PHP :: Bug #5338 :: Apache/mod_php segv's in php_rshutdown_session

Bug #5338	Apache/mod_php segv's in php_rshutdown_session_globals()
Submitted:	2000-07-03 12:33 UTC	Modified:	2000-08-21 20:33 UTC
From:	bharat at menalto dot com	Assigned:
Status:	Closed	Package:	Reproducible Crash
PHP Version:	4.0.1pl2	OS:	FreeBSD 4.0-STABLE
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	bharat at menalto dot com
New email:
PHP Version:		OS:

New Comment:

[2000-07-03 12:33 UTC] bharat at menalto dot com

mod_php segv's when it tries to clean up a session.  It
appears to be triggered by changing the location of the
session path with a command like this in .htaccess:

php_value session.save_path ./sessions

The stack trace is below. 

--------------------------

(gdb) run -X -d /usr/local/apache
Starting program: /usr/local/apache/bin/httpd -X -d /usr/local/apache
Program received signal SIGSEGV, Segmentation fault.
0x283664ad in _efree (ptr=0x80fc080) at zend_alloc.c:205
205                     REMOVE_POINTER_FROM_LIST(p);
(gdb) w
Ambiguous command "w": watch, whatis, where, while, while-stepping, ws.
(gdb) where
#0  0x283664ad in _efree (ptr=0x80fc080) at zend_alloc.c:205
#1  0x283c200f in php_rshutdown_session_globals () at session.c:1282
#2  0x283c20d4 in php_rshutdown_session (type=1, module_number=3) at session.c:1319
#3  0x2837db58 in module_registry_cleanup (module=0x8293380) at zend_API.c:858
#4  0x2838099b in zend_hash_apply (ht=0x284530e0, apply_func=0x2837db1c <module_registry_cleanup>) at zend_hash.c:672
#5  0x2837d0d7 in zend_deactivate_modules () at zend.c:503
#6  0x2838bc3b in php_request_shutdown (dummy=0x0) at main.c:659
#7  0x28389a2a in php_apache_request_shutdown (dummy=0x0) at mod_php4.c:301
#8  0x8051271 in run_cleanups ()
#9  0x804f907 in ap_clear_pool ()
#10 0x804f987 in ap_destroy_pool ()
#11 0x805fece in child_main ()
#12 0x8060051 in make_child ()
#13 0x80601ca in startup_children ()
#14 0x80607d8 in standalone_main ()
#15 0x8061008 in main ()
#16 0x804f189 in _start ()
(gdb) up
#1  0x283c200f in php_rshutdown_session_globals () at session.c:1282
1282            efree(PS(save_path));
(gdb) list
1277                    PS(mod)->close(&PS(mod_data));
1278            if (PS(id)) 
1279                    efree(PS(id));
1280            efree(PS(entropy_file));
1281            efree(PS(extern_referer_chk));
1282            efree(PS(save_path));
1283            efree(PS(session_name));
1284            efree(PS(cache_limiter));
1285            efree(PS(cookie_path));
1286            efree(PS(cookie_domain));

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-07-03 12:37 UTC] bharat at menalto dot com

A tiny tarball that reproduces the problem is at:

http://www.menalto.com/php/bug_5338.tar.gz

[2000-07-27 20:28 UTC] waldschrott@php.net

Please verify that it?s still happening using the latest version from CVS or snaps.php.net.

[2000-08-20 02:44 UTC] sniper@php.net

No feedback from user.

--Jani

[2000-08-21 15:11 UTC] sniper@php.net

User doesn't have easy access to any machine where to 
try a newer version..so I'll try that code:

http://www.menalto.com/php/bug_5338.tar.gz

on my install..

(Could someone using Freebsd 4.0-stable could try it too ?)

--jani

[2000-08-21 20:33 UTC] sniper@php.net

I can not reproduce this with latest CVS.
Please upgrade your PHP to 4.0.2 when it is released and reopen
if this problem still persists.

--Jani

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Jul 02 16:01:37 2025 UTC