From: Operating system: Ubuntu 10.04.2 LTS (64-bit) PHP version: 5.4SVN-2011-07-03 (snap) Package: Built-in web server Bug Type: Bug Bug description:Segfault with multipart/form-data POST / 404 request
Description: ------------ The built-in webserver repeatably segfaults for me when I send the following requests (in this order): 1. A multipart/form-data POST request 2. A GET request for a non-existent file Test script: --------------- Create an empty (0 byte) PHP file named file.php. Start the webserver from that file's directory. Then run the following commands: curl --form a=b http://127.0.0.1:8000/file.php curl http://127.0.0.1:8000/does_not_exist Expected result: ---------------- Requests should be returned by the server without segfaulting. Actual result: -------------- After the second request has been made, I receive a segfault: Program received signal SIGSEGV, Segmentation fault. _zend_mm_free_int (heap=0xc91250, p=0xc889c8) at /home/nbpoole/php/php5.4-201107031630/Zend/zend_alloc.c:2100 2100 if (ZEND_MM_IS_FREE_BLOCK(next_block)) { (gdb) bt #0 _zend_mm_free_int (heap=0xc91250, p=0xc889c8) at /home/nbpoole/php/php5.4-201107031630/Zend/zend_alloc.c:2100 #1 0x00000000006272f1 in destroy_uploaded_files_hash () at /home/nbpoole/php/php5.4-201107031630/main/rfc1867.c:199 #2 0x0000000000625585 in sapi_deactivate () at /home/nbpoole/php/php5.4-201107031630/main/SAPI.c:533 #3 0x000000000071fe81 in php_cli_server_send_error_page (server=<value optimized out>, client=<value optimized out>, status=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:1524 #4 0x00000000007207c9 in php_cli_server_begin_send_static (server=0xc89ba0, client=0xdfecf0) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:1635 #5 php_cli_server_dispatch (server=0xc89ba0, client=0xdfecf0) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:1747 #6 php_cli_server_recv_event_read_request (server=0xc89ba0, client=0xdfecf0) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:1890 #7 0x00000000007211ea in php_cli_server_do_event_for_each_fd_callback (_params=<value optimized out>, fd=<value optimized out>, event=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:1976 #8 0x000000000072185a in php_cli_server_poller_iter_on_active (argc=<value optimized out>, argv=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:670 #9 php_cli_server_do_event_for_each_fd (argc=<value optimized out>, argv=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:2002 #10 php_cli_server_do_event_loop (argc=<value optimized out>, argv=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:2012 #11 do_cli_server (argc=<value optimized out>, argv=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli_server.c:2097 #12 0x000000000071a33e in main (argc=<value optimized out>, argv=<value optimized out>) at /home/nbpoole/php/php5.4-201107031630/sapi/cli/php_cli.c:1359 -- Edit bug report at https://bugs.php.net/bug.php?id=55121&edit=1 -- Try a snapshot (PHP 5.2): https://bugs.php.net/fix.php?id=55121&r=trysnapshot52 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=55121&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=55121&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=55121&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=55121&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=55121&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=55121&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=55121&r=needscript Try newer version: https://bugs.php.net/fix.php?id=55121&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=55121&r=support Expected behavior: https://bugs.php.net/fix.php?id=55121&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=55121&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=55121&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=55121&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=55121&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=55121&r=dst IIS Stability: https://bugs.php.net/fix.php?id=55121&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=55121&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=55121&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=55121&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=55121&r=mysqlcfg Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=55121&r=trysnapshot54
