php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #68571 core dump when webserver close the socket
Submitted: 2014-12-09 06:40 UTC Modified: -
From: redfoxli069 at gmail dot com Assigned:
Status: Closed Package: FPM related
PHP Version: 5.5.19 OS: linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: redfoxli069 at gmail dot com
New email:
PHP Version: OS:

 

 [2014-12-09 06:40 UTC] redfoxli069 at gmail dot com 
Description:
------------
There is several conditions when core dump
1 don't use error_log in php.ini.
2 a lot of stderr log generate
3 webserver close the socket after send the request(request timeout will lead the action)



Test script:
---------------
<?php
  for($i = 0; $i < 70000; ++$i)
  {  
     strpos("", "");
  } 

Actual result:
--------------
core dumped 
backtrace is here:

#0  fcgi_write (req=0x7fff41f48230, type=FCGI_STDERR,                                                                                                                                                         
    str=0xe41fa0 "PHP message: PHP Warning:  strpos(): Empty needle in /xxxx/test/index.php on line 13\n", len=116)
    at /xxxx/code/php/php-5.5.19/sapi/fpm/fpm/fastcgi.c:910
910             req->out_hdr->type = type;
(gdb) bt
#0  fcgi_write (req=0x7fff41f48230, type=FCGI_STDERR,
    str=0xe41fa0 "PHP message: PHP Warning:  strpos(): Empty needle in /xxxx/test/index.php on line 13\n", len=116)
    at /xxxx/code/php/php-5.5.19/sapi/fpm/fpm/fastcgi.c:910
#1  0x000000000076a6b3 in sapi_cgi_log_fastcgi (level=Variable "level" is not available.
) at /xxxx/code/php/php-5.5.19/sapi/fpm/fpm/fpm_main.c:675
#2  0x00000000007728f4 in zlog_ex (function=0xab3c50 "sapi_cgi_log_message", line=685, flags=2, fmt=0xab3163 "PHP message: %s")
    at /xxxx/code/php/php-5.5.19/sapi/fpm/fpm/zlog.c:119
#3  0x0000000000657d3d in php_log_err (
    log_message=0x7fa6314bee00 "PHP Warning:  strpos(): Empty needle in /xxxx/test/index.php on line 13")
    at /xxxx/code/php/php-5.5.19/main/main.c:661
#4  0x0000000000658b49 in php_error_cb (type=2, error_filename=0x7fa6314beca0 "/xxxx/test/index.php", error_lineno=13,
    format=Variable "format" is not available.
) at /xxxx/code/php/php-5.5.19/main/main.c:1074
#5  0x00000000006bc2bc in zend_error (type=2, format=0xa9854e "%s") at /xxxx/code/php/php-5.5.19/Zend/zend.c:1131
#6  0x00000000006580d8 in php_verror (docref=0x7fa63148c290 "strpos(): Empty needle", params=0xa7250a "", type=2, format=Variable "format" is not available.
)
    at /xxxx/code/php/php-5.5.19/main/main.c:870
#7  0x00000000006584af in php_error_docref0 (docref=Variable "docref" is not available.
) at /xxxx/code/php/php-5.5.19/main/main.c:882
#8  0x000000000061e43d in zif_strpos (ht=Variable "ht" is not available.
) at /xxxx/code/php/php-5.5.19/ext/standard/string.c:1834
#9  0x00000000006e7a68 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fa63148c688)
    at /xxxx/code/php/php-5.5.19/Zend/zend_vm_execute.h:550
#10 0x00000000006e66b8 in execute_ex (execute_data=0x7fa63148c688) at /xxxx/code/php/php-5.5.19/Zend/zend_vm_execute.h:363
#11 0x00000000006bd0cf in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /xxxx/code/php/php-5.5.19/Zend/zend.c:1330
#12 0x000000000065aed8 in php_execute_script (primary_file=0x7fff41f4a280) at /xxxx/code/php/php-5.5.19/main/main.c:2506
#13 0x000000000076b95b in main (argc=0, argv=Variable "argv" is not available.
) at /xxxx/code/php/php-5.5.19/sapi/fpm/fpm/fpm_main.c:1949
(gdb) f 0 
#0  fcgi_write (req=0x7fff41f48230, type=FCGI_STDERR,
    str=0xe41fa0 "PHP message: PHP Warning:  strpos(): Empty needle in /xxxx/test/index.php on line 13\n", len=116)
    at /xxxx/code/php/php-5.5.19/sapi/fpm/fpm/fastcgi.c:910
910             req->out_hdr->type = type;
(gdb) ptype req 
type = struct _fcgi_request {
    int listen_socket;
    int fd; 
    int id; 
    int keep;
    int closed;
    int in_len;
    int in_pad;
    fcgi_header *out_hdr;
    unsigned char *out_pos;
    unsigned char out_buf[8192];
    unsigned char reserved[16];
    HashTable *env;
} *
(gdb) p *req         
$1 = {listen_socket = 0, fd = 3, id = 1, keep = 0, closed = 0, in_len = 0, in_pad = 0, out_hdr = 0x7fff41f4b000,
  out_pos = 0x7fff41f4b000 <Address 0x7fff41f4b000 out of bounds>,
  out_buf = "\001\a\000\001\037鳿000\000/lihongbin/test/index.php on line 13\nPHP message: PHP Warning:  strpos(): Empty needle in /xxxx/test/index.php on line 13\nPHP message: PHP Warning"..., reserved = "
\001\a\000\001\000\000\000\000\001\a\000\001\000\000\000",
  env = 0x1000701}
(gdb) p (req->out_pos - req->out_buf)
$2 = 11680

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-12-12 05:37 UTC] redfoxli069 at gmail dot com 
PR is here:
https://github.com/php/php-src/pull/948
 [2015-01-27 14:15 UTC] laruence@php.net 
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=8c2d91761aaa3b7b25c70df4d2320f85e9322e79
Log: Also Fixed #68571 in CGI SAPI, and some cleanup
 [2015-01-27 14:15 UTC] laruence@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Oct 27 16:01:27 2024 UTC