Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Phalcon + PHP-FPM = segfault #1000

Closed
viktoras25 opened this issue Aug 5, 2013 · 10 comments
Closed

[BUG] Phalcon + PHP-FPM = segfault #1000

viktoras25 opened this issue Aug 5, 2013 · 10 comments

Comments

@viktoras25
Copy link
Contributor

I've tried to update from 1.2.0 to next versions. Unfortunately, any version after 1.2.0 causes php-fpm to segfault.

dmesg:
php-fpm[17065]: segfault at 8 ip 00000000005e0fd2 sp 00007fff53f08780 error 4 in php-fpm[400000+315000]

I tracked down the commit after which it occurs.
Still works:
cd01796

Doesn't work:
e29a21a

PHP Version: 5.4.15
@viktoras25
Copy link
Contributor Author

Ok, I found what causes an issue. We have custom config adapter, the lines that cause segfault:

public function __construct($file, $section = null) {
    ...
    $this->_section = $section;

Actually, assigning any class variable ($this->whatever) causes segfault

@ghost
Copy link

ghost commented Aug 5, 2013

Please build a debug version of Phalcon:

cd ext
phpize
./configure CFLAGS="-O0 -g3"
make
sudo make install

Then enable core dumps:

ulimit -c unlimited
echo core > /proc/sys/kernel/core_pattern

Then restart php-fpm and try to reproduce the crash. This will generate a core dump.
You will need to find core file (its name will usually be core or core.number).
Then run

gdb /path/to/php-fpm core

At gdb prompt please run

bt
bt full
quit

and post the result either here or to pastebin.

PS: are you using this commit: 7915b80?

@viktoras25
Copy link
Contributor Author

I've build phalcon version with provided parameters, and enabled dumps, however file is not generated. Can this be because php.ini shows "'--disable-debug" flag in the configure command?

I've tried 1.2.2 and master branches

@ghost
Copy link

ghost commented Aug 5, 2013

master will crash, 1.2.2 in theory should not.

Can the crash be reproduced with php-cli?

@viktoras25
Copy link
Contributor Author

Ok, I managed to generate dump using this code in CLI mode:

class Ini extends \Phalcon\Config {
    private $_section;
    public function __construct($file, $section = null) {
        $this->_section = $section;
    }
}
new Ini("test");

backtrace however wasn't informative:

#0  0x00000000005e6472 in ?? ()
#1  0x0000000000000000 in ?? ()

@ghost
Copy link

ghost commented Aug 5, 2013

OK, I've got the core dump

Program terminated with signal 11, Segmentation fault.
#0  0x00000000006dbd31 in zend_std_write_property (object=0x7f6bb67d6978, member=0x7f6bb67d7448, value=0x377bf7b9bf45e19, key=0x7f6bb67d7448) at /build/buildd/php5-5.4.9/Zend/zend_object_handlers.c:527
527                         (*(variable_ptr = &zobj->properties_table[property_info->offset]) != NULL)) :
(gdb) bt
#0  0x00000000006dbd31 in zend_std_write_property (object=0x7f6bb67d6978, member=0x7f6bb67d7448, value=0x377bf7b9bf45e19, key=0x7f6bb67d7448) at /build/buildd/php5-5.4.9/Zend/zend_object_handlers.c:527
#1  0x00007f6bb1be002d in phalcon_config_write_property (object=0x7f6bb67d3e70, offset=0x7f6bb67d7448, value=0x7f6bb67d6978, key=0x7f6bb67d7448) at /home/vladimir/workspace/cphalcon/ext/config.c:164
#2  0x000000000073645f in zend_assign_to_object (retval=0x0, object_ptr=0xdfc140 <executor_globals+608>, property_name=0x75fd60 <ZEND_RECV_SPEC_HANDLER+1088>, value_type=16, value_op=0x7fff6b5a6d70, Ts=0x1, opcode=7565188, 
    key=0x7f6bb67d7448) at /build/buildd/php5-5.4.9/Zend/zend_execute.c:737
#3  0x0000000000736f84 in ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER (execute_data=0x7f6bb679f1a0) at /build/buildd/php5-5.4.9/Zend/zend_vm_execute.h:22269
#4  0x00000000007188f7 in execute (op_array=0x7f6bb67d6a80) at /build/buildd/php5-5.4.9/Zend/zend_vm_execute.h:410
#5  0x00000000006b876c in zend_execute_scripts (type=-1233303776, retval=0x300000008, file_count=32619) at /build/buildd/php5-5.4.9/Zend/zend.c:1309
#6  0x0000000000658413 in php_execute_script (primary_file=0x0) at /build/buildd/php5-5.4.9/main/main.c:2482
#7  0x0000000000761623 in do_cli (argc=0, argv=0x7fff6b5ab117) at /build/buildd/php5-5.4.9/sapi/cli/php_cli.c:988
#8  0x000000000042c750 in main (argc=32767, argv=0x13d6210) at /build/buildd/php5-5.4.9/sapi/cli/php_cli.c:1364

