ID: 46331 Updated by: [EMAIL PROTECTED] Reported By: Bjorn dot Wiberg at its dot uu dot se Status: Assigned Bug Type: Filesystem function related Operating System: Any PHP Version: 5.3CVS-2008-10-17 (snap) -Assigned To: pajoye +Assigned To: scottmac New Comment:
I've fixed the segfault by copying the memory and letting it do the byteswap there. This however wastes memory in the long run so I'm leaving this assigned to me as a reminder to fix this memory wastage. It only affects Big-Endian systems though. Previous Comments: ------------------------------------------------------------------------ [2008-10-20 16:13:25] [EMAIL PROTECTED] For big-endian machines its trying to do byte swapping on the internal database which is marked as const. This happens on OSX too with PowerPC. ------------------------------------------------------------------------ [2008-10-20 11:02:04] Bjorn dot Wiberg at its dot uu dot se Sorry, same result, it seems that it comes across the C64 tape type and then crashes (see below). However -- the byteswap and segmentation faults remind me of [EMAIL PROTECTED]'s comment regarding "a patch that fixes *sprintf() compile issues /../ Though it still segfault both on Linux (in regfree()) and AIX": http://bugs.php.net/bug.php?id=45740 Could it be that the patch was applied, but nothing was done regarding the segmentation faults? Best regards, Björn [EMAIL PROTECTED]:~$ gdb /apache/php/bin/php GNU gdb 6.0 Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "powerpc-ibm-aix5.1.0.0"...s (gdb) set args -d extension_dir=/apache/php/lib/php/extensions/debug-non-zts-20071006 -r '$finfo=finfo_open();' (gdb) run Starting program: /apache/php/bin/php -d extension_dir=/apache/php/lib/php/extensions/debug-non-zts-20071006 -r '$finfo=finfo_open();' Program received signal SIGSEGV, Segmentation fault. 0x107ca694 in bs1 (m=0x10ad4340) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:2106 2106 /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c: No such file or directory. in /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c (gdb) bt full #0 0x107ca694 in bs1 (m=0x10ad4340) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:2106 No locals. #1 0x107ca398 in byteswap (magic=0x10ad4340, nmagic=8476) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:2036 i = 0 #2 0x107c9f10 in apprentice_map (ms=0x200d23fc, magicp=0x2ff21d74, nmagicp=0x2ff21d78, fn=0x0) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:1928 ptr = (uint32_t *) 0x10ad4280 version = 5 needsbyteswap = 1 dbname = 0x0 mm = (void *) 0x10ad4280 ret = 3 stream = (php_stream *) 0x2ff21cb8 st = {sb = {st_dev = 1, st_ino = 13, st_mode = 804396216, st_nlink = 12274, st_flag = 7496, st_uid = 804396224, st_gid = 804396320, st_rdev = 48, st_size = 537732188, st_atime = 4444, st_atime_n = 0, st_mtime = 537732192, st_mtime_n = 0, st_ctime = 528, st_ctime_n = 804396296, st_blksize = 512, st_blocks = 0, st_vfstype = 24, st_vfs = 0, st_type = 12, st_gen = 13, st_reserved = {537732220, 537732192, 0, 537732192, 537729208, 12, 5, 0, 804396320}}} #3 0x107c4a18 in apprentice_1 (ms=0x200d23fc, fn=0x0, action=0, mlist=0x200d18a4) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:253 magic = (struct magic *) 0x10ad4340 nmagic = 8476 ml = (struct mlist *) 0x0 rv = -1 mapped = 279784544 #4 0x107c4d1c in file_apprentice (ms=0x200d23fc, fn=0x0, action=0) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:320 p = 0x0 mfn = 0x77 "" file_err = 279783108 errs = -1 mlist = (struct mlist *) 0x200d18a4 #5 0x107c38f8 in magic_load (ms=0x200d23fc, magicfile=0x0) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/magic.c:192 ml = (struct mlist *) 0x200d23fc #6 0x107c1c80 in zif_finfo_open (ht=0, return_value=0x200d18e4, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/fileinfo.c:349 options = 0 file = 0x0 file_len = 0 finfo = (struct php_fileinfo *) 0x200d23c8 object = (zval *) 0x0 resolved_path = "\000\000\000\b \tUp\000\000\000\000/�036�/�037\b \r\n�\r\n�000\000\000\000 \r\n�\f ,\000\000\000\000\000\003\024X\000\000\000\022/�036��037`/�036�020\001�/�036�\f�\000\000\000\001\000\000\000\000\000\000\000\000 \f�\f \004\000\000\000\a\000\000\000� \000\000�/�037\b/�037`\000\003\024X\020\001� \r\v�6v\020 \tUp \f\036\030 \f�000\000\000\001\020\205�\000\000\001�\000\000\000\000/�037`\000\003\024X/�037h\000\000\001, \r\n�000\000\000�\000\000\000\022\000\000\000\000\000\000\000\022/�037`"... obj = (struct finfo_object *) 0x2ff21ea8 #7 0x100a73d0 in zend_do_fcall_common_helper_SPEC (execute_data=0x202fb9f8) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_vm_execute.h:315 opline = (zend_op *) 0x200d22b8 should_change_scope = 0 '\0' #8 0x100af058 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x202fb9f8) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_vm_execute.h:1574 opline = (zend_op *) 0x200d22b8 fname = (zval *) 0x200d22d4 #9 0x100a613c in execute (op_array=0x200d1f50) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_vm_execute.h:65 ret = 0 execute_data = (zend_execute_data *) 0x202fb9f8 nested = 1 '\001' original_in_execution = 0 '\0' #10 0x1003d0b8 in zend_eval_string (str=0x2ff22906 "$finfo=finfo_op\en();", retval_ptr=0x0, string_name=0x1085b7b8 "Command lin\e cod\e") at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_execute_API.c:1111 local_retval_ptr = (zval *) 0x0 original_return_value_ptr_ptr = (zval **) 0x0 original_opline_ptr = (zend_op **) 0x0 pv = {value = {lval = 804399366, dval = 9.8021850641686377e-78, str = {val = 0x2ff22906 "$finfo=finfo_op\en();", len = 20}, ht = 0x2ff22906, obj = {handle = 804399366, handlers = 0x14}}, refcount__gc = 1, type = 6 '\006', is_ref__gc = 47 '/'} new_op_array = (zend_op_array *) 0x200d1f50 original_active_op_array = (zend_op_array *) 0x0 original_compiler_options = 2 retval = 537729252 l = 537729316 #11 0x1003d2f8 in zend_eval_string_ex (str=0x2ff22906 "$finfo=finfo_op\en();", retval_ptr=0x0, string_name=0x1085b7b8 "Command lin\e cod\e", handle_exceptions=1) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_execute_API.c:1146 result = 0 #12 0x1000310c in main (argc=5, argv=0x2ff22800) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/sapi/cli/php_cli.c:1169 __orig_bailout = (sigjmp_buf *) 0x0 __bailout = {-1, -1, 268444612, 804398288, 537482608, -559038737, 5, 804399104, 804399128, 0, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, 11, 536871100, 268435456, -26, 804398288, 673464868, 0 <repeats 37 times>, 804399128, 0} exit_status = 0 c = -1 ---Type <return> to continue, or q <return> to quit--- file_handle = {type = ZEND_HANDLE_FP, filename = 0x1085b760 "-", opened_path = 0x0, handle = {fd = -264674272, fp = 0xf0396420, stream = {handle = 0xf0396420, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0, old_closer = 0}, reader = 0, fsizer = 0, closer = 0}}, free_filename = 0 '\0'} behavior = 6 reflection_what = 0x0 orig_optind = 1 orig_optarg = 0x0 arg_free = 0x2ff22906 "$finfo=finfo_op\en();" arg_excp = (char **) 0x2ff22810 script_file = 0x0 interactive = 0 module_started = 1 request_started = 1 lineno = 0 exec_direct = 0x2ff22906 "$finfo=finfo_op\en();" exec_run = 0x0 exec_begin = 0x0 exec_end = 0x0 param_error = 0x0 hide_argv = 0 ini_entries_len = 180 len = 67 val = 0x2ff228cd "/apach\e/php/lib/php/\ext\ensions/d\ebug-non-zts-20071006" (gdb) print *m $1 = {cont_level = 0, flag = 32 ' ', dummy1 = 0 '\0', reln = 61 '=', vallen = 31 '\037', type = 5 '\005', in_type = 0 '\0', in_op = 0 '\0', mask_op = 0 '\0', cond = 0 '\0', dummy2 = 0 '\0', offset = 0, in_offset = 0, lineno = 553648128, _u = {_mask = 0, _s = {_count = 0, _flags = 0}}, value = {b = 67 'C', h = 17206, l = 1127625760, q = 4843115763279687781, hs = "C6", hl = "C64 ", hq = "C64 tap\e", s = "C64 tap\e imag\e fil\e", '\0' <repeats 12 times>, f = 182.203613, d = 6249763483775077}, desc = "T64 tap\e Imag\e", '\0' <repeats 49 times>, mimetype = '\0' <repeats 63 times>} (gdb) c Continuing. Program terminated with signal SIGSEGV, Segmentation fault. The program no longer exists. (gdb) q [EMAIL PROTECTED]:~$ ------------------------------------------------------------------------ [2008-10-20 10:29:39] [EMAIL PROTECTED] The PHP version of fileinfo