New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segfault in Phalcon\Session\Adapter\Files #13520

Closed
AmazingDreams opened this Issue Oct 11, 2018 · 2 comments

Comments

Projects
4 participants
@AmazingDreams
Copy link
Contributor

AmazingDreams commented Oct 11, 2018

Expected and Actual Behavior

I am trying to use the \Phalcon\Session\Adapter\Files() in cli (phpunit), but I get a segfault. I expect not te get a segfault.

  • Phalcon 3.4.0 and 3.4.1
  • Tested on php 7.2.10, 7.1.22, 7.0.32, 5.6.38, 5.5.38
  • Fails on 7.x, succeeds on 5.x
  • Failing methods: get, set, remove
  • Other methods don't cause a segfault, not even has

Steps to reproduce

Please see the following repository for reproduction script: https://github.com/AmazingDreams/phalcon-session-bug

bug.php

<?php
$v = phpversion()." - ".\Phalcon\Version::get();

echo "Running test for ".$v.PHP_EOL;

$session = new \Phalcon\Session\Adapter\Files();
echo "Session instantiated".PHP_EOL;

$session->start();
echo "Session started".PHP_EOL;

$session->set('test', 'test');
echo "Session key set".PHP_EOL;

echo "\033[32m ".$v." EXITED SUCCESSFULLY\033[0m".PHP_EOL;

Makefile

run:
        -@docker run -v ${PWD}:/usr/src/app -w /usr/src/app mileschou/phalcon:7.2-cli php bug.php
        -@docker run -v ${PWD}:/usr/src/app -w /usr/src/app mileschou/phalcon:7.1-cli php bug.php
        -@docker run -v ${PWD}:/usr/src/app -w /usr/src/app mileschou/phalcon:7.0-cli php bug.php
        -@docker run -v ${PWD}:/usr/src/app -w /usr/src/app mileschou/phalcon:5.6-cli php bug.php
        -@docker run -v ${PWD}:/usr/src/app -w /usr/src/app mileschou/phalcon:5.5-cli php bug.php

Output

Running test for 7.2.10 - 3.4.0
Session instantiated
Session started
Makefile:2: recipe for target 'run' failed
make: [run] Error 139 (genegeerd)
Running test for 7.1.22 - 3.4.0
Session instantiated
Session started
Makefile:2: recipe for target 'run' failed
make: [run] Error 139 (genegeerd)
Running test for 7.0.32 - 3.4.0
Session instantiated
Session started
Makefile:2: recipe for target 'run' failed
make: [run] Error 139 (genegeerd)
Running test for 5.6.38 - 3.4.0
Session instantiated
Session started
Session key set
 5.6.38 - 3.4.0 EXITED SUCCESSFULLY
Running test for 5.5.38 - 3.4.0
Session instantiated
Session started
Session key set
 5.5.38 - 3.4.0 EXITED SUCCESSFULLY

Valgrind (make valgrind):

