Magento memory leak

Question

I’m experiencing some problems on my magento 1.6.1.0 site, that looks like a memory leak. Server went a few times totally down, as I am on a shared server my hosting company isn’t exactly glad with me and threatens to ban my site from their server because they say it’s a threat to the total server.

When server was down in the server log we can read first: NY-SH-02 suhosin[31654]: ALERT - canary mismatch on efree() - heap overflow detected at 0x7f7567b90e58 (attacker 'REMOTE_ADDR not set', file '/var/www/sites/mysite.com/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php', line 119) About 78lines with the exact message on the same time

1 time in between system writes NY-SH-02 suhosin[30574]: ALERT - canary mismatch on efree() - heap overflow detected at 0x7f7567b90e58 (attacker 'REMOTE_ADDR not set', file '/var/www/sites/mysite.com/lib/Zend/Controller/Response/Abstract.php', line 586)

Half a minute after this the following messages come NY-SH-02 suhosin[32532]: ALERT - script tried to increase memory_limit to 536870912 bytes which is above the allowed value (attacker ‘ip-adress', file '/var/www/sites/mysite.com/index.php', line 2)

This line appears like 50times but with different php files but always speak of line 2

The ip adresses in the last alertline defined as attacker are sometimes different, 2 times was a google bot, 2 times was a different ip.

Does anyone experienced this problem before or knows where I have to start looking because this is a needle in a hay stack.

Answer 1

This isn't so much a memory leak as it is Magento has significant memory requirements. I'm not a security expert, but I know suhosin is a PHP extension that's aimed at tightening up PHP's security. It appears to be complaining that

1. PHP's memory limit is being exhausted, which it interprets as an attack.

2. That a PHP file is using ini_set to raise the memory limit to 536870912 bytes, which is 512MB exactly.

Your shared host doesn't have enough memory allocated to each shared host instances for Magento to run. If a user hits a page that has a significant number of non-cached items, it's feasible for Magento to momentarily use 200 MB, 300 MB, even 400 MB of memory. During checkout Magento deliberately rebuilds caches related to the order to make sure it's getting the most up-to-date item — the quick fix for this it to up the memory limit, which is probably what's happening #2

You need a host that advertises Magento support.