From: datacompboy at call2ru dot com Operating system: Linux 2.6.31-1-amd64 PHP version: 5.2.11 PHP Bug Type: Reproducible crash Bug description: Random crash on new SoapServer
Description:
------------
Sometimes (from 1-2-3 times in a day to 1 time at 3-4 days) every-minute
cron, that fetches from WS, written via SoapServer gets "Bad Gateway"
reply.
On server-side there an
[notice] child pid 1892 exit signal Segmentation fault (11)
in error.log
and one of:
kernel: [3878097.399362] php[23893]: segfault at 7fa3e51aded0 ip
7fa3e51aded0 sp 7fa3e35f0128 error 14 in librt-2.9.so[7fa3e9822000+7000]
kernel: [3879416.960444] php[24282]: segfault at 7ff7addc9edb ip
7ff7ab8024d7 sp 7ff7ac20bca0 error 4 in libgcc_s.so.1[7ff7ab7f1000+1a000]
in dmesg.
After suhosin enabled in sumulation mode, there
[error] [client 87.106.137.135] ALERT-SIMULATION - canary mismatch on
efree() - heap overflow detected (attacker '87.106.137.135', file
'/var/www/yii/framework/web/services/CWebService.php', line 154)
messages.
Same request executed right after error works fine.
So, i have enabled buffer overflow coredump in suhosin, and here an
coredump attached.
Can't post full reproduce code, since crash very random.
System is dual-core Opteron.
PHP 5.2.11-1 with Suhosin-Patch 0.9.7 (cli) (built: Sep 20 2009 11:41:46)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
with Suhosin v0.9.29, Copyright (c) 2007, by SektionEins GmbH
Reproduce code:
---------------
Dies every time on
$server=new SoapServer($this->wsdlUrl,$this->getOptions());
where
$this->wsdlUrl = "http://dev-eworld.direktbill.de/y/wsdl/quote";;
Expected result:
----------------
Always works
Actual result:
--------------
#0 0x00007f699b9c566b in suhosin_log () from
/usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#1 0x00007f69a402e1dd in _zend_mm_free_int (heap=0xf3eb40, p=0x1374360)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_alloc.c:2036
check = 18433888
mm_block = 0x1374338
next_block = 0x7f69a4537e40
size = 0
#2 0x00007f69a401927b in php_stream_tidy_wrapper_error_log
(wrapper=0x7f69a4537e40)
at /tmp/buildd/php5-5.2.11.dfsg.1/main/streams/streams.c:195
i = 1
#3 0x00007f69a401aae5 in _php_stream_open_wrapper_ex (path=0x1194760
"http://dev-eworld.direktbill.de/y/wsdl/quote";,
mode=0x7f69a25c51a0 "\220\066\350\246i\177", options=12,
opened_path=0x0, context=0x131ec40)
at /tmp/buildd/php5-5.2.11.dfsg.1/main/streams/streams.c:1899
stream = 0x131ec40
wrapper = 0x7f69a4537e40
path_to_open = 0x10814a8 "@~S\244i\177"
persistent = 0
copy_of_path = 0x7fffe4fe11ef ""
#4 0x00007f69a3e63b89 in php_libxml_streams_IO_open_wrapper (
filename=0x1194760 "http://dev-eworld.direktbill.de/y/wsdl/quote";,
mode=0x7f69a40c6d7f "rb", read_only=1)
at /tmp/buildd/php5-5.2.11.dfsg.1/ext/libxml/libxml.c:323
ssbuf = {sb = {st_dev = 2749774729, st_ino = 23387733, st_nlink =
2803224128, st_mode = 20143263, st_uid = 0,
st_gid = 2803224128, __pad0 = 32617, st_rdev = 20143287,
st_size = 14, st_blksize = 20143256, st_blocks = 0,
st_atim = {tv_sec = 20325376, tv_nsec = 2800236510}, st_mtim =
{tv_sec = 4, tv_nsec = 2720850652}, st_ctim = {
tv_sec = 18445520, tv_nsec = 0}, __unused = {18824016, 0,
18433888}}}
context = 0x7fffe4fe11ef
wrapper = 0x1
resolved_path = 0x1194760
"http://dev-eworld.direktbill.de/y/wsdl/quote";
path_to_open = 0x11aa650 "\360M\031\001"
ret_val = 0x7fffe4fe11ef
isescaped = 0
uri = 0x1205bb0
#5 0x00007f69a3e63cb1 in php_libxml_input_buffer_create_filename (URI=0x1
<Address 0x1 out of bounds>,
enc=XML_CHAR_ENCODING_NONE) at
/tmp/buildd/php5-5.2.11.dfsg.1/ext/libxml/libxml.c:332
ret = 0x0
context = 0x11aa650
#6 0x00007f69a22a34cc in xmlNewInputFromFile () from
/usr/lib/libxml2.so.2
No symbol table info available.
