php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #64389 Segmentation fault occasionally occurs during new instance creating
Submitted: 2013-03-08 11:34 UTC Modified: 2013-04-04 12:33 UTC
From: o_0 at ukr dot net Assigned: tony2001 (profile)
Status: Closed Package: sphinx (PECL)
PHP Version: 5.4.12 OS: Debian 6
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2013-03-08 11:34 UTC] o_0 at ukr dot net 
Description:
------------
Segmentation fault occasionally occurs during new SphinxClient instance creating.

Test script:
---------------
$sphinx = new SphinxClient();
$sphinx->setConnectTimeout(3);
$sphinx->setServer('db01', 9312);

Actual result:
--------------
Core was generated by `php-fpm: pool www                                         '.
Program terminated with signal 11, Segmentation fault.
#0  0x0834b292 in _zend_hash_add_or_update ()
(gdb) bt
#0  0x0834b292 in _zend_hash_add_or_update ()
#1  0xb4c021d4 in php_sphinx_client_get_properties (object=0xbfcf3108)
    at /tmp/php5-sphinx/sphinx-1.2.0/sphinx.c:133
#2  0x0835f506 in zend_std_get_gc ()
#3  0x0835c962 in gc_collect_cycles ()
#4  0x0835d0d5 in gc_zval_possible_root ()
#5  0x08369040 in ?? ()
#6  0x083711f3 in ?? ()
#7  0x083a9a06 in execute ()

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-03-08 17:46 UTC] tony2001@php.net
-Status: Open +Status: Feedback
 [2013-03-08 17:46 UTC] tony2001@php.net 
Could you plz try to rebuild PHP & Sphinx extension with --enable-debug and 
regenerate the backtrace again?
 [2013-03-08 17:52 UTC] tony2001@php.net
-Assigned To: +Assigned To: tony2001
 [2013-03-08 18:54 UTC] o_0 at ukr dot net 
Sure, will do that on weekends...
 [2013-04-04 00:40 UTC] vkartaviy at gmail dot com 
Sorry for delay. Here is it:

#0  0x0847bfb3 in _zend_is_inconsistent (ht=0x0, 
    file=0x899e780 "/opt/php5-fpm-debug/php-5.4.13/Zend/zend_hash.c", line=204)
    at /opt/php5-fpm-debug/php-5.4.13/Zend/zend_hash.c:54
#1  0x0847c25e in _zend_hash_add_or_update (ht=0x0, arKey=0xb76f2c55 "error", nKeyLength=6, 
    pData=0xbf8bd150, nDataSize=4, pDest=0x0, flag=1, 
    __zend_filename=0xb76f2c28 "/opt/php5-sphinx-debug/sphinx-1.2.0/sphinx.c", __zend_lineno=133)
    at /opt/php5-fpm-debug/php-5.4.13/Zend/zend_hash.c:204
#2  0xb76e9c3b in php_sphinx_client_get_properties (object=0xb2cc4964, tsrm_ls=0x992b050)
    at /opt/php5-sphinx-debug/sphinx-1.2.0/sphinx.c:133
#3  0x0818c064 in json_encode_array (buf=0xbf8bd310, val=0xbf8bd2e4, options=0, tsrm_ls=0x992b050)
    at /opt/php5-fpm-debug/php-5.4.13/ext/json/json.c:229
#4  0x08190c85 in php_json_encode (buf=0xbf8bd310, val=0xb2cc4964, options=0, tsrm_ls=0x992b050)
    at /opt/php5-fpm-debug/php-5.4.13/ext/json/json.c:640
#5  0x0819134e in zif_json_encode (ht=1, return_value=0xb2ce16ac, return_value_ptr=0x0, this_ptr=0x0, 
    return_value_used=1, tsrm_ls=0x992b050) at /opt/php5-fpm-debug/php-5.4.13/ext/json/json.c:762
#6  0x084aebb4 in zend_do_fcall_common_helper_SPEC (execute_data=0xb7068e84, tsrm_ls=0x992b050)
    at /opt/php5-fpm-debug/php-5.4.13/Zend/zend_vm_execute.h:642
#7  0x084aff43 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xb7068e84, tsrm_ls=0x992b050)
    at /opt/php5-fpm-debug/php-5.4.13/Zend/zend_vm_execute.h:752
#8  0x084accd8 in execute (op_array=0xb2cddaf0, tsrm_ls=0x992b050)
    at /opt/php5-fpm-debug/php-5.4.13/Zend/zend_vm_execute.h:410
#9  0x0846cc25 in zend_execute_scripts (type=8, tsrm_ls=0x992b050, retval=0x0, file_count=3)
    at /opt/php5-fpm-debug/php-5.4.13/Zend/zend.c:1315
#10 0x083c937e in php_execute_script (primary_file=0xbf8c19b0, tsrm_ls=0x992b050)
    at /opt/php5-fpm-debug/php-5.4.13/main/main.c:2492
#11 0x085d3a1c in main (argc=3, argv=0xbf8c1b24)
    at /opt/php5-fpm-debug/php-5.4.13/sapi/fpm/fpm/fpm_main.c:1924
 [2013-04-04 00:48 UTC] vkartaviy at gmail dot com 
I found that segfault happens when an error occurs (for ex. invalid connection). 

Hope you will release fixed version soon. Thank you.
 [2013-04-04 07:51 UTC] tony2001@php.net 
Any idea how to reproduce it?
A short reproduce script would be nice to have.
 [2013-04-04 11:35 UTC] vkartaviy at gmail dot com 
It looks like I finally found what cause the problem exactly.

$sphinx = new \SphinxClient();
//$sphinx->setServer('non-existent-host', 9312);
//$sphinx->open();

// Bellow will segfault
json_encode($sphinx);
// or
var_dump($sphinx);
 [2013-04-04 11:57 UTC] tony2001@php.net 
Ok, so it appears this problem was fixed in SVN long ago and I just need to roll out a 
new release.
Will do in a minute..
 [2013-04-04 11:57 UTC] tony2001@php.net
-Status: Feedback +Status: Closed
 [2013-04-04 11:57 UTC] tony2001@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2013-04-04 11:59 UTC] tony2001@php.net 
Released 1.3.0. 
Enjoy =)
 [2013-04-04 12:03 UTC] vkartaviy at gmail dot com 
Do you have a plans to host this extension on github so it will always be possible 
to build latest version on demand?
 [2013-04-04 12:03 UTC] vkartaviy at gmail dot com 
>> Released 1.3.0. Enjoy =)

Thank you!
 [2013-04-04 12:33 UTC] tony2001@php.net 
You can always check out the latest version here: 
http://svn.php.net/viewvc/pecl/sphinx/trunk/
I'm thinking about moving it to Github, yes, but I'm not yet sure it's worth the time.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Apr 16 18:01:30 2024 UTC