php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57051 segfault on running just phpinfo()
Submitted: 2006-05-30 18:28 UTC Modified: 2007-08-31 05:14 UTC
From: jason at jasonjustman dot com Assigned:
Status: Closed Package: APC (PECL)
PHP Version: 4.4.1 OS: solaris 10
Private report: No CVE-ID: None
 [2006-05-30 18:28 UTC] jason at jasonjustman dot com
Description:
------------
APC Support => enabled
Version => 3.0.11-dev
MMAP Support => Enabled
MMAP File Mask => /tmp/apc.3faiE3
Revision => $Revision: 3.93 $
Build Date => May 30 2006 15:12:54



Directive => Local Value => Master Value
apc.cache_by_default => On => On
apc.enable_cli => On => On
apc.enabled => On => On
apc.file_update_protection => 2 => 2
apc.filters => no value => no value
apc.gc_ttl => 3600 => 3600
apc.max_file_size => 1M => 1M
apc.mmap_file_mask => /tmp/apc.3faiE3 => /tmp/apc.3faiE3
apc.num_files_hint => 1024 => 1024
apc.optimization => Off => Off
apc.shm_segments => 1 => 1
apc.shm_size => 128 => 128
apc.slam_defense => 0 => 0
apc.stat => On => On
apc.ttl => 7200 => 7200
apc.user_entries_hint => 100 => 100
apc.user_ttl => 7200 => 7200



gdb /export/home/lse_environment/php-4.4.2/bin/php
GNU gdb 6.2.1
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.10"...s
(gdb) set args z.php
(gdb) r
Starting program: /export/home/lse_environment/php-4.4.2/bin/php z.php

Program received signal SIGSEGV, Segmentation fault.
0xff1d8b48 in apc_copy_op_array (dst=0xf6c0238c, src=0x35ae58, allocate=0xff1dd400 <apc_sma_malloc>, deallocate=0xff1dd684 <apc_sma_free>)
    at /export/home/software/apc-cvs/pecl/apc/apc_compile.c:364
364         memcpy(dst, src, sizeof(src[0]));
(gdb) backtrace
#0  0xff1d8b48 in apc_copy_op_array (dst=0xf6c0238c, src=0x35ae58, allocate=0xff1dd400 <apc_sma_malloc>, deallocate=0xff1dd684 <apc_sma_free>)
    at /export/home/software/apc-cvs/pecl/apc/apc_compile.c:364
#1  0xff1da770 in my_compile_file (h=0xffbffd00, type=2) at /export/home/software/apc-cvs/pecl/apc/apc_main.c:291
#2  0x001207f0 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /export/home/software/php-4.4.2/Zend/zend.c:932
#3  0x000f0504 in php_execute_script (primary_file=0xffbffd00) at /export/home/software/php-4.4.2/main/main.c:1753
#4  0x0013cb70 in main (argc=2, argv=0xffbffd8c) at /export/home/software/php-4.4.2/sapi/cli/php_cli.c:830


Reproduce code:
---------------
<?

phpinfo();


Expected result:
----------------
it run

Actual result:
--------------
segfaults

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-05-30 23:40 UTC] gopalv82 at yahoo dot com
From the code

apc/apc_main.c:291

 if(!(alloc_op_array = apc_copy_op_array(NULL, op_array, ...

While from the gdb trace, 

  0xff1d8b48 in apc_copy_op_array (dst=0xf6c0238c, 

the dst seems to be stack junk ?
 [2007-02-25 03:42 UTC] rasmus@php.net
Try 3.0.13
 [2007-08-31 04:32 UTC] php at sowen dot de
We are having the same result in the same function, using APC 3.0.14, compiled with gcc 3.4.2 on SunOS compile 5.9 Generic_117171-13 sun4u sparc SUNW,UltraAX-i2:

phpinfo: 
----------------------------------------
APC Support => enabled
Version => 3.0.14
MMAP Support => Enabled
MMAP File Mask => /root/nsowen/apc.Ekaa0H
Locking type => File Locks
Revision => $Revision: 3.140 $
Build Date => Aug 31 2007 09:16:58

Directive => Local Value => Master Value
apc.cache_by_default => On => On
apc.enable_cli => On => On
apc.enabled => On => On
apc.file_update_protection => 2 => 2
apc.filters => no value => no value
apc.gc_ttl => 3600 => 3600
apc.include_once_override => Off => Off
apc.localcache => Off => Off
apc.localcache.size => 512 => 512
apc.max_file_size => 1M => 1M
apc.mmap_file_mask => /root/nsowen/apc.Ekaa0H => /root/nsowen/apc.Ekaa0H
apc.num_files_hint => 1024 => 1024
apc.report_autofilter => Off => Off
apc.shm_segments => 1 => 1
apc.shm_size => 8 => 8
apc.slam_defense => 0 => 0
apc.stat => On => On
apc.stat_ctime => Off => Off
apc.ttl => 7200 => 7200
apc.user_entries_hint => 4096 => 4096
apc.user_ttl => 7200 => 7200
apc.write_lock => On => On

php.ini
----------------------------------------
extension=apc.so
apc.enabled=1
apc.shm_segments=1
apc.shm_size=8
apc.ttl=7200
apc.user_ttl=7200
apc.num_files_hint=1024
apc.mmap_file_mask=/root/nsowen/apc.XXXXXX
apc.enable_cli=1

gdb backtrace (with __DEBUG_APC__ enabled)
-> using simple print "Hello World!\n"; as php-code
----------------------------------------

(gdb) run
Starting program: /root/nsowen/php/bin/php -c /root/nsowen/php.nsowen.ini /root/nsowen/loadapc.php
warning: Temporarily disabling breakpoints for unloaded shared library "/usr/lib/ld.so.1"
1. h->opened_path=[/root/nsowen/loadapc.php]  h->filename=[/root/nsowen/loadapc.php]

Program received signal SIGSEGV, Segmentation fault.
0xfe9b98a8 in my_copy_zend_op (dst=0xfe00a194, src=0x67a2c0, allocate=0xfe9be5ec <apc_sma_malloc>, deallocate=0xfe9be904 <apc_sma_free>)
    at /root/nsowen/APC-3.0.14/apc_compile.c:391
391         memcpy(dst, src, sizeof(src[0]));
(gdb) bt
#0  0xfe9b98a8 in my_copy_zend_op (dst=0xfe00a194, src=0x67a2c0, allocate=0xfe9be5ec <apc_sma_malloc>, deallocate=0xfe9be904 <apc_sma_free>)
    at /root/nsowen/APC-3.0.14/apc_compile.c:391
#1  0xfe9bb050 in apc_copy_op_array (dst=0xfe00a0ac, src=0x676100, allocate=0xfe9be5ec <apc_sma_malloc>, deallocate=0xfe9be904 <apc_sma_free>)
    at /root/nsowen/APC-3.0.14/apc_compile.c:1256
#2  0xfe9bd264 in my_compile_file (h=0xffbffa68, type=6775040) at /root/nsowen/APC-3.0.14/apc_main.c:418
#3  0x002a0e1c in zend_execute_scripts ()
#4  0x0025d77c in php_execute_script ()
#5  0x0031f620 in main ()
 [2007-08-31 05:14 UTC] gopalv82 at yahoo dot com
Test Fix 

http://cvs.php.net/viewvc.cgi/pecl/apc/apc_sma.c?r1=1.65&r2=1.66

(or CVS HEAD)
 [2007-08-31 06:47 UTC] php at sowen dot de
Thanks for your quick help. It worked just fine with APC Revision HEAD.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 21:01:27 2024 UTC