#7 0x00007f69a22cef32 in ?? () from /usr/lib/libxml2.so.2
No symbol table info available.
#8 0x00007f69a22ce53f in xmlLoadExternalEntity () from
/usr/lib/libxml2.so.2
No symbol table info available.
#9 0x00007f69a22a7744 in xmlCreateURLParserCtxt () from
/usr/lib/libxml2.so.2
No symbol table info available.
#10 0x00007f69a3f5867e in soap_xmlParseFile (filename=0x1 <Address 0x1 out
of bounds>)
at /tmp/buildd/php5-5.2.11.dfsg.1/ext/soap/php_xml.c:91
ctxt = 0x7fffe4fe1578
ret = 0x7f69a4547d60
old_allow_url_fopen = 1 '\001'
#11 0x00007f69a3f50be3 in load_wsdl_ex (this_ptr=0x0, struri=0x1335c98
"http://dev-eworld.direktbill.de/y/wsdl/quote";,
ctx=0x7fffe4fe1570, include=0) at
/tmp/buildd/php5-5.2.11.dfsg.1/ext/soap/php_sdl.c:299
tmpsdl = 0x1362400
wsdl = 0x1335c98
root = 0x1335c98
definitions = 0x7fffe4fe1578
trav = 0x2d
targetNamespace = 0x7fffe4fe11ef
#12 0x00007f69a3f5280f in load_wsdl (this_ptr=0x1338930, struri=0x1335c98
"http://dev-eworld.direktbill.de/y/wsdl/quote";)
at /tmp/buildd/php5-5.2.11.dfsg.1/ext/soap/php_sdl.c:713
ctx = {sdl = 0x0, docs = {nTableSize = 20325376, nTableMask = 0,
nNumOfElements = 8, nNextFreeElement = 0,
pInternalPointer = 0x0, pListHead = 0x0, pListTail = 0x0,
arBuckets = 0x0, pDestructor = 0x1338c08,
persistent = 48 '0', nApplyCount = 230 '\346',
bApplyProtection = 244 '\364'}, messages = {nTableSize = 65536,
nTableMask = 0, nNumOfElements = 8, nNextFreeElement = 0,
pInternalPointer = 0x0, pListHead = 0x0,
pListTail = 0x0, arBuckets = 0x0, pDestructor = 0x1388920,
persistent = 0 '\000', nApplyCount = 0 '\000',
bApplyProtection = 0 '\000'}, bindings = {nTableSize = 65536,
nTableMask = 0, nNumOfElements = 8,
nNextFreeElement = 0, pInternalPointer = 0x0, pListHead = 0x0,
pListTail = 0x0, arBuckets = 0x0,
pDestructor = 0x1339b28, persistent = 0 '\000', nApplyCount =
0 '\000', bApplyProtection = 0 '\000'}, portTypes = {
nTableSize = 65536, nTableMask = 0, nNumOfElements = 8,
nNextFreeElement = 0, pInternalPointer = 0x0,
pListHead = 0x0, pListTail = 0x0, arBuckets = 0x0, pDestructor
= 0x1375db8, persistent = 0 '\000',
nApplyCount = 0 '\000', bApplyProtection = 0 '\000'}, services
= {nTableSize = 65536, nTableMask = 0,
nNumOfElements = 8, nNextFreeElement = 0, pInternalPointer =
0x0, pListHead = 0x0, pListTail = 0x0,
arBuckets = 0x0, pDestructor = 0x1375e28, persistent = 0
'\000', nApplyCount = 0 '\000',
bApplyProtection = 0 '\000'}, attributes = 0x10000,
attributeGroups = 0x0, context = 0x0, old_header = 0x0}
i = 32767
n = -453110272
#13 0x00007f69a3f53eaa in get_sdl (this_ptr=0x1338930, uri=0x17ee4a0
"\200F\b\244i\177", cache_wsdl=0)
at /tmp/buildd/php5-5.2.11.dfsg.1/ext/soap/php_sdl.c:3266
fn =
"\336\067\350\246i\177\000\000\240\034\376\344\377\177\000\000\000\000\000\000\000\000\000\000h\000\000\000\000\000
\000\000\200\001\000\000\000\000\000\000\204\262\226\316\363\243\273\367\316\370\061\217\066p\214\361.\a\346)\203o\314\002VG\355
o\177\321\b\304x+\v\245\230\313+\256\207\354B\220\267U\346-O\376\214\306o_U\n\353\276\354\067\016\222\362\026\340\031\376\344\37
7\177\000\000\217â¬\001\000\000\000\000`\a\000\000\000\000\000\000`\a\000\000v\000\000\000o\a\000\000\000\000\000\000<lA\001o\20
7\000\000/ï¬\001\000\000\000\000
\023\"\001\000\000\000\000\006\000\000\000\006\000\000\000
\023\"\001\000\000\000\000\000\200\0
00\000o\a\000\000\060ï¬\001\000\000\000\000\320\032\376\344\037\000\000\000\324\001\000\000\000\000\000\000s\361\000\000\000\000
\000\000\202\361\000\000\000\000\000\000\370\364\000\000\000\000\000\000\026\000\000\000\000\000\000\000\020\222;\001\000\000\00
0\000\t\000\000\000\000\000\000\000"...
sdl = 0x0
old_error_code = 0x125d7f8 "\002Xx\001"
uri_len = 32617
context = 0x0
tmp = 0x7f69a426ce56
proxy_host = 0xe
proxy_port = 0x0
orig_context = 0x0
new_context = 0x1338448
headers = {c = 0x1782878 "\260\022\t\244i\177", len = 0, a = 0}
