38918 – mod_php segfaults in zend engine

Bug 38918 - mod_php segfaults in zend engine

Summary: mod_php segfaults in zend engine

Status:	RESOLVED TEST-REQUEST

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	x86 All

Importance:	Low major
Assignee:	PHP Bugs

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-01-21 07:10 UTC by Angelos Karageorgiou
Modified:	2004-03-28 16:14 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Angelos Karageorgiou 2004-01-21 07:10:45 UTC

mod_php4.3.4-r2 segfaults inside apache2.0.48 
a backtrace points at zend_hash_index_update_or_next_insert

> #30 0x08070a29 in main (argc=3, argv=0xbfffed74) at main.c:660
> (gdb)
> #0  0x4078b7fc in zend_hash_index_update_or_next_insert ()
>    from /etc/apache2/extramodules/libphp4.so
> #1  0x406c174d in zif_register_shutdown_function () from /etc/apache2/extramodules/libphp4.so
> #2  0x40796ae2 in execute () from /etc/apache2/extramodules/libphp4.so
> #3  0x40796cef in execute () from /etc/apache2/extramodules/libphp4.so
> #4  0x40796cef in execute () from /etc/apache2/extramodules/libphp4.so
> #5  0x40796cef in execute () from /etc/apache2/extramodules/libphp4.so
> #6  0x40796cef in execute () from /etc/apache2/extramodules/libphp4.so
> #7  0x4077d4de in call_user_function_ex () from /etc/apache2/extramodules/libphp4.so
> #8  0x4077ccc0 in call_user_function () from /etc/apache2/extramodules/libphp4.so
> #9  0x406a3b04 in ps_gc_files () from /etc/apache2/extramodules/libphp4.so
> #10 0x406a3f37 in ps_write_user () from /etc/apache2/extramodules/libphp4.so
> #11 0x406a0097 in php_session_create_id () from /etc/apache2/extramodules/libphp4.so
> #12 0x406a2b86 in zm_activate_session () from /etc/apache2/extramodules/libphp4.so
> #13 0x406a2bb1 in zm_deactivate_session () from /etc/apache2/extramodules/libphp4.so
> #14 0x40789ade in module_registry_cleanup () from /etc/apache2/extramodules/libphp4.so
> #15 0x4078c5a5 in zend_hash_apply () from /etc/apache2/extramodules/libphp4.so
> #16 0x407863e4 in zend_deactivate_modules () from /etc/apache2/extramodules/libphp4.so
> #17 0x407509eb in php_request_shutdown () from /etc/apache2/extramodules/libphp4.so
> #18 0x4079bc61 in execute () from /etc/apache2/extramodules/libphp4.so
> #19 0x4079c081 in execute () from /etc/apache2/extramodules/libphp4.so
> #20 0x0806a1f6 in ap_run_handler (r=0x81e6b38) at config.c:195
> #21 0x0806a9c3 in ap_invoke_handler (r=0x81e6b38) at config.c:401
> #22 0x08066b77 in ap_process_request (r=0x81e6b38) at http_request.c:288
> #23 0x08060a86 in ap_process_http_connection (c=0x81e0bf8) at http_core.c:293
> #24 0x080763dc in ap_run_process_connection (c=0x81e0bf8) at connection.c:85
> #25 0x08076784 in ap_process_connection (c=0x81e0bf8, csd=0x81e0b20) at connection.c:211
> #26 0x08068817 in child_main (child_num_arg=2) at prefork.c:694
> #27 0x080689e3 in make_child (s=0x80ac5f8, slot=2) at prefork.c:788
> #28 0x08068a5a in startup_children (number_to_start=3) at prefork.c:806
> #29 0x08068ec3 in ap_mpm_run (_pconf=0x80aa858, plog=0x80d4900, s=0x80ac5f8) at prefork.c:1022
> #30 0x08070a29 in main (argc=3, argv=0xbfffed74) at main.c:660



Portage 2.0.49-r21 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r9, 2.4.20-gentoo-r9)
=================================================================
System uname: 2.4.20-gentoo-r9 i686 Intel(R) XEON(TM) CPU 2.00GHz
Gentoo Base System version 1.4.3.10
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-g -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-g -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe"
DISTDIR="/distfiles"
FEATURES="autoaddcvs buildpkg ccache keepwork noclean sandbox"
GENTOO_MIRRORS="ftp://files.gentoo.gr"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="apache2 apm avi berkdb crypt cups encode fam foomaticdb gdbm gif gtk gtk2 imap imlib innodb java jpeg ldap libg++ libwww mad maildir mikmod motif mpeg mysql ncurses nls oggvorbis opengl oss pam pdflib perl php png python qt quicktime readline sdl slang spell ssl svga tcpd truetype x86 xml2 xmms xv zlib"

Comment 1 Robin Johnson archtester

2004-01-21 13:37:37 UTC

is this just at startup or what?
please provide more details for reproducing it.

Comment 2 Tal Peer (RETIRED) gentoo-dev

2004-01-22 01:11:13 UTC

ALso, could you please remerge with CFLAGS=""? If it still happens, please provide  the output of a verbose backtrace ('bt full').

Comment 3 Angelos Karageorgiou 2004-01-22 01:23:02 UTC

I have been able to trace it in a modified line of PHP code which reads

 $_SESSION['imp']['user']=$myuser;

it seems that the key $_SESSION['imp']['user'] does not exist, and instead
of zend bitching about it , it simply dies. 
mod_php has tested with CFLASGS -O3 and without it with the same behaviour.
Oddly the same ugly php code on a VMware based mod_php 433 does NOT crash and burn . 

I have temporarily fixed the problem, but mehtinks that the zend hashing functions are too dependent on compilation flags.

Comment 4 Tal Peer (RETIRED) gentoo-dev

2004-01-22 01:33:41 UTC

Wait, it works or doesn't work with CFLAGS=""?

Comment 5 Angelos Karageorgiou 2004-01-22 03:05:42 UTC

yes it still segfaults ! should I contact the Zend people ?

Comment 6 Tal Peer (RETIRED) gentoo-dev

2004-01-22 03:34:17 UTC

No, i'll take care of that.

Comment 7 Stuart Herbert (RETIRED) gentoo-dev

2004-03-28 16:14:37 UTC

Can you re-test now that php-4.3.5 is available?

This is an old bug now ... I'll close this at the end of the week if there's no update.

Thanks,
Stu