ID: 21105
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Reproducible crash
Operating System: Linux (Redhat 7.3)
PHP Version: 4.3.0RC3
New Comment:
Tried compiling the latest snapshot (12231630) and the
segfault still occurs with a sightly different backtrace.
Segfault occurs with both the cli binary and the apache
module.
This time I compiled mhash as a loadable module
(--with-mhash=shared).
Backtrace from Apache module:
-----------------------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 1407)]
0x401c3f66 in chunk_free (ar_ptr=0x40276fa0, p=0x810e860)
at malloc.c:3242
3242 malloc.c: No such file or directory.
in malloc.c
(gdb) bt
#0 0x401c3f66 in chunk_free (ar_ptr=0x40276fa0,
p=0x810e860) at malloc.c:3242
#1 0x401c3d14 in __libc_free (mem=0x810e868) at
malloc.c:3154
#2 0x40920cde in zif_mhash (ht=2, return_value=0x8122fcc,
this_ptr=0x0,
return_value_used=1) at
/tmp/php4-STABLE-200212231630/ext/mhash/mhash.c:185
#3 0x4072cf4f in execute (op_array=0x811e69c)
at
/tmp/php4-STABLE-200212231630/Zend/zend_execute.c:1596
#4 0x4071b090 in zend_execute_scripts (type=8,
retval=0x0, file_count=3)
at /tmp/php4-STABLE-200212231630/Zend/zend.c:864
#5 0x406e373f in php_execute_script
(primary_file=0xbffff6f0)
at /tmp/php4-STABLE-200212231630/main/main.c:1573
#6 0x40731f2e in apache_php_module_main (r=0x81176d0,
display_source_mode=0)
at
/tmp/php4-STABLE-200212231630/sapi/apache/sapi_apache.c:55
#7 0x40732e14 in send_php (r=0x81176d0,
display_source_mode=0,
filename=0x8119038 "/var/www/html/phpcrash.php")
at
/tmp/php4-STABLE-200212231630/sapi/apache/mod_php4.c:556
#8 0x40732e81 in send_parsed_php (r=0x81176d0)
at
/tmp/php4-STABLE-200212231630/sapi/apache/mod_php4.c:571
#9 0x080547dd in ap_invoke_handler ()
#10 0x0806769c in process_request_internal ()
#11 0x08067713 in ap_process_request ()
#12 0x0805f867 in child_main ()
#13 0x0805fa0a in make_child ()
#14 0x0805fb4d in startup_children ()
#15 0x080601a0 in standalone_main ()
#16 0x08060aa3 in main ()
#17 0x40160589 in __libc_start_main (main=0x8060610
<main>, argc=3, ubp_av=0xbffffb44,
init=0x804f0f4 <_init>, fini=0x80754f0 <_fini>,
rtld_fini=0x4000b994 <_dl_fini>,
stack_end=0xbffffb3c) at
../sysdeps/generic/libc-start.c:129
--------------------------
Backtrace from php binary:
--------------------------
Program received signal SIGSEGV, Segmentation fault.
0x402c7f66 in chunk_free (ar_ptr=0x4037afa0, p=0x82275e0)
at malloc.c:3242
3242 malloc.c: No such file or directory.
in malloc.c
(gdb) bt
#0 0x402c7f66 in chunk_free (ar_ptr=0x4037afa0,
p=0x82275e0) at malloc.c:3242
#1 0x402c7d14 in __libc_free (mem=0x82275e8) at
malloc.c:3154
#2 0x40587341 in mhash_deinit () from
/usr/lib/php4/mhash.so
#3 0x40587399 in mhash_end_m () from
/usr/lib/php4/mhash.so
#4 0x405873c4 in mhash_end () from /usr/lib/php4/mhash.so
#5 0x40586c83 in zif_mhash (ht=2, return_value=0x82275cc,
this_ptr=0x0,
return_value_used=1) at
/tmp/php4-STABLE-200212231630/ext/mhash/mhash.c:180
#6 0x081753ff in execute (op_array=0x8222f5c)
at
/tmp/php4-STABLE-200212231630/Zend/zend_execute.c:1596
#7 0x08163540 in zend_execute_scripts (type=8,
retval=0x0, file_count=3)
at /tmp/php4-STABLE-200212231630/Zend/zend.c:864
#8 0x0812bbef in php_execute_script
(primary_file=0xbffffa90)
at /tmp/php4-STABLE-200212231630/main/main.c:1573
#9 0x0817b7ca in main (argc=3, argv=0xbffffb34)
at
/tmp/php4-STABLE-200212231630/sapi/cli/php_cli.c:746
#10 0x40264589 in __libc_start_main (main=0x817ac74
<main>, argc=3, ubp_av=0xbffffb34,
init=0x8062af8 <_init>, fini=0x817bf60 <_fini>,
rtld_fini=0x4000b994 <_dl_fini>,
stack_end=0xbffffb2c) at
../sysdeps/generic/libc-start.c:129
Using MHASH_SHA1 works though!