key = 0x2ca4548500 <Address 0x2ca4548500 out of bounds>
t = 0
#14 0x00007f69a3f236b6 in zim_SoapClient_SoapClient (ht=0,
return_value=0x7f69a429c6e8, return_value_ptr=0x7f699b9c535d,
this_ptr=0x1375318, return_value_used=1697478245) at
/tmp/buildd/php5-5.2.11.dfsg.1/ext/soap/soap.c:2505
__orig_bailout = 0x7fffe4fe4100
__bailout = {{__jmpbuf = {3841902352, 32767, 23, 0, 3622280798,
2203380534, 22, 0}, __mask_was_saved = -1216373154,
__saved_mask = {__val = {0, 0, 3841862000, 0, 3841902352,
32767, 3841902352, 32767, 3841902352, 32767, 8, 0,
17331736, 0, 8, 0}}}}
wsdl = 0x1318e80
options = 0x1263108
soap_version = 1
context = 0x0
cache_wsdl = 0
sdl = 0x0
typemap_ht = 0x0
_old_handler = 0 '\000'
_old_error_code = 0x13387a0 "\020u\b\001"
_old_error_object = 0x0
_old_soap_version = 0
_old_in_compilation = 0 '\000'
_old_in_execution = 0 '\000'
_old_current_execute_data = 0x1005e8500000001
#15 0x00007f699b9c7b4d in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#16 0x00007f69a4084271 in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe4100)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:202
return_reference = 1 '\001'
opline = 0x4
original_return_value = 0x10879c0
current_scope = 0x17345e8
current_this = 0x1a6dcd0
return_value_used = 0
should_change_scope = 115 's'
#17 0x00007f69a406d604 in execute (op_array=0x1733278) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x17345e8, function_state =
{function_symbol_table = 0x1758298, function = 0x10879c0,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x10879c0, op_array = 0x1733278, object = 0x1338930,
Ts = 0x7fffe4fe2e80, CVs = 0x7fffe4fe2e30, original_in_execution
= 1 '\001', symbol_table = 0x1758150,
prev_execute_data = 0x7fffe4fe4520, old_error_reporting = 0x0}
#18 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#19 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe4520)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x61a05e85bcd82f9b
original_return_value = 0x7fffe4fe4c08
current_scope = 0x1a14e80
current_this = 0x1a03b98
return_value_used = 0
should_change_scope = 254 '\376'
#20 0x00007f69a406d604 in execute (op_array=0x1a64198) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1a14e80, function_state =
{function_symbol_table = 0x1758150, function = 0x1733278,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1733278, op_array = 0x1a64198, object = 0x173cea0,
Ts = 0x7fffe4fe4380, CVs = 0x7fffe4fe4360, original_in_execution
= 1 '\001', symbol_table = 0x1758050,
prev_execute_data = 0x7fffe4fe4c40, old_error_reporting = 0x0}
#21 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#22 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe4c40)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x174b9c8
original_return_value = 0x7fffe4fe71f0
current_scope = 0x174ba68
current_this = 0x17415e0
return_value_used = 0
should_change_scope = 116 't'
#23 0x00007f69a406d604 in execute (op_array=0x1749510) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x174ba68, function_state =
{function_symbol_table = 0x1758050, function = 0x1a64198,
reserved = {0x100000000010000, 0x1, 0x186c927,
0x7fff00000001}}, fbc = 0x1a64198, op_array = 0x1749510,
object = 0x1a6c190, Ts = 0x7fffe4fe47a0, CVs = 0x7fffe4fe4780,
original_in_execution = 1 '\001',
symbol_table = 0x1b04ac8, prev_execute_data = 0x7fffe4fe7220,
old_error_reporting = 0x0}
#24 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#25 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe7220)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x7f69a40b3652
original_return_value = 0x7fffe4fe76b0
current_scope = 0x1a14838
current_this = 0x19ffbb8
return_value_used = 0
should_change_scope = 0 '\000'
#26 0x00007f69a406d604 in execute (op_array=0x1a003e8) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1a14838, function_state =
