Ticket #10 (closed task: fixed)

Opened 7 years ago

Last modified 7 years ago

Segfault with xcache.readonly_protection = On

Reported by: jfbustarret AT tf1.fr Owned by: moo
Priority: minor Milestone: 1.0.3
Component: cacher Version: 1.0.2
Keywords: Cc:
Blocked By: PHP Version:
Application: Need User Feedback:
Other Exts: SAPI:
Probability: Blocking:

Description (last modified by moo) (diff)

When using xcache.readonly_protection = On, I get the following segfault :

#0  xc_restore_zend_op_array (processor=0xbfc0d040, dst=0x82bbd18, src=0xb27950dc) at processor_real.c:13241
13241                           memcpy(dst, src, sizeof(zend_uint));
(gdb) print *src
$1 = {type = 2 '\002', function_name = 0x0, scope = 0x0, fn_flags = 0, prototype = 0x0, num_args = 0, required_num_args = 0, arg_info = 0x0,
  pass_rest_by_reference = 0 '\0', return_reference = 0 '\0', refcount = 0xb079516c, opcodes = 0xb4795170, last = 12, size = 12, vars = 0x0,
  last_var = 0, size_var = 0, T = 8, brk_cont_array = 0x0, last_brk_cont = 0, current_brk_cont = 4294967295, try_catch_array = 0x0,
  last_try_catch = 0, static_variables = 0x0, start_op = 0x0, backpatch_count = 0, done_pass_two = 1 '\001', uses_this = 0 '\0',
  filename = 0xb279508c "[... path ...]/index.php", line_start = 0, line_end = 0, doc_comment = 0x0, doc_comment_len = 0,
  reserved = {0x0, 0x0, 0x0, 0x0}, created_by_eval = 0 '\0'}
(gdb) bt
#0  xc_restore_zend_op_array (processor=0xbfc0d040, dst=0x82bbd18, src=0xb27950dc) at processor_real.c:13241
#1  0xb6ad74ee in xc_restore_xc_entry_t (processor=0xbfc0d040, dst=0xbfc0d440, src=0xb4795058) at processor_real.c:18877
#2  0xb6ad9402 in xc_processor_restore_xc_entry_t (dst=0xbfc0d440, src=0xb4795058, readonly_protection=1 '\001') at processor_real.c:805
#3  0xb6adb1e5 in xc_compile_file (h=0xbfc0f850, type=2) at /soft/sources/php/xcache-1.0-rc3/xcache.c:760

Platform is Linux (Suse 9.2)/PHP 5.1.4 w hardened-php 0.4.9/xcache 1.0RC3

xcache was configured with :
./configure --with-php-config=[...]/php-config --enable-xcache CFLAGS='-O2 -g'

(BTW : can you clean processor_real.c ?)

Change History

Changed 7 years ago by moo

  • owner changed from somebody to moo
  • status changed from new to assigned

good report. i'm looking into the segv.

it's out of my control to clean processor_real.c, cuz there's already rules for your "make clean", unless if i may add something like "make xcachesvnclean". but u can do "cat .cvsignore | xargs rm -f".

Changed 7 years ago by moo

  • status changed from assigned to closed
  • resolution set to fixed

in #59, this bug was introduced by [11]

Changed 7 years ago by moo

  • priority changed from trivial to minor
  • version changed from 2.0 to 1.0.2
  • component changed from component2 to cacher
  • description modified (diff)
  • milestone set to 1.0.3
Note: See TracTickets for help on using tickets.