#14 Segmentation faults

closed
nobody
None
5
2002-10-29
2002-07-04
Seung H. Lee
No

SquirrelMail 1.2.6 and 1.2.7
Debian, Apache 1.3.26, PHP
4.2.1

SquirrelMail segfaults often on the machine,
at
various times.

Having the same versions of the
software, on a
test machine I was able to reproduce
the
problem.(not sure whether it's the same kind
of
problem as with the production machine or
not)

Here is the
backtrace.

#0 0x401a5037 in writev () from
/lib/libc.so.6
No symbol table info available.
#1
0x08052ca3 in writev_it_all (fb=0x80946e4,
vec=0xbfff38dc, nvec=4)
at buff.c:1138
i = 0
rv = -
1073792805
#2 0x08052eff in large_write
(fb=0x80946e4, buf=0x8188bdc, nbyte=56)
at
buff.c:1293
vec = {{iov_base = 0x80ef654, iov_len = 4092},
{iov_base = 0xbfff38cc,
iov_len = 4}, {iov_base =
0x8188bdc, iov_len = 56}, {iov_base = 0x8073b47,

iov_len = 2}}
nvec = 4
chunksize =
"38\r\n\0?023@???q\026\b"
#3 0x08052fa2 in
ap_bwrite (fb=0x80946e4, buf=0x8188bdc, nbyte=56)
at
buff.c:1356
i = 135222980
nwr = 67
useable_bufsiz = 0
#4
0x08061278 in ap_rwrite (buf=0x8188bdc, nbyte=56,
r=0x80f56c4)
at http_protocol.c:2607
r = (request_rec *)
0x80f56c4
n = 0
#5 0x4028f9cb in php_save_umask ()
from /usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#6 0x4029aefe in php_ob_get_length () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#7 0x4029a6de in php_body_write () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#8 0x40292b49 in php_request_shutdown ()
from /usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#9 0x402856e0 in zend_print_zval_ex () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#10 0x40285681 in zend_print_zval () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#11 0x40285318 in zend_print_variable () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#12 0x40276775 in execute () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#13 0x40278a51 in execute () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#14 0x40278a51 in execute () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#15 0x40278a51 in execute () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#16 0x4028660e in zend_execute_scripts ()
from /usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#17 0x40293d66 in php_execute_script () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#18 0x4028f8ce in
apache_php_module_main () from
/usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#19 0x402903ce in php_restore_umask ()
from /usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#20 0x40290435 in php_restore_umask ()
from /usr/lib/apache/1.3/libphp4.so
No symbol table info
available.
#21 0x08053a94 in ap_invoke_handler
(r=0x80f56c4) at http_config.c:517
handp =
(fast_handler_rec *) 0x808da3c
handler = 0x40398cec
"\001"
p = 0xffffffe0 <Address 0xffffffe0 out of bounds>

handler_len = 3221224392
result = 500
#22 0x0806339c
in process_request_internal (r=0x80f56c4) at
http_request.c:1308
access_status = 0
#23 0x080633f8
in ap_process_request (r=0x80f56c4) at
http_request.c:1324
r = (request_rec *) 0x80f56c4

old_stat = 134825700
#24 0x0805cbdb in child_main
(child_num_arg=0) at http_main.c:4681
conn_io =
(BUFF *) 0x80946e4
r = (request_rec *) 0x80f56c4

child_num_arg = 135222980
clen = 16
sa_server =
{sa_family = 2, sa_data = "\0P?d\005\0???235?}

sa_client = {sa_family = 2, sa_data =
"\tJ?dR\0???235?}
lr = (listen_rec *) 0xffffffe0
#25
0x0805cd6c in make_child (s=0x8088f64, slot=0,
now=1025761598)
at http_main.c:4805
slot = 0
now = -32

pid = 0
#26 0x0805ce89 in startup_children
(number_to_start=5) at http_main.c:4887

number_to_start = 5
i = 0
now = 1025761598
#27
0x0805d365 in standalone_main (argc=2,
argv=0xbffffe44) at http_main.c:5195

remaining_children_to_start = 5
#28 0x0805da6d in
main (argc=2, argv=0xbffffe44) at http_main.c:5558
argc
= 2
argv = (char **) 0xbffffe44
c = -32
sock_in = 1075781072

sock_out = 1073823736
s = 0xffffffe0 <Address 0xffffffe0
out of bounds>

Discussion

  • Jason Munro
    Jason Munro
    2002-07-05

    • assigned_to: nobody --> jmunro
     
  • Jason Munro
    Jason Munro
    2002-07-05

    Logged In: YES
    user_id=442854

    hmmm.... segfaults of apache/php. strange. Not sure what to
    tell you about this. Is this happening to other PHP
    scripts? I have been running SM on a production mailserver
    with 1.3.x series of apache with PHP 4.0.6 -> 4.2.1 without
    anything like this. I will assign this to myself for the
    time being.

    jason
    jason@stdbev.com

     
  • Seung H. Lee
    Seung H. Lee
    2002-07-07

    Logged In: YES
    user_id=185950

    I also have a number of scripts that use PHP4's IMAP
    functions, and they don't produce these symptoms.

    Strange thing is, if I copy over the exact same setup to
    a machine that runs RedHat 7.1 with PHP 4.0.6, it runs
    fine without any segfaults. I guess it could be bug within
    Debian's Apache and/or PHP, but then again it only
    happens with SquirrelMail.

    Any ideas?

     
  • Jason Munro
    Jason Munro
    2002-07-19

    Logged In: YES
    user_id=442854

    SM does not use PHP IMAP functions. It uses its own
    functions for communicating with IMAP. Can you track this
    segfault down to a particular event in SM? that would sure
    help in tracking down the offending code, if it is a SM
    problem. Based on what you have told me and my experience
    with SM I tend to beleive that this is a problem with
    debian's Apache/PHP packages but I am just not sure.

    jason
    jason@stdbev.com

     
  • Seung H. Lee
    Seung H. Lee
    2002-07-22

    Logged In: YES
    user_id=185950

    I think it happens most frequently (but not limited to) when
    the messages are moved/sent, etc.

    I'll compile apache/php from source and see if it does any
    better. Thanks for your help so far.

     
  • Logged In: YES
    user_id=476981

    I also sometimes have segfaults with php 4.1.2 and apache
    1.3.26. In my case it has to do with a while loop where
    things went wrong. Those bugs are nearly impossible to
    trace and I still don''t know why I get a segfault instead of a
    warning about maximum execution time of a script.

     
  • Jason Munro
    Jason Munro
    2002-10-09

    • assigned_to: jmunro --> nobody
     
  • Chris Hilts
    Chris Hilts
    2002-10-23

    Logged In: YES
    user_id=626255

    Are you using LDAP with SquirrelMail? Debian's php4-ldap package has a bug report filed against it concerning segfaults. See Debian bug #87997.

     
    • status: open --> closed
     
  • Logged In: YES
    user_id=285765

    Hello,

    Your report was filed against an old version of SquirrelMail. We
    have new releases out which have fixed many issues. Can you
    please test the most recent version - or even better the CVS
    version - and report if this issue still exists? Thanks!