{function_symbol_table = 0x1b04ac8, function = 0x1749510,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1749510, op_array = 0x1a003e8, object = 0x1a6d380,
Ts = 0x7fffe4fe4ec0, CVs = 0x7fffe4fe4ea0, original_in_execution
= 1 '\001', symbol_table = 0x1ace190,
prev_execute_data = 0x7fffe4fe76e0, old_error_reporting = 0x0}
#27 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#28 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe76e0)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x7f69a402f2d8
original_return_value = 0x7fffe4fe7a30
current_scope = 0x1a03140
current_this = 0x19ffbb8
return_value_used = 0
should_change_scope = 160 '\240'
#29 0x00007f69a406d604 in execute (op_array=0x1a28bc0) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1a03140, function_state =
{function_symbol_table = 0x1ace190, function = 0x1a003e8,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1a003e8, op_array = 0x1a28bc0, object = 0x1a6c190,
Ts = 0x7fffe4fe74a0, CVs = 0x7fffe4fe7480, original_in_execution
= 1 '\001', symbol_table = 0x1aa8f10,
prev_execute_data = 0x7fffe4fe7a60, old_error_reporting = 0x0}
#30 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#31 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe7a60)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x173d190
original_return_value = 0x7fffe4fe80a8
current_scope = 0x1754288
current_this = 0x17403f8
return_value_used = 0
should_change_scope = 115 's'
#32 0x00007f69a406d604 in execute (op_array=0x1752e18) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1754288, function_state =
{function_symbol_table = 0x1aa8f10, function = 0x1a28bc0,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1a28bc0, op_array = 0x1752e18, object = 0x1a6c190,
Ts = 0x7fffe4fe7960, CVs = 0x7fffe4fe7940, original_in_execution
= 1 '\001', symbol_table = 0x1aa92a0,
prev_execute_data = 0x7fffe4fe8180, old_error_reporting = 0x0}
#33 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#34 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe8180)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x1a6d808
original_return_value = 0x7fffe4fe85a8
current_scope = 0x174b798
current_this = 0x17415e0
return_value_used = 0
should_change_scope = 2 '\002'
#35 0x00007f69a406d604 in execute (op_array=0x1749510) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x174b798, function_state =
{function_symbol_table = 0x1aa92a0, function = 0x1752e18,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1752e18, op_array = 0x1749510, object = 0x1753430,
Ts = 0x7fffe4fe7ce0, CVs = 0x7fffe4fe7cc0, original_in_execution
= 1 '\001', symbol_table = 0x1aa6d68,
prev_execute_data = 0x7fffe4fe8600, old_error_reporting = 0x0}
#36 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#37 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe8600)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x1a2cf28
original_return_value = 0x7fffe4fe8b40
current_scope = 0x1a2b7b8
current_this = 0x1a03b98
return_value_used = 0
should_change_scope = 162 '\242'
#38 0x00007f69a406d604 in execute (op_array=0x1a63ff8) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1a2b7b8, function_state =
{function_symbol_table = 0x1aa6d68, function = 0x1749510,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1749510, op_array = 0x1a63ff8, object = 0x1a6d380,
Ts = 0x7fffe4fe8410, CVs = 0x7fffe4fe83e0, original_in_execution
= 1 '\001', symbol_table = 0x1aa5310,
prev_execute_data = 0x7fffe4fe8c40, old_error_reporting = 0x0}
#39 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#40 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe8c40)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x7fffe4fe8c40
original_return_value = 0x7fffe4fe9118
current_scope = 0x1a2a810
current_this = 0x1a03b98
return_value_used = 0
