Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:67743 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 15606 invoked from network); 20 Jun 2013 10:12:59 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Jun 2013 10:12:59 -0000 Authentication-Results: pb1.pair.com header.from=laruence@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=laruence@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.181 as permitted sender) X-PHP-List-Original-Sender: laruence@gmail.com X-Host-Fingerprint: 209.85.217.181 mail-lb0-f181.google.com Received: from [209.85.217.181] ([209.85.217.181:65263] helo=mail-lb0-f181.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id BD/E2-25301-9A5D2C15 for ; Thu, 20 Jun 2013 06:12:58 -0400 Received: by mail-lb0-f181.google.com with SMTP id w10so5557381lbi.26 for ; Thu, 20 Jun 2013 03:12:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=5gYKHDSDLI83VN0Pc7awOMCJQ24MslJXMS2sOlL6B7E=; b=sni9hmls/Ub66hFAtlokyrGQ6OsshgNH83RY4s0qr0DeP/okJcAaYATt5FlJc/87Go qGkk1XE61xmNMp44v0M3BXWuI6bs91wUIoTj9syqlH72AjSkpAOv6foI07I7GsWzvye+ wmqRkUSRm1ckzTjXl2561swmlRMuQzu0FRftVbquUywZJng2YhDulinEnqFl0tYKr53R B6pJ2gqHy67L3TmJ7Uw+pnUP5oOVKgKjCOZ7KNDfcAdRpP37F1N3fn8pWPU7zY7YdsMy jdeZnExnPNy5fbZzn+NqjaeeXhZpqiDlsNeFlEzu5i6NY6M87+IvTWni3+uL1+lEAWaK 4vWQ== X-Received: by 10.152.22.42 with SMTP id a10mr3371600laf.30.1371723173132; Thu, 20 Jun 2013 03:12:53 -0700 (PDT) MIME-Version: 1.0 Sender: laruence@gmail.com Received: by 10.114.29.36 with HTTP; Thu, 20 Jun 2013 03:12:33 -0700 (PDT) In-Reply-To: References: Date: Thu, 20 Jun 2013 18:12:33 +0800 X-Google-Sender-Auth: aEPy6rAfqrAYUWoRQtrtU0Z9vQM Message-ID: To: Anthony Ferrara Cc: "internals@lists.php.net" Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] Disabling the GC during shutdown From: laruence@php.net (Laruence) On Thu, Jun 20, 2013 at 1:46 AM, Anthony Ferrara wrote: > All, > > We were discussing a range of bugs today with the garbage collector. For > example: https://bugs.php.net/bug.php?id=64827 > > After quite a bit of digging, it appears what's happening is that the > garbage collector is running during the shutdown of PHP. So the destructors > are fired, and the variables are being destroyed when the GC run happens. > This means that the GC, while walking the variable tree runs into a > partially destructed object (where an entry of the hash table has already > been freed). This causes a segfault, and fun ensues. Hey: Sorry, but I don't this this explain is right. if there is more than one refcount to a zval, then it should never be freed and if a zval is freed, then it must also be removed from the gc roots. according to your explain, the gc segfault while walking through a hashtable of a object. but that doesn't make any sense, since if it segfault in walking, then it should also segfault when trying to free the hash table later while dtor the object. disable GC in shutdown is okey for me. but that is just try to cover the bug somewhere in the refcount handler.. not the right fix. thanks > > Under normal conditions (not during shutdown), this does not appear to be > an issue, because the zval is destructed prior to the object destruction. > This means that there should never be a case where the GC hits a partially > freed object during normal execution. > > From what I can see, there are two possible fixes. The first would be to > change how object destruction works in the first place, to tie the variable > into the destruction process (basically refactor the object delref API to > also accept the current zval). That way the part of the code that makes the > decision to nuke the object can nuke the zval first (and hence prevent this > condition). However, this is a major API change and would effect a lot of > extensions that are using or tieing into this hook. > > The other option would be to simply disable the GC on shutdown. Considering > all of the variables are going to be thrown away anyway, having the GC run > during shutdown seems a bit wasteful anyway. So if we can kill two birds > with one stone, why not? > > I've prepared a basic patch: > https://github.com/ircmaxell/php-src/compare/gc_deactivate_on_shutdown > > I did confirm with odoucet (one of the original reporters) that this does > clear up his issue: https://gist.github.com/odoucet/5796378 (along with > trying a bunch of other things). > > There are a few out standing questions though: > > 1. Technically, all we need to do is force GC_G(gc_enabled) = 0 in > shutdown. But we could also use zend_alter_ini_entry which has the same > effect. The question comes is there any reason to go through the overhead > of altering the ini entry instead of the global directly? We do access the > global directly in other areas (but it's typically only set via ini)... > > 2. I put it in php_request_shutdown() after deactivate_ticks, but before it > calls shutdown functions. I could see it being moved after the shutdown > function call, but I'm not sure if it's worth it (either way). thoughts? > > 3. Can anyone think of a reason we'd want the GC enabled during the request > shutdown? I can't think of any... > > Additionally, considering that this does solve a segfault, is it worth > nominating this for 5.3? Or is it too risky (or something else I'm > missing)... > > Thanks, > > Anthony -- Laruence Xinchen Hui http://www.laruence.com/