ID: 23040 User updated by: tim at danan dot com Reported By: tim at danan dot com Status: Open Bug Type: Reproducible crash Operating System: Redhat 8 PHP Version: 4.3.1 New Comment:
AHA! I just checked the script (and all of it's includes). There is only one putenv call in the entire forum system. Perhaps these code snippets can provide some insight (I'm going to see if I can crash the server with a short script containing these functions). //included from a conf file $SERVER_TZ = "America/New_York"; // the potential offending code function set_tz($timezone) { if( $timezone ) @putenv("TZ=".$timezone); } // one of the fields in users is time_zone. All users are currently set to "America/New_York" function get_user_by_id($id) { qobj("SELECT * FROM fud2_users WHERE id=".$id, $this); if( empty($this->id) ) return; return $this->id; } // within this init function the set_tz function is called function init_user() { $s = new fud_session; $u = new fud_user; $s->cookie_get_session(); if ( $s->user_id && $s->user_id<2000000000 ) { if ( !$u->get_user_by_id($s->user_id) ) { $u=NULL; $s->delete_session(); } /* else NOP */ } else $u = NULL; if ( empty($u) && empty($s->id) ) $s->save_session(); $rv[0] = $s; if( !empty($u) ) { set_tz($u->time_zone); define('d_thread_view', (($GLOBALS['TREE_THREADS_ENABLE']=='N'||$u->default_view=='msg'||$u->default_view=='tree_msg')?'msg':'tree')); define('t_thread_view', (($GLOBALS['TREE_THREADS_ENABLE']=='N'||$u->default_view=='msg'||$u->default_view=='msg_tree')?'thread':'threadt')); q("UPDATE fud2_users SET last_visit=".__request_timestamp__." WHERE id=".$u->id); $rv[1] = $u; }else { set_tz($GLOBALS["SERVER_TZ"]); define('d_thread_view', (($GLOBALS['TREE_THREADS_ENABLE']=='N'||$GLOBALS['DEFAULT_THREAD_VIEW']=='msg'||$GLOBALS['DEFAULT_THREAD_VIEW']=='tree_msg')?'msg':'tree')); define('t_thread_view', (($GLOBALS['TREE_THREADS_ENABLE']=='N'||$GLOBALS['DEFAULT_THREAD_VIEW']=='msg'||$GLOBALS['DEFAULT_THREAD_VIEW']=='msg_tree')?'thread':'threadt')); $rv[1] = NULL; if( !empty($GLOBALS["rid"]) && empty($GLOBALS["HTTP_COOKIE_VARS"]["frm_referer_id"]) ) set_referer_cookie($GLOBALS["rid"]); } define('s', $s->ses_id); define('_rsid', 'rid='.$u->id.'&S='.s); define('_rsidl', 'rid='.$u->id.'&S='.s); define('_hs', '<input type="hidden" name="S" value="'.s.'">'); define('_uid', (($u->email_conf == 'Y')?$u->id:0)); return $rv; } Previous Comments: ------------------------------------------------------------------------ [2003-04-04 08:13:21] tim at danan dot com I tried the cvs snapshot and I'm still seeing the seg faults. Is it possible that Apache is the problem here and not PHP? In other words, is the putenv setting with an enviroment variable for PHP or all of httpd? ------------------------------------------------------------------------ [2003-04-03 19:38:16] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip There have been couple of dozen fixes that might have also fixed this. So please give the snapshot a go. ------------------------------------------------------------------------ [2003-04-03 16:49:02] [EMAIL PROTECTED] It looks like putenv() is the last thing called from PHP land before the crash, so that's a start. J ------------------------------------------------------------------------ [2003-04-03 16:36:46] tim at danan dot com I've not been able to narrow it down to anything that specific yet. I've only just narrowed it down to this page in the past day or so. Unfortunately, the page almost 700 lines long, so I wouldn't call it "short". I'll continue to try to narrow it down to see if I can isolate a function, but it may not be easy since the page tends to load fine 50-60 times in a row, then blow up. There's probably something unique going on in the crash instances, but I've not located it yet. If you'd like the long script I'll be happy to provide it. I'm not an expert at reading dumps by any means. Does anything jump out at you? Are there any hints of some place I might be able to look to help narrow things down? ------------------------------------------------------------------------ [2003-04-03 15:51:54] [EMAIL PROTECTED] Do you have a short test script that can reproduce this segfault? J ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/23040 -- Edit this bug report at http://bugs.php.net/?id=23040&edit=1