Log SPAM - PHPSESSION 1 open sessions left at shutdown script…



  • I updated to the latest snapshots about 12 hours ago and I'm seeing this in the System Logs every 6 seconds:

    PHPSESSION 1 open sessions left at shutdown script!Array ( [0] => #### phpsession_begin #### simplestacktrace(..) - /etc/inc/phpsessionmanager.inc:38 phpsession_begin(..) - /usr/local/www/csrf/csrf-magic.php:353 csrf_start(..) - /usr/local/www/csrf/csrf-magic.php:188 csrf_check(..) - /usr/local/www/csrf/csrf-magic.php:405 require_once(..) - /usr/local/www/guiconfig.inc:36 require_once(..) - /usr/local/www/status_queues.php:35 )
    

    Does anyone know where its coming from or how to make it stop?

    I've just updated again to the latest snapshots and its still there.


  • Banned

    I've also had a csrf-magic crash on my 2.4.0 system although it isn't spamming the logs and I'm not on the latest build.



  • Maybe related to this commit that was added in between the version I was running and the version I recently updated to?  This change introduced phpsessionmanager.inc and added also introduced the error logging I'm seeing to the Syslog so guessing there is a bug somewhere…

    https://github.com/pfsense/pfsense/commit/633d1cd9cf2b7e42fd1accfd41b5dc9a439e9bf8



  • I found I had a GUI session open to the Queues Status page from an earlier session on another machine that was trying to update continually in the background every 5 or so seconds.  Once I closed that in the browser the log entries have stopped.  Its unclear to me whether there is a bug here or not now.  I've tried opening new Queue windows in the browser and I'm not seeing any new entries.



  • So likely the login session expired but the timer for refreshing the queue status was still tying to access the stats that were now telling the csrf token was not valid anymore.

    This scenario should be fixed when this gets pulled: https://github.com/pfsense/pfsense/pull/3690


Log in to reply