php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #78919 CLI server does insufficient cleanup if php_request_startup() fails
Submitted: 2019-12-06 14:42 UTC Modified: 2019-12-07 13:10 UTC
From: cataphract@php.net Assigned:
Status: Open Package: Built-in web server
PHP Version: 7.2.25 OS: Irrelevant
Private report: No CVE-ID: None
View Add Comment Developer Edit
Have you experienced this issue?
Rate the importance of this bug to you:

 [2019-12-06 14:42 UTC] cataphract@php.net 
Description:
------------
If php_request_startup() fails, for instance because an extension throws an error during its RINIT, then the CLI server doesn't run php_request_shutdown().

In particular, the memory manager will not be shutdown, which means that repeatedly issuing errors during RINIT will result in eventually PHP running out of memory.

Test script:
---------------
See https://gist.github.com/cataphract/b3d6fca0dc31132a5d190d2de7d07db3

build the image and start a container. Then hit http://localhost:8080/ After 3 or requests, the CLI server will exit due to lack of memory.

Expected result:
----------------
The server runs continuously.

Actual result:
--------------
The server exits after a couple of requests.

Patches

cli_no_exit.diff (last revision 2019-12-06 14:43 UTC by contratempo at gmail dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-12-06 14:43 UTC] contratempo at gmail dot com 
The following patch has been added/updated:

Patch Name: cli_no_exit.diff
Revision:   1575643429
URL:        https://bugs.php.net/patch-display.php?bug=78919&patch=cli_no_exit.diff&revision=1575643429
 [2019-12-07 13:10 UTC] cmb@php.net 
Thanks!  I wonder, though, whether it is generally safe to call
`php_request_shutdown()` after `php_request_startup()` has failed.
 [2019-12-07 14:10 UTC] cataphract@php.net 
The Apache SAPI does call shutdown after a failed startup:

https://github.com/php/php-src/blob/5d6e923d46a89fe9cd8fb6c3a6da675aa67197b4/sapi/apache2handler/sapi_apache2.c#L710

and we haven't had any crashes reported from the errors raised during RINIT in our extension (sqreen).

FPM simply exists if there's an error during RINIT but it can be worked around easily for our purposes.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved. 		Last updated: Sun Mar 29 12:01:24 2020 UTC