ius-community team mailing list archive

[Ben Harper <ben.harper@xxxxxxxxxxxxx>]

On 08/17/2015 04:16 AM, Jakov Sosic wrote:
> On 07/27/2015 07:51 PM, Ben Harper wrote:
> > Hey Jakov,
> >
> > Thanks for taking the time to reach out to us about this issue.  Can we
> > assume this code and configuration worked with php55u with
> > php55u-pecl-memcache?  Also can we assume the code works without the
> > memcache module?  Have you tried the memcached module?
> >
> > With these types of issues, we need to figure out is this an upstream
> > issue with the pecl module itself or an issue with the way the module is
> > packaged.  While I am not an expert with the memcache module, I don't
> > think this is issue with the way we package memcache.
> >
> > Looking over the output, I do see you are running an older version of
> > PHP.  Have you tried with php56u-5.6.11?
> >
> > Looking over bugs for the memache module[0], I don't see anything that
> > jumps out at me.  There are a few bugs that mention memcache_pool.c[1],
> > but I am not sure if any of those are related.  It might be worth
> > looking through those bugs.
> >
> > -Ben
> >
> >
> > [0]
> > https://bugs.php.net/search.php?cmd=display&status=Open&package_name[]=memcache
> >
> >
> > [1]
> > https://bugs.php.net/search.php?cmd=display&search_for=memcache_pool.c&x=0&y=0
>
> Upon further debugging the page that actually generates segfault, I've
> come up to:
>
> <?php chdir('..'); ?>
>
> This is enough to generate a coredump.
>
> This is backtrace:
>
> Core was generated by `/usr/sbin/httpd'.
> Program terminated with signal 11, Segmentation fault.
> #0  _zend_mm_free_int (heap=0x7fc7f1b98200, p=0x7fc7f04c8a80) at
> /usr/src/debug/php-5.6.11/Zend/zend_alloc.c:2104
> 2104        if (ZEND_MM_IS_FREE_BLOCK(next_block)) {
> Missing separate debuginfos, use: debuginfo-install
> libc-client-2007e-11.el6.x86_64 libidn-1.18-2.el6.x86_64
> libtool-ltdl-2.2.6-15.5.el6.x86_64 sqlite-3.6.20-1.el6.x86_64
>
>
> (gdb) bt
> #0  _zend_mm_free_int (heap=0x7fc7f1b98200, p=0x7fc7f04c8a80) at
> /usr/src/debug/php-5.6.11/Zend/zend_alloc.c:2104
> #1  0x00007fc7e8f72dc7 in zif_accel_chdir (ht=<value optimized out>,
> return_value=<value optimized out>, return_value_ptr=<value optimized
> out>, this_ptr=<value optimized out>,
>      return_value_used=<value optimized out>) at
> /usr/src/debug/php-5.6.11/ext/opcache/ZendAccelerator.c:162
> #2  0x00007fc7e8d4674c in xdebug_handle_hit_value@plt () from
> /usr/lib64/php/modules/xdebug.so
> #3  0x0000000000000000 in ?? ()
>
>
> (gdb) print (char *)executor_globals.active_op_array->function_name
> $1 = 0x0
>
>
> (gdb) frame 0
> #0  _zend_mm_free_int (heap=0x7fc7f1b98200, p=0x7fc7f04c8a80) at
> /usr/src/debug/php-5.6.11/Zend/zend_alloc.c:2104
> 2104        if (ZEND_MM_IS_FREE_BLOCK(next_block)) {
>
>
> (gdb) info frame
> Stack level 0, frame at 0x7ffc4bcd9160:
>   rip = 0x7fc7ec82f905 in _zend_mm_free_int
> (/usr/src/debug/php-5.6.11/Zend/zend_alloc.c:2104); saved rip
> 0x7fc7e8f72dc7
>   called by frame at 0x7ffc4bcda180
>   source language c.
>   Arglist at 0x7ffc4bcd9128, args: heap=0x7fc7f1b98200, p=0x7fc7f04c8a80
>   Locals at 0x7ffc4bcd9128, Previous frame's sp is 0x7ffc4bcd9160
>   Saved registers:
>    rbx at 0x7ffc4bcd9130, rbp at 0x7ffc4bcd9138, r12 at 0x7ffc4bcd9140,
> r13 at 0x7ffc4bcd9148, r14 at 0x7ffc4bcd9150, rip at 0x7ffc4bcd9158
>
>
> (gdb) info locals
> mm_block = 0x7fc7f04c8a70
> next_block = 0xff8fe0991018
> size = 140496706766248
>
>
> (gdb) print (char *)executor_globals.active_op_array->function_name
> $3 = 0x0
>
>
>
> Can you guys try to reproduce it?
>
> _______________________________________________
> Mailing list: https://launchpad.net/~ius-community
> Post to     : ius-community@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~ius-community
> More help   : https://help.launchpad.net/ListHelp


