ID: 34568
User updated by: roso at despammed dot com
Reported By: roso at despammed dot com
Status: Open
Bug Type: Apache2 related
Operating System: Fedora 2
PHP Version: 5.1.0RC1
New Comment:
I just posted the core dump for the process that ended with a
Segmentation fault after trying to PUT a file in a Webdav folder.
Also, I just found out that there are many other processes ending with
a Segmentation fault, all of them happening when the server looking for
a file which is not found is trying to access a 404 custom file made in
PHP. if I change the 404 to a simple HTML everything is back to normal.
Therefore, it seems that the PHP (5.1.0RC1) is responsible for this
fault. It used to work with the previous version (5.1.0b3).
Previous Comments:
------------------------------------------------------------------------
[2005-09-22 02:55:05] roso at despammed dot com
Thread 1 (process 22993):
#0 0xb7bb3510 in _zend_hash_index_update_or_next_insert
(ht=0xb7e67af8, h=0,
pData=0xbfffda30, nDataSize=12, pDest=0x0, flag=1)
at /tmp/php-5.1.0RC1/Zend/zend_hash.c:354
nIndex = 0
p = (Bucket *) 0x0
#1 0xb7bb4d2d in zend_list_insert (ptr=0x0, type=0)
at /tmp/php-5.1.0RC1/Zend/zend_list.c:47
index = 0
le = {ptr = 0x846ef8c, type = 2, refcount = 1}
#2 0xb7bb4e09 in zend_register_resource (rsrc_result=0x0,
rsrc_pointer=0x846ef8c,
rsrc_type=2) at /tmp/php-5.1.0RC1/Zend/zend_list.c:99
rsrc_id = 0
#3 0xb7b8a698 in _php_stream_alloc (ops=0x0, abstract=0x0,
persistent_id=0x0,
mode=0xb7cece68 "rb") at
/tmp/php-5.1.0RC1/main/streams/streams.c:263
le = {ptr = 0x11, type = 0, refcount = -1073751384}
ret = (php_stream *) 0x846ef8c
#4 0xb7b8e3e7 in _php_stream_fopen_from_fd (fd=0, mode=0xb7cece68
"rb",
persistent_id=0x0)
at /tmp/php-5.1.0RC1/main/streams/plain_wrapper.c:204
self = (php_stdio_stream_data *) 0x845ee14
stream = (php_stream *) 0x0
#5 0xb7b8ede4 in _php_stream_fopen
(filename=0x846c090 "/www/_error/404/index.php",
mode=0xb7cece68 "rb", opened_path=0xbfffeeb8, options=133)
at /tmp/php-5.1.0RC1/main/streams/plain_wrapper.c:881
realpath = 0x83587e4 "/www/_error/404/index.php"
open_flags = 0
fd = 17
ret = (php_stream *) 0x846c090
persistent = 17
persistent_id = 0x0
#6 0xb7b8f525 in _php_stream_fopen_with_path (
filename=0x846c090 "/www/_error/404/index.php", mode=0xb7cece68
"rb",
path=0x8385f60 ".:/www/_php/pear", opened_path=0xbfffeeb8,
options=133)
at /tmp/php-5.1.0RC1/main/streams/plain_wrapper.c:1275
pathbuf = 0x10 <Address 0x10 out of bounds>
ptr = 0x85 <Address 0x85 out of bounds>
end = 0x846c090 "/www/_error/404/index.php"
exec_fname = 0x2 <Address 0x2 out of bounds>
trypath =
"eregi\000ÿ¿\002\000\000\000\020\000\000\000ereg_replace\000
\000\000\000ereg\000ïÿ¿\002\000\000\000\020\000\000\000is_callable\000\020\000
\000\000is_scalar\000\000\000\020\000\000\000is_object\000\000\000\020\000\000
\000is_array\000\000\000\000\020\000\000\000is_string\000\000\000\020\000\000
\000is_numeric\000\000\020\000\000\000is_real\000\002\000\000\000\020\000\000
\000is_double\000\000\000\020\000\000\000is_integer\000\000\020\000\000
\000is_int\000¿"...