has a bundled DB and I would strongly recommend to use it instead of the system version (portability, already builtin, compiled, etc.) Can you try using: $finfo = finfo_open(); finfo should not crash but it may help you already. If you can give me a remote access to an AIX box, I can give it a try. ------------------------------------------------------------------------ [2008-10-20 06:03:56] Bjorn dot Wiberg at its dot uu dot se The magic files I'm using are here: http://www.anst.uu.se/bwiberg/files/php/file_4.21_magicfiles.tar.gz Could you please try those on your system? Thanks in advance! ------------------------------------------------------------------------ [2008-10-20 06:00:48] Bjorn dot Wiberg at its dot uu dot se [EMAIL PROTECTED]:~$ gdb /apache/php/bin/php GNU gdb 6.0 Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "powerpc-ibm-aix5.1.0.0"... (gdb) set args -d extension_dir=/apache/php/lib/php/extensions/debug-non-zts-20071006 -r '$finfo=finfo_open(FILEINFO_MIME);' (gdb) run Starting program: /apache/php/bin/php -d extension_dir=/apache/php/lib/php/extensions/debug-non-zts-20071006 -r '$finfo=finfo_open(FILEINFO_MIME);' Program received signal SIGSEGV, Segmentation fault. 0x107ca694 in bs1 (m=0x10ad4340) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:2106 2106 /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c: No such file or directory. in /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c (gdb) bt full #0 0x107ca694 in bs1 (m=0x10ad4340) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:2106 No locals. #1 0x107ca398 in byteswap (magic=0x10ad4340, nmagic=8476) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:2036 i = 0 #2 0x107c9f10 in apprentice_map (ms=0x200d2470, magicp=0x2ff21d64, nmagicp=0x2ff21d68, fn=0x0) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:1928 ptr = (uint32_t *) 0x10ad4280 version = 5 needsbyteswap = 1 dbname = 0x0 mm = (void *) 0x10ad4280 ret = 3 stream = (php_stream *) 0x2ff21ca8 st = {sb = {st_dev = 4100, st_ino = 13, st_mode = 804396200, st_nlink = 12274, st_flag = 7480, st_uid = 804396208, st_gid = 268550332, st_rdev = 804396236, st_size = 537732304, st_atime = 4368, st_atime_n = 537665048, st_mtime = 537732576, st_mtime_n = 0, st_ctime = 2, st_ctime_n = 804396280, st_blksize = 512, st_blocks = 0, st_vfstype = 24, st_vfs = 537732572, st_type = 4100, st_gen = 64, st_reserved = {537732576, 537732308, 0, 537732308, 537665560, 0, 5, 0, 804396304}}} #3 0x107c4a18 in apprentice_1 (ms=0x200d2470, fn=0x0, action=0, mlist=0x200d25c8) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:253 magic = (struct magic *) 0x10ad4340 nmagic = 8476 ml = (struct mlist *) 0x0 rv = -1 mapped = 279784544 #4 0x107c4d1c in file_apprentice (ms=0x200d2470, fn=0x0, action=0) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/apprentice.c:320 p = 0x0 mfn = 0x77 "" file_err = 279783108 errs = -1 mlist = (struct mlist *) 0x200d25c8 #5 0x107c38f8 in magic_load (ms=0x200d2470, magicfile=0x0) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/libmagic/magic.c:192 ml = (struct mlist *) 0x200d2470 #6 0x107c1c80 in zif_finfo_open (ht=1, return_value=0x200d18a4, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/ext/fileinfo/fileinfo.c:349 options = 1040 file = 0x0 file_len = 0 finfo = (struct php_fileinfo *) 0x200d243c object = (zval *) 0x0 resolved_path = "\000\000\000\b \tUp\000\000\000\000/�036\230/�036�\r\n�\r\n�000\000\000\000 \r\n�\f ,\000\000\000\000\000\003\024X\000\000\000\022/�036��037P/�036�020\001�/�036�\f�\000\000\000\001\000\000\000\000\000\000\000\000 \f�\f \004\000\000\000\a\000\000\000� \000\000�/�036��037P\000\003\024X\020\001� \r\v�6v\020 \tUp \f\036\030 \f�000\000\000\001\020\205�\000\000\001�\000\000\000\000/�037P\000\003\024X/�037X\000\000\001, \r\n�000\000\000�\000\000\000\022\000\000\000\000\000\000\000\022/�037P"... obj = (struct finfo_object *) 0x2ff21e98 #7 0x100a73d0 in zend_do_fcall_common_helper_SPEC (execute_data=0x202fb9f8) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_vm_execute.h:315 opline = (zend_op *) 0x200d232c should_change_scope = 0 '\0' #8 0x100af058 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x202fb9f8) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_vm_execute.h:1574 opline = (zend_op *) 0x200d232c fname = (zval *) 0x200d2348 #9 0x100a613c in execute (op_array=0x200d1f50) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_vm_execute.h:65 ret = 0 execute_data = (zend_execute_data *) 0x202fb9f8 nested = 1 '\001' original_in_execution = 0 '\0' #10 0x1003d0b8 in zend_eval_string (str=0x2ff228fe "$finfo=finfo_op\en(FILEINFO_MIME);", retval_ptr=0x0, string_name=0x1085b7b8 "Command lin\e cod\e") at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_execute_API.c:1111 local_retval_ptr = (zval *) 0x0 original_return_value_ptr_ptr = (zval **) 0x0 original_opline_ptr = (zend_op **) 0x0 pv = {value = {lval = 804399358, dval = 9.8021191754315175e-78, str = {val = 0x2ff228fe "$finfo=finfo_op\en(FILEINFO_MIME);", len = 33}, ht = 0x2ff228fe, obj = {handle = 804399358, handlers = 0x21}}, refcount__gc = 1, type = 6 '\006', is_ref__gc = 47 '/'} new_op_array = (zend_op_array *) 0x200d1f50 original_active_op_array = (zend_op_array *) 0x0 original_compiler_options = 2 retval = 537729252 l = 537729316 #11 0x1003d2f8 in zend_eval_string_ex (str=0x2ff228fe "$finfo=finfo_op\en(FILEINFO_MIME);", retval_ptr=0x0, string_name=0x1085b7b8 "Command lin\e cod\e", handle_exceptions=1) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/Zend/zend_execute_API.c:1146 result = 0 #12 0x1000310c in main (argc=5, argv=0x2ff227f8) at /home/bwiberg/rpm/BUILD/php5.3-200810170630/sapi/cli/php_cli.c:1169 __orig_bailout = (sigjmp_buf *) 0x0 __bailout = {-1, -1, 268444612, 804398272, 537482608, -559038737, 5, 804399096, 804399120, 0, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, -559038737, 11, 536871100, 268435456, -26, 804398272, 673464868, 0 <repeats 37 times>, 804399120, 0} exit_status = 0 c = -1 ---Type <return> to continue, or q <return> to quit--- file_handle = {type = ZEND_HANDLE_FP, filename = 0x1085b760 "-", opened_path = 0x0, handle = {fd = -264674272, fp = 0xf0396420, stream = {handle = 0xf0396420, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0, old_closer = 0}, reader = 0, fsizer = 0, closer = 0}}, free_filename = 0 '\0'} behavior = 6 reflection_what = 0x0 orig_optind = 1 orig_optarg = 0x0 arg_free = 0x2ff228fe "$finfo=finfo_op\en(FILEINFO_MIME);" arg_excp = (char **) 0x2ff22808 script_file = 0x0 interactive = 0 module_started = 1 request_started = 1 lineno = 0 exec_direct = 0x2ff228fe "$finfo=finfo_op\en(FILEINFO_MIME);" exec_run = 0x0 exec_begin = 0x0 exec_end = 0x0 param_error = 0x0 hide_argv = 0 ini_entries_len = 180 len = 67 val = 0x2ff228c5 "/apach\e/php/lib/php/\ext\ensions/d\ebug-non-zts-20071006" (gdb) p *m $1 = {cont_level = 0, flag = 32 ' ', dummy1 = 0 '\0', reln = 61 '=', vallen = 31 '\037', type = 5 '\005', in_type = 0 '\0', in_op = 0 '\0', mask_op = 0 '\0', cond = 0 '\0', dummy2 = 0 '\0', offset = 0, in_offset = 0, lineno = 553648128, _u = {_mask = 0, _s = {_count = 0, _flags = 0}}, value = {b = 67 'C', h = 17206, l = 1127625760, q = 4843115763279687781, hs = "C6", hl = "C64 ", hq = "C64 tap\e", s = "C64 tap\e imag\e fil\e", '\0' <repeats 12 times>, f = 182.203613, d = 6249763483775077}, desc = "T64 tap\e Imag\e", '\0' <repeats 49 times>, mimetype = '\0' <repeats 63 times>} (gdb) c Continuing. Program terminated with signal SIGSEGV, Segmentation fault. The program no longer exists. (gdb) quit [EMAIL PROTECTED]:~$ Perhaps it doesn't like my magic files from my file 4.21 package? "This is Release 4.x of Ian Darwin's (copyright but distributable) file(1) command. This version is the standard "file" command for Linux, *BSD, and other systems. The major feature of 4.x is the refactoring of the code into a library, and the re-write of the file command in terms of that library. The library itself, libmagic, can be used by 3rd party programs that wish to identify file types without having to fork() and exec() file." ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/46331 -- Edit this bug report at http://bugs.php.net/?id=46331&edit=1
