Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Phalcon 1.3.0 segfault #1567

Closed
viktoras25 opened this issue Nov 18, 2013 · 14 comments
Closed

Phalcon 1.3.0 segfault #1567

viktoras25 opened this issue Nov 18, 2013 · 14 comments

Comments

@viktoras25
Copy link
Contributor

Just tried several times:

Code:

die("OK");

dmesg:

php[12611]: segfault at 55463a ip 00007f5e5843dbbf sp 00007fff190636d0 error 7 in phalcon.so[7f5e583c2000+29e000]
php[20399]: segfault at 55463a ip 00007f6f6ece6bbf sp 00007fffc082d830 error 7 in phalcon.so[7f6f6ec6b000+29e000]
php[20426]: segfault at 55463a ip 00007fc3e27aabbf sp 00007fff9474fa80 error 7 in phalcon.so[7fc3e272f000+29e000]

This code causes php to crash, when Phalcon is enabled. Doesn't crash when disabled. Phalcon installed from /ext.

Here is my installation script:

cd /tmp 
git clone https://github.com/phalcon/cphalcon.git
cd cphalcon/ext
git checkout origin/1.3.0
phpize
./configure
make
sudo make install
sudo restart-all
cd /tmp
rm -rf cphalcon
@ghost
Copy link

ghost commented Nov 18, 2013

Does this happen if you run php index.php or smth like this?

@viktoras25
Copy link
Contributor Author

Yes, in CLI

18.11.2013, â 12:14, Vladimir Kolesnikov notifications@github.com íàïèñàë(à):

Does this happen if you run php index.php or smth like this?


Reply to this email directly or view it on GitHub.

@ghost
Copy link

ghost commented Nov 18, 2013

Could you please generate a core dump and get the backtrace?

sudo apt-get install gdb
git clone https://github.com/phalcon/cphalcon.git
cd cphalcon/ext
git checkout origin/1.3.0
phpize
./configure CFLAGS="-O0 -g3"
make -j4
sudo make install
ulimit -c unlimited
sudo service apport stop
php index.php
gdb `which php` core

and at the gdb prompt run

bt
bt full
quit

@viktoras25
Copy link
Contributor Author

Unfortunately my php isn't compiled in debug mode, therefore all that I see is:

#0  0x00007f28d5664457 in ?? ()
#1  0x00007fff5f4e8d60 in ?? ()
#2  0x0000000000000000 in ?? ()

@viktoras25
Copy link
Contributor Author

Ok, trying different versions I found that:
b7f69e9 works
next one, 831b230, doesn't.

@viktoras25
Copy link
Contributor Author

PHP version 5.4.19 if that helps

@ghost
Copy link

ghost commented Nov 19, 2013

OK, I will install PHP 5.4.19 and try to reproduce this. Is this stock version of PHP or manually built one?

@viktoras25
Copy link
Contributor Author

CentOS 6 yum installed stock php

@ghost
Copy link

ghost commented Nov 20, 2013

OK, will install a CentOS tonight and check what is wrong.

@ghost
Copy link

ghost commented Nov 20, 2013 

#0  0x029c38fc in zm_post_zend_deactivate_phalcon () at /root/tmp/cphalcon/ext/phalcon.c:954
954                     INIT_PZVAL(phalcon_globals->z_false);

@ghost
Copy link

ghost commented Nov 20, 2013

Related: #1510

@ghost
Copy link

ghost commented Nov 20, 2013 

diff --git a/ext/phalcon.c b/ext/phalcon.c
index dc33837..5043c85 100644
--- a/ext/phalcon.c
+++ b/ext/phalcon.c
@@ -946,26 +946,26 @@ static ZEND_MODULE_POST_ZEND_DEACTIVATE_D(phalcon)
 #endif

        if (CG(unclean_shutdown)) {
-               zend_phalcon_globals *phalcon_globals = PHALCON_VGLOBAL;
+               zend_phalcon_globals *pg = PHALCON_VGLOBAL;

-               INIT_ZVAL(*phalcon_globals->z_null);
-               Z_ADDREF_P(phalcon_globals->z_null);
+               INIT_ZVAL(*pg->z_null);
+               Z_ADDREF_P(pg->z_null);

-               INIT_PZVAL(phalcon_globals->z_false);
-               Z_ADDREF_P(phalcon_globals->z_false);
-               ZVAL_FALSE(phalcon_globals->z_false);
+               INIT_PZVAL(pg->z_false);
+               Z_ADDREF_P(pg->z_false);
+               ZVAL_FALSE(pg->z_false);

-               INIT_PZVAL(phalcon_globals->z_true);
-               Z_ADDREF_P(phalcon_globals->z_true);
-               ZVAL_TRUE(phalcon_globals->z_true);
+               INIT_PZVAL(pg->z_true);
+               Z_ADDREF_P(pg->z_true);
+               ZVAL_TRUE(pg->z_true);

-               INIT_PZVAL(phalcon_globals->z_zero);
-               Z_ADDREF_P(phalcon_globals->z_zero);
-               ZVAL_LONG(phalcon_globals->z_zero, 0);
+               INIT_PZVAL(pg->z_zero);
+               Z_ADDREF_P(pg->z_zero);
+               ZVAL_LONG(pg->z_zero, 0);

-               INIT_PZVAL(phalcon_globals->z_one);
-               Z_ADDREF_P(phalcon_globals->z_one);
-               ZVAL_LONG(phalcon_globals->z_one, 1);
+               INIT_PZVAL(pg->z_one);
+               Z_ADDREF_P(pg->z_one);
+               ZVAL_LONG(pg->z_one, 1);
        }

        return SUCCESS;

@ghost
Copy link

ghost commented Nov 20, 2013

The bug happened due to the way PHALCON_VGLOBAL macro expands for NTS PHP:

#define PHALCON_VGLOBAL &(phalcon_globals)

Thus,

zend_phalcon_globals *phalcon_globals = PHALCON_VGLOBAL;

becomes

zend_phalcon_globals *phalcon_globals = &(phalcon_globals);

Local phalcon_globals shadows the global one resulting in a garbage value and segfault.

@ghost ghost mentioned this issue Nov 20, 2013
Merged
@viktoras25
Copy link
Contributor Author

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@viktoras25