php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #55359 Segfault in engine shutdown related to stream_flush
Submitted: 2011-08-04 08:51 UTC Modified: 2013-02-18 00:34 UTC
From: philipp at qwert dot ch Assigned:
Status: No Feedback Package: Streams related
PHP Version: 5.3.6 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: philipp at qwert dot ch
New email:
PHP Version: OS:

 

 [2011-08-04 08:51 UTC] philipp at qwert dot ch
Description:
------------
I'm experiencing regular segfaults which seem to be related to a stream wrapper 
we're using. The function called in zend_call_function in the innermost frame is 
"stream_flush":

(gdb) frame 0
(gdb) printzv fci.function_name
[0xa1c20cd0] (refcount=-1581118160,is_ref) string(12): "stream_flush"

Also see the gdb backtrace provided.

Actual result:
--------------
#0  0x00007fa1abfb145a in zend_call_function (fci=0x7fffa1c20c50, 
fci_cache=0x7fffa1c20ae0) at /root/install/php-5.3.6/Zend/zend_execute_API.c:855
#1  0x00007fa1abfb0fdc in call_user_function_ex (function_table=0x0, 
object_pp=0x7fa1b2ad2a58, function_name=0x7fffa1c20cd0, 
retval_ptr_ptr=0x7fffa1c20d00, param_count=0, params=0x0, no_separation=0, 
    symbol_table=0x0) at /root/install/php-5.3.6/Zend/zend_execute_API.c:754
#2  0x00007fa1abf6bafc in php_userstreamop_flush (stream=0x7fa1b271d278) at 
/root/install/php-5.3.6/main/streams/userspace.c:754
#3  0x00007fa1abf5f53b in _php_stream_flush (stream=0x7fa1b271d278, closing=1) 
at /root/install/php-5.3.6/main/streams/streams.c:1054
#4  0x00007fa1abf5da05 in _php_stream_free (stream=0x7fa1b271d278, 
close_options=11) at /root/install/php-5.3.6/main/streams/streams.c:331
#5  0x00007fa1abf60743 in stream_resource_regular_dtor (rsrc=0x7fa1b26f6028) at 
/root/install/php-5.3.6/main/streams/streams.c:1433
#6  0x00007fa1abfd5f43 in list_entry_destructor (ptr=0x7fa1b26f6028) at 
/root/install/php-5.3.6/Zend/zend_list.c:184
#7  0x00007fa1abfd2dce in zend_hash_del_key_or_index (ht=0x7fa1ac85b390, 
arKey=0x0, nKeyLength=0, h=557, flag=1) at /root/install/php-
5.3.6/Zend/zend_hash.c:500
#8  0x00007fa1abfd5a57 in _zend_list_delete (id=557) at /root/install/php-
5.3.6/Zend/zend_list.c:58
#9  0x00007fa1abfbfa6f in _zval_dtor_func (zvalue=0x7fa1b2afc688, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.c:60
#10 0x00007fa1abfae891 in _zval_dtor (zvalue=0x7fa1b2afc688, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.h:35
#11 0x00007fa1abfafc77 in _zval_ptr_dtor (zval_ptr=0x7fa1b2b13750, 
__zend_filename=0x7fa1ac535490 "/root/install/php-5.3.6/Zend/zend_variables.c", 
__zend_lineno=189)
    at /root/install/php-5.3.6/Zend/zend_execute_API.c:443
#12 0x00007fa1abfbfed8 in _zval_ptr_dtor_wrapper (zval_ptr=0x7fa1b2b13750) at 
/root/install/php-5.3.6/Zend/zend_variables.c:189
#13 0x00007fa1abfd2f2c in zend_hash_destroy (ht=0x7fa1b2b05570) at 
/root/install/php-5.3.6/Zend/zend_hash.c:529
#14 0x00007fa1abfbfa22 in _zval_dtor_func (zvalue=0x7fa1b2afedb0, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.c:43
#15 0x00007fa1abfae891 in _zval_dtor (zvalue=0x7fa1b2afedb0, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.h:35
#16 0x00007fa1abfafc77 in _zval_ptr_dtor (zval_ptr=0x7fa1b26f20b0, 
__zend_filename=0x7fa1ac535490 "/root/install/php-5.3.6/Zend/zend_variables.c", 
__zend_lineno=189)
    at /root/install/php-5.3.6/Zend/zend_execute_API.c:443
#17 0x00007fa1abfbfed8 in _zval_ptr_dtor_wrapper (zval_ptr=0x7fa1b26f20b0) at 
/root/install/php-5.3.6/Zend/zend_variables.c:189
#18 0x00007fa1abfd2f2c in zend_hash_destroy (ht=0x7fa1b26e4a08) at 
/root/install/php-5.3.6/Zend/zend_hash.c:529
#19 0x00007fa1abfbfa22 in _zval_dtor_func (zvalue=0x7fa1b276b5c8, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.c:43
#20 0x00007fa1abfae891 in _zval_dtor (zvalue=0x7fa1b276b5c8, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.h:35
#21 0x00007fa1abfafc77 in _zval_ptr_dtor (zval_ptr=0x7fa1b2422310, 
__zend_filename=0x7fa1ac535490 "/root/install/php-5.3.6/Zend/zend_variables.c", 
__zend_lineno=189)
    at /root/install/php-5.3.6/Zend/zend_execute_API.c:443
#22 0x00007fa1abfbfed8 in _zval_ptr_dtor_wrapper (zval_ptr=0x7fa1b2422310) at 
/root/install/php-5.3.6/Zend/zend_variables.c:189
#23 0x00007fa1abfd2f2c in zend_hash_destroy (ht=0x7fa1b219f4e0) at 
