[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Segmentation fault in dcigettext.c:925 using Apache + PHP
From: |
Wiebe Cazemier |
Subject: |
Segmentation fault in dcigettext.c:925 using Apache + PHP |
Date: |
Thu, 28 May 2020 09:55:43 +0200 (CEST) |
Hi,
We're running an Ubuntu 18.04 server with GNU Gettext 0.19.8.1-6ubuntu0.3,
Apache 2.4.29-1ubuntu4.13, mod-php 7.2.24-0ubuntu0.18.04.6. We're getting
occasional segmentation faults in the Apache worker, from dcigettext.c:925:
> Program terminated with signal SIGSEGV, Segmentation fault.
> [...snip...]
> 925 dcigettext.c: No such file or directory.
> (gdb) bt
> #0 _nl_find_msg (domain_file=domain_file@entry=0x55c520144980,
> domainbinding=domainbinding@entry=0x55c520141aa0,
> msgid=msgid@entry=0x7fd27b426610 "Home", convert=convert@entry=1,
> lengthp=lengthp@entry=0x7ffde958b268) at dcigettext.c:925
> #1 0x00007fd29bc6f5eb in __dcigettext (domainname=<optimized out>,
> msgid1=0x7fd27b426610 "Home", msgid2=0x0, plural=0, n=0, category=5) at
> dcigettext.c:710
> #2 0x00007fd288adf649 in ?? () from /usr/lib/php/20170718/gettext.so
Full backtrace is attached.
dcigettext.c is actually installed by the gettext package (and it's the same
one as 'apt-get source gettext' pulls in), but I think that version is not the
one used to compile. Line 710 is not _nl_find_msg(). In fact, it's a comment.
But, if it is the file, line 925 is the call to W() here:
/* Locate the MSGID and its translation. */
if (domain->hash_tab != NULL)
{
/* Use the hashing table. */
nls_uint32 len = strlen (msgid);
nls_uint32 hash_val = __hash_string (msgid);
nls_uint32 idx = hash_val % domain->hash_size;
nls_uint32 incr = 1 + (hash_val % (domain->hash_size - 2));
while (1)
{
nls_uint32 nstr =
W (domain->must_swap_hash_tab, domain->hash_tab[idx]); // <- Line 925.
if (nstr == 0)
/* Hash table entry is empty. */
return NULL;
Then, the locals:
(gdb) info locals
nstr = <error reading variable nstr (Cannot access memory at address
0x7fd27a571a08)>
len = <optimized out>
hash_val = <optimized out>
idx = 23
incr = 379
domain = 0x55c520144c10
nstrings = 665
act = <optimized out>
result = <optimized out>
resultlen = <optimized out>
The the domain struct:
(gdb) print *domain
$2 = {data = 0x7fd27a56f000 <error: Cannot access memory at address
0x7fd27a56f000>, use_mmap = 1, mmap_size = 74773, must_swap = 0, malloced =
0x0, nstrings = 665, orig_tab = 0x7fd27a56f01c, trans_tab = 0x7fd27a5704e4,
n_sysdep_strings = 0, orig_sysdep_tab = 0x0,
trans_sysdep_tab = 0x0, hash_size = 887, hash_tab = 0x7fd27a5719ac,
must_swap_hash_tab = 0, conversions = 0x55c51fd8e300, nconversions = 1,
conversions_lock = {__data = {__readers = 0, __writers = 0, __wrphase_futex =
0, __writers_futex = 0, __pad3 = 0, __pad4 = 0,
__cur_writer = 0, __shared = 0, __rwelision = 0 '\000', __pad1 =
"\000\000\000\000\000\000", __pad2 = 0, __flags = 0}, __size = '\000' <repeats
55 times>, __align = 0}, plural = 0x55c520143a00, nplurals = 1}
Then a frame up the trace (frame 1):
(gdb) info locals
domain = 0x55c520144980
binding = <optimized out>
categoryname = <optimized out>
categoryvalue = 0x7fd29186f20e ""
dirname = 0x55c520141ad0 "/var/www/website/includes/locale"
xdirname = 0x0
xdomainname = 0x7ffde958b1c0 "LC_MESSAGES/messages.mo"
single_locale = <optimized out>
retval = <optimized out>
retlen = 140728518357728
saved_errno = 2
search = {domainname = 0x7fd29bdf4830 <_nl_default_default_domain> "messages",
category = 5, localename = 0x55c52034ab90 "zh_CN", counter = -1734892282,
domain = 0x0, translation = 0x7fd2918826f8 "Turkish", translation_length = 0,
msgid = {
appended = 0x7ffde958b2a8 "\020fB{\322\177", ptr = 0x7fd27b426610 "Home"}}
foundp = 0x55c520144ce0
localename = 0x55c52034ab90 "zh_CN"
domainname_len = 8
Then the args:
(gdb) info args
domainname = <optimized out>
msgid1 = 0x7fd27b426610 "Home"
msgid2 = 0x0
plural = 0
n = 0
category = 5
Any ideas? Or any ideas how to debug further?
Regards,
Wiebe
gettext-backtrace.txt
Description: Text document
- Segmentation fault in dcigettext.c:925 using Apache + PHP,
Wiebe Cazemier <=