Version 5.0.5 of the Phusion Passenger application server for Ruby, Python, Node.js and Meteor has been released! After rapidly fixing critical issues in the two previous releases, we've now taken some time to introduce extra debug tooling and fix remaining important issues.
If you hadn't already, be sure to check out the many major improvements that the 5.x series of Passenger introduces!
Phusion Passenger also has an Enterprise version that comes with a wide array of additional features. By buying Phusion Passenger Enterprise you will directly sponsor the development of the open source version.
Pool file descriptor leaks fixed
Every time server traffic loads go from high to idle, Passenger closes applications in the pool to free up server resources. Keep-alive connections with application processes were not being closed properly however, so some associated file descriptors leaked (GH-1439).
This has been fixed, and we've established additional testing tools and procedures to verify that the file desciptor count remains stable now.
Apache lockup fixed
The connection between the Apache module and Passenger would sometimes stall and block further operation. This happened due to client keep-alive headers occassionally causing the module to create a persistent connection to Passenger that is never closed (GH-1425).
Memory corruption bugs fixed
A common optimization technique that we use in the Passenger 5 codebase is to delay initializing certain request-level objects until absolutely necessary. However, we used to deinitialize those request-level objects regardless of whether they were initialized. If they weren't, then the memory inside those objects may be garbage, causing Passenger to crash. One such crash is documented in GH-1431. We've fixed all the instances of this bug that we could find.
Logging performance optimizations
Sometimes the root cause of a bug can only be analyzed with a sufficiently high log level. Unfortunately, a high log level also lowers performance, which may prevent timing-sensitive bugs from occurring. In order to reduce this problem, we've made the logging code up to around 90% faster than previous versions (depending on storage drive speed).
Miscellaneous bug fixes
- Fixes a compilation problem on Solaris. This problem was caused by the fact that
tm_gmtoffis not supported on that platform. Closes GH-1435.
- Fixes a potential read-past-buffer bug in string-to-integer conversion routines. Thanks to dcb314 for spotting this. Closes GH-1441.
- [Enterprise] Fixes a bug in Flying Passenger's
--instance-registry-dircommand line parameter. This command line parameter didn't do anything.
- [Enterprise] The Flying Passenger daemon no longer supports the
--max-preloader-idle-timeconfig option. This is because the config option never worked. The correct way to set the max preloader idle time is through the Nginx config option, but this was wrongly documented, so the documentation has been fixed.
- There is now an API endpoint for force disconnecting a client:
passenger-config admin-command DELETE /server/<client name>.json. Closes GH-1246.
- In order to more easily analyze file descriptor leaks, we've introduced the
passenger_file_descriptor_log_file(Nginx) config options. This allows Passenger to log all file descriptor open/close activity to a specific log file.
passenger_debug_log_file(Nginx) configuration options have been renamed to
passenger_log_file, respectively. The old name is support supported for backward compatibility.
Installing or upgrading to 5.0.5
If you are on a previous 5.0.x version we recommend moving to 5.0.5 as soon as possible to avoid resource leaks.
If you are upgrading from 4.x, please read the 5.0 upgrade notes to learn about potential upgrade caveats.
Phusion Passenger's core is open source. Please fork or watch us on Github. :)