php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74880 libc deadlock in fuxes when malloc
Submitted: 2017-07-08 02:10 UTC Modified: 2018-01-13 11:36 UTC
From: 1070027374 at qq dot com Assigned: nikic (profile)
Status: Closed Package: yaf (PECL)
PHP Version: 7.0.19 OS: CentOS release 6.2 (Final)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: 1070027374 at qq dot com
New email:
PHP Version: OS:

 

 [2017-07-08 02:10 UTC] 1070027374 at qq dot com
Description:
------------
PHP 7.0.19 (cli) (built: Jun 23 2017 14:17:30) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.19, Copyright (c) 1999-2017, by Zend Technologies


[root@10 phplogs]# pstack 4394
#0  0x0000003ec76f4e6e in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x0000003ec767b914 in _L_lock_5003 () from /lib64/libc.so.6
#2  0x0000003ec7677762 in _int_free () from /lib64/libc.so.6
#3  0x00007fb5889bbcca in php_error_cb () from /data1/apache2/modules/libphp7.so
#4  0x00007fb5889bc8fd in zend_error_noreturn () from /data1/apache2/modules/libphp7.so
#5  0x00007fb588d5e070 in zend_timeout () from /data1/apache2/modules/libphp7.so
#6  <signal handler called>
#7  0x0000003ec7678420 in _int_malloc () from /lib64/libc.so.6
#8  0x0000003ec767948d in malloc () from /lib64/libc.so.6
#9  0x00007fb5814c70bd in operator new(unsigned long) () from /usr/lib64/libstdc++.so.6
#10 0x00007fb580fd336d in std::vector<RuleInNode, std::allocator<RuleInNode> >::_M_insert_aux(__gnu_cxx::__normal_iterator<RuleInNode*, std::vector<RuleInNode, std::allocator<RuleInNode> > >, RuleInNode const&) () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/KWordFilter.so
#11 0x00007fb580fd2bc2 in ParseRule::load_rule_and_state(ACautomaton*, Dict*) () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/KWordFilter.so
#12 0x00007fb580fd18ad in Connector::init(char const*, char const*) () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/KWordFilter.so
#13 0x00007fb580fd02f5 in MinitAll () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/KWordFilter.so
#14 0x00007fb580fd067f in zif_KWordFilter () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/KWordFilter.so
#15 0x00007fb588dd3938 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER () from /data1/apache2/modules/libphp7.so
#16 0x00007fb588dacc40 in execute_ex () from /data1/apache2/modules/libphp7.so
#17 0x00007fb588d5ec95 in zend_call_function () from /data1/apache2/modules/libphp7.so
#18 0x00007fb588d8bdc7 in zend_call_method () from /data1/apache2/modules/libphp7.so
#19 0x00007fb5807560fc in yaf_dispatcher_handle () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/yaf.so
#20 0x00007fb5807577a8 in yaf_dispatcher_dispatch () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/yaf.so
#21 0x00007fb5807521b3 in zim_yaf_application_run () from /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/yaf.so
#22 0x00007fb588dd44b8 in ZEND_DO_FCALL_SPEC_HANDLER () from /data1/apache2/modules/libphp7.so
#23 0x00007fb588dacc40 in execute_ex () from /data1/apache2/modules/libphp7.so
#24 0x00007fb588e0074b in zend_execute () from /data1/apache2/modules/libphp7.so
#25 0x00007fb588d6cf23 in zend_execute_scripts () from /data1/apache2/modules/libphp7.so
#26 0x00007fb588d0f370 in php_execute_script () from /data1/apache2/modules/libphp7.so
#27 0x00007fb588e046b5 in php_handler () from /data1/apache2/modules/libphp7.so
#28 0x0000000000452c50 in ap_run_handler ()
#29 0x0000000000456f6e in ap_invoke_handler ()
#30 0x000000000046a81a in ap_process_async_request ()
#31 0x000000000046a97f in ap_process_request ()
#32 0x0000000000466a15 in ap_process_http_connection ()
#33 0x000000000045de00 in ap_run_process_connection ()
#34 0x000000000047141a in child_main ()
#35 0x0000000000471640 in make_child ()
#36 0x0000000000472008 in prefork_run ()
#37 0x0000000000434f4e in ap_run_mpm ()
#38 0x000000000042e534 in main ()


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-07-08 02:31 UTC] 1070027374 at qq dot com
CentOS release 6.2 (Final)
 [2017-07-08 17:10 UTC] kalle@php.net
-Package: Scripting Engine problem +Package: yaf
 [2017-07-10 10:17 UTC] laruence@php.net
this should be relates to the extension which provide : zif_KWordFilter function

not yaf,

thanks
 [2017-07-11 09:30 UTC] 1070027374 at qq dot com
-Operating System: Linux 10.75.30.141 2.6.32-220.13 +Operating System: CentOS release 6.2 (Final) -PHP Version: 7.0.21 +PHP Version: 7.0.19
 [2017-07-11 09:30 UTC] 1070027374 at qq dot com
Thinks,yes, The case really has nothing to do with YAC. May be you should note the following function call. Malloc function call timeout,and then calls the zend_timeout function, deadlock finally. I'm confused and I have no idea about this case. I happen to see something thing else like that, link : https://bugs.php.net/bug.php?id=74760&edit=2. and why ? 

Looking forward to your answer, thanks a lot.

#0  0x0000003ec76f4e6e in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x0000003ec767b914 in _L_lock_5003 () from /lib64/libc.so.6
#2  0x0000003ec7677762 in _int_free () from /lib64/libc.so.6
#3  0x00007fb5889bbcca in php_error_cb () from /data1/apache2/modules/libphp7.so
#4  0x00007fb5889bc8fd in zend_error_noreturn () from /data1/apache2/modules/libphp7.so
#5  0x00007fb588d5e070 in zend_timeout () from /data1/apache2/modules/libphp7.so
#6  <signal handler called>
#7  0x0000003ec7678420 in _int_malloc () from /lib64/libc.so.6
#8  0x0000003ec767948d in malloc () from /lib64/libc.so.6
#9  0x00007fb5814c70bd in operator new(unsigned long) () from /usr/lib64/libstdc++.so.6
 [2018-01-13 11:36 UTC] nikic@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: nikic
 [2018-01-13 11:36 UTC] nikic@php.net
This has been fixed in PHP 7.1. PHP will no longer interrupt internal function calls on timeout.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 08:01:28 2024 UTC