ID: 20358 Updated by: [EMAIL PROTECTED] Reported By: mtak at beyondnetworks dot co dot jp -Status: Feedback +Status: No Feedback Bug Type: Session related Operating System: RedHat7.3 PHP Version: 4.3.0-dev New Comment:
No feedback was provided. The bug is being suspended because we assume that you are no longer experiencing the problem. If this is not the case and you are able to provide the information that was requested earlier, please do so and change the status of the bug back to "Open". Thank you. And I can't reproduce this either..(using latest CVS) Previous Comments: ------------------------------------------------------------------------ [2003-08-10 21:56:32] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip After 10,000 requests I have yet to see a single crash. ------------------------------------------------------------------------ [2002-11-12 06:01:38] mtak at beyondnetworks dot co dot jp more info... (gdb) list 182 183 hv = ps_sd_hash(key, strlen(key)); 184 slot = hv & data->hash_max; 185 186 for (prev = NULL, ret = data->hash[slot]; ret; prev = ret, ret = ret->next) 187 if (ret->hv == hv && !strcmp(ret->key, key)) 188 break; 189 190 if (ret && rw && ret != data->hash[slot]) { 191 /* Move the entry to the top of the linked list */ (gdb) print key $1 = 0x8136f2c "136" (gdb) print hv $2 = 1943406893 (gdb) print slot $3 = 301 (gdb) print data->hash_max $4 = 511 (gdb) print prev $5 = (ps_sd *) 0x4413df00 (gdb) print ret $6 = (ps_sd *) 0x1f (gdb) print ret->next Cannot access memory at address 0x1f (gdb) print data->hash[slot]->next $7 = (struct ps_sd *) 0x1f ------------------------------------------------------------------------ [2002-11-12 05:51:51] mtak at beyondnetworks dot co dot jp Apache was re-compiled with -DBIG_SECURITY_HOLE option. edit /usr/local/apache/conf/httpd.conf User root Group root CoreDumpDirectory /tmp # /usr/local/apache/bin/apachectl start # sh loop.sh # tail -f /usr/local/apache/logs/error_log [Tue Nov 12 20:41:49 2002] [notice] child pid 23351 exit signal Segmentation fault (11), possible coredump in /tmp child proccess of apache was core dumped. back trace ---- (gdb) bt #0 0x40148a33 in ps_sd_lookup (data=0x80d4418, key=0x8136f2c "136", rw=0) at /home/work/httpd/php-4.3.0pre2/ext/session/mod_mm.c:187 #1 0x40148ec8 in ps_read_mm (mod_data=0x4029ea70, key=0x8136f2c "136", val=0xbfffd1e0, vallen=0xbfffd1dc) at /home/work/httpd/php-4.3.0pre2/ext/session/mod_mm.c:326 #2 0x401446b9 in php_session_initialize () at /home/work/httpd/php-4.3.0pre2/ext/session/session.c:608 #3 0x40145864 in php_session_start () at /home/work/httpd/php-4.3.0pre2/ext/session/session.c:1004 #4 0x40147438 in zif_session_start (ht=0, return_value=0x8136fd4, this_ptr=0x0, return_value_used=0) at /home/work/httpd/php-4.3.0pre2/ext/session/session.c:1445 #5 0x4022cfc7 in execute (op_array=0x8136c3c) at /home/work/httpd/php-4.3.0pre2/Zend/zend_execute.c:1595 #6 0x4021a174 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/work/httpd/php-4.3.0pre2/Zend/zend.c:839 #7 0x401e1f13 in php_execute_script (primary_file=0xbffff6b0) at /home/work/httpd/php-4.3.0pre2/main/main.c:1542 #8 0x40231f36 in apache_php_module_main (r=0x812ff2c, display_source_mode=0) at /home/work/httpd/php-4.3.0pre2/sapi/apache/sapi_apache.c:55 #9 0x40232e00 in send_php (r=0x812ff2c, display_source_mode=0, filename=0x813093c "/usr/local/apache/htdocs/php/samples/session/bug.phtml") at /home/work/httpd/php-4.3.0pre2/sapi/apache/mod_php4.c:556 #10 0x40232e6d in send_parsed_php (r=0x812ff2c) at /home/work/httpd/php-4.3.0pre2/sapi/apache/mod_php4.c:571 #11 0x0806a7bb in ap_invoke_handler () #12 0x0807f723 in process_request_internal () #13 0x0807f784 in ap_process_request () #14 0x080765c1 in child_main () #15 0x0807682f in make_child () #16 0x08076bac in perform_idle_server_maintenance () #17 0x08077181 in standalone_main () #18 0x080777bb in main () #19 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6 ------------------------------------------------------------------------ [2002-11-11 19:35:46] mtak at beyondnetworks dot co dot jp Sorry... My English is weak... This problem has appeared by 3 different machines(all x86). # /usr/local/apache/bin/apachectl start (without -X) # sh loop.sh # tail -f /usr/local/apache/logs/error_log --- In /usr/local/apache/bin/httpd -X, since Segmentation fault did not occur, php_error(E_WARNING, ...) was written to mod_mm.c and the state was seen by "tail -f /usr/local/apache/logs/error_log". example. static ps_sd *ps_sd_lookup(ps_mm *data, const char *key, int rw) { php_uint32 hv, slot; ps_sd *ret, *prev; + pid_t pid = getpid(); hv = ps_sd_hash(key, strlen(key)); slot = hv & data->hash_max; + php_error(E_WARNING, "pid[%d] hv:%x key:%x slot:%x", pid, hv, key, slot); for (prev = NULL, ret = data->hash[slot]; ret; prev = ret, ret = ret->next) : : : ------------------------------------------------------------------------ [2002-11-11 09:56:46] [EMAIL PROTECTED] So what is the 'problem' you think there is? (works fine here (tm)) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/20358 -- Edit this bug report at http://bugs.php.net/?id=20358&edit=1
