Apologies if you receive this twice. My posts dont appear to be going
through...
Cheers.
Aa.
---------- Forwarded message ----------
Date: Mon, 21 Oct 2002 11:57:09 -0700 (PDT)
From: Aaron Gowatch <[EMAIL PROTECTED]>
To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Re: [PHP-DEV] Re: Segfaults in 4.2.3?
Is it possible to get any help at all on this? Do I just need to open a
bug ticket? I have tons of backtraces as well as tons of debug info being
written to the error log from --enable-debug.
Anyone?
Aa.
---------- Forwarded message ----------
Date: Tue, 15 Oct 2002 12:15:07 -0700 (PDT)
From: Aaron Gowatch <[EMAIL PROTECTED]>
To: Aaron Gowatch <[EMAIL PROTECTED]>
Cc: Andi Gutmans <[EMAIL PROTECTED]>,
"[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Re: [PHP-DEV] Re: Segfaults in 4.2.3?
Heres some more information on this segfault. I'm running apache with
MALLOC_CHECK_=2.
(gdb) handle SIGPIPE nostop
Signal Stop Print Pass to program Description
SIGPIPE No Yes Yes Broken pipe
(gdb) cont
Continuing.
Program received signal SIGABRT, Aborted.
0x42029331 in kill () from /lib/i686/libc.so.6
(gdb) bt
#0 0x42029331 in kill () from /lib/i686/libc.so.6
#1 0x4202911a in raise () from /lib/i686/libc.so.6
#2 0x4202a8c2 in abort () from /lib/i686/libc.so.6
#3 0x4207d3eb in realloc_check () from /lib/i686/libc.so.6
#4 0x4207b091 in realloc () from /lib/i686/libc.so.6
#5 0x4202b65c in __add_to_environ () from /lib/i686/libc.so.6
#6 0x4202b33f in putenv () from /lib/i686/libc.so.6
#7 0x080c87fb in zif_putenv (ht=1, return_value=0x8a1e5a4, this_ptr=0x0,
return_value_used=0)
at basic_functions.c:1302
#8 0x0816c05b in execute (op_array=0x89e9880) at ./zend_execute.c:1598
#9 0x0816c22f in execute (op_array=0x866a594) at ./zend_execute.c:1638
#10 0x08148936 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at zend.c:812
#11 0x080a61de in php_execute_script (primary_file=0xbffff670) at
main.c:1383
#12 0x08153f72 in apache_php_module_main (r=0x82d0684,
display_source_mode=0)
at sapi_apache.c:90
#13 0x080a2690 in send_php (r=0x82d0684, display_source_mode=0,
filename=0x0) at mod_php4.c:575
#14 0x080a26de in send_parsed_php (r=0x82d0684) at mod_php4.c:590
#15 0x08174547 in ap_invoke_handler (r=0x82d0684) at http_config.c:538
#16 0x081837ef in process_request_internal (r=0x82d0684) at
http_request.c:1308
#17 0x08183852 in ap_process_request (r=0x82d0684) at http_request.c:1324
#18 0x0817d0bc in child_main (child_num_arg=7) at http_main.c:4629
#19 0x0817d2b3 in make_child (s=0x829b70c, slot=7, now=1034706069) at
http_main.c:4799
#20 0x0817d56e in perform_idle_server_maintenance () at http_main.c:4981
#21 0x0817d9f9 in standalone_main (argc=3, argv=0xbffffb14) at
http_main.c:5218
#22 0x0817df50 in main (argc=3, argv=0xbffffb14) at http_main.c:5482
#23 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6
(gdb) frame 8
#8 0x0816c05b in execute (op_array=0x89e9880) at ./zend_execute.c:1598
1598
((zend_internal_function *)
EX(function_state).function)->handler(EX(opline)->extended_value,
EX(Ts)[EX(opline)->result.u.var].var.ptr, EX(object).ptr,
return_value_used TSRMLS_CC);
(gdb) print (char
*)(executor_globals.function_state_ptr->function)->common.function_name
$1 = 0x822b98f "putenv"
(gdb) print (char *)executor_globals.active_op_array->function_name
$2 = 0x8ab16dc "set_up_language"
(gdb) print (char *)executor_globals.active_op_array->filename
$3 = 0x86214ec
"/var/www/vhost/webmail.divinia.com/docs/functions/i18n.php"
(gdb) frame 7
#7 0x080c87fb in zif_putenv (ht=1, return_value=0x8a1e5a4, this_ptr=0x0,
return_value_used=0)
at basic_functions.c:1302
1302 if ((ret = putenv(pe.putenv_string)) == 0) { /*
success */
(gdb) print pe.putenv_string
$4 = 0x8a1e4ec "LC_ALL=en_US"
Heres the snippet of code that appears to be triggering the abort:
if ( !ini_get('safe_mode') &&
getenv( 'LC_ALL' ) != $sm_notAlias ) {
putenv( "LC_ALL=$sm_notAlias" );
putenv( "LANG=$sm_notAlias" );
putenv( "LANGUAGE=$sm_notAlias" );
}
Seems that I can call this snippet of code all day and it wont segfault,
however...
