Opened 19 months ago

Closed 19 months ago

Last modified 19 months ago

#307 closed task (fixed)

Segmentation Fault during startup.

Reported by: michael.y Owned by: moo
Priority: major Milestone: 3.0.2
Component: cacher Version: 3.0.1
Keywords: xcache xcache cacher Cc:
Application: PHP Version: 5.3.25
Other Exts: SAPI: Irrelevant
Probability: Always Blocked By:
Blocking:

Description

Good Afternoon!

When i tried to enable xcache-3.0.1 together with zend server(zend product) during issuing command:
# php -m

I received a segmentation fault. After having a debug session which included going to the php source code and xcache source code i have concluded that before initiating startup of the
xc_zend_startup and xc_cacher_zend_startup the zend extensions list was composed of:

  1. XCache
  2. ZendExtensionManager?(Inner zend extension manager)
  3. XCache Cacher.

Before PHP_MINIT_FUNCTION(xcache) is called the zend_llist already includes the

  1. ZendExtensionManager?. So during PHP_MINIT_FUNCTION(xcache) and PHP_MINIT_FUNCTION(xcache cacher) modifies this list which in the end causes segmentation fault.

I figured out why segmentation fault was happening. The zend_llist that would be suitable for us is

  1. XCache
  2. XCache Cacher
  3. ZendExtensionManager?.

For your consideration is a suggested patch of 2 functions PHP_MINIT_FUNCTION(xcache) and PHP_MINIT_FUNCTION(xcache cacher). During MINIT(xcache) the MINIT(xcache cacher is called) in which it prepends the cacher and later on in MINIT(xcache) the xcache prepends as well.
So in the end the list before startup of all extensions is

  1. XCache
  2. XCache Cacher
  3. ZendExtensionManager?.

Is there a problem with that according to your design?
File is attached in which 2 functions described.

Sincerely,
Michael.

PS. I checked the APC opcode cache code they do not add themselves to the zend_llist.

Attachments (4)

xcache_func_patch.txt (2.9 KB) - added by michael.y 19 months ago.
2 Functions PHP_MINIT_FUNCTION(xcache and cacher)
xcache-zend-extension-manager.diff (1.1 KB) - added by moo 19 months ago.
xcache.diff (276 bytes) - added by michael.y 19 months ago.
xcache.diff
xc_cacher.diff (271 bytes) - added by michael.y 19 months ago.
xc_cacher.diff

Download all attachments as: .zip

Change History (23)

Changed 19 months ago by michael.y

2 Functions PHP_MINIT_FUNCTION(xcache and cacher)

Changed 19 months ago by moo

comment:1 Changed 19 months ago by moo

  • Status changed from new to accepted

accepting this issue but need to review this patch. you were not using unified diff making me hard to review the patch. it just a few lines.

it's good to have your info regarding to technical analyze result, but it's lack of some basic info like software version, is it zts build. how to reproduce the problem (only "php -m" ?)

XCache do it current way for some reason: older ZendExtensionManger? refuse to work if it find any zend_extension(s) that it don't accept

comment:2 Changed 19 months ago by moo

  • Status changed from accepted to started

comment:3 Changed 19 months ago by michael.y

Yes , thanks for answering.
Oh i see you have already made the patch. Yes that is exactly what i meant.
You won't have a problem because you don't have the ZendExtensionManager?? and other zendextension products code.
After issuing php -v or php -m command we received a segmentation fault. Because our modules were called twice and that shouldnt be the case. So i asked if it is possible to first prepend the xcache cacher and then prepend xcache. so during startup the zend extension list is like that
XCache
XCache Cacher
ZendExtensionManager??.
The patch that you have created is exactly what i meant.

