PHP :: Bug #60699 :: mysqli_init() crashes under high concurrency

Bug #60699

mysqli_init() crashes under high concurrency

Submitted:

2012-01-10 11:45 UTC

Modified:

2012-11-08 10:07 UTC

Votes:	4
Avg. Score:	4.5 ± 0.9
Reproduced:	2 of 3 (66.7%)
Same Version:	2 (100.0%)
Same OS:	2 (100.0%)

From:

ninzya at inbox dot lv

Assigned:

Status:

Not a bug

Package:

MySQLi related

PHP Version:

5.4.0RC5

OS:

Windows 7

Private report:

CVE-ID:

None

View Developer Edit

[2012-01-10 11:45 UTC] ninzya at inbox dot lv

Description:
------------
Calling purely mysqli_init() crashes PHP under high concurrency.

Using VC9 x86 Thread Safe (2012-Jan-06 02:06:02) build of PHP 5.4.0RC5.
Using Apache HTTPd 2.2.21.0.
Using ab (apache benchmark) tool to simulate high loads: "ab -c 30 -n 2000 
http://localhost:8080/index.php".

PHP installed as module.

Test script:
---------------
mysqli_init();

Expected result:
----------------
No crash

Actual result:
--------------
Crash

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-01-12 08:04 UTC] ninzya at inbox dot lv

Changed from "MySQLi" to "Reproducible crash" so that more attention is paid to 
this issue.

[2012-01-12 08:04 UTC] ninzya at inbox dot lv

-Package: MySQLi related +Package: Reproducible crash

[2012-01-12 09:42 UTC] pajoye@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

Please keep the category so that the mysql team knows about it.

[2012-01-12 09:42 UTC] pajoye@php.net

-Status: Open +Status: Feedback -Package: Reproducible crash +Package: MySQLi related

[2012-01-13 12:04 UTC] ninzya at inbox dot lv

Followed instructions on getting backtrace for Windows using Debug diagnostic 
tool and got no meaningful info out of it.

Here's the error:

In 
httpd__PID__4312__Date__01_13_2012__Time_01_52_49PM__761__Second_Chance_Exceptio
n_C0000005.dmp the assembly instruction at php5ts!_efree+85 in C:\Program Files 
(x86)\PHP\5.4.0RC5\php5ts.dll from The PHP Group has caused an access violation 
exception (0xC0000005) when trying to read from memory location 0x3a61f988 on 
thread 15


And here's information on thread 15:

Thread 15 - System ID 5604
Entry point   msvcrt!_endthreadex+6f 
Create time   1/13/2012 1:49:32 PM 
Time spent in user mode   0 Days 00:00:00.015 
Time spent in kernel mode   0 Days 00:00:00.015 

Function   Source 
ntdll!NtRaiseException+12    
ntdll!KiUserExceptionDispatcher+29    


Now the exception info:

PHP5TS!_EFREE+85In 
httpd__PID__4312__Date__01_13_2012__Time_01_52_49PM__761__Second_Chance_Exceptio
n_C0000005.dmp the assembly instruction at php5ts!_efree+85 in C:\Program Files 
(x86)\PHP\5.4.0RC5\php5ts.dll from The PHP Group has caused an access violation 
exception (0xC0000005) when trying to read from memory location 0x3a61f988 on 
thread 15


Module information:


Image Name: C:\Program Files (x86)\PHP\5.4.0RC5\php5ts.dll   Symbol Type:  PDB 
Base address: 0x00905a4d   Time Stamp:  Fri Jan 06 03:02:19 2012  
Checksum: 0x00000000   Comments:   
COM DLL: False   Company Name:  The PHP Group 
ISAPIExtension: False   File Description:  PHP Script Interpreter 
ISAPIFilter: False   File Version:  5.4.0RC5 
Managed DLL: False   Internal Name:  PHP Script Interpreter 
VB DLL: False   Legal Copyright:  Copyright © 1997-2010 The PHP Group 
Loaded Image Name:  php5ts.dll   Legal Trademarks:  PHP 
Mapped Image Name:     Original filename:  php5ts.dll 
Module name:  php5ts   Private Build:   
Single Threaded:  False   Product Name:  PHP 
Module Size:  5.91 MBytes   Product Version:  5.4.0RC5 
Symbol File Name:  c:\program files (x86)\php\5.4.0rc5\debug\php5ts.pdb   
Special Build:  & 