Any help would be greatly appreciated.
Aa.
On Mon, 14 Oct 2002, Aaron Gowatch wrote:
> Andi --
>
> I'm still trying to track that down. Given the backtrace below, is it
> possible to find out what script or function was executing when the
> process SIGSEGV'd? I read the docs on bugs.php.net on diagnosing crashes
> with gdb, but this looks a little different (ie. theres no execute() in
> this backtrace). Its also possible that the bug that caused this SIGSEGV
> happened in a previous request. I posted some of the errors that php is
> logging last night, which were similar to:
>
> [Mon Oct 14 11:06:45 2002] Script:
> '/var/www/vhost/webmail.divinia.com/docs/src/read_body.php'
> ---------------------------------------
> zend_stack.c(103) : Block 0x08BB30B0 status:
> Beginning: Overrun (magic=0x08407248, expected=0x7312F8DC)
>
> Unknown(0) : Warning - String is not zero-terminated (ZZZZZZ<84>Ì<8F>**18)
> (source: zend_opcode.c:165)
> [Mon Oct 14 12:15:22 2002] Script:
> '/var/www/vhost/webmail.divinia.com/docs/src/right_main.
> php'
> ---------------------------------------
> zend_opcode.c(165) : Block 0x08B78328 status:
> zend_variables.c(44) : Actual location (location was relayed)
> Beginning: Cached (allocated on string.c:3193, 6 bytes)
> End: OK
> ---------------------------------------
>
> A segfault can usually found shortly thereafter, or even immediately
> after. The script read_body.php listed above for example, has executed
> over 500 times today, and I've experienced 4 segmentation faults. The
> script also varies:
>
> [Mon Oct 14 11:06:45 2002] Script:
>'/var/www/vhost/webmail.divinia.com/docs/src/read_body.php'
> [Mon Oct 14 12:15:22 2002] Script:
>'/var/www/vhost/webmail.divinia.com/docs/src/right_main.php'
>
> So if anyone has any suggestions on how I can narrow down the source of
> this error further it'd be much appreciated.
>
> Thanks,
> Aa.
>
> On Mon, 14 Oct 2002, Andi Gutmans wrote:
>
> > What we'd really need is a short 10-20 line reproducing script.
> >
> > Andi
> >
> > At 11:20 AM 10/14/2002 -0700, Aaron Gowatch wrote:
> > >Heres a backtrace from one of my SIGSEGVs. This one looks a little
> > >different from previous segfaults, but perhaps it can help track this bug
> > >down:
> > >
> > >Program received signal SIGSEGV, Segmentation fault.
