php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62825 php carshed OR return PHP Fatal error when used apc_bin_dump after apc_store
Submitted: 2012-08-15 11:12 UTC Modified: 2012-08-15 16:55 UTC
From: cfc4n at cnxct dot com Assigned: laruence (profile)
Status: Closed Package: APC (PECL)
PHP Version: 5.3.15 OS: ubuntu 12.04
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: cfc4n at cnxct dot com
New email:
PHP Version: OS:

 

 [2012-08-15 11:12 UTC] cfc4n at cnxct dot com
Description:
------------
apc.serializer=php

1,Save a array use apc_store function .
2,Dump bin file with apc_bin_dumpfile .

It's return a fatal error like this:
Fatal error: apc_bin_dumpfile(): Exceeded bounds check in apc_bd_alloc_ex by 
-389486716 bytes. in /home/cfc4n/a.php on line 3

Some times it's carshed.But it can not be reproduced.

Test script:
---------------
1.php
<?php
$array = array('aa'=>'xxxxx','bb'=>'sasdasdasd');
apc_store('arr',$array);
?>


a.php
<?php
$array = array('aa'=>'xxxxx','bb'=>'sasdasdasd');
apc_store('arr',$array);
$arr = array('1.php');
apc_bin_dumpfile($arr,null,'1.bin');
?>

Expected result:
----------------
working.

Actual result:
--------------
#0  0xb70e0429 in ?? () from /lib/i386-linux-gnu/libc.so.6
#1  0xb6b32c8d in my_copy_hashtable_ex (dst=0xb36ec814, src=0xb54007e0, 
copy_fn=0xb6b3d0a0 <my_copy_zval_ptr>, holds_ptrs=1, ctxt=0xbf9848a8, 
check_fn=0) at /usr/include/i386-linux-gnu/bits/string3.h:85
#2  0xb6b33038 in my_copy_zval (dst=0xb36ec804, src=0xb54005f8, ctxt=0xbf9848a8) 
at /data/htdocs/release/pecl_apc/apc_compile.c:357
#3  0xb6b4821a in apc_bin_dump (files=0x967fd3c, user_vars=0x0) at 
/data/htdocs/release/pecl_apc/apc_bin.c:737
#4  0xb6b3883b in zif_apc_bin_dumpfile (ht=3, return_value=0x9682968, 
return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at 
/data/htdocs/release/pecl_apc/php_apc.c:1426
#5  0x0839614a in ?? ()
#6  0x083454fe in execute ()
#7  0x0831e1c9 in zend_execute_scripts ()
#8  0x082c48ae in php_execute_script ()
#9  0x0806a7e6 in ?? ()
#10 0xb6fc94d3 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
#11 0x0806afa1 in _start ()
(gdb) f 1
#1  0xb6b32c8d in my_copy_hashtable_ex (dst=0xb36ec814, src=0xb54007e0, 
copy_fn=0xb6b3d0a0 <my_copy_zval_ptr>, holds_ptrs=1, ctxt=0xbf9848a8, 
check_fn=0) at /usr/include/i386-linux-gnu/bits/string3.h:85
85        return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest));

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-08-15 11:19 UTC] laruence@php.net
assign to me. it's a big work...
 [2012-08-15 11:19 UTC] laruence@php.net
-Assigned To: +Assigned To: laruence
 [2012-08-15 16:40 UTC] laruence@php.net
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=327136
Log: Refactor apc_bin_dump with user cache data(which should never works well with complex data type before)
This also fixed bug #62825 (php carshed OR return PHP Fatal error when used apc_bin_dump after apc_store)
Add myself as maintainer(author) of apc_bin.c
 [2012-08-15 16:55 UTC] laruence@php.net
-Status: Assigned +Status: Closed
 [2012-08-15 16:55 UTC] laruence@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 17:01:32 2024 UTC