php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #75415 shm_put_var() parallel bug.
Submitted: 2017-10-22 10:04 UTC Modified: -
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: abc905 at mail dot ru Assigned:
Status: Open Package: Semaphore related
PHP Version: 7.1.10 OS: Linux Debian 4.9.0-4-amd64
Private report: No CVE-ID: None
View Add Comment Developer Edit
Have you experienced this issue?
Rate the importance of this bug to you:

 [2017-10-22 10:04 UTC] abc905 at mail dot ru 
Description:
------------
Run test script 1-10 times to see that in spite of the fact 
shm_put_var returns true, shm_has_var() returns false.

Calling sem_get() fixes the bug

Test script:
---------------
$processes = 300;
$shmem     = shm_attach(ftok(__FILE__, 'f'), 100000);
// If uncomment next line shm_put_var works correctly
// $sem   = sem_get(ftok(__FILE__, 'a'));
for ($i = 1; $i <= $processes; $i++) {
    if (pcntl_fork() === 0) {
        usleep(100000);
        $pid    = getmypid();
        $put_ok = shm_put_var($shmem, $pid, $i);
        if ($put_ok && !shm_has_var($shmem, $pid)) {
            print "shm_put_var() bug\n";
        }
        exit(0);
    }
}
while (pcntl_wait($status) !== -1){}

shm_remove($shmem);
shm_detach($shmem);

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-11-04 08:20 UTC] abecker at mailbox dot org 
The problem is that the shm extension does not use semaphores to protect the shared memory from parellel access. Parallel operations from different processes can thus result in memory corruption, race conditions, and the error "Warning: shm_put_var(): Not enough shared memory left". The problem is still present in PHP 8.0.12.

As a workaround, in PHP one must create a semaphore and always encapsulate shm_put_var within sem_acquire and sem_release calls.

Here is an example in C how to use semaphore locks to access shared memory: https://www.ibm.com/docs/en/i/7.2?topic=programs-example-using-semaphore-set-shared-memory-functions
 [2021-11-04 08:37 UTC] abecker at mailbox dot org 
The shmop extension apparently has the same problem. And I want to add that of course the read functions also need to be locked by a semaphore, not only the write functions.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved. 		Last updated: Tue Jun 28 14:05:45 2022 UTC