==1== Invalid read of size 1                                                                                                                                                                                       
==1==    at 0xEE7143A: zephir_array_update_zval (in /usr/local/lib/php/extensions/no-debug-non-zts-20170718/phalcon.so)                                                                                            
==1==    by 0xEF0A8BF: zim_Phalcon_Session_Adapter_set (in /usr/local/lib/php/extensions/no-debug-non-zts-20170718/phalcon.so)                                                                                     
==1==    by 0x6AB8CB: execute_ex (in /usr/local/bin/php)                                                                                                                                                           
==1==    by 0x6ABC93: zend_execute (in /usr/local/bin/php)                                                                                                                                                         
==1==    by 0x5FB042: zend_execute_scripts (in /usr/local/bin/php)                                                                                                                                                 
==1==    by 0x5965F7: php_execute_script (in /usr/local/bin/php)                                                                                                                                                   
==1==    by 0x6AE01E: ??? (in /usr/local/bin/php)                                                                                                                                                                  
==1==    by 0x25D2D8: ??? (in /usr/local/bin/php)                                                                                                                                                                  
==1==    by 0x73B12E0: (below main) (libc-start.c:291)                                                                                                                                                             
==1==  Address 0x8 is not stack'd, malloc'd or (recently) free'd                                                                                                                                                   
==1==                                                                                                                                                                                                              
==1==                                                                                                                                                                                                              
==1== Process terminating with default action of signal 11 (SIGSEGV): dumping core                                                                                                                                 
==1==  Access not within mapped region at address 0x8                                                                                                                                                              
==1==    at 0xEE7143A: zephir_array_update_zval (in /usr/local/lib/php/extensions/no-debug-non-zts-20170718/phalcon.so)                                                                                            
==1==    by 0xEF0A8BF: zim_Phalcon_Session_Adapter_set (in /usr/local/lib/php/extensions/no-debug-non-zts-20170718/phalcon.so)                                                                                     
==1==    by 0x6AB8CB: execute_ex (in /usr/local/bin/php)                                                                                                                                                           
==1==    by 0x6ABC93: zend_execute (in /usr/local/bin/php)                                                                                                                                                         
==1==    by 0x5FB042: zend_execute_scripts (in /usr/local/bin/php)                                                                                                                                                 
==1==    by 0x5965F7: php_execute_script (in /usr/local/bin/php)                                                                                                                                                   
==1==    by 0x6AE01E: ??? (in /usr/local/bin/php)                                                                                                                                                                  
==1==    by 0x25D2D8: ??? (in /usr/local/bin/php)                                                                                                                                                                  
==1==    by 0x73B12E0: (below main) (libc-start.c:291)                                                                                                                                                             
==1==  If you believe this happened as a result of a stack                                                                                                                                                         
==1==  overflow in your program's main thread (unlikely but                                                                                                                                                        
==1==  possible), you can try to increase the size of the                                                                                                                                                          
==1==  main thread stack using the --main-stacksize= flag.                                                                                                                                                         
==1==  The main thread stack size used in this run was 8388608.
@JABirchall

This comment has been minimized.

Copy link

JABirchall commented Oct 11, 2018

On windows the segfault happens when setting a session variable

https://i.imgur.com/VaHvaKr.png

@niden niden added the Bug - High label Dec 25, 2018

@niden niden added this to To do in 4.0 Release via automation Dec 25, 2018

@ekmst ekmst referenced this issue Jan 8, 2019

Closed

Fixed session segmentation fault on start #13745

3 of 3 tasks complete

sergeyklay added a commit that referenced this issue Jan 8, 2019

@ekmst ekmst referenced this issue Jan 9, 2019

Merged

Fixed session segmentation fault on start #13747

3 of 3 tasks complete
@sergeyklay

This comment has been minimized.

Copy link
Member

sergeyklay commented Jan 9, 2019

Fixed in the 4.0.x branch. Feel free to open a new issue if the problem appears again. Thank you for contributing.

@sergeyklay sergeyklay closed this Jan 9, 2019

4.0 Release automation moved this from To do to Done Jan 9, 2019

niden added a commit to niden/cphalcon that referenced this issue Jan 9, 2019

[4.0.x] - Merge remote-tracking branch 'upstream/4.0.x' into 4.0.x
* upstream/4.0.x:
  Fixed change logs [ci skip]
  Fixed change logs [ci skip]
  Fixed Security\SecurityCest
  Fixed Libmemcached test
  Fixed PHP version at composer.json
  Actualize .gitignore
  Update dev dependencies
  Cleaned up no longer needed CI scripts
  Show test output in compact style
  Fixed code style for Session\ManagerCest
  Simplify session status check
  Update change log to add link to the phalcon#13520
  Do not run phpcs on PHP 7.3
  Do not interact with _SESSION if the session has not been started
  Fixed Session\Manager to not interact with _SESSION
  Fixed session adapters to properly implement SessionHandlerInterface::write
  fixed acl docblock
  4.0.x Tests code cleanup (phalcon#13734)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment