digest is down; suggestions welcome
I upgraded shiningsilence.com from 1.12.1 to 1.12.2 last night; since
then, PHP applications crash.
The DragonFlyBSD Digest is run with WordPress, which is in PHP, so
I'm having a bit of trouble posting anything. I'm seeing a whole
lot of this:
[Mon May 12 21:08:51 2008] [notice] child pid 61809 exit signal
Segmentation fault (11)
I occasionally get something in PHP (squirrelmail) to run after a
restart of Apache, but it will stop after a few page loads. I've
updated and rebuilt Apache and ap_php; I'm running out of ideas on
what could cause this or how to troubleshoot - I don't see any core
files being created. Suggestions welcome.
#2 Updated by dillon over 6 years ago
:... and if it helps, backtrace obtained with sjg's help here:
I google searched zif_unserialize and found a bunch of bug reports
from 2005/2006 that look similar. I couldn't find anything definitive
but there was one suggestion that the thread stack might be too small,
another someone else posted something about a bug being fixed in PHP_5_2.
This was 2 years ago, though.
The only other thing I can suggest is to check the dates on the various
.so libraries being accessed. You may have updated the application but
not the shared library backing it.
#5 Updated by dillon over 6 years ago
:On May 12, 2008, at 11:53 PM, Justin Sherrill wrote:
:> ... and if it helps, backtrace obtained with sjg's help here:
:http://www.pastebin.org/35758 has the same results with more
:debugging info retained by recompiling the applications.
I hate to suggest it but... if you can get that mess (the core,
binaries, and libraries) onto your leaf account so I can gdb it
myself, I can try to track down why it crashed.
#9 Updated by dblazakis over 6 years ago
It seems there was an off-by-one error in the strspn code in our libc.
The buffer was a byte too small and resulted in overwriting the saved
ebx which was the offset to the GOT -- but only if strspn was used
with a \xff in the second string.
I have a patch here:
I've verified it fixes the PHP problem. Also, I tested it against a
small program that called strspn with a \xff in the second string and
verified that ebx was correctly restored (unlike prior to the patch).
On Wed, May 14, 2008 at 2:32 PM, Joerg Sonnenberger
> On Wed, May 14, 2008 at 11:30:19AM -0400, Justin C. Sherrill wrote:
>> Antonio Huete Jimenez wrote:
>>> Antonio Huete Jimenez <email@example.com> added the comment:
>>> What about the commits between 1.12.1 and 1.12.2 related with threading lib?
>> I'm still using the same threading library in both cases - libc_r.
> I've been seeing random PHP segfaults lately in the module init code.
> That's a standalone PHP using FastCGI.
#11 Updated by dblazakis over 6 years ago
But the size of the array is 256; 0-255 inclusive.
On Wed, May 14, 2008 at 3:16 PM, Joerg Sonnenberger
> On Wed, May 14, 2008 at 02:49:14PM -0400, Dionysus Blazakis wrote:
>> I have a patch here:
> That doesn't make sense. The array is indexed by 0..255 below and 256 is
> certainly not a valid character.
#15 Updated by jspringe over 6 years ago
On Wed, 14 May 2008 16:06:19 -0400 (EDT)
"Justin C. Sherrill" <firstname.lastname@example.org> wrote:
It definitely would be,
just as a side-note, I am curious if that also may have something to do with Johannes Problem
that he mentioned in the gcc Fortran base thread and here:
If that's pure nonsense ignore it but i remember him having problems with strspn !?
#16 Updated by Johannes.Hofmann over 6 years ago
As far as I can see it's unrelated. It seems to be another libc bug
that has been fixed in FreeBSD some time ago:
#17 Updated by dillon over 6 years ago
:On Wed, May 14, 2008 4:06 pm, Justin C. Sherrill wrote:
:> This fixed it - the Digest is back up, thanks to Dave.
:I meant Dion. Dave was the one who explained how to recompile easily.
:"Thanks, a bunch of helpful people".