We've found similar problems -- see our report here:

http://xcache.lighttpd.net/ticket/163

(We initially thought that it was Xcache, but that doesn't seem to be the case now).

I decided to try and give php5.2-200802241730 a try to see perhaps if the bug is know and rectified.

I know still have the session time outs, except now its worse. Instead of being able to continue after clicking on the folder on the left side, it now logs out totally, effectively destroying the session.

Please provide a short reproducing script.

The problem is I didnt make squirrelmail. So i am not sure of what i can provide as the reproducable script. I am using the current stable release.

I wanted to give something else to my users in the meantime, so i tried horde, and well, that seems to have session timeout issues as well.

Many people, including myself, are running SquirrelMail quite fine on 5.2.5 without any sort of session problems.  The fact that it also happens in other applications points to a general problem on your end.  Sessions are really simple.  There are 3 parts to an active session.

1. Your browser sends a session cookie
2. The PHP script that receives the cookie calls session_start()
3. session_start() reads the session data from the session data

So, to debug this, look at each part.  Install something like the LiveHTTPHeaders Firefox extension and make sure the cookie is being sent.  Second, make sure there is a session_start() call in the receiving code.  And third, check to make sure that the session data is in the session data store.  If you are using the file-based session store, match the session cookie to the session filename and watch it as you click around.  Does it suddenly disappear?  If so, figure out why.  

Also check all your session.* settings and if you have multiple servers behind any sort of load balancer, a per-server file-based session store obviously won't work.  NFS-based stuff can also cause problems for a file-based session store.

You can also write your own very simple trivial session test to verify that sessions are working at all on your setup.

okay here you go, 5 hours of sleep helped a bit.

http://spherelinx.com/session.php
Now refresh this slowly (i mean one F5 per second or 2 seconds), till you hit something like 8-10.

Now press F5 rapidly (dont hold), like 5-8 times. You end up with a new counter. 

Refresh this counter slowly, and again repeat the above step. Sometimes you get it to go back to the older counter.

reproduce code: http://spherelinx.com/session.phps
phpinfo - http://spherelinx.com/phpinfo.php

From my guess, session_name fails or causes some kind of glitch

With regards to session files and squirrelmail

I checked the part that you told me. The headers look exactly the same. Sometimes I get the session kicking me out. The headers during which, looks exactly the same as the ones when it doesnt kick me out. However, sometimes i just rightclick in that frame and reload frame and it works, or i click on any of the available imap folders on the left side.

During the time it kicks me out, the session file still exists, would explain WHY i can still continue using AFTER that. 

from my previous test and this into consideration, i would GUESS its something to do with session generation / session file handling or something related to this.

I have to downgrade to 5.2.4, as this is a production box. Please let me know when you are available, and I will load the necessary module at that moment.

I am also available on IRC / freenode as Assid

Rasmus -- verified that this issue (PHP session being randomly lost) is also occurring for us on php 5.2.5 but not php 5.2.4 on our Linux Centos 4.4 box.

Please also see here for our own reproduce code:

http://xcache.lighttpd.net/ticket/163

Hrm, strange, i dont use xcache. But yeah session integrity is messed up.

Looks like we gotta wait for 5.2.6 and hope the developers fixed that bug. It does seem php5.2-200802241730  is still not done, as a matter of fact, the session file in -dev seems to disappear, whereas atleast in 5.2.5 it remains. (very little testing in -dev btw). So its gone from bad to worse.

- Data integrity ? -
Another important note, is that phpmyadmin acts super strange as well. The css i believe is generated on the fly, that goes awry and sql queries start yielding no results. I am not sure if this is session related. or not!

There is only a single trivial change to the session extension between 5.2.4 and 5.2.5 and it was to fix http://bugs.php.net/42596

The change is here:

http://cvs.php.net/viewvc.cgi/php-src/ext/session/mod_files.c?r1=1.100.2.3.2.9&r2=1.100.2.3.2.10&pathrev=PHP_5_2&diff_format=u

I don't see how this change could have caused these problems.  Could you please verify that 5.2.4 works under the exact same conditions that 5.2.5 doesn't work?  That is, on the same machine, built the same way and running the same code.

Yes, same machine, same everything. Even phpmyadmin dies on me. I just had to move it back. I can apachectl stop; make install; apachectl start ; whenever your online. 

Since its a production box, i need functionality to work fine, so i moved it back down to 5.2.4

As I said i am available on freenode as Assid

Hi Rasmus 


Yes, we can confirm that nothing changed on the box apart from php 5.2.4 -> 5.2.5.

We found it easier to reproduce the bug once XCache was installed, but the bug still exists even when we remove Xcache, it's just more intermitment. The developer of Xcache thinks this is related to a heap corruption of some sort. See here: http://forum.lighttpd.net/topic/42805

The issue for us seems to be that even though the session file exists on the server (under a private /sessions directory), at some point when the browser sends the cookie with the PHPSESSID header, the server seems to temporarily "lose" the information stored in the session file and returns a blank _$SESSION variable. However, after a few more refreshes it provides the correct info from the $_SESSION variable again.

4 different people on our end have tried to reproduce this without any success.  And no, those memory issues you refer to have nothing to do with this since they were fixed long before that snapshot you tried.

At this point you'll need to dig in yourself.  Fire up Valgrind and see if you can spot what might be causing the corruption.  It could be in some extension that we don't have in any of our environments here.  It definitely isn't the session code itself, so it is impossible to diagnose without more information.

Any suggestions on the options / how to use valgrind without learning the whole thing. Perhaps the cli cmd to run ?

I am starting to think this isnt limited to session related. phpMyAdmin as i mentioned starts acting very very strangely here. Due to the lack of knowledge of valgrind, i can try and see if i can try removing an extension to see if it makes any difference, while retaining atleast the basic ones that i DO need. 

If i can get the valgrind options (exact cli commands ) to use, that would be great.

Still trying to remove more extensions and test. Rasmus, I have sent you a private email with 2 links to video files, which shows the phpmyadmin bugs. It seems the bugs faced are infact more indepth as you suggested.

I do apologize for private mailing btw., but since they are links to videos, I didnt want to post them in public.

Okay ran valgrind (as far as i can understand it)
http://assid.com/valgrind.txt

I have removed some extensions as i was still testing, but to no success.

I hope the log proves useful to you.

The libdl stuff can be ignored, so that looks like a clean valgrind run.  But, are you sure the problem happens on the command line?  I'd run the entire apache -X through valgrind.  You'd need to do it on a quiet machine somewhere that isn't getting hit, of course, so you can control the requests you send to it while valgrind is running.  Hit it until you see the problem, then stop and show us that valgrind output from that.

this will be difficult, we provide shared hosting on this box, and will be difficult to just shut it down for that period of time. but lets see what i can do.

Can you tell me how exactly do i put the whole apache process through valgrind ?

Okay, finally found out how to do valgrind with apache :P

During valgrind, phpmyadmin was behaving properly, squirrelmail as i mentioned in my previous post is erratic, but it normally takes time to crash, once it does, then it happens more frequently.

I later tried the session script as spherelinx.com/session.php (check phps)

This counter was working fine here again. 

I then decided to visit alternate sites on the server perhaps to create more session files.

I visited www.equineindia.com, and then i started hitting on session.php again, voila! session counter was reset to 0

I tried to see if i could simulate more of the sessions disappearing etc, like it going back to the original counter, but it didnt go, (normally you keep hitting refresh, you just might get back). I guess i should have tried more, but the day was just beginning and had to let the public in once again. So i decided, we atleast got the basics of what was causing this, and atleast report this.

The valgrind log is available at: http://assid.com/apache1.log

Btw: yes apc , and fileinfo from pecl were disabled before I did this.

the main page of equineindia refreshes to login.php ; please visit login.phps for the source of the same.

Interestingly, the leak summary shows alot of leakage BTW.

err sorry, session counter reset to 1 on refresh on the previous post.

I had the chance to test this issue with Assid on his server and we were able to more accurately pin point the issue:

1) the sessions don't time out, instead we're talking about session_name() selectively being ignored (which results in two session cookies, and hence sessions, created)

2) the issue seems to only happen on PHP 5.2.5 without --enable-debug. On 5.2.4 it doesn't happen, on 5.2.5 with --enable-debug we couldn't repro, but this needs more testing.

3) the issue may be hardware/configuration dependent (32-64 bit? OS distro? I don't have those details, Assid could provide them). The Apache server on the tested configuration runs in prefork mode, so it can't be a threading race condition (as far as I know).

4) we reverted the patch for bug http://bugs.php.net/42596 and recompiled 5.2.5 but still were able to reproduce the issue. Since this is the only change in the session module between 5.2.4 and 5.2.5, I have to conclude the issue is related to some other code (somehow..).

Description of the reproduce steps.

We have userA and userB on different machines, IP-s. They both are given the url to the example with the counter as Assid provided it. Notice the example uses session_name('spheretest'). 

If a userA refreshes the page alone, he gains session cookie 'spheretest' and the counter works normally.

If userB refreshed the page, userA gains a new cookie 'PHPSESSID' and a new session. After userA refreshes few more times, PHP gets back to using the previous 'spheretest' session/cookie.

We tested if the issue is related to prematurely starting session *before* the session_name() call. But no, session_id is never defined before the session_name() call.

sv4php - have you tried reverting the patch made in the ext/session/mod_files.c?

Just an idea but this bug (#42596 (session.save_path MODE option does not work)) was fixed in between the PHP 5.2.4 and 5.2.5 releases.

Link is here for patch diff:

http://cvs.php.net/viewvc.cgi/php-src/ext/session/mod_files.c?r1=1.100.2.3.2.9&r2=1.100.2.3.2.10&pathrev=PHP_5_2

It seems whenever I run http://assid.com/session.php (source - http://assid.com/session.phps), if i refresh enough number of times and at odd times, i end up with a new session of PHPSESSID (it also jumps back and forth). I am trying to figure out WHY its starting that session, when the script EXPLICITLY has a session name set to spheretest

Maybe that can help us pinpoint what to check?

Yes, I reversed it back, but it didnt help  (seeing the diff in the patch).

While doing valgrind I'd also recommend setting USE_ZEND_ALLOC=0 in the environment. That would make the engine use only mallocs which would provide much more information to the valgrind.

Actually my original log did contain that.

Nevertheless, here you go again
i ran 2 rounds

www.assid.com/apache.log
www.assid.com/apache5.log

Hope its helpful. Back to php 5.2.4 for now :|

Are you by any chance using php_admin_value/php_value/etc. in some .htaccess file or in your httpd.conf to set any php.ini options?

Yes the assid.com domain has  the following in the vhost
php_admin_value open_basedir /home/assid:/var/shared:/var/stats:/tmp

The other vhosts on the server have similar as well.

The other domain: equineindia.com (that uses the login/logout function), has the following:

        php_admin_value session.gc_maxlifetime 10800
        php_admin_value asp_tags 1
        php_admin_value max_execution_time 90
        php_admin_value session.name eisessid
        php_admin_value session.auto_start 1
        php_admin_value session.cookie_domain .equineindia.com
        php_admin_value short_open_tag 1


What i did notice, is that if you want to "trigger" the bug, you refresh a few times on assid.com/session.php, then go to http://www.equineindia.com/login.php and then click login again, then go back to the counter (assid.com/session.php) this somehow makes the bug "easier" to reproduce. Atleast when running valgrind.

When running generally, you just keep refreshing and the bug is triggered.

Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows (zip):
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip

For Windows (installer):

  http://snaps.php.net/win32/php5.2-win32-installer-latest.msi

A fix for another bug (related to php_admin_value / php_value) was just fixed, and I'm guessing it's causing this session issue as well. So please, try the snapshot!

Okay i have tried the current release php5.2-200803191930, as of now, it seems good, I will waitfor a day or 2 to see what my users say. Will update here as soon as I get a response.

Let's keep this in feedback status until that then. I'd expect this to having been fixed by the fix for bug #43677. 

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".