should_change_scope = 254 '\376'
#41 0x00007f69a406d604 in execute (op_array=0x1a63e50) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1a2a810, function_state =
{function_symbol_table = 0x1aa5310, function = 0x1a63ff8,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1a63ff8, op_array = 0x1a63e50, object = 0x1a6c190,
Ts = 0x7fffe4fe8890, CVs = 0x7fffe4fe8860, original_in_execution
= 1 '\001', symbol_table = 0x1a9f8b0,
prev_execute_data = 0x7fffe4fe92e0, old_error_reporting = 0x0}
#42 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#43 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe92e0)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x7f69a4548508
original_return_value = 0x7fffe4fe9988
current_scope = 0x11ebbe0
current_this = 0x11dc3b0
return_value_used = 0
should_change_scope = 30 '\036'
#44 0x00007f69a406d604 in execute (op_array=0x11ed128) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x11ebbe0, function_state =
{function_symbol_table = 0x1a9f8b0, function = 0x1a63e50,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1a63e50, op_array = 0x11ed128, object = 0x1a6c190,
Ts = 0x7fffe4fe8ee0, CVs = 0x7fffe4fe8ea0, original_in_execution
= 1 '\001', symbol_table = 0x1a9f6c8,
prev_execute_data = 0x7fffe4fe99c0, old_error_reporting = 0x0}
#45 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#46 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe99c0)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x7f69a4548508
original_return_value = 0x7fffe4fe9da0
current_scope = 0x11df6e8
current_this = 0x11dc3b0
return_value_used = 0
should_change_scope = 29 '\035'
#47 0x00007f69a406d604 in execute (op_array=0x1158058) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x11df6e8, function_state =
{function_symbol_table = 0x1a9f6c8, function = 0x11ed128,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x11ed128, op_array = 0x1158058, object = 0x1157c00,
Ts = 0x7fffe4fe9570, CVs = 0x7fffe4fe9540, original_in_execution
= 1 '\001', symbol_table = 0x1153210,
prev_execute_data = 0x7fffe4fe9f10, old_error_reporting = 0x0}
#48 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#49 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fe9f10)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x61a05e85bcd82f9b
original_return_value = 0x7fffe4fea3a0
current_scope = 0x1894098
current_this = 0x11bf108
return_value_used = 0
should_change_scope = 254 '\376'
#50 0x00007f69a406d604 in execute (op_array=0x1a95850) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x1894098, function_state =
{function_symbol_table = 0x1153210, function = 0x1158058,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1158058, op_array = 0x1a95850, object = 0x1157c00,
Ts = 0x7fffe4fe9c30, CVs = 0x7fffe4fe9c20, original_in_execution
= 1 '\001', symbol_table = 0x1151d00,
prev_execute_data = 0x7fffe4fea3d0, old_error_reporting = 0x0}
#51 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#52 0x00007f69a4083ebe in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fffe4fea3d0)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x11563e8
original_return_value = 0x7fffe4fea5d8
current_scope = 0x11529f0
current_this = 0x0
return_value_used = 0
should_change_scope = 21 '\025'
#53 0x00007f69a406d604 in execute (op_array=0x1151990) at
/tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x11529f0, function_state =
{function_symbol_table = 0x1151d00, function = 0x1a95850,
reserved = {0x7f69a6e8841a, 0x7f699b9d0011, 0x1, 0x9}}, fbc =
0x1a95850, op_array = 0x1151990, object = 0x1157c00,
Ts = 0x7fffe4fea190, CVs = 0x7fffe4fea170, original_in_execution
= 0 '\000', symbol_table = 0x7f69a4548688,
prev_execute_data = 0x0, old_error_reporting = 0x0}
#54 0x00007f699b9c7fbf in ?? () from /usr/lib/php5/20060613/suhosin.so
No symbol table info available.
