.com/ubuntu lucid-security universe

Which versions of PHP and FTPM would you recommend for use with Nginx?

Cheers

Uhm… just seen another post with about a bug in some recent releases of PHP. I have just run the test as suggested and …

Testing float behaviour. If this script hangs or terminates with an error message due to maximum execution time limit being reached, you should update your PHP installation asap!
For more information refer to <http: 53632="" bugs.php.net="">.
PHP Fatal error:  Maximum execution time of 1 second exceeded in /etc/nginx/sites-enabled/test.php on line 35

Fatal error: Maximum execution time of 1 second exceeded in /etc/nginx/sites-enabled/test.php on line 35</http:>

So it looks like my version of PHP may be buggy… I'll update it and see if this fixes the original issue too.

@Vito Botta:

Sorry for the confusion, hybinet. I installed Nginx from source, while for php & php5-fpm I installed packages.
That's very strange. Ubuntu 10.04 LTS "Lucid Lynx" does not contain the php5-fpm package. Moreover, it ships with PHP 5.3.2.

@Vito Botta:

a bug in some recent releases of PHP
If you installed official packages and kept your server up to date, this bug should have been fixed a couple of weeks ago. You must have installed PHP from a different source. If you can't remember where you got the source, I'd suggest that you remove PHP and install the official packages.

Since Ubuntu 10.04 doesn't contain php5-fpm, you'll need to do one of the following. (1) Make do with spawn-fcgi, which can be easily installed with apt-get. (2) Go to launchpad and find a php5-fpm package for Ubuntu 10.04. Make sure it was updated sometime in the last month or so. (3) Compile your own PHP again, with the FPM patch.

By the way, if you use the official packages, APC can be installed with "apt-get install php-apc". Maybe not the latest version, but it's very stable. No need to mess with PECL there.

This kind of highlights the danger/trouble with installing stuff from source or random different places/repos.

My first rule of thumb is NEVER install anything from source unless you have a REALLY good reason to do so. Getting a newer version of software is almost never a good reason, since there are repo-based solutions to that problem.

OK, after checking better, I did install both PHP and FPM from source. I couldn't remember for sure as that was months ago.

I agree with you that perhaps it's easier to just use the distro's packages, but I have been used to install the latest versions for everything and I haven't had problems often.

Anyway, an update: since I removed APC 3.1.5 beta and installed the 3.1.6 stable, I haven't received any of those notifications and also pages seems to be a little faster, so perhaps something was wrong with that beta. Well, yeah, it was a beta, so..

I don't know if this has definitely fixed the issue, but it's been a day or more since I last received one notification for segfault errors.

So I will be back screaming if it happens again :D, but in the meantime thanks all for your replies and in particular to hoopycat for asking me about versions etc. so that I would wonder about that beta of APC. :)

I've been getting segfaults using php-apc version 3.1.3 that's installed with Ubuntu 10.10. As soon as I disable APC they go away. This is with a simple Wordpress site. php-apc 3.1.3 is a beta package from 2009 so no wonder it has problems.

I couldn't be bothered with PECL so I just install php-xcache and that seems to be working fine.

If anyone is having PHP FPM or CGI segfault, try disabling/upgrading apc.

Hi galatians,

as said in my last post after I updated the APC beta with the latest (at that time) stable, all errors etc have disappeared for me and the PHP sites on that box have been a lot faster as well I think.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct