Bug #51946 [Com]: Segmentation Faults on postgres use in session handler.

miroslav dot zacek at skype dot net Mon, 02 Aug 2010 08:21:33 -0700

Edit report at http://bugs.php.net/bug.php?id=51946&edit=1


 ID:                 51946
 Comment by:         miroslav dot zacek at skype dot net
 Reported by:        justin_burger at adp dot com
 Summary:            Segmentation Faults on postgres  use in session
                     handler.
 Status:             Open
 Type:               Bug
 Package:            PostgreSQL related
 Operating System:   CentOS release 5.4 (Final)
 PHP Version:        5.2.13
 Block user comment: N

 New Comment:

Forget my comment please,it is a different problem.


Previous Comments:
------------------------------------------------------------------------
[2010-07-23 14:06:37] miroslav dot zacek at skype dot net

I think it is the same bug as #52389 I've reported recently (with
patch).

------------------------------------------------------------------------
[2010-06-03 19:50:24] justin_burger at adp dot com

This now seems isolated to the session handler use of postgres.

------------------------------------------------------------------------
[2010-06-03 19:49:09] justin_burger at adp dot com

I've done more research and confirmed that I can ONLY reproduce this
when using 

postgres as part of session management. executing the exact same SQL
outside of a 

session handler does not cause the fault.

------------------------------------------------------------------------
[2010-06-02 23:22:56] justin_burger at adp dot com

PG Version =    8.3.9 



Your right, it looks like it's not happening 100% of the time during the
pg_connect. I created a somewhat simple script which causes the fault on
every other request. I am able to reproduce this on two different
servers. both running 5.2.13 with the 8.3.9 version of postgres.



Code to reproduce: http://pastebin.com/nfNJeyMw



Running this script gives me the following backtrace:

Core was generated by `/opt/adp/httpd/bin/httpd -X'.

Program terminated with signal 11, Segmentation fault.

#0  0x00002ac7d6ee1c20 in zend_mm_search_large_block (heap=0x151bdd50,
size=24) at /usr/src/debug/php-5.2.13/Zend/zend_alloc.c:1753

1753                    if (ZEND_MM_FREE_BLOCK_SIZE(p) <
ZEND_MM_FREE_BLOCK_SIZE(best_fit)) {

(gdb) bt

#0  0x00002ac7d6ee1c20 in zend_mm_search_large_block (heap=0x151bdd50,
size=24) at /usr/src/debug/php-5.2.13/Zend/zend_alloc.c:1753

#1  _zend_mm_alloc_int (heap=0x151bdd50, size=24) at
/usr/src/debug/php-5.2.13/Zend/zend_alloc.c:1812

#2  0x00002ac7dcdd8e80 in zif_pg_query (ht=<value optimized out>,
return_value=0x15671350, return_value_ptr=<value optimized out>,

    this_ptr=<value optimized out>, return_value_used=<value optimized
out>) at /usr/src/debug/php-5.2.13/ext/pgsql/pgsql.c:1184

#3  0x00002ac7d6f1d582 in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fff68c97af0) at
/usr/src/debug/php-5.2.13/Zend/zend_vm_execute.h:200

#4  0x00002ac7d6f1c73c in execute (op_array=0x155df890) at
/usr/src/debug/php-5.2.13/Zend/zend_vm_execute.h:92

#5  0x00002ac7d6ef1299 in zend_call_function (fci=0x7fff68c97cd0,
fci_cache=<value optimized out>) at
/usr/src/debug/php-5.2.13/Zend/zend_execute_API.c:1039

#6  0x00002ac7d6ef2386 in call_user_function_ex (function_table=<value
optimized out>, object_pp=<value optimized out>,
function_name=0x7274732061206e69,

    retval_ptr_ptr=0x1541dda0, param_count=1, params=0x0,
no_separation=1, symbol_table=0x0) at
/usr/src/debug/php-5.2.13/Zend/zend_execute_API.c:640

