ID: 13698
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Reproducible crash
Operating System: Linux 2.4.14-pre3/glibc 2.2.2
PHP Version: 4.0CVS-2001-10-29
New Comment:
zlib.output_compression is off.
--enable-debug is required, since string without '\0' will not be tested without
--enable-debug.You probably knows about it, just in case :)
I'll test this problem again, please wait a moment.
Previous Comments:
------------------------------------------------------------------------
[2001-11-10 11:58:04] [EMAIL PROTECTED]
Is this with zlib.output_compression turned off?
------------------------------------------------------------------------
[2001-10-29 04:16:12] [EMAIL PROTECTED]
It crashes today's CVS source with newer kernel.
------------------------------------------------------------------------
[2001-10-19 23:17:25] [EMAIL PROTECTED]
I'm using 4.1.0RC1 for this comment.
I build CGI version, with following configure.
'./configure' \
'--enable-mbstring' \
'--enable-mbstr-enc-trans' \
'--enable-debug' \
but, I didn't get segfault this time. Therefore, it may not be related to
--enable-mbstr-enc-trans after all :)
I still get segfault with longer config and backtrace is the same. Anyway, since no
one seems to be interested in this bug, I've take look at what is really wrong. The
segfualt occurs in this macro def. (zend_API.h)
#define CHECK_ZVAL_STRING_REL(z) \
if ((z)->value.str.val[ (z)->value.str.len ] != '\0') zend_error(E_WARNING,
"String is not zero-terminated (%s) (source: %s:%d)", (z)->value.str.val
ZEND_FILE_LINE_RELAY_CC);
(gdb) print zvalue->value.str.val[ zvalue->value.str.len ]
Cannot access memory at address 0x0
(gdb) print zvalue->value.str.val
$1 = 0x0
(gdb) print zvalue->value.str.len
$2 = 0
(gdb)
------------------------------------------------------------------------
[2001-10-16 19:23:58] [EMAIL PROTECTED]
CGI version segfaults at the end of test script.(i.e. at the end of "./php -q
run-tests.php")
It happens both HAED (4.2.0-dev) and RC (4.1.0RC). It seems --enable-mbstr-enc-trans
is the cause.
==CONFIGURE(4.1.0RC)==
I cannot reproduce segfault with 4.2.0-dev using this simple configure line I
attached more complex configure for 4.2.0-dev that causes segfault.
./configure --enable-mbstring --enable-mbstr-enc-trans --ena
ble-debug
without --enable-mbstr-enc-trans, php doesn't segfaults.
==BACKTRACE(4.1.0RC)==
[yohgaki@dev RC]$ gdb -c core
GNU gdb 20010318
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i586-redhat-linux".
Core was generated by `/home/yohgaki/cvs/php/RC/php -C -q
/home/yohgaki/cvs/php/RC/run-tests.php /home'.
Program terminated with signal 11, Segmentation fault.
#0 0x0811a453 in ?? ()
(gdb) file php
Reading symbols from php...done.
(gdb) bt
#0 0x0811a453 in _zval_dtor (zvalue=0x81e9c6c,
__zend_filename=0x817d27c "zend_execute_API.c", __zend_lineno=268)
at zend_variables.c:43
#1 0x08111c82 in _zval_ptr_dtor (zval_ptr=0x81edd60,
__zend_filename=0x817db13 "zend_variables.c", __zend_lineno=192)
at zend_execute_API.c:268
#2 0x0811a8ab in _zval_ptr_dtor_wrapper (zval_ptr=0x81edd60) at zend_variables.c:192
#3 0x081211b9 in zend_hash_destroy (ht=0x81e5404) at zend_hash.c:541
#4 0x0811a4d1 in _zval_dtor (zvalue=0x81e53c4,
__zend_filename=0x817d27c "zend_execute_API.c", __zend_lineno=268)
at zend_variables.c:51
#5 0x08111c82 in _zval_ptr_dtor (zval_ptr=0x81eddf8,
__zend_filename=0x817db13 "zend_variables.c", __zend_lineno=192)
at zend_execute_API.c:268
#6 0x0811a8ab in _zval_ptr_dtor_wrapper (zval_ptr=0x81eddf8) at zend_variables.c:192
#7 0x081211b9 in zend_hash_destroy (ht=0x81befc8) at zend_hash.c:541
#8 0x08111992 in shutdown_executor () at zend_execute_API.c:172
#9 0x0811b782 in zend_deactivate () at zend.c:600
#10 0x0806243c in php_request_shutdown (dummy=0x0) at main.c:736
#11 0x08060d83 in main (argc=5, argv=0xbffff89c) at cgi_main.c:775
#12 0x400b91be in ?? ()
(gdb)
==CONFIGURE(4.2.0-dev)==
without --enable-mbstr-enc-trans, php doesn't segfaults.