Notice "Symbol File Name"... PDB files were loaded correctly and I have no clue 
why there's no info on stack trace for thread 15.

For comparison, here's stack trace for some other thread, that did not raise any 
exceptions:

Thread 6 - System ID 2748
Entry point   msvcrt!_endthreadex+6f 
Create time   1/13/2012 1:49:32 PM 
Time spent in user mode   0 Days 00:00:00.015 
Time spent in kernel mode   0 Days 00:00:00.015 

Function   Source 
php5ts!_zend_mm_alloc_int+d   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\zend\zend_alloc.c @ 1877 + d 
php5ts!_emalloc+32   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\zend\zend_alloc.c @ 2425 + 5 
php5ts!zendparse+70a   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\zend\zend_language_parser.y @ 987 + 25 
php5ts!compile_file+15a   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\zend\zend_language_scanner.l @ 579 + c 
php5ts!phar_compile_file+87   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\ext\phar\phar.c @ 3391 + 1d 
php5ts!zend_execute_scripts+80   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\zend\zend.c @ 1264 + b 
php5ts!php_execute_script+1a7   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\main\main.c @ 2476 + 12 
php5apache2_2!php_handler+417   c:\php-sdk\php54dev-ts\vc9\x86\php-
5.4.0rc5\sapi\apache2handler\sapi_apache2.c @ 667 + 23 
libhttpd!ap_run_handler+21   .\server\config.c @ 158 + 21 
libhttpd!ap_invoke_handler+b0   .\server\config.c @ 376 + 6 
libhttpd!ap_internal_redirect+37   .\modules\http\http_request.c @ 557 
mod_rewrite!handler_redirect+7b   mod_rewrite.c @ 4839 + 31 
libhttpd!ap_run_handler+21   .\server\config.c @ 158 + 21 
libhttpd!ap_invoke_handler+b0   .\server\config.c @ 376 + 6 
libhttpd!ap_process_request+3e   .\modules\http\http_request.c @ 286 
libhttpd!ap_process_http_connection+4c   .\modules\http\http_core.c @ 190 + 6 
libhttpd!ap_run_process_connection+21   .\server\connection.c @ 43 + 21 
libhttpd!ap_process_connection+33   .\server\connection.c @ 190 + 6 
libhttpd!worker_main+9c   .\server\mpm\winnt\child.c @ 784 
msvcrt!_endthreadex+44    
msvcrt!_endthreadex+ce    
kernel32!BaseThreadInitThunk+e    
ntdll!__RtlUserThreadStart+70    
ntdll!_RtlUserThreadStart+1b 


Any clues? Maybe you can take any apache, take php 5.4.0RC5 ts, configure it as 
module, enable mysqli, create php file with "<?php mysqli_init(); ?>", run a 
stress test, get the crash and find out what it causes?

[2012-01-14 09:30 UTC] ninzya at inbox dot lv

Changed status to Open

[2012-01-14 09:30 UTC] ninzya at inbox dot lv

-Status: Feedback +Status: Open

[2012-01-19 07:40 UTC] ninzya at inbox dot lv

Duplicate of https://bugs.php.net/bug.php?id=55334

[2012-11-08 10:07 UTC] johannes@php.net

-Status: Open +Status: Not a bug

[2012-11-08 10:07 UTC] johannes@php.net

Solved as bug #55334.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 12:01:31 2024 UTC