ID: 19325 Updated by: [EMAIL PROTECTED] Reported By: screen at brainkrash dot com -Status: Open +Status: Closed Bug Type: Apache related Operating System: Win2000 -PHP Version: php4-win32-200211061900 +PHP Version: 4-win32-200211061900 New Comment:
wrong version used -> bug got lost. Closing since I can't reproduce this with latest stable CVS. Previous Comments: ------------------------------------------------------------------------ [2002-11-06 14:20:57] screen at brainkrash dot com The problem still persists in the latest daily build. ------------------------------------------------------------------------ [2002-11-06 09:25:26] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-latest.zip ------------------------------------------------------------------------ [2002-09-10 07:33:03] screen at brainkrash dot com Ok, i've created the simplest example I can. Unfortunately it's not as simple as i'd like. It requires a php handler to be defined in apache. The example handles a page request for the defined path in apache. It checks the requested type and includes php files with an output buffer function which then registered a shutdown function. This is done so that the output can still be captured if the requested php file performs an exit;. The crash doesn't occur unless the requested file generates multiple browser requests for files within the handled path (i haven't tested with files outside this path). Here's the link to the example: http://brainkrash.com/~screen/brainkrash_debug.zip the README.txt file contains apache conf, file layout, and reproduction instructions. ------------------------------------------------------------------------ [2002-09-10 06:00:40] screen at brainkrash dot com Through a long night of compiling i've generated the following debug information. I hope it's helpful. As far as generating code, i'll try and see what I can do. To be honest i'm completely uncertain as to even where to begin. I'll try though... Unhandled exception in Apache.exe (NTDLL.DLL): 0xC0000005: Access Violation. Call Stack: NTDLL! 77fcb032() _emalloc(unsigned int 10, char * 0x00a709bc `string', unsigned int 227, char * 0x00000000, unsigned int 0) line 154 + 62 bytes _estrdup(const char * 0x005896d0, char * 0x00a709bc `string', unsigned int 227, char * 0x00000000, unsigned int 0) line 335 + 25 bytes sapi_get_default_content_type(void * * * 0x005de040) line 227 + 29 bytes php_apache_get_default_mimetype(request_rec * 0x00726fb8, void * * * 0x005de040) line 456 + 10 bytes send_php(request_rec * 0x00726fb8, int 0, char * 0x00727b58) line 551 + 13 bytes send_parsed_php(request_rec * 0x00726fb8) line 578 + 13 bytes ap_invoke_handler(request_rec * 0x00726fb8) line 517 + 10 bytes process_request_internal(request_rec * 0x00726fb8) line 1308 + 9 bytes ap_process_request(request_rec * 0x00726fb8) line 1324 + 9 bytes child_sub_main(int 0) line 5928 child_main(int 0) line 5998 + 9 bytes _threadstartex(void * 0x005ddf80) line 212 + 13 bytes KERNEL32! 77e887dd() Registers: EAX = 00000000 EBX = 00000247 ECX = 00000000 EDX = 043814D0 ESI = 04380000 EDI = 04380298 EIP = 77FCB032 ESP = 0127F9C0 EBP = 0127FB58 EFL = 00000246 CS = 001B DS = 0023 ES = 0023 SS = 0023 FS = 003B GS = 0000 OV=0 UP=0 EI=1 PL=0 ZR=1 AC=0 PE=1 CY=0 ST0 = +4.97601634110320460e+3400 ST1 = +0.58830211741752350e+4085 ST2 = -0.00828635751169817e+4399 ST3 = +0.00000000000000000e+0000 ST4 = -3.97005806646183370e+4383 ST5 = +0.00635385167867965e+4930 ST6 = +9.64965820312500000e-0001 ST7 = +2.00000000000000000e+0001 CTRL = 027F STAT = 0120 TAGS = FFFF EIP = 1024929D CS = 001B DS = 0023 EDO = 0127F264 Disassembly: 77FCAFFF add byte ptr ds:[0FFFh],al 77FCB005 and ax,0F000h 77FCB009 jmp 77FCC95D 77FCB00E mov byte ptr [edi+5],al 77FCB011 push dword ptr [ebp-30h] 77FCB014 mov esi,dword ptr [ebp-5Ch] 77FCB017 push esi 77FCB018 call 77F83573 77FCB01D mov ecx,dword ptr [ebp-30h] 77FCB020 mov eax,dword ptr [ecx+8] 77FCB023 mov dword ptr [ebp-128h],eax 77FCB029 mov ecx,dword ptr [ecx+0Ch] 77FCB02C mov dword ptr [ebp-12Ch],ecx > 77FCB032 mov dword ptr [ecx],eax 77FCB034 mov dword ptr [eax+4],ecx 77FCB037 cmp eax,ecx 77FCB039 je 77FCD49C 77FCB03F mov eax,dword ptr [ebp-30h] 77FCB042 movzx ecx,word ptr [eax] 77FCB045 sub dword ptr [esi+28h],ecx 77FCB048 movzx eax,word ptr [eax] 77FCB04B add ebx,eax 77FCB04D mov dword ptr [ebp-58h],ebx 77FCB050 cmp ebx,0FE00h 77FCB056 jbe 77FCB065 77FCB058 push ebx 77FCB059 push edi 77FCB05A push esi 77FCB05B call 77FCBA97 77FCB060 jmp 77FCB4E2 77FCB065 mov word ptr [edi],bx 77FCB068 test byte ptr [edi+5],10h 77FCB06C je 77FCD4D6 77FCB072 cmp bx,80h 77FCB077 jb 77FCD4E0 77FCB07D and byte ptr [edi+5],10h 77FCB081 lea edx,[esi+178h] 77FCB087 mov dword ptr [ebp-150h],edx 77FCB08D cmp dword ptr [esi+170h],0 77FCB094 je 77FCD544 77FCB09A movzx eax,bx 77FCB09D push eax 77FCB09E push esi ------------------------------------------------------------------------ [2002-09-10 05:27:11] [EMAIL PROTECTED] Could you try to isolate a small piece of code that craches Apache? ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/19325 -- Edit this bug report at http://bugs.php.net/?id=19325&edit=1