|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2008-06-16 20:50 UTC] nicolas at netlog dot com
Description:
------------
When setting a callback function from within a function, php just segfaults whenever it should call the callback handler.
When I remove the init() function and put the code in the main of the script, it works perfectly.
Reproduce code:
---------------
<?php
init ();
$mc->set ('key', 'value');
function init ()
{
global $mc;
$mc = new Memcache ();
if ($mc->addServer ('netlog', 11212, TRUE, 1, 1, 1, TRUE, '__errorCallback') === FALSE)
{
die ("Unable to connect\n");
}
}
function __errorCallback ($host, $tcpPort, $udpPort, $error, $errno)
{
die ("Memcache error '$host' '$tcpPort' '$udpPort' '$error' '$errno'\n");
}
die ("OK\n");
?>
Expected result:
----------------
Memcache error 'localhost' '11212' '0' 'Connection refused' '111'
Actual result:
--------------
Segmentation fault
Program received signal SIGSEGV, Segmentation fault.
0x00000000006d4dad in zend_object_store_get_object (zobject=0x2b4de56e00d8) at /usr/src/php-5.2.6/Zend/zend_objects_API.c:255
255 return EG(objects_store).object_buckets[handle].bucket.obj.object;
(gdb) bt
#0 0x00000000006d4dad in zend_object_store_get_object (zobject=0x2b4de56e00d8) at /usr/src/php-5.2.6/Zend/zend_objects_API.c:255
#1 0x00000000006d0d61 in zend_objects_get_address (zobject=0x2b4de56e00d8) at /usr/src/php-5.2.6/Zend/zend_objects.c:140
#2 0x00000000006d106d in zend_std_get_properties (object=0x2b4de56e00d8) at /usr/src/php-5.2.6/Zend/zend_object_handlers.c:55
#3 0x00002b4de865025f in php_mmc_failure_callback (pool=0x2b4de56e0580, mmc=0x10b69b0, param=0x2b4de56e00d8) at /usr/src/memcache-3.0.1/memcache.c:939
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Jul 01 17:01:34 2025 UTC |
Here at Netlog, we found why the module was segfaulting. The problem is that the module itself references to the mmc_object, but never increases the reference counter of mmc_object. So when for some reason, mmc_object goes out of the scope and a memcache error occurs, we're causing a segmentation fault. The easy fix is increasing the reference counter in the function php_mmc_set_failure_callback. At least, it works for us. Here is the patch: diff -ruN memcache-3.0.2-orig/memcache.c memcache-3.0.2-netlog/memcache.c --- memcache-3.0.2-orig/memcache.c 2008-09-11 22:03:23.000000000 +0200 +++ memcache-3.0.2-netlog/memcache.c 2008-10-21 10:49:06.000000000 +0200 @@ -977,6 +977,8 @@ add_property_zval(mmc_object, "_failureCallback", callback_tmp); pool->failure_callback_param = mmc_object; + zval_add_ref(&mmc_object); + INIT_PZVAL(callback_tmp); } else { What do you guys think? Every comment is appreciated. Cheers, Nicolas