Changed 19 months ago by michael.y

xcache.diff

Changed 19 months ago by michael.y

xc_cacher.diff

comment:4 Changed 19 months ago by moo

  • Status changed from started to infoneeded

the patch i attach is made from yours.

php -m outputs:

.......
[Zend Modules]
XCache
XCache Cacher
XCache Coverager
XCache Optimizer
Zend Guard Loader

php -v outputs

PHP 5.3.25 (cgi-fcgi) (built: May 24 2013 09:25:38)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2013 Zend Technologies
    with XCache v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with Zend Guard Loader v3.3, Copyright (c) 1998-2010, by Zend Technologies
    with XCache Optimizer v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with XCache Cacher v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with XCache Coverager v3.1.0-dev, Copyright (c) 2005-2013, by mOo

same with XCache v3.0.1

so i still need info to reproduce. what version of ZendGuard? Loader you're using. gdb backtrace when it crash?

comment:5 Changed 19 months ago by moo

  • Status changed from infoneeded to assigned

not sure what diff tool you were using. you may want to use "diff -u" _next time_
it make life easier to use "diff -u (diff -U3)". everyone in opensource world use it this way

       -u, -U NUM, --unified[=NUM]
              output NUM (default 3) lines of unified context

comment:6 Changed 19 months ago by moo

  • Status changed from assigned to infoneeded

comment:7 follow-up: Changed 19 months ago by moo

do you have any ZendGuard? encoded scripts? that maybe the key to reproduce (but you use php -m to reproduce. i wonder ...)

it may be easier if you can provide me ssh access to your server that reproduce the problem (or make a virtual machine package like others provide)

comment:8 in reply to: ↑ 7 Changed 19 months ago by michael.y

  • Status changed from infoneeded to assigned

We will soon provide a VM package with zend server installed so you could reproduce the bug.
You could reproduce it by entering a command that will start php. So php -v or php -m would suffice.

comment:9 Changed 19 months ago by michael.y

We have arranged a machine for you with php-5.3.25 and centos64 distro.
It is already with the problem inside. Meaning when you issue a php command like

  1. /usr/local/zend/bin/php -m or /usr/local/zend/bin/php -v

You can already see the segmentation fault. Segmentation fault occurs because our code is called twice from the php startup extension functions.
If you want to debug you can do so by : gdb /usr/local/zend/bin/php.
Source files of php are in : /usr/local/zend/share.

In startup of our main extension manager we call for other extensions and add them to the zend_extensions list. So in order for our code not to be called twice the zend extension manager need to be last in the list.

Here is the backtrace of the problem.

[root@1369635818283676-xcache-zend-server-6-for-michael conf.d]# gdb /usr/local/zend/bin/php
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/zend/bin/php...Reading symbols from /usr/lib/debug/usr/local/zend/bin/php.gdb...done.
done.
(gdb) directory /usr/local/zend/share
Source directories searched: /usr/local/zend/share:$cdir:$cwd
(gdb) break zend_llist_apply_with_del
Breakpoint 1 at 0x68be90: file /php-5.3.25/Zend/zend_llist.c, line 174.
(gdb) break zend_extension_manager_startup
Function "zend_extension_manager_startup" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 2 (zend_extension_manager_startup) pending.
(gdb) break zend_debugger_startup
Function "zend_debugger_startup" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 3 (zend_debugger_startup) pending.
(gdb) break xc_zend_startup
Function "xc_zend_startup" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 4 (xc_zend_startup) pending.
(gdb) break xc_cacher_zend_startup
Function "xc_cacher_zend_startup" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 5 (xc_cacher_zend_startup) pending.
(gdb) r -m
Starting program: /usr/local/zend/bin/php -m
[Thread debugging using libthread_db enabled]