#7  0x00002ac7d6ef2406 in call_user_function (function_table=0x151bd640,
object_pp=0x0, function_name=0x15421298, retval_ptr=0x15642688,
param_count=2,

    params=0x7fff68c97dc0) at
/usr/src/debug/php-5.2.13/Zend/zend_execute_API.c:613

#8  0x00002ac7d6da5e25 in ps_call_handler (func=0x15421298, argc=2,
argv=0x7fff68c97dc0) at
/usr/src/debug/php-5.2.13/ext/session/mod_user.c:53

#9  0x00002ac7d6da6099 in ps_write_user (mod_data=<value optimized out>,
key=0x1560c698 "6c4u9vvv7b2hb5jh1bgg3916m6",

    val=0x156700a8
"CONNECTION_ID|s:2:\"QA\";USER_OBJECT|s:3667:\"O:4:\"user\":22:{s:17:\"",
vallen=3712)

    at /usr/src/debug/php-5.2.13/ext/session/mod_user.c:141

#10 0x00002ac7d6da2022 in php_session_save_current_state () at
/usr/src/debug/php-5.2.13/ext/session/session.c:550

#11 php_session_flush () at
/usr/src/debug/php-5.2.13/ext/session/session.c:1407

#12 0x00002ac7d6da22e9 in zm_deactivate_session (type=354147664,
module_number=5) at
/usr/src/debug/php-5.2.13/ext/session/session.c:2015

#13 0x00002ac7d6efddfc in module_registry_cleanup (module=<value
optimized out>) at /usr/src/debug/php-5.2.13/Zend/zend_API.c:1976

#14 0x00002ac7d6f06d84 in zend_hash_reverse_apply (ht=0x2ac7d74abb00,
apply_func=0x2ac7d6efdde0 <module_registry_cleanup>)

    at /usr/src/debug/php-5.2.13/Zend/zend_hash.c:755

#15 0x00002ac7d6efc47d in zend_deactivate_modules () at
/usr/src/debug/php-5.2.13/Zend/zend.c:838

#16 0x00002ac7d6eb944a in php_request_shutdown (dummy=<value optimized
out>) at /usr/src/debug/php-5.2.13/main/main.c:1478

#17 0x00002ac7d6f80b9e in php_apache_request_dtor (r=0x15458be0) at
/usr/src/debug/php-5.2.13/sapi/apache2handler/sapi_apache2.c:479

#18 php_handler (r=0x15458be0) at
/usr/src/debug/php-5.2.13/sapi/apache2handler/sapi_apache2.c:651

#19 0x00000000004362ea in ap_run_handler (r=0x15458be0) at config.c:157

#20 0x000000000043952c in ap_invoke_handler (r=0x15458be0) at
config.c:372

#21 0x0000000000443b58 in ap_process_request (r=0x15458be0) at
http_request.c:282

#22 0x0000000000440efc in ap_process_http_connection (c=0x1544ed80) at
http_core.c:190

#23 0x000000000043d202 in ap_run_process_connection (c=0x1544ed80) at
connection.c:43

#24 0x0000000000447a90 in child_main (child_num_arg=<value optimized
out>) at prefork.c:662

#25 0x0000000000447c93 in make_child (s=0x1509b848, slot=0) at
prefork.c:702

#26 0x0000000000448866 in ap_mpm_run (_pconf=<value optimized out>,
plog=<value optimized out>, s=0x1509b848) at prefork.c:978

#27 0x0000000000423e98 in main (argc=2, argv=0x7fff68c98848) at
main.c:740

------------------------------------------------------------------------
[2010-05-28 19:56:58] johan...@php.net

Your stackttrace shows that pg_query() is being called. Sure
pg_connect() is enough to get a crash? - In the later case I would have
expected way more results.



While at it please also mention the version nuumber of pgsql you are
using. Thanks.

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    http://bugs.php.net/bug.php?id=51946


-- 
Edit this bug report at http://bugs.php.net/bug.php?id=51946&edit=1

Bug #51946 [Com]: Segmentation Faults on postgres use in session handler.

Reply via email to