Thanks for the additional information.  On a test server, I installed 
the following php packages along with stock httpd:

# rpm -qa |grep php
php56u-common-5.6.11-1.ius.centos6.x86_64
php56u-xml-5.6.11-1.ius.centos6.x86_64
php56u-pear-1.9.5-1.ius.centos6.noarch
php56u-5.6.11-1.ius.centos6.x86_64
php56u-process-5.6.11-1.ius.centos6.x86_64
php56u-pecl-jsonc-1.3.7-1.ius.centos6.x86_64
php56u-pecl-memcache-3.0.8-4.ius.centos6.x86_64
php56u-cli-5.6.11-1.ius.centos6.x86_64
php56u-pecl-xdebug-2.3.3-1.ius.centos6.x86_64

Than I attempted to reproduce based on the information in your previous 
message:

 # cat /var/www/html/test.php
<?php chdir('..'); ?>
# php /var/www/html/test.php
#

The the log entries when I loaded that test page:

# tail -n 0 -f /var/log/httpd/*
==> /var/log/httpd/access_log <==

==> /var/log/httpd/error_log <==

==> /var/log/httpd/access_log <==
173.203.4.162 - - [17/Aug/2015:08:49:46 -0500] "GET /test.php HTTP/1.1" 
200 - "http://162.242.211.102/"; "Mozilla/5.0 (X11; Linux x86_64; 
rv:40.0) Gecko/20100101 Firefox/40.0"


# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address 
    State       PID/Program name
tcp        0      0 0.0.0.0:11211               0.0.0.0:* 
    LISTEN      27007/memcached
tcp        0      0 0.0.0.0:22                  0.0.0.0:* 
    LISTEN      1347/sshd
tcp        0      0 127.0.0.1:25                0.0.0.0:* 
    LISTEN      1426/master
tcp        0      0 :::11211                    :::* 
    LISTEN      27007/memcached
tcp        0      0 :::80                       :::* 
    LISTEN      25892/httpd
tcp        0      0 :::22                       :::* 
    LISTEN      1347/sshd
tcp        0      0 ::1:25                      :::* 
    LISTEN      1426/master

# cat /etc/php.d/40-memcache.ini
; ----- Enable memcache extension module
extension=memcache.so

; ----- Options for the memcache module
; see http://www.php.net/manual/en/memcache.ini.php

; Whether to transparently failover to other servers on errors
;memcache.allow_failover=1
; Data will be transferred in chunks of this size
;memcache.chunk_size=32768
; Autocompress large data
;memcache.compress_threshold=20000
; The default TCP port number to use when connecting to the memcached 
server
;memcache.default_port=11211
; Hash function {crc32, fnv}
;memcache.hash_function=crc32
; Hash strategy {standard, consistent}
;memcache.hash_strategy=consistent
; Defines how many servers to try when setting and getting data.
;memcache.max_failover_attempts=20
;  The protocol {ascii, binary} : You need a memcached >= 1.3.0 to use 
the binary protocol
;  The binary protocol results in less traffic and is more efficient
;memcache.protocol=ascii
;  Redundancy : When enabled the client sends requests to N servers in 
parallel
;memcache.redundancy=1
;memcache.session_redundancy=2
;  Lock Timeout
;memcache.lock_timeout = 15

; ----- Options to use the memcache session handler

; RPM note : save_handler and save_path are defined
; for mod_php, in /etc/httpd/conf.d/php.conf
; for php-fpm, in /etc/php-fpm.d/*conf

; Use memcache as a session handler
;session.save_handler=memcache
; Defines a comma separated of server urls to use for session storage
;session.save_path="tcp://localhost:11211?persistent=1&weight=1&timeout=1&retry_interval=15"
session.save_path = "tcp://localhost:11211"
session.gc_maxlifetime = 10800

Am I testing correctly?

You mentioned that you are rebuilding your php packages against httpd24. 
 Can you reproduce this issue with stock IUS php packages?

-Ben