ID: 20358
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Session related
Operating System: RedHat7.3
PHP Version: 4.3.0-pre2
New Comment:
more info...
(gdb) list
182
183 hv = ps_sd_hash(key, strlen(key));
184 slot = hv & data->hash_max;
185
186 for (prev = NULL, ret = data->hash[slot]; ret; prev =
ret, ret =
ret->next)
187 if (ret->hv == hv && !strcmp(ret->key, key))
188 break;
189
190 if (ret && rw && ret != data->hash[slot]) {
191 /* Move the entry to the top of the linked list
*/
(gdb) print key
$1 = 0x8136f2c "136"
(gdb) print hv
$2 = 1943406893
(gdb) print slot
$3 = 301
(gdb) print data->hash_max
$4 = 511
(gdb) print prev
$5 = (ps_sd *) 0x4413df00
(gdb) print ret
$6 = (ps_sd *) 0x1f
(gdb) print ret->next
Cannot access memory at address 0x1f
(gdb) print data->hash[slot]->next
$7 = (struct ps_sd *) 0x1f
Previous Comments:
------------------------------------------------------------------------
[2002-11-12 05:51:51] [EMAIL PROTECTED]
Apache was re-compiled with -DBIG_SECURITY_HOLE option.
edit /usr/local/apache/conf/httpd.conf
User root
Group root
CoreDumpDirectory /tmp
# /usr/local/apache/bin/apachectl start
# sh loop.sh
# tail -f /usr/local/apache/logs/error_log
[Tue Nov 12 20:41:49 2002] [notice] child pid 23351 exit signal
Segmentation fault (11), possible coredump in /tmp
child proccess of apache was core dumped.
back trace
----
(gdb) bt
#0 0x40148a33 in ps_sd_lookup (data=0x80d4418, key=0x8136f2c "136",
rw=0)
at /home/work/httpd/php-4.3.0pre2/ext/session/mod_mm.c:187
#1 0x40148ec8 in ps_read_mm (mod_data=0x4029ea70, key=0x8136f2c
"136",
val=0xbfffd1e0, vallen=0xbfffd1dc)
at /home/work/httpd/php-4.3.0pre2/ext/session/mod_mm.c:326
#2 0x401446b9 in php_session_initialize ()
at /home/work/httpd/php-4.3.0pre2/ext/session/session.c:608
#3 0x40145864 in php_session_start ()
at /home/work/httpd/php-4.3.0pre2/ext/session/session.c:1004
#4 0x40147438 in zif_session_start (ht=0, return_value=0x8136fd4,
this_ptr=0x0, return_value_used=0)
at /home/work/httpd/php-4.3.0pre2/ext/session/session.c:1445
#5 0x4022cfc7 in execute (op_array=0x8136c3c)
at /home/work/httpd/php-4.3.0pre2/Zend/zend_execute.c:1595
#6 0x4021a174 in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/work/httpd/php-4.3.0pre2/Zend/zend.c:839
#7 0x401e1f13 in php_execute_script (primary_file=0xbffff6b0)
at /home/work/httpd/php-4.3.0pre2/main/main.c:1542
#8 0x40231f36 in apache_php_module_main (r=0x812ff2c,
display_source_mode=0)
at /home/work/httpd/php-4.3.0pre2/sapi/apache/sapi_apache.c:55
#9 0x40232e00 in send_php (r=0x812ff2c, display_source_mode=0,
filename=0x813093c
"/usr/local/apache/htdocs/php/samples/session/bug.phtml")
at /home/work/httpd/php-4.3.0pre2/sapi/apache/mod_php4.c:556
#10 0x40232e6d in send_parsed_php (r=0x812ff2c)
at /home/work/httpd/php-4.3.0pre2/sapi/apache/mod_php4.c:571
#11 0x0806a7bb in ap_invoke_handler ()
#12 0x0807f723 in process_request_internal ()
#13 0x0807f784 in ap_process_request ()
#14 0x080765c1 in child_main ()
#15 0x0807682f in make_child ()
#16 0x08076bac in perform_idle_server_maintenance ()
#17 0x08077181 in standalone_main ()
#18 0x080777bb in main ()
#19 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6
------------------------------------------------------------------------
[2002-11-11 19:35:46] [EMAIL PROTECTED]
Sorry... My English is weak...
This problem has appeared by 3 different machines(all x86).
# /usr/local/apache/bin/apachectl start
(without -X)
# sh loop.sh
# tail -f /usr/local/apache/logs/error_log
---
In /usr/local/apache/bin/httpd -X, since Segmentation fault did not
occur, php_error(E_WARNING, ...) was written to mod_mm.c and the state
was seen by "tail -f /usr/local/apache/logs/error_log".
example.
static ps_sd *ps_sd_lookup(ps_mm *data, const char *key, int rw)
{
php_uint32 hv, slot;
ps_sd *ret, *prev;
+ pid_t pid = getpid();
hv = ps_sd_hash(key, strlen(key));
slot = hv & data->hash_max;
+ php_error(E_WARNING, "pid[%d] hv:%x key:%x slot:%x", pid, hv,
key, slot);
for (prev = NULL, ret = data->hash[slot]; ret; prev = ret, ret
= ret->next)
:
:
:
------------------------------------------------------------------------
[2002-11-11 09:56:46] [EMAIL PROTECTED]
So what is the 'problem' you think there is?
(works fine here (tm))
------------------------------------------------------------------------
[2002-11-11 07:30:52] [EMAIL PROTECTED]
This problem does not appear at "/usr/local/apache/bin/httpd -X".
I think so because apache is single task...
------------------------------------------------------------------------
[2002-11-11 06:55:23] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php
Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/20358
--
Edit this bug report at http://bugs.php.net/?id=20358&edit=1