Breakpoint 1, zend_llist_apply_with_del (l=0xcfd460, func=0x6a1520 <zend_extension_startup>) at /php-5.3.25/Zend/zend_llist.c:174
warning: Source file is more recent than executable.
174 {
Missing separate debuginfos, use: debuginfo-install php-5.3-bin-zend-server-5.3.25-9.x86_64
(gdb) list
169 }
170 }
171
172
173 ZEND_API void zend_llist_apply_with_del(zend_llist *l, int (*func)(void *data))
174 {
175 zend_llist_element *element, *next;
176
177 element=l->head;
178 while (element) {
(gdb) list
179 next = element->next;
180 if (func(element->data)) {
181 DEL_LLIST_ELEMENT(element, l);
182 }
183 element = next;
184 }
185 }
186
187
188 ZEND_API void zend_llist_apply(zend_llist *l, llist_apply_func_t func TSRMLS_DC)
(gdb) bt
#0 zend_llist_apply_with_del (l=0xcfd460, func=0x6a1520 <zend_extension_startup>) at /php-5.3.25/Zend/zend_llist.c:174
#1 0x00000000006a1517 in zend_startup_extensions () at /php-5.3.25/Zend/zend_extensions.c:175
#2 0x00000000006440f5 in php_module_startup (sf=<value optimized out>, additional_modules=0x0, num_additional_modules=0) at /php-5.3.25/main/main.c:2077
#3 0x000000000071e35d in php_cli_startup (sapi_module=0xcfd460) at /php-5.3.25/sapi/cli/php_cli.c:398
#4 0x000000000071ecb5 in main (argc=2, argv=0x7fffffffe538) at /php-5.3.25/sapi/cli/php_cli.c:770
(gdb) c
Continuing.

Breakpoint 4, xc_zend_startup (extension=0xfadda0) at /tmp/xcache-3.0.1/xcache.c:669
669 {
(gdb) bt
#0 xc_zend_startup (extension=0xfadda0) at /tmp/xcache-3.0.1/xcache.c:669
#1 0x00000000006a1531 in zend_extension_startup (extension=0xfadda0) at /php-5.3.25/Zend/zend_extensions.c:154
#2 0x000000000068beca in zend_llist_apply_with_del (l=0xcfd460, func=0x6a1520 <zend_extension_startup>) at /php-5.3.25/Zend/zend_llist.c:180
#3 0x00000000006a1517 in zend_startup_extensions () at /php-5.3.25/Zend/zend_extensions.c:175
#4 0x00000000006440f5 in php_module_startup (sf=<value optimized out>, additional_modules=0x0, num_additional_modules=0) at /php-5.3.25/main/main.c:2077
#5 0x000000000071e35d in php_cli_startup (sapi_module=0xfadda0) at /php-5.3.25/sapi/cli/php_cli.c:398
#6 0x000000000071ecb5 in main (argc=2, argv=0x7fffffffe538) at /php-5.3.25/sapi/cli/php_cli.c:770
(gdb) c
Continuing.

Breakpoint 2, zend_extension_manager_startup (extension=0xd66090) at ZendExtensionManager?.cpp:1076
1076 ZendExtensionManager?.cpp: No such file or directory.

in ZendExtensionManager?.cpp

(gdb) bt
#0 zend_extension_manager_startup (extension=0xd66090) at ZendExtensionManager?.cpp:1076
#1 0x00000000006a1531 in zend_extension_startup (extension=0xd66090) at /php-5.3.25/Zend/zend_extensions.c:154
#2 0x000000000068beca in zend_llist_apply_with_del (l=0xcfd460, func=0x6a1520 <zend_extension_startup>) at /php-5.3.25/Zend/zend_llist.c:180
#3 0x00000000006a1517 in zend_startup_extensions () at /php-5.3.25/Zend/zend_extensions.c:175
#4 0x00000000006440f5 in php_module_startup (sf=<value optimized out>, additional_modules=0x0, num_additional_modules=0) at /php-5.3.25/main/main.c:2077
#5 0x000000000071e35d in php_cli_startup (sapi_module=0xd66090) at /php-5.3.25/sapi/cli/php_cli.c:398
#6 0x000000000071ecb5 in main (argc=2, argv=0x7fffffffe538) at /php-5.3.25/sapi/cli/php_cli.c:770
(gdb) c
Continuing.