> > >0x42082a0c in memcpy () from /lib/i686/libc.so.6
> > >(gdb) bt
> > >#0 0x42082a0c in memcpy () from /lib/i686/libc.so.6
> > >#1 0x0813865a in _mem_block_check (ptr=0x8bb30d4, silent=0,
> > >__zend_filename=0x8248882 "zend_stack.c",
> > > __zend_lineno=103, __zend_orig_filename=0x0, __zend_orig_lineno=0) at
> > >zend_alloc.c:650
> > >#2 0x0813861d in _mem_block_check (ptr=0x8bb30d4, silent=1,
> > >__zend_filename=0x8248882 "zend_stack.c",
> > > __zend_lineno=103, __zend_orig_filename=0x0, __zend_orig_lineno=0) at
> > >zend_alloc.c:642
> > >#3 0x08137877 in _efree (ptr=0x8bb30d4, __zend_filename=0x8248882
> > >"zend_stack.c", __zend_lineno=103,
> > > __zend_orig_filename=0x0, __zend_orig_lineno=0) at zend_alloc.c:224
> > >#4 0x08146e3a in zend_stack_destroy (stack=0x8298870) at zend_stack.c:103
> > >#5 0x08138c0f in shutdown_compiler () at zend_compile.c:100
> > >#6 0x08148257 in zend_deactivate () at zend.c:601
> > >#7 0x080a5068 in php_request_shutdown (dummy=0x0) at main.c:789
> > >#8 0x08153fca in apache_php_module_main (r=0x82d4ddc,
> > >display_source_mode=0) at sapi_apache.c:96
> > >#9 0x080a2690 in send_php (r=0x82d4ddc, display_source_mode=0,
> > >filename=0x0) at mod_php4.c:575
> > >#10 0x080a26de in send_parsed_php (r=0x82d4ddc) at mod_php4.c:590
> > >#11 0x08174547 in ap_invoke_handler (r=0x82d4ddc) at http_config.c:538
> > >#12 0x081837ef in process_request_internal (r=0x82d4ddc) at
> > >http_request.c:1308
> > >#13 0x08183852 in ap_process_request (r=0x82d4ddc) at http_request.c:1324
> > >#14 0x0817d0bc in child_main (child_num_arg=0) at http_main.c:4629
> > >#15 0x0817d2b3 in make_child (s=0x829b704, slot=0, now=1034578800) at
> > >http_main.c:4799
> > >#16 0x0817d330 in startup_children (number_to_start=5) at http_main.c:4826
> > >#17 0x0817d82c in standalone_main (argc=3, argv=0xbffffb14) at
> > >http_main.c:5134
> > >#18 0x0817df50 in main (argc=3, argv=0xbffffb14) at http_main.c:5482
> > >#19 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6
> > >
> > >I'll leave my gdb attached in case more information is needed.
> > >
> > >Thanks in advance,
> > >Aa.
> > >
> > >(Apologies if this is received twice)
> > >
> > >On Sun, 13 Oct 2002, Aaron Gowatch wrote:
> > >
> > > > My apache children have been segfaulting for a few weeks now. My attempts
> > > > to debug them leads me to believe that its happening in php somewhere.
> > > > The SIGSEGV actually occurs in chunk_alloc, after a malloc and several
> > > > calls to execute. (I'll fwd a backtrace per the bugs docs as soon as my
> > > > gdb -p catches the SIGSEGV).
> > > >
> > > > This weekend, I started apache with MALLOC_CHECK_=2 and built my php with
> > > > --enable-debug. Some interesting things started appearing in the logs:
> > > >
> > > > [Sat Oct 12 19:58:16 2002] Script:
> > > > '/var/www/vhost/webmail.divinia.com/docs/src/login.php'
> > > > ---------------------------------------
> > > > zend_stack.c(103) : Block 0x08C6E628 status:
> > > > Beginning: Overrun (magic=0x08415420, expected=0x7312F8DC)
> > > > [Sat Oct 12 19:58:17 2002] [notice] child pid 3037 exit signal
> > > Segmentation fault (11)
> > > >
> > > > [Sat Oct 12 18:50:42 2002] Script:
> > > > '/var/www/vhost/www.divinia.com/docs/mail/src/read_body.php'
> > > > ---------------------------------------
> > > > zend_stack.c(103) : Block 0x08BAF388 status:
> > > > Beginning: Overrun (magic=0x08415420, expected=0x7312F8DC)
> > > > [Sat Oct 12 18:50:42 2002] [notice] child pid 4672 exit signal
> > > Segmentation fault (11)
> > > >
> > > > Then some pretty whack stuff (that looks like trampled memory) starts
> > > > showing up:
> > > >
> > > > Sun Oct 13 15:08:02 2002] [notice] child pid 28803 exit signal Aborted (6)
> > > > Unknown(0) : Warning - String is not zero-terminated (base_uri) (source:
> > > > zend_execute_API.c:274)
> > > > Unknown(0) : Warning - String is not zero-terminated (ZZZZZZZZZ
> > > > Ì*)
> > > > (source: zend_opcode.c:159)
> > > > [Sun Oct 13 15:08:14 2002] Script:
> > > > '/var/www/vhost/webmail.divinia.com/docs/src/login.php'
> > > > ---------------------------------------
> > > > zend_opcode.c(159) : Block 0x08698778 status:
> > > > zend_variables.c(44) : Actual location (location was relayed)
> > > > Beginning: Cached (allocated on zend_language_scanner.c:4150, 9 bytes)
> > > > End: OK
> > > > ---------------------------------------
> > > >
> > > >
> > >
>ÀàBÀàBpÀ=XïXïØàBØàBààBààBph£ðàBðàBøàBøàB(÷(ááBáBáBÝݸ¾¸¾(áB(áB0áB0áB8áB8áB@áB@áBHáBHáBPáBPáBÀÀ`áB`áBà#ror]
>
> > >
> > > > [client 66.25.48.206] File does not exist:
> > > > /var/www/vhost/www.divinia.com/docs/
> > > > Unknown(0) : Fatal error - Maximum execution time of 30 seconds exceeded
> > > >
> > >
>ÀàBÀàBpÀ=XïXïØàBØàBààBààBpPsðàBðàBøàBøàB(÷(ááBáBáBÝݸ¾¸¾(áB(áB0áB0áB8áB8áB@áB@áBHáBHáBPáBPáBÀÀ`áB`áBà#02]
>
> > >
> > > > [error] [client 66.25.48.206] File does not exist:
> > > > /var/www/vhost/www.divinia.com/docs/
> > > > images/max.gif
> > > >
> > > > The PHP application is squirrelmail-1.2.8 (although its also segfaulted
> > > > with vbulletin scripts). Heres my httpd -l:
> > > >
> > > > Compiled-in modules:
> > > > http_core.c
> > > > mod_env.c
> > > > mod_log_config.c
> > > > mod_mime.c
> > > > mod_negotiation.c
> > > > mod_status.c
> > > > mod_include.c
> > > > mod_autoindex.c
> > > > mod_dir.c
> > > > mod_cgi.c
> > > > mod_actions.c
> > > > mod_speling.c
> > > > mod_userdir.c
> > > > mod_alias.c
> > > > mod_rewrite.c
> > > > mod_access.c
> > > > mod_auth.c
> > > > mod_auth_mysql.c
> > > > mod_usertrack.c
> > > > mod_unique_id.c
> > > > mod_setenvif.c
> > > > mod_php4.c
> > > > mod_perl.c
> > > > mod_throttle.c
> > > > apache_ssl.c
> > > > suexec: enabled; valid wrapper /sbin/suexec
> > > >
> > > > glibc-2.2.5, Linux kernel 2.4.19.
> > > >
> > > > As soon as the next child segfaults, I'll forward a backtrace, but if
> > > > anyone has any comments or suggestions it'd be much appreciated.
> > > >
> > > > Thanks in advance,
> > > > Aa.
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
> > >--
> > >PHP Development Mailing List <http://www.php.net/>
> > >To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
>
>
>
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