'./configure' \
'--disable-short-tags' \
'--without-mysql' \
'--with-bz2' \
'--with-curl' \
'--with-ftp' \
'--with-iconv' \
'--with-mhash' \
'--with-mcrypt' \
'--with-openssl' \
'--with-pgsql' \
'--with-regex=system' \
'--with-zlib' \
'--with-gd=/usr' \
'--enable-gd-native-ttf' \
'--with-freetype-dir=/usr/local' \
'--with-jpeg-dir=/usr' \
'--with-png-dir=/usr' \
'--with-xpm-dir=/usr/X11R6' \
'--enable-bcmath' \
'--enable-ftp' \
'--enable-shmop' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-sockets' \
'--enable-mbstring' \
'--enable-mbstr-enc-trans' \
'--enable-memory-limit' \
'--enable-wddx' \
'--enable-debug' \
==BACKTRACE(4.2.0-dev)==
[yohgaki@dev HEAD]$ gdb -c core
GNU gdb 20010318
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i586-redhat-linux".
Core was generated by `/home/yohgaki/cvs/php/HEAD/php -C -q
/home/yohgaki/cvs/php/HEAD/run-tests.php /'.
Program terminated with signal 11, Segmentation fault.
#0 0x0814e4c3 in ?? ()
(gdb) file php
Reading symbols from php...done.
(gdb) bt
#0 0x0814e4c3 in _zval_dtor (zvalue=0x82349e4,
__zend_filename=0x81add5c "zend_execute_API.c", __zend_lineno=268)
at zend_variables.c:43
#1 0x08145c02 in _zval_ptr_dtor (zval_ptr=0x8238ae0,
__zend_filename=0x81ae5f3 "zend_variables.c", __zend_lineno=189)
at zend_execute_API.c:268
#2 0x0814e8db in _zval_ptr_dtor_wrapper (zval_ptr=0x8238ae0) at zend_variables.c:189
#3 0x081551e9 in zend_hash_destroy (ht=0x82301ac) at zend_hash.c:541
#4 0x0814e541 in _zval_dtor (zvalue=0x823016c,
__zend_filename=0x81add5c "zend_execute_API.c", __zend_lineno=268)
at zend_variables.c:51
#5 0x08145c02 in _zval_ptr_dtor (zval_ptr=0x8238b78,
__zend_filename=0x81ae5f3 "zend_variables.c", __zend_lineno=189)
at zend_execute_API.c:268
#6 0x0814e8db in _zval_ptr_dtor_wrapper (zval_ptr=0x8238b78) at zend_variables.c:189
#7 0x081551e9 in zend_hash_destroy (ht=0x81ef288) at zend_hash.c:541
#8 0x08145912 in shutdown_executor () at zend_execute_API.c:172
#9 0x0814f7b2 in zend_deactivate () at zend.c:600
#10 0x08069b7c in php_request_shutdown (dummy=0x0) at main.c:736
#11 0x08068473 in main (argc=5, argv=0xbffff88c) at cgi_main.c:775
#12 0x403f81be in ?? ()
(gdb)
--
Yasuo Ohgaki
------------------------------------------------------------------------
Edit this bug report at http://bugs.php.net/?id=13698&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