Breakpoint 3, zend_debugger_startup (extension=0x1162270) at ZendDebugger?.c:672
672 ZendDebugger?.c: No such file or directory.

in ZendDebugger?.c

(gdb) bt
#0 zend_debugger_startup (extension=0x1162270) at ZendDebugger?.c:672
#1 0x00007ffff7b6a68b in zend_extension_manager_startup (extension=<value optimized out>) at ZendExtensionManager?.cpp:1426
#2 0x00000000006a1531 in zend_extension_startup (extension=0xd66090) at /php-5.3.25/Zend/zend_extensions.c:154
#3 0x000000000068beca in zend_llist_apply_with_del (l=0xcfd460, func=0x6a1520 <zend_extension_startup>) at /php-5.3.25/Zend/zend_llist.c:180
#4 0x00000000006a1517 in zend_startup_extensions () at /php-5.3.25/Zend/zend_extensions.c:175
#5 0x00000000006440f5 in php_module_startup (sf=<value optimized out>, additional_modules=0x0, num_additional_modules=0) at /php-5.3.25/main/main.c:2077
#6 0x000000000071e35d in php_cli_startup (sapi_module=0x1162270) at /php-5.3.25/sapi/cli/php_cli.c:398
#7 0x000000000071ecb5 in main (argc=2, argv=0x7fffffffe538) at /php-5.3.25/sapi/cli/php_cli.c:770
(gdb) c
Continuing.

Breakpoint 5, xc_cacher_zend_startup (extension=0xed0180) at /tmp/xcache-3.0.1/mod_cacher/xc_cacher.c:3469

3469 if ((xc_php_size
xc_var_size) && xc_mmap_path && xc_mmap_path[0]) {

(gdb) c
Continuing.

Breakpoint 3, zend_debugger_startup (extension=0x1162270) at ZendDebugger?.c:672
672 ZendDebugger?.c: No such file or directory.

in ZendDebugger?.c

(gdb) bt
#0 zend_debugger_startup (extension=0x1162270) at ZendDebugger?.c:672
#1 0x00000000006a1531 in zend_extension_startup (extension=0x1162270) at /php-5.3.25/Zend/zend_extensions.c:154
#2 0x000000000068beca in zend_llist_apply_with_del (l=0xcfd460, func=0x6a1520 <zend_extension_startup>) at /php-5.3.25/Zend/zend_llist.c:180
#3 0x00000000006a1517 in zend_startup_extensions () at /php-5.3.25/Zend/zend_extensions.c:175
#4 0x00000000006440f5 in php_module_startup (sf=<value optimized out>, additional_modules=0x0, num_additional_modules=0) at /php-5.3.25/main/main.c:2077
#5 0x000000000071e35d in php_cli_startup (sapi_module=0x1162270) at /php-5.3.25/sapi/cli/php_cli.c:398
#6 0x000000000071ecb5 in main (argc=2, argv=0x7fffffffe538) at /php-5.3.25/sapi/cli/php_cli.c:770
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x00007fffebbf80d0 in zend_debugger_error (type=32, error_filename=0x8cc6ff "Unknown", error_lineno=0, format=0x975523 "Module '%s' already loaded", args=<value optimized out>)

at zend_debugger_output.c:190

190 zend_debugger_output.c: No such file or directory.

in zend_debugger_output.c

comment:10 Changed 19 months ago by moo

  • Status changed from assigned to started

Still you're pasting a lot of info but without any basic info you can think of. Maybe that's what ppl use to say, tech guy tends to reports lack of useful "original info" but filled with analyzed result, which make it more useless than the one reported from non-tech guy.

"php -v" and "php -m" info without xcache loaded (because with xcache it won't output anything) shows that Zend Extension Manager is adding themselves to zend_extension list, even though you said "PS. I checked the APC opcode cache code they do not add themselves to the zend_llist."

