php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #34176 apache2handler crashes parent process if child process dies
Submitted: 2005-08-17 19:31 UTC Modified: 2005-08-29 01:00 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: robert at rw-it dot net Assigned:
Status: No Feedback Package: Apache2 related
PHP Version: 4.4.0 OS: Win32
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: robert at rw-it dot net
New email:
PHP Version: OS:

 

 [2005-08-17 19:31 UTC] robert at rw-it dot net 
Description:
------------
Using mpm_winnt, if the child process dies, some of the php_apache_sapi_* functions seem to be called with SG(server_context) == NULL.
This (sometimes??) results in crashing the parent process.
I added a check for SG(server_context) == NULL to each function and the problem went away, but perhaps you could think of a better solution.

Reproduce code:
---------------
Write a script that crashes the child process. E.g. disable memory_limit and do

for ($b = 'x'; ; $b .= $b);

I also once inserted an exit(1) into apache's child.c with the same results, but doing it via PHP seems more realistic.
Try to load the page a few times.

Expected result:
----------------
Apache restarts the child process.


Actual result:
--------------
Sometimes it does, sometimes it crashes... ratio is about 2/3.
When it crashes, the cause is an access to memory at address 0x0 or 0x4, in php4apache2.dll. Looking at the local variables, it appears that SG(server_context) is NULL.
I was not able to reproduce a crash after I added checks for SG(server_context) == NULL to sapi_apache2.c.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-08-18 02:41 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip
 [2005-08-20 15:16 UTC] robert at rw-it dot net 
Seems to be fixed in php5-win32-latest (that is, built August 9th 2005). Will this be fixed in php4, too?
 [2005-08-21 17:51 UTC] iliaa@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2005-08-29 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri May 09 07:01:28 2025 UTC