ID: 14497 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Analyzed Bug Type: Session related Operating System: FreeBSD 4.4-Stable PHP Version: 4.1.0, 4-2001121 New Comment:
Since ver 4.1.2 was released Feb 27 and the post of Feb 2 says the fix has been commited to the CVS and because of this line in the NEWS: 'Fixed a crash in the session module (Yasuo)', I'm assuming the fix was commited in ver 4.1.2. If not, then this is probably a moot post. Nonetheless, I'm still having this problem. I'm currently using the work around (return '') and httpd no longer seg faults but returning php booleans does cause the crash. My server info: linux 2.2.19, apache 1.3.24, php 4.1.2 and Ying Zhang's mysql session handlers. This is the backtrace I've gotten from it: Program received signal SIGSEGV, Segmentation fault. 0x81ace4a in _zend_is_inconsistent (ht=0x0, file=0x82905e4 "zend_hash.c", line=975) at zend_hash.c:84 84 if (ht->inconsistent==HT_OK) { -- Thanks. Previous Comments: ------------------------------------------------------------------------ [2002-02-02 22:18:22] [EMAIL PROTECTED] This bug has been fixed in CVS. ------------------------------------------------------------------------ [2002-01-06 22:23:57] [EMAIL PROTECTED] I've not committed the fix for this bug yet, but you can work around the segfault. Return string when there is no data to read or failed to write. (i.e. return '';) User session save handler expect string data, if you return other than string, it segfualts. ------------------------------------------------------------------------ [2001-12-21 03:36:49] [EMAIL PROTECTED] Assigned to myself. By the I updated this bug report, I know the fix, but I forgot what is was now :( I'll work on this after I finish things have to do.... ------------------------------------------------------------------------ [2001-12-19 23:00:15] [EMAIL PROTECTED] Is this fixed? Anyone mind if I fix this and commit? -- Yasuo Ohgaki ------------------------------------------------------------------------ [2001-12-14 16:00:04] [EMAIL PROTECTED] I had already tried out your user handlers (as you can see from the bug report). Your handlers weren't causing the crash but were helping in making the crash happen. (I would guess that the initialization of the internal data structures from your handlers allowed the invalid "return false;" pointer to be fubar'd in such a way to cause a segfault.) Read the bug report, it's all there, including on how I was reproducing the crash. Your session handlers have a few problems when there is concurrent access for the same session id. (It *DOES* happen, especially with AvantGo clients, trust me on this one) You also do not check for expiration in your session_read. Since garbage collection doesn't happen on every single access, there's a possibility that stale data would get loaded. Also, since your session handlers aren't mentioned anywhere on the PHP website under the session documentation, as well as not stressing the fact that returning false will cause data corruption, it still doesn't really address the issue. Personally I don't think the doing something in a script language should cause a low-level crash. I believe there was another recent bug dealing with the xslt extension that explained this issue well: "But PHP generating nice corefiles is not ok." At most I think PHP should return an error when the data isn't what was expected, not segfault, or core, or crash. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/14497 -- Edit this bug report at http://bugs.php.net/?id=14497&edit=1