That could be the reason to segv, as both XCache and Zend Extension Manger is modifying the zend_llist

Your patch isn't complete. Because you have only XCache Cacher built. if you have XCache optimizer also built-in you'll have to patch it too to make it not SEGV.

there're more info lack: where is xcache source you used to install? and how do you install it. i need to play with XCache and rebuild it

comment:11 Changed 19 months ago by michael.y

XCache i downloaded from your site
http://xcache.lighttpd.net/wiki/Release-3.0.1
on the server it is at /tmp/xcache-3.0.1

/usr/local/zend/bin/phpize --clean && /usr/local/zend/bin/phpize
./configure --enable-xcache
make clean
make -d
copied the /tmp/xcache-3.0.1/modules/xcache.so to /usr/local/zend/lib/php_extensions

When i installed APC opcode cache , i meant the APC do not add themselves to the list. Zend Extension Manager is always in the zend_llist if it is not commented out from ini files.

comment:12 Changed 19 months ago by michael.y

xcache.ini is at /usr/local/zend/etc/conf.d

comment:13 Changed 19 months ago by moo

  • Resolution set to fixed
  • Status changed from started to closed

Thanks for your info. I've rsync'ed everything back to my box and reproduce it. (please keep the server on so i can sync it to another box tomorrow if necessary)

The bug fixed in [1251] for trunk and [1252] for branches/3.0.x. please check it out from svn and try it on your env, if php -v and php -m works, make sure to run your Zend encoded script if you have any, test it with real website (in testing server) by opening the webpages in browser in a normal user way.

comment:14 Changed 19 months ago by moo

btw, it's the order matter and Zend Debugger failed to work properly (call stack corrupted/overflow) if any extension is loaded after "Zend Extension Manger"

    with XCache v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with Zend Extension Manager v6.0.0, Copyright (c) 2003-2013, by Zend Technologies
    with XCache Optimizer v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with XCache Cacher v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with XCache Coverager v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    - with Zend Job Queue v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [enabled]
    - with Zend Session Clustering v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [disabled]
    - with Zend Utils v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [enabled]
    - with Zend Optimizer+ v6.0.0, Copyright (c) 1999-2013, by Zend Technologies [loaded] [licensed] [disabled]
    - with Zend Monitor v6.0.0, Copyright (c) 1999-2013, by Zend Technologies [loaded] [licensed] [disabled]
    - with Zend Debugger v6.0.0, Copyright (c) 1999-2013, by Zend Technologies [loaded] [licensed] [enabled]
    - with Zend Page Cache v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [disabled]

(is not actual output as it crash, it's a demo listing only for your idea)

the order (actual output) that is working after fix is:

$ ./bin/php -v
PHP 5.3.25 (cli) (built: May 12 2013 08:26:25)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2013 Zend Technologies
    with XCache v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with Zend Extension Manager v6.0.0, Copyright (c) 2003-2013, by Zend Technologies
    - with Zend Job Queue v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [enabled]
    - with Zend Session Clustering v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [disabled]
    - with Zend Utils v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [enabled]
    - with Zend Optimizer+ v6.0.0, Copyright (c) 1999-2013, by Zend Technologies [loaded] [licensed] [disabled]
    - with Zend Monitor v6.0.0, Copyright (c) 1999-2013, by Zend Technologies [loaded] [licensed] [disabled]
    - with Zend Debugger v6.0.0, Copyright (c) 1999-2013, by Zend Technologies [loaded] [licensed] [enabled]
    - with Zend Page Cache v6.0.0, Copyright (c) 2004-2013, by Zend Technologies [loaded] [licensed] [disabled]

    with XCache Optimizer v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with XCache Cacher v3.1.0-dev, Copyright (c) 2005-2013, by mOo
    with XCache Coverager v3.1.0-dev, Copyright (c) 2005-2013, by mOo

comment:15 Changed 19 months ago by moo

  • Milestone changed from undecided to 3.0.2

comment:16 Changed 19 months ago by michael.y

  • Milestone changed from 3.0.2 to undecided

THanks for the fix, php -v and php -m works. Yes indeed that was the order. Just as it was it called our extensions code twice because zend extension manager wasn;'t the last in the list. It also called other extensions twice. that was not the behaviour that we wanted.

i will test the zend encoded script asap

comment:17 Changed 19 months ago by moo

  • Milestone changed from undecided to 3.0.2

comment:18 Changed 19 months ago by moo

  • Blocking 308 added

comment:19 Changed 19 months ago by moo

  • Blocking 308 removed
Note: See TracTickets for help on using tickets.