Uploaded image for project: 'Couchbase PHP client library'
  1. Couchbase PHP client library
  2. PCBC-147

Segmentation Fault (segfault) when querying view

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.1.0-dp5
    • Fix Version/s: 1.1.0
    • Component/s: library
    • Security Level: Public
    • Labels:
      None
    • Environment:
      PHP 5.3.13 / 5.3.15, Redhat 5.6

      Description

      When doing a query against a view, the php application segfaults. Set/get/delete commands all work fine.

      Attached is an strace, a stack trace from gdb, and various other support files, including the repro script.

      1. cbt.php
        0.2 kB
        Jeff Minard
      2. gdb.txt
        0.9 kB
        Jeff Minard
      3. gdb-bt.txt
        1 kB
        Jeff Minard
      4. gdb-bt-git.txt
        1 kB
        Jeff Minard
      5. php-m-i.txt
        0.8 kB
        Jeff Minard
      6. strace.txt
        88 kB
        Jeff Minard
      No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

        Hide
        ingenthr Matt Ingenthron added a comment -

        Thanks for the quick work Mark! Looks like it'll be closeable after it's reviewed and in.

        Show
        ingenthr Matt Ingenthron added a comment - Thanks for the quick work Mark! Looks like it'll be closeable after it's reviewed and in.
        Hide
        chuyskywalker Jeff Minard added a comment -

        That changed fixed the segfault, yes. The value assigned to the variable from the $cb->view() call is bool(false)

        Show
        chuyskywalker Jeff Minard added a comment - That changed fixed the segfault, yes. The value assigned to the variable from the $cb->view() call is bool(false)
        Show
        mnunberg Mark Nunberg added a comment - http://review.couchbase.org/22573
        Hide
        mnunberg Mark Nunberg added a comment -

        Can you try this patch?

        diff --git a/views.c b/views.c
        index 6c7bc30..7d03c5a 100644
        — a/views.c
        +++ b/views.c
        @@ -52,12 +52,13 @@ void php_couchbase_complete_callback(lcb_http_request_t request,
        return;
        }

        + /** We have one extra byte in 'data' */
        hti = emalloc(sizeof(*hti) + resp->v.v0.nbytes);
        hti->ndata = resp->v.v0.nbytes;

        • memcpy(hti->data, resp->v.v0.bytes, hti->ndata + 1);
          +
          if (hti->ndata) { - hti->data[hti->ndata - 1] = '\0'; - hti->ndata--; + memcpy(hti->data, resp->v.v0.bytes, hti->ndata); + hti->data[hti->ndata] = '\0'; }

        ctx->res->rc = error;

        I'll make it as a gerrit changeset as well..

        Show
        mnunberg Mark Nunberg added a comment - Can you try this patch? diff --git a/views.c b/views.c index 6c7bc30..7d03c5a 100644 — a/views.c +++ b/views.c @@ -52,12 +52,13 @@ void php_couchbase_complete_callback(lcb_http_request_t request, return; } + /** We have one extra byte in 'data' */ hti = emalloc(sizeof(*hti) + resp->v.v0.nbytes); hti->ndata = resp->v.v0.nbytes; memcpy(hti->data, resp->v.v0.bytes, hti->ndata + 1); + if (hti->ndata) { - hti->data[hti->ndata - 1] = '\0'; - hti->ndata--; + memcpy(hti->data, resp->v.v0.bytes, hti->ndata); + hti->data[hti->ndata] = '\0'; } ctx->res->rc = error; I'll make it as a gerrit changeset as well..
        Hide
        chuyskywalker Jeff Minard added a comment -

        Here is the same segfault when using the latest couchbase.so compiled from the github master branch (so, cutting edge, I'd seen some lcb changes, so I figured I'd give ya both).

        Show
        chuyskywalker Jeff Minard added a comment - Here is the same segfault when using the latest couchbase.so compiled from the github master branch (so, cutting edge, I'd seen some lcb changes, so I figured I'd give ya both).
        Hide
        chuyskywalker Jeff Minard added a comment -

        Yes, this looks much more helpful

        Show
        chuyskywalker Jeff Minard added a comment - Yes, this looks much more helpful
        Hide
        mnunberg Mark Nunberg added a comment - - edited

        My bad. Type 'bt' when you get the segfault

        That'll show you the stack trace

        Show
        mnunberg Mark Nunberg added a comment - - edited My bad. Type 'bt' when you get the segfault That'll show you the stack trace
        Hide
        chuyskywalker Jeff Minard added a comment -

        gdb file, looks pretty useless without a php debug symbols version

        Show
        chuyskywalker Jeff Minard added a comment - gdb file, looks pretty useless without a php debug symbols version
        Hide
        chuyskywalker Jeff Minard added a comment -

        I was asked to run a gdb, but I don't really think it looks that helpful. I've attached it.

        Show
        chuyskywalker Jeff Minard added a comment - I was asked to run a gdb, but I don't really think it looks that helpful. I've attached it.

          People

          • Assignee:
            mnunberg Mark Nunberg
            Reporter:
            chuyskywalker Jeff Minard
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Gerrit Reviews

              There are no open Gerrit changes