From: louis at 6internet dot com
Operating system: Red Hat Enterprise Linux ES v3
PHP version: 5.0.0b3 (beta3)
PHP Bug Type: Apache2 related
Bug description: Apache 2 Seg Faults on All PHP Pages
Description:
------------
Compiled PHP against Apache 2 in Red Hat Enterprise Linux
ES v3 and even loading a .php file which contains ONLY
HTML causes Apache to segmentation fault and write to the
error_log.
Similar to bug #26893, but different backtrace.
Reproduce code:
---------------
Any plain HTML file or PHP file saved with .php extension
Expected result:
----------------
HTML code passed to browser
Actual result:
--------------
Browser loses connection and Apache seg faults.
Output when run through gdb, once apache process seg
faults:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1223485504 (LWP 9481)]
0xb6fe8272 in _zend_hash_index_update_or_next_insert
(ht=0xb705cd50, h=0,
pData=0xbfffa5e0, nDataSize=12, pDest=0x0, flag=1)
at /root/php-5.0.0b3/Zend/zend_hash.c:348
348 /root/php-5.0.0b3/Zend/zend_hash.c: No such file
or directory.
in /root/php-5.0.0b3/Zend/zend_hash.c
(gdb) bt
#0 0xb6fe8272 in _zend_hash_index_update_or_next_insert
(ht=0xb705cd50, h=0,
pData=0xbfffa5e0, nDataSize=12, pDest=0x0, flag=1)
at /root/php-5.0.0b3/Zend/zend_hash.c:348
#1 0xb6fe9a53 in zend_list_insert (ptr=0x0, type=0)
at /root/php-5.0.0b3/Zend/zend_list.c:47
#2 0xb6fe9b86 in zend_register_resource (rsrc_result=0x0,
rsrc_pointer=0xb688313c, rsrc_type=2)
at /root/php-5.0.0b3/Zend/zend_list.c:99
#3 0xb6fc193c in _php_stream_alloc (ops=0x0,
abstract=0x0, persistent_id=0x0,
mode=0xb70085f1 "rb") at
/root/php-5.0.0b3/main/streams/streams.c:248
#4 0xb6fc54cb in _php_stream_fopen_from_fd (fd=16,
mode=0xb70085f1 "rb",
persistent_id=0x0) at
/root/php-5.0.0b3/main/streams/plain_wrapper.c:262
#5 0xb6fc5291 in _php_stream_fopen (
filename=0x81cd9d8 "/var/www/html/index.php",
mode=0xb70085f1 "rb",
opened_path=0xbfffbb28, options=133)
at /root/php-5.0.0b3/main/streams/plain_wrapper.c:139
#6 0xb6fc6500 in _php_stream_fopen_with_path (
filename=0x81cd9d8 "/var/www/html/index.php",
mode=0xb70085f1 "rb",
path=0xb7026112 ".:/usr/local/lib/php",
opened_path=0xbfffbb28,
options=133) at
/root/php-5.0.0b3/main/streams/plain_wrapper.c:1199
#7 0xb6fc5f87 in php_plain_files_stream_opener
(wrapper=0xb70533a8,
path=0x81cd9d8 "/var/www/html/index.php",
mode=0xb70085f1 "rb",
options=133, opened_path=0xbfffbb28, context=0x0)
---Type <return> to continue, or q <return> to quit---
at /root/php-5.0.0b3/main/streams/plain_wrapper.c:886
#8 0xb6fc37a6 in _php_stream_open_wrapper_ex (
path=0x81cd9d8 "/var/www/html/index.php",
mode=0xb70085f1 "rb",
options=141, opened_path=0x85, context=0x0)
at /root/php-5.0.0b3/main/streams/streams.c:1613
#9 0xb6fb3cb7 in php_stream_open_for_zend (
filename=0x81cd9d8 "/var/www/html/index.php",
handle=0xbfffbb20)
at /root/php-5.0.0b3/main/main.c:880
#10 0xb6feef8e in zend_stream_open (
filename=0x81cd9d8 "/var/www/html/index.php",
handle=0xbfffbb20)
at /root/php-5.0.0b3/Zend/zend_stream.c:41
#11 0xb6fef068 in zend_stream_fixup
(file_handle=0xbfffbb20)
at /root/php-5.0.0b3/Zend/zend_stream.c:56
#12 0xb6fcc9e6 in open_file_for_scanning
(file_handle=0xbfffbb20)
at Zend/zend_language_scanner.c:3041
#13 0xb6fccafe in compile_file (file_handle=0xbfffbb20,
type=2)
at Zend/zend_language_scanner.c:3127
#14 0xb6fe37f1 in zend_execute_scripts (type=2,
retval=0x0, file_count=1)
at /root/php-5.0.0b3/Zend/zend.c:1044
#15 0xb7006552 in php_handler (r=0x81cc1d8)
at
/root/php-5.0.0b3/sapi/apache2handler/sapi_apache2.c:533
#16 0x08068685 in ap_run_handler ()
#17 0x08068c9f in ap_invoke_handler ()
---Type <return> to continue, or q <return> to quit---
#18 0x08065326 in ap_process_request ()
#19 0x0806095c in _start ()
#20 0x081cc1d8 in ?? ()
#21 0x00000004 in ?? ()
#22 0x081cc1d8 in ?? ()
#23 0x0807228c in ap_run_pre_connection ()
#24 0x08072145 in ap_run_process_connection ()
#25 0x08066ba1 in ap_graceful_stop_signalled ()
#26 0x08066dba in ap_graceful_stop_signalled ()
#27 0x08066e16 in ap_graceful_stop_signalled ()
#28 0x0806763d in ap_mpm_run ()
#29 0x0806dacf in main ()
(gdb)
--
Edit bug report at http://bugs.php.net/?id=26965&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26965&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26965&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=26965&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=26965&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=26965&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=26965&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=26965&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=26965&r=support
Expected behavior: http://bugs.php.net/fix.php?id=26965&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=26965&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=26965&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=26965&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26965&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=26965&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=26965&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=26965&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=26965&r=float