@ghost
Copy link

ghost commented Aug 5, 2013

The issue seems to be specific to PHP 5.4 branch

@ghost
Copy link

ghost commented Aug 5, 2013

This patch will fix it:

diff --git a/ext/config.c b/ext/config.c
index d076ea9..e60da0c 100644
--- a/ext/config.c
+++ b/ext/config.c
@@ -162,6 +162,7 @@ static void phalcon_config_write_property(zval *object, zval *offset, zval *valu

        if (obj->obj.ce->type != ZEND_INTERNAL_CLASS) {
                zend_get_std_object_handlers()->write_property(object, offset, value ZLK_CC TSRMLS_CC);
+               return;
        }

        phalcon_config_write_internal(obj, offset, value TSRMLS_CC);
@@ -176,6 +177,7 @@ static void phalcon_config_write_dimension(zval *object, zval *offset, zval *val

        if (obj->obj.ce->type != ZEND_INTERNAL_CLASS) {
                zend_get_std_object_handlers()->write_dimension(object, offset, value TSRMLS_CC);
+               return;
        }

        phalcon_config_write_internal(obj, offset, value TSRMLS_CC);
@@ -239,6 +241,7 @@ static void phalcon_config_unset_property(zval *object, zval *member ZLK_DC TSRM

        if (obj->obj.ce->type != ZEND_INTERNAL_CLASS) {
                zend_get_std_object_handlers()->unset_property(object, member ZLK_CC TSRMLS_CC);
+               return;
        }

        phalcon_config_unset_internal(obj, member TSRMLS_CC);
@@ -250,6 +253,7 @@ static void phalcon_config_unset_dimension(zval *object, zval *offset TSRMLS_DC)

        if (obj->obj.ce->type != ZEND_INTERNAL_CLASS) {
                zend_get_std_object_handlers()->unset_dimension(object, offset TSRMLS_CC);
+               return;
        }

        phalcon_config_unset_internal(obj, offset TSRMLS_CC);
@@ -261,9 +265,9 @@ static void phalcon_config_unset_dimension(zval *object, zval *offset TSRMLS_DC)
 static HashTable* phalcon_config_get_properties(zval* object TSRMLS_DC)
 {
        HashTable* props = zend_std_get_properties(object TSRMLS_CC);
-       phalcon_config_object* obj = fetchPhalconConfigObject(object TSRMLS_CC);

        if (!GC_G(gc_active)) {
+               phalcon_config_object* obj = fetchPhalconConfigObject(object TSRMLS_CC);
                zend_hash_copy(props, obj->props, (copy_ctor_func_t)zval_add_ref, NULL, sizeof(zval*));
        }

@@ -315,7 +319,11 @@ static zend_object_value phalcon_config_object_ctor(zend_class_entry* ce TSRMLS_
        phalcon_config_object* obj = ecalloc(1, sizeof(phalcon_config_object));
        zend_object_value retval;

-       zend_object_std_init(&(obj->obj), ce TSRMLS_CC);
+       zend_object_std_init(&obj->obj, ce TSRMLS_CC);
+#if PHP_VERSION_ID >= 50400
+       object_properties_init(&obj->obj, ce);
+#endif
+
        ALLOC_HASHTABLE(obj->props);
        zend_hash_init(obj->props, 0, NULL, ZVAL_PTR_DTOR, 0);

This was referenced Aug 5, 2013
Merged
Closed
Merged
@viktoras25
Copy link
Contributor Author

I cloned your rep and installed, runs fine, no crashes.
Thank you very much!
I hope you do get enough credit for what you do.

@ghost
Copy link

ghost commented Aug 5, 2013

BTW, if you could verify that Has Many to Many works, that would be great

@viktoras25 viktoras25 mentioned this issue Aug 12, 2013
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@viktoras25