Any suggestions?
'make test' also fails two mhash tests - should I send the
'make test' output as suggested by the script?
The following program compiled against the same mhash
library works:
int main(void)
{
char *d="password";
unsigned char *hd;
MHASH td;
td=mhash_init(MHASH_MD5);
mhash(td,d,strlen(d));
hd=(unsigned char *)mhash_end(td);
printf("HASH: %s\n", hd);
mhash_free(hd);
return(0);
}
Previous Comments:
------------------------------------------------------------------------
[2002-12-20 10:52:46] [EMAIL PROTECTED]
I just tried with the php4-STABLE-200212201630 snapshot
and the segfault happended again. This is using the SAPI
module with mhash support compiled into libphp4.so
Is it possbile i'm compiling mhash wrong? Compiling mhash
with:
./configure --prefix=/usr --enable-shared=no
Should I try with an older version of mhash and any
suggestions as to what version so try with?
------------------------------------------------------------------------
[2002-12-20 08:35:39] [EMAIL PROTECTED]
Does this happen with cli sapi and could you please try this is latest
PHP 4.3.0 snapshot. I cannot replicate the crash.
------------------------------------------------------------------------
[2002-12-19 23:49:32] [EMAIL PROTECTED]
PHP 4.3.0RC3 compiled --with-mhash (not dso) using mhash
0.8.17 segfaults when running this script:
<?
$passwd="password";
echo "Hashing of $passwd: " .
base64_encode(mhash(MHASH_MD5, $passwd)) . "<br>";
?>
(Does not segfault with MHASH_SHA1)
Apache 1.3.27
mod_ssl 2.8.11
PHP 4.3.0RC3
glibc 2.2.25-40
gcc-2.96-112
mhash 0.8.17 (static)
php ./configure:
./configure --prefix=/usr --exec-prefix=/usr
--bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
--datadir=/usr/share --includedir=/usr/include
--libdir=/usr/lib --libexecdir=/usr/libexec
--localstatedir=/var --sharedstatedir=/usr/com
--mandir=/usr/share/man --infodir=/usr/share/info
--with-config-file-path=/etc --with-dom=/usr
--with-exec-dir=/usr/bin --with-gettext
--with-regex=system --with-layout=GNU
--enable-magic-quotes --without-oci8 --with-mhash
--with-imap=shared --with-openssl --with-imap-ssl
--with-kerberos=/usr/kerberos --with-ldap=shared
--with-mysql=shared,/usr --with-apxs=/usr/sbin/apxs
--enable-debug --with-zlib
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x4207af66 in chunk_free () from /lib/i686/libc.so.6
(gdb) bt
#0 0x4207af66 in chunk_free () from /lib/i686/libc.so.6
#1 0x4207ad14 in free () from /lib/i686/libc.so.6
#2 0x4033795a in mhash_free (ptr=0x81ca550) at
mhash.c:548
#3 0x4070dace in zif_mhash (ht=2, return_value=0x81d20bc,
this_ptr=0x0,
return_value_used=1) at
/usr/src/redhat/php-4.3.0RC3/ext/mhash/mhash.c:185
#4 0x4080a65b in execute (op_array=0x81cd79c)
at
/usr/src/redhat/php-4.3.0RC3/Zend/zend_execute.c:1596
#5 0x407f879c in zend_execute_scripts (type=8,
retval=0x0, file_count=3)
at /usr/src/redhat/php-4.3.0RC3/Zend/zend.c:864
#6 0x407c106b in php_execute_script
(primary_file=0xbffff6f0)
at /usr/src/redhat/php-4.3.0RC3/main/main.c:1552
#7 0x4080f63a in apache_php_module_main (r=0x808ced8,
display_source_mode=0)
at
/usr/src/redhat/php-4.3.0RC3/sapi/apache/sapi_apache.c:55
#8 0x40810504 in send_php (r=0x808ced8,
display_source_mode=0,
filename=0x808e9e0
"/var/www/modesmail/admin/phpcrash.php")
at
/usr/src/redhat/php-4.3.0RC3/sapi/apache/mod_php4.c:556
#9 0x40810571 in send_parsed_php (r=0x808ced8)
at
/usr/src/redhat/php-4.3.0RC3/sapi/apache/mod_php4.c:571
#10 0x080547dd in ap_invoke_handler ()
#11 0x0806769c in process_request_internal ()
#12 0x08067713 in ap_process_request ()
#13 0x0805f867 in child_main ()
#14 0x0805fa0a in make_child ()
#15 0x0805fb4d in startup_children ()
#16 0x080601a0 in standalone_main ()
#17 0x08060aa3 in main ()
#18 0x42017589 in __libc_start_main () from
/lib/i686/libc.so.6
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=21105&edit=1