/root/install/php-5.3.6/Zend/zend_hash.c:529
#24 0x00007fa1abfec53f in zend_object_std_dtor (object=0x7fa1b2473ef8) at 
/root/install/php-5.3.6/Zend/zend_objects.c:45
#25 0x00007fa1abfec942 in zend_objects_free_object_storage 
(object=0x7fa1b2473ef8) at /root/install/php-5.3.6/Zend/zend_objects.c:126
#26 0x00007fa1abff24d6 in zend_objects_store_del_ref_by_handle_ex (handle=212, 
handlers=0x7fa1ac83b580) at /root/install/php-5.3.6/Zend/zend_objects_API.c:220
#27 0x00007fa1abff21cf in zend_objects_store_del_ref (zobject=0x7fa1b219b998) at 
/root/install/php-5.3.6/Zend/zend_objects_API.c:172
#28 0x00007fa1abfbfa5f in _zval_dtor_func (zvalue=0x7fa1b219b998, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.c:52
#29 0x00007fa1abfae891 in _zval_dtor (zvalue=0x7fa1b219b998, 
__zend_filename=0x7fa1ac5343a8 "/root/install/php-
5.3.6/Zend/zend_execute_API.c", __zend_lineno=443)
    at /root/install/php-5.3.6/Zend/zend_variables.h:35
#30 0x00007fa1abfafc77 in _zval_ptr_dtor (zval_ptr=0x7fa1b2257238, 
__zend_filename=0x7fa1ac535490 "/root/install/php-5.3.6/Zend/zend_variables.c", 
__zend_lineno=189)
    at /root/install/php-5.3.6/Zend/zend_execute_API.c:443
#31 0x00007fa1abfbfed8 in _zval_ptr_dtor_wrapper (zval_ptr=0x7fa1b2257238) at 
/root/install/php-5.3.6/Zend/zend_variables.c:189
#32 0x00007fa1abfd2f2c in zend_hash_destroy (ht=0x7fa1b21a0758) at 
/root/install/php-5.3.6/Zend/zend_hash.c:529
#33 0x00007fa1abfec53f in zend_object_std_dtor (object=0x7fa1b22394b0) at 
/root/install/php-5.3.6/Zend/zend_objects.c:45
#34 0x00007fa1abfec942 in zend_objects_free_object_storage 
(object=0x7fa1b22394b0) at /root/install/php-5.3.6/Zend/zend_objects.c:126
#35 0x00007fa1abff1f05 in zend_objects_store_free_object_storage 
(objects=0x7fa1ac85b4b8) at /root/install/php-5.3.6/Zend/zend_objects_API.c:92
#36 0x00007fa1abfaf6d1 in shutdown_executor () at /root/install/php-
5.3.6/Zend/zend_execute_API.c:302
#37 0x00007fa1abfc1b24 in zend_deactivate () at /root/install/php-
5.3.6/Zend/zend.c:890
#38 0x00007fa1abf40a2e in php_request_shutdown (dummy=0x0) at /root/install/php-
5.3.6/main/main.c:1635
#39 0x00007fa1ac0abb94 in php_apache_request_dtor (r=0x7fa1b14cad78) at 
/root/install/php-5.3.6/sapi/apache2handler/sapi_apache2.c:509
#40 0x00007fa1ac0ac408 in php_handler (r=0x7fa1b14cad78) at /root/install/php-
5.3.6/sapi/apache2handler/sapi_apache2.c:681
#41 0x00007fa1b01b7140 in ap_run_handler (r=0x7fa1b14cad78) at 
/build/buildd/apache2-2.2.14/server/config.c:159
#42 0x00007fa1b01baaa8 in ap_invoke_handler (r=0x7fa1b14cad78) at 
/build/buildd/apache2-2.2.14/server/config.c:373
#43 0x00007fa1b01c8678 in ap_process_request (r=0x7fa1b14cad78) at 
/build/buildd/apache2-2.2.14/modules/http/http_request.c:282
#44 0x00007fa1b01c5528 in ap_process_http_connection (c=0x7fa1b14c4c68) at 
/build/buildd/apache2-2.2.14/modules/http/http_core.c:190
#45 0x00007fa1b01becf8 in ap_run_process_connection (c=0x7fa1b14c4c68) at 
/build/buildd/apache2-2.2.14/server/connection.c:43
#46 0x00007fa1b01cd037 in child_main (child_num_arg=<value optimized out>) at 
/build/buildd/apache2-2.2.14/server/mpm/prefork/prefork.c:662
#47 0x00007fa1b01cd34a in make_child (s=0x7fa1b1099938, slot=5) at 
/build/buildd/apache2-2.2.14/server/mpm/prefork/prefork.c:758
#48 0x00007fa1b01cdfd4 in perform_idle_server_maintenance (_pconf=<value 
optimized out>, plog=<value optimized out>, s=<value optimized out>)
    at /build/buildd/apache2-2.2.14/server/mpm/prefork/prefork.c:893
#49 ap_mpm_run (_pconf=<value optimized out>, plog=<value optimized out>, s=
<value optimized out>) at /build/buildd/apache2-
2.2.14/server/mpm/prefork/prefork.c:1097
#50 0x00007fa1b01a3350 in main (argc=3, argv=0x7fffa1c22058) at 
/build/buildd/apache2-2.2.14/server/main.c:742


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-08-04 08:53 UTC] pajoye@php.net
-Status: Open +Status: Feedback
 [2011-08-04 08:53 UTC] pajoye@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2011-08-04 09:30 UTC] smith at pooteeweet dot org
The stream wrapper used is here:
https://github.com/jackalope/jackalope/blob/master/src/Jackalope/BinaryStreamWrapp
er.php
 [2013-02-18 00:34 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Wed Nov 25 20:01:23 2020 UTC