php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #56731 Segfault under PHP5.1.1/Apache2
Submitted: 2005-12-18 04:37 UTC Modified: 2006-02-24 10:48 UTC
From: php at sagi dot org Assigned: rasmus (profile)
Status: Closed Package: APC (PECL)
PHP Version: 5.1.1 OS: Debian Sarge
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2005-12-18 04:37 UTC] php at sagi dot org 
Description:
------------
I'm trying to run APC under PHP5.1.1 (stable), running on apache2.0.54, prefork MPM.

I tried installing both APC3.0.8 and latest CVS and got the same result.

PHP configuration is:
'./configure' '--prefix=/usr/local/php5' '--with-apxs2=/usr/bin/apxs2' '--with-zlib' '--with-mysql=shared' '--with-pgsql=shared' '--with-sqlite=shared' '--with-pdo=shared' '--with-pdo-pgsql=shared' '--with-pdo-mysql=shared' '--with-pdo-sqlite=shared' '--with-pear=/usr/local/php5/share/pear' '--with-xmlrpc' '--enable-soap' '--with-gettext=shared' '--with-gd=shared' '--with-jpeg-dir=shared,/usr' '--with-xsl=shared' '--enable-memory-limit'

APC cconfiguration is:
./configure --enable-apc --enable-apc-mmap --with-apxs=/usr/bin/apxs2 --with-php-config=/usr/local/php5/bin/php-config

After stating apache, the first request usually goes fine, but the second one crashes the server with the following segfault:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1214191936 (LWP 2267)]
0xb7880e0e in _zend_hash_add_or_update (ht=0x831e938, arKey=Variable "arKey" is not available.
) at /usr/local/src/php-5.1.1/Zend/zend_hash.c:215
215                     if ((p->h == h) && (p->nKeyLength == nKeyLength)) {

The same setup works well without APC of course.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-12-22 17:56 UTC] jreitz at gmail dot com 
Similar repro here: Ubuntu 5.10, Apache 2.0.55, PHP 5.1.1

First request goes fine, second request of any reasonably complicated page results in a segfault.

APC under PHP 5.0.4 worked like a champ.
 [2005-12-22 18:13 UTC] rasmus@php.net 
Turn off auto_globals_jit
If it still happens, create the shortest possible script that reproduces the problem.
 [2005-12-25 07:52 UTC] php at sagi dot org 
Still happens with auto_globals_jit turned off.

Finally managed to write a minimal sample:
---
class ParentTest
{

    private static $_children = array();
}

class ChildTest extends ParentTest { }

print_r(new ChildTest);
---

Seems like the private static in the parent is what crashes it. If I change it to public remove the static it doesn't crash.

I guess it's not the only thing, because even after I removed this from the main application it still crashes. I'll try to  isolate the other causes but this one above almost always crashes on 2nd request.
 [2005-12-28 14:20 UTC] rodolfo dot gonzalez at gmail dot com 
Same here, PHP 5.1.1, APC 3.0.8, Apache 1.3.33, when I run a Prado (http://www.xisc.com) application, Apache segfaults with signal 11 after the second page (the first page loads fine).
 [2006-01-03 18:39 UTC] joe at popcast dot com 
I've confirmed this bug as well. Any static var declared in the parent class (regardless if the var is public, private, etc.) will cause PHP to seg fault in PHP 5.1.1 with APC 3.0.8.  PHP 5.0.5 does not have this problem.
 [2006-01-05 14:01 UTC] ramon at hyves dot nl 
I can confirm this bug as well:

apache 2.0.54, php.5.1.1 segfaulting with signal 11 on every second page that gets requested.

Ramon
 [2006-01-05 16:36 UTC] rasmus@php.net 
Could any of you guys seeing this problem please try current CVS?  I think we have a fix for it now.
 [2006-01-08 03:20 UTC] php at sagi dot org 
Still crashes with the above sample. Now I get:
[Sun Jan 08 10:15:29 2006] [notice] child pid 24422 exit signal Segmentation fault (11)
Allowed memory size of 8388608 bytes exhausted (tried to allocate 1668246610 bytes)

I also saw this message once:
/usr/local/src/cvs/pecl/apc/apc_compile.c:2022 ChildTest::_children removed

The backtrace is different now:
(gdb) where
#0  0x41074cea in my_copy_zval_ptr (dst=0x82e1f64, src=0x4, allocate=0x4107bf20 <apc_php_malloc>,
    deallocate=0x4107bf50 <apc_php_free>) at /usr/local/src/cvs/pecl/apc/apc_compile.c:250
#1  0x41075c8c in my_copy_hashtable_ex (dst=0x82e1d50, src=0x81f282c, copy_fn=0x41074cb0 <my_copy_zval_ptr>,
    free_fn=0x410770e0 <my_free_zval_ptr>, holds_ptrs=1, allocate=0x4107bf20 <apc_php_malloc>,
    deallocate=0x4107bf50 <apc_php_free>, check_fn=0) at /usr/local/src/cvs/pecl/apc/apc_compile.c:894
#2  0x41077696 in apc_copy_class_entry_for_execution (src=0x41081720, is_derived=0)
    at /usr/local/src/cvs/pecl/apc/apc_compile.c:1831
#3  0x4107861d in install_class (cl=
      {name = 0x41081708 "parenttest", name_len = 10, is_derived = 0, parent_name = 0x0, class_entry = 0x41081720},
    tsrm_ls=0x81a4f70) at /usr/local/src/cvs/pecl/apc/apc_main.c:105
#4  0x410787e8 in cached_compile (tsrm_ls=0x81a4f70) at /usr/local/src/cvs/pecl/apc/apc_main.c:190
#5  0x410789b8 in my_compile_file (h=0xbffff770, type=2, tsrm_ls=0x81a4f70) at /usr/local/src/cvs/pecl/apc/apc_main.c:253
#6  0x4089bff1 in zend_execute_scripts (type=8, tsrm_ls=0x81a4f70, retval=0x0, file_count=3)
    at /usr/local/src/php-5.1.1/Zend/zend.c:1082
#7  0x4085b174 in php_execute_script (primary_file=0xbffff770, tsrm_ls=0x81a4f70)
    at /usr/local/src/php-5.1.1/main/main.c:1704
#8  0x40919c9d in php_handler (r=0x82d5fd8) at /usr/local/src/php-5.1.1/sapi/apache2handler/sapi_apache2.c:584
#9  0x08078375 in ap_run_handler ()
#10 0x08078980 in ap_invoke_handler ()
#11 0x08069c6a in ap_process_request ()
#12 0x0806512d in _start ()
#13 0x082d5fd8 in ?? ()
#14 0x00000004 in ?? ()
#15 0x082d5fd8 in ?? ()
#16 0x0808370c in ap_run_pre_connection ()
#17 0x080835c5 in ap_run_process_connection ()
#18 0x08076974 in ap_graceful_stop_signalled ()
#19 0x08076b8b in ap_graceful_stop_signalled ()
#20 0x08076be8 in ap_graceful_stop_signalled ()
#21 0x0807745a in ap_mpm_run ()
#22 0x0807da8d in main ()
(gdb)
 [2006-01-12 19:48 UTC] jon at gamingsolutions dot ca 
I can confirm that recent APC CVS (from today) still segfaults.

Debian Sarge/apache 1.3.3/php 5.1.1. It's also reproducible on my Gentoo box: apache 2.0.55/php 5.1.1.
 [2006-01-17 08:00 UTC] oliver at realtsp dot com 
also have the same problem. First came across it when trying to run propel (http://propel.phpdb.org) with apc.

the test case shown here produces segfaults...although "not always", unfortunately.

php5.1.1, apc 3.0.8, apache1.3.33 on FreeBSD 5.3
 [2006-02-01 17:56 UTC] apc at cainlevy dot net 
I compiled from CVS today, and am now getting this segfault. Oddly, I wasn't getting the segfault before with 3.0.8.

I'm using PHP 5.1.2 (dotdeb) and Apache 1.3.33.

Removing static properties fixes the segfault for me.
 [2006-02-13 19:37 UTC] john at 72squared dot com 
I have been getting this same bug. Referencing a static 
class variable that is extended in a child class results in 
a segfault in the apache error log and the page fails to 
load. With APC disabled, the script executes normally. The 
first request always loads fine, but any subsequent page 
loads result in a segfault error in the apache error log and 
the script exits prematurely.

Tailing the apache error log reveals the following error 
appears after each request to the page:
child pid {#######} exit signal Segmentation fault (11).

I was able to play around with a few examples to reproduce 
the bug.


This creates a segaults:
---
class ParentTest{ static $name = 'test'; }
class ChildTest extends ParentTest { }
print_r(ParentTest::$name);
----



This appears to work correctly:
---
class ParentTest{ static $name = 'test'; }
class ChildTest extends ParentTest { $name = 'test'; }
print_r(ParentTest::$name);
print_r(ChildTest::$name2);



----

This also appears to work correctly:
---
class ParentTest{ static $name = 'test'; }
class ChildTest extends ParentTest { static $name2 = 
'test2'; }
print_r(ParentTest::$name);
print_r(ChildTest::$name2);

----

PHP 5.1.2 on Linux 2.6.15.2 with Apache 2.0.52
============================================================
===========
./configure' '--prefix=/usr/local/' '--enable-cli' '--
disable-cgi' '--enable-pcntl' '--enable-sigchild' '--enable-
sockets' '--enable-shmop' '--enable-sysvsem' '--enable-
sigchild' '--with-gd' '--enable-gd-native-ttf' '--with-ttf' 
'--with-png' '--with-zlib' '--enable-bcmath' '--with-regex' 
'--with-xml' '--with-xmlrpc' '--enable-wddx' '--enable-
memory-limit' '--enable-calendar' '--with-pear' '--with-
mysql=/usr/' '--with-apxs2=/usr/local/apache2/bin/apxs'

APC Support     enabled
Version         3.0.8
MMAP Support    Enabled
MMAP File Mask  no value
Revision        $Revision: 3.68 $
Build Date      Feb 3 2006 11:11:25
 [2006-02-14 17:47 UTC] john at 72squared dot com 
Just tested with APC 3.0.9-dev and this bug still exists in 
the development version. ( see above ).
 [2006-02-14 17:54 UTC] rasmus@php.net 
This should be fixed in CVS now.
 [2006-02-15 00:43 UTC] shire at facebook dot com 
This bug looks to be the same as #6484.  I replicated the segfaults using a static declaration in a class and the current CVS head fixes this for me.

thanks!
-shire
 [2006-02-15 09:58 UTC] john at 72squared dot com 
Just tested the examples with the latest from CVS head and the 
bug appears to be fixed for me too. Good work, guys. Thank you 
very much.
 [2006-02-18 14:42 UTC] pecl-bugs at cny dot de 
I still get reproducible apache segfaults on second load ("[notice] child pid ### exit signal Segmentation fault (11)") in my symfony (www.symfony-project.com) applications with a recent APC CVS checkout ($Revision: 3.79 $) and PHP Version 5.1.2.

To reproduce it download the symfony sandbox: http://www.symfony-project.com/get/sf_sandbox.tgz
extract it to a web accessible path, then in sf_sandbox/apps/frontend/config/settings.yml replace the line
#    i18n:                   off
with 
    i18n:                   on
Finally navigate to sf_sandbox/web/
Then hit reload and watch it segfault...

Unfortunately I haven't been able to produce a simple test case due to my total incapability... *g*
Sorry for that.
 [2006-02-19 16:55 UTC] mops at bigfoot dot com 
I can confirm as well that when using Symfony 0.6 (basic pear install as described in http://www.symfony-project.com/content/book/page/installation.html) together with the latest APC (APC 3.0.9-dev) the problem still exists.

My configuration:
PHP 5.1.2 (cgi) on Linux 2.6.9-22.0.2 with Lighttpd 1.4.10
===========================================================
'./configure' '--with-mysql=/usr' '--with-mysqli=/usr/bin/mysql_config' '--with-gd' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-freetype-dir=/usr' '--enable-gd-native-ttf' '--with-zlib' '--enable-mbstring=all' '--with-mcrypt' '--with-curl' '--enable-soap' '--with-tidy' '--enable-fastcgi' '--enable-discard-path' '--enable-force-cgi-redirect' '--with-pdo-mysql=/usr' '--with-zend-vm=GOTO' '--with-pear' 

APC Support     enabled  
Version         3.0.9-dev  
MMAP Support    Enabled  
MMAP File Mask  /tmp/apc.2DpNlA  
Revision        $Revision: 3.79 $  
Build Date      Feb 19 2006 14:45:08
 [2006-02-24 10:48 UTC] rasmus@php.net 
This should be fixed in CVS now.
 [2006-02-26 11:09 UTC] pecl-bugs at cny dot de 
Great. Apparently no segfaults with symfony any more. Thanks.
 [2006-02-27 12:03 UTC] mops at bigfoot dot com 
I checked as well against Symfony 0.6 and the problem is gone. Many thanks Rasmus.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 17:01:30 2024 UTC