#55 0x00007f69a4049a38 in zend_execute_scripts (type=32767, retval=0x0,
file_count=-453073448)
at /tmp/buildd/php5-5.2.11.dfsg.1/Zend/zend.c:1215
files = 0x7fffe4fea5a8
i = 1
file_handle = 0x7fffe4fec990
orig_op_array = 0x800000003
orig_retval_ptr_ptr = 0x0
local_retval = 0x1
#56 0x00007f69a4004968 in php_execute_script (primary_file=0x19ed780) at
/tmp/buildd/php5-5.2.11.dfsg.1/main/main.c:2041
__orig_bailout = 0x0
__bailout = {{__jmpbuf = {3841893840, 32767, 2751765048, 32617, 2,
32617, 2245244407, 3771558564},
__mask_was_saved = -453073448, __saved_mask = {__val = {3, 8,
0, 0, 0, 0, 40, 0, 3841894096, 32767, 3841893856,
32767, 0, 0, 1, 0}}}}
prepend_file_p = 0x0
append_file_p = 0x0
prepend_file = {type = 0 '\000', filename = 0x0, opened_path =
0x0, handle = {fd = 0, fp = 0x0, stream = {
handle = 0x0, reader = 0, closer = 0, fteller =
0x7fffe4fec890, interactive = 0}}, free_filename = 72 'H'}
append_file = {type = 0 '\000', filename = 0x0, opened_path = 0x0,
handle = {fd = 0, fp = 0x0, stream = {handle = 0x0,
reader = 0, closer = 0, fteller = 0, interactive = 0}},
free_filename = 0 '\000'}
retval = 0
#57 0x00007f69a40bf555 in php_handler (r=0x140d510) at
/tmp/buildd/php5-5.2.11.dfsg.1/sapi/apache2handler/sapi_apache2.c:651
__bailout = {{__jmpbuf = {18398280, 0, 120, 0, 3563167326,
2106055757, 21021768, 0}, __mask_was_saved = 194092638,
__saved_mask = {__val = {0, 9, 0, 9, 4294967295, 4294967295,
4294967295, 4294967295, 4294967295, 4294967295,
3841903180, 32767, 4294967295, 4294967295, 4294967295,
4294967295}}}}
ctx = 0x1185670
conf = 0x140c448
brigade = 0x0
bucket = 0x7fffe4fe11ef
rv = -453111313
parent_req = 0x1
#58 0x000000000043ba93 in ap_run_handler ()
No symbol table info available.
#59 0x000000000043f0ef in ap_invoke_handler ()
No symbol table info available.
#60 0x000000000044c280 in ap_internal_redirect ()
No symbol table info available.
#61 0x00007f69a18bdba5 in ?? () from
/usr/lib/apache2/modules/mod_rewrite.so
No symbol table info available.
#62 0x000000000043ba93 in ap_run_handler ()
No symbol table info available.
#63 0x000000000043f0ef in ap_invoke_handler ()
No symbol table info available.
#64 0x000000000044c418 in ap_process_request ()
No symbol table info available.
#65 0x00000000004494f8 in ?? ()
No symbol table info available.
#66 0x0000000000443193 in ap_run_process_connection ()
No symbol table info available.
#67 0x0000000000450a7b in ?? ()
No symbol table info available.
#68 0x0000000000450d44 in ?? ()
No symbol table info available.
#69 0x000000000045195e in ap_mpm_run ()
No symbol table info available.
#70 0x0000000000428711 in main ()
No symbol table info available.
--
Edit bug report at http://bugs.php.net/?id=50359&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=50359&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=50359&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=50359&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=50359&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=50359&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=50359&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=50359&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=50359&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=50359&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=50359&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=50359&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=50359&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=50359&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=50359&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50359&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=50359&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=50359&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=50359&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=50359&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=50359&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=50359&r=mysqlcfg
