From: bjorn dot wiberg at home dot se Operating system: Debian GNU/Linux 3.0r2 (mixed) PHP version: 5.0.0b3 (beta3) PHP Bug Type: Zend Engine 2 problem Bug description: phpSysInfo's usage of Php.Xpath class crashes Zend engine (segmentation fault)
Description: ------------ When running phpSysInfo, asking it to produce output in non-XML format (i.e. to use a template other than 'xml'), it crashes the Zend engine in its calls to the Php.Xpath class ($tpl->set_var(...)) and all you get in the web browser is a blank screen. If one runs it with the ?template=xml parameter in the URL, the script correctly outputs XML data with the system information. But as soon as you call it without a parameter (it then defaults to a certain template), you get the error. The Apache 2 error log shows that the worker thread exhibits a segmentation fault. The same thing happens if you run the script from the command line through the PHP CLI. Reproduce code: --------------- Using phpSysInfo 2003-12-13 (CVS) version from http://phpsysinfo.sourceforge.net/phpsysinfo-20031213.tar.gz, but it also happens with earlier releases. Using Debian Apache 2.0.48-7 (apache2-mpm-worker, apache2-common, apache2-doc). More or less using the recommended php.ini-recommended settings in my php.ini (just some paths changed). Also tried the latest stable version (3.4) of the Php.Xpath class from http://sourceforge.net/projects/phpxpath/, but that didn't help. The failing calls seem to be the set_var() calls at the end of phpSysInfo's index.php script: $tpl->set_var('title', $text['title'] . ': ' . (...) $tpl->set_var('vitals', makebox($text['vitals'], html_vitals(), '100%')); $tpl->set_var('network', makebox($text['netusage'], html_network(), '100%')); $tpl->set_var('hardware', makebox($text['hardware'], html_hardware(), '100%')); $tpl->set_var('memory', makebox($text['memusage'], html_memory(), '100%')); $tpl->set_var('filesystems', makebox($text['fs'], html_filesystems(), '100%')); Expected result: ---------------- HTML output shown in the web browser with system information. Actual result: -------------- A blank page in the web browser. >From the Apache 2 error.log: [Thu Feb 05 18:04:44 2004] [notice] child pid 3429 exit signal Segmentation fault (11) [Thu Feb 05 18:04:46 2004] [notice] child pid 3430 exit signal Segmentation fault (11) Executing the script through GDB and the PHP CLI instead of through Apache 2 yields the following information: gloomy:/mnt/storage/usr/lib/php-bin/vhosts/bwiberg.dyndns.org/admin/phpSysInfo# gdb php GNU gdb 2002-04-01-cvs Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-linux"... (gdb) set args index.php (gdb) run Starting program: /usr/local/bin/php index.php [New Thread 16384 (LWP 4481)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 4481)] zend_case_handler (execute_data=0xbfff6c30, op_array=0x409f9f7c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:58 58 z->refcount++; (gdb) bt #0 zend_case_handler (execute_data=0xbfff6c30, op_array=0x409f9f7c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:58 #1 0x0820d235 in execute (op_array=0x409f9f7c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #2 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfff7220, op_array=0x409e276c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #3 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409e276c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #4 0x0820d235 in execute (op_array=0x409e276c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #5 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfff9a50, op_array=0x409e269c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #6 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409e269c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #7 0x0820d235 in execute (op_array=0x409e269c, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #8 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfffa0b0, op_array=0x409e2214, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #9 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409e2214, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #10 0x0820d235 in execute (op_array=0x409e2214, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #11 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfffa7b0, op_array=0x409dec44, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #12 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409dec44, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #13 0x0820d235 in execute (op_array=0x409dec44, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #14 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfffaeb0, op_array=0x409c9464, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #15 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409c9464, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #16 0x0820d235 in execute (op_array=0x409c9464, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #17 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfffb090, op_array=0x409c8ffc, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #18 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409c8ffc, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #19 0x0820d235 in execute (op_array=0x409c8ffc, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #20 0x08210ac6 in zend_do_fcall_common_helper (execute_data=0xbfffb680, op_array=0x409f4474, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2564 #21 0x08210df4 in zend_do_fcall_by_name_handler (execute_data=0x1, op_array=0x409f4474, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:2651 #22 0x0820d235 in execute (op_array=0x409f4474, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #23 0x08212dc6 in zend_include_or_eval_handler (execute_data=0xbfffd6f0, op_array=0x1, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:3395 #24 0x0820d235 in execute (op_array=0x405dee94, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/Zend/zend_execute.c:1260 #25 0x081f273a in zend_execute_scripts (type=8, tsrm_ls=0x8419ff8, retval=0x0, file_count=3) at /root/software/php-5.0.0b3/Zend/zend.c:1048 #26 0x081be1c4 in php_execute_script (primary_file=0xbffffae0, tsrm_ls=0x8419ff8) at /root/software/php-5.0.0b3/main/main.c:1638 #27 0x08218b3c in main (argc=2, argv=0xbffffb64) at /root/software/php-5.0.0b3/sapi/cli/php_cli.c:910 (gdb) quit A debugging session is active. Do you still want to close the debugger?(y or n) y gloomy:/mnt/storage/usr/lib/php-bin/vhosts/bwiberg.dyndns.org/admin/phpSysInfo# -- Edit bug report at http://bugs.php.net/?id=27161&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=27161&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=27161&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=27161&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=27161&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=27161&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=27161&r=needscript Try newer version: http://bugs.php.net/fix.php?id=27161&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=27161&r=support Expected behavior: http://bugs.php.net/fix.php?id=27161&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=27161&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=27161&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=27161&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27161&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=27161&r=dst IIS Stability: http://bugs.php.net/fix.php?id=27161&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=27161&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=27161&r=float
