PHP :: Bug #19585 :: mm session handler causes segfault

Bug #19585	mm session handler causes segfault
Submitted:	2002-09-24 20:14 UTC	Modified:	2002-10-14 19:37 UTC
From:	tcarter at noggin dot com dot au	Assigned:
Status:	No Feedback	Package:	Session related
PHP Version:	4.2.2	OS:	Linux 2.4.2 (Redhat 6.2)
Private report:	No	CVE-ID:	None

View Developer Edit

[2002-09-24 20:14 UTC] tcarter at noggin dot com dot au

Description 
----------- 
In some cases (I can't reproduce it easily, seeing it 
maybe once every two days) PHP seems to be crashing 
apache.  I have two almost identical machines (production 
& development), and after switching the session handler 
from mm to files on the production machine the crashes 
_seem_ to have stopped there, but still happen on the 
development machine (which is still using mm). 
 
PHP Script 
----------- 
Since I can't reproduce the crash on demand I'm not sure 
exactly where in the php script the crash is occuring. 
However the following line seems most likely, given the 
backtrace below, this is the first reference to session 
stuff in the script(s) that are crashing 
 
if (!session_is_registered("ngInfo")) 
	session_register("ngInfo"); 
 
PHP Version/Modules 
------------------- 
(Using RPMS from http://rpms.arvin.dk/php, rebuilt againt 
pdflib 3.0.3 rather than pdflib 4.x).  phpa 1.3.2 
(http://php-accelerator.co.uk/) is also installed 
 
./configure' '--prefix=/usr' '--enable-pic' 
'--disable-rpath' '--with-layout=GNU' '--with-apxs' 
'--libdir=/usr/lib/php4' '--datadir=/usr/share/php' 
'--with-config-file-path=/etc' 
'--enable-inline-optimization' '--enable-magic-quotes' 
'--enable-track-vars' '--enable-memory-limit' 
'--enable-bcmath' '--with-iconv' '--with-pcre-regex=/usr' 
'--enable-sigchild' '--with-xml' '--with-expat-dir=/usr' 
'--with-openssl' '--enable-ftp=shared' 
'--enable-exif=shared' '--enable-sysvsem=shared' 
'--enable-sysvshm=shared' '--enable-shmop=shared' 
'--with-unixODBC=shared' '--with-mysql=shared,/usr' 
'--with-ldap=shared' '--with-pgsql=shared' 
'--with-gettext=shared' '--with-snmp=shared' 
'--enable-ucd-snmp-hack' '--with-sybase-ct=shared,/usr' 
'--with-oci8=shared,/usr/local/oracle/product/8i' 
'--with-swf=shared,/home/troels/rpm/BUILD/php-4.2.2/swflib' 
'--enable-sockets=shared' '--with-gmp=shared' 
'--with-dom=shared' 
'--with-qtdom=shared,/usr/lib/qt-2.3.1' '--enable-wddx' 
'--with-curl=shared' '--enable-apc=shared' 
'--with-ming=shared' '--with-imlib=shared' 
'--with-recode=shared' '--enable-calendar=shared' 
'--enable-posix=shared' '--with-mcal=shared,/usr' 
'--with-zlib' '--with-mm' 
 
gdb Backtrace 
-------------- 
I managed to attach gdb and get the following backtrace 
from just after the segfault 
(gdb) bt 
#0  0x4027f4f0 in ps_sd_lookup () from 
/etc/httpd/modules/libphp4.so 
#1  0x4027f8e1 in ps_read_mm () from 
/etc/httpd/modules/libphp4.so 
#2  0x4027bec1 in php_session_initialize () from 
/etc/httpd/modules/libphp4.so 
#3  0x4027d23b in php_session_start () from 
/etc/httpd/modules/libphp4.so 
#4  0x4027e111 in zif_session_register () from 
/etc/httpd/modules/libphp4.so 
#5  0x4023dc15 in execute () from 
/etc/httpd/modules/libphp4.so 
#6  0x424fac23 in file_is_shm_ignored () from 
/usr/local/zend/phpa-1.3.2.so 
#7  0x4025d3f3 in php_execute_script () from 
/etc/httpd/modules/libphp4.so 
#8  0x40258f82 in apache_php_module_main () from 
/etc/httpd/modules/libphp4.so 
#9  0x40259a94 in send_php () from 
/etc/httpd/modules/libphp4.so 
#10 0x40259af7 in send_parsed_php () from 
/etc/httpd/modules/libphp4.so 
#11 0x8053781 in ap_invoke_handler () 
#12 0x806200b in ap_some_auth_required () 
#13 0x80622be in ap_internal_redirect () 
#14 0x401e26fd in mod_gzip_redir1_handler () from 
/etc/httpd/modules/mod_gzip.so 
#15 0x401e163a in mod_gzip_handler () from 
/etc/httpd/modules/mod_gzip.so 
#16 0x8053781 in ap_invoke_handler () 
#17 0x806200b in ap_some_auth_required () 
#18 0x806205c in ap_process_request () 
#19 0x805be42 in ap_child_terminate () 
#20 0x805c023 in ap_child_terminate () 
#21 0x805c2e3 in ap_child_terminate () 
#22 0x805c706 in ap_child_terminate () 
#23 0x805cb9f in main () 
#24 0x400c69cb in __libc_start_main (main=0x805c920 
<main>, argc=1, argv=0xbffffb1c, init=0x804f39c <_init>, 
    fini=0x807b78c <_fini>, rtld_fini=0x4000aea0 
<_dl_fini>, stack_end=0xbffffb14) at 
../sysdeps/generic/libc-start.c:92 
 
 
Environment (Both Machines) 
--------------------------- 
Redhat 6.2 (x86) 
Kernel 2.4.2 
PHP 4.2.2 [ + phpa 1.3.2 ], running as apache module 
Apache 1.3.22 (redhat patched version) 
 + mod_accounting 
 + mod_mp3 
 + mod_gzip

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-09-24 20:18 UTC] sniper@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip

[2002-10-14 19:37 UTC] sniper@php.net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Jan 13 21:01:29 2025 UTC