sb = {st_dev = 13835039827440987236, __pad1 = 2, st_ino = 16,
st_mode
= 1600942451,
st_nlink = 1667720562, st_uid = 6648673, st_gid = 16, st_rdev =
13835039365436895082,
__pad2 = 2, st_size = 16, st_blksize = 1768714355, st_blocks =
-1090492044,
st_atim = {
tv_sec = 2, tv_nsec = 16}, st_mtim = {tv_sec = 1768714355, tv_nsec
= -
1073807244},
st_ctim = {tv_sec = 2, tv_nsec = 16}, __unused4 = 1734701669,
__unused5 =
1701994345}
stream = (php_stream *) 0x8d
path_length = 138854544
exec_fname_length = 141
#7 0xb7b8c572 in _php_stream_open_wrapper_ex
(path=0x846c090 "/www/_error/404/index.php",
mode=0xb7cece68 "rb", options=141, opened_path=0x85, context=0x0)
at /tmp/php-5.1.0RC1/main/streams/streams.c:1771
stream = (php_stream *) 0x0
wrapper = (php_stream_wrapper *) 0xb7e36028
path_to_open = 0x846c090 "/www/_error/404/index.php"
persistent = 0
copy_of_path = 0x0
#8 0xb7b7cf34 in php_stream_open_for_zend
(filename=0x846c090 "/www/_error/404/index.php",
handle=0xbfffeeb0) at /tmp/php-5.1.0RC1/main/main.c:852
stream = (php_stream *) 0x0
#9 0xb7bba32b in zend_stream_open
(filename=0x846c090 "/www/_error/404/index.php",
handle=0xbfffeeb0) at /tmp/php-5.1.0RC1/Zend/zend_stream.c:47
No locals.
#10 0xb7bba3ec in zend_stream_fixup (file_handle=0xbfffeeb0)
at /tmp/php-5.1.0RC1/Zend/zend_stream.c:62
No locals.
#11 0xb7b96c88 in open_file_for_scanning (file_handle=0xbfffeeb0)
at Zend/zend_language_scanner.c:3068
file_path = 0x0
#12 0xb7b96d70 in compile_file (file_handle=0xbfffeeb0, type=2)
at Zend/zend_language_scanner.c:3154
original_lex_state = {buffer_state = 0x0, state = 0, in = 0x0,
lineno
= 0,
filename = 0x0}
op_array = (zend_op_array *) 0x845ebf4
original_active_op_array = (zend_op_array *) 0x0
retval = (zend_op_array *) 0xbfffedec
compiler_result = -1073746256
compilation_successful = 176 '°'
retval_znode = {op_type = 1, u = {constant = {value = {lval =
1,
dval = 1.4950491347092096e+93, str = {val = 0x1 <Address 0x1
out of
bounds>,
len = 1397157752}, ht = 0x1, obj = {handle = 1, handlers =
0x5346ef78}},
refcount = 1, type = 1 '\001', is_ref = 0 '\0'}, var = 1,
opline_num = 1,
op_array = 0x1, jmp_addr = 0x1, EA = {var = 1, type =
1397157752}}}
original_in_compilation = 0 '\0'
#13 0xb7bae117 in zend_execute_scripts (type=2, retval=0x0,
file_count=1)
at /tmp/php-5.1.0RC1/Zend/zend.c:1070
files = 0xbfffedf0 ""
i = 0
file_handle = (zend_file_handle *) 0xbfffeeb0
orig_op_array = (zend_op_array *) 0x0
local_retval = (zval *) 0x0
#14 0xb7c0c638 in php_handler (r=0x8468440)
at /tmp/php-5.1.0RC1/sapi/apache2handler/sapi_apache2.c:564
zfd = {type = 0 '\0', filename = 0x846c090
"/www/_error/404/index.php",
opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle =
0x0,
reader = 0,
closer = 0, fteller = 0, interactive = 0}}, free_filename = 0
'\0'}
orig_bailout = {{__jmpbuf = {0, 0, 0, 0, 0, 0},
__mask_was_saved = 0,
__saved_mask = {
__val = {0 <repeats 32 times>}}}}
ctx = (php_struct *) 0x8468388
conf = (void *) 0x8245268
brigade = (apr_bucket_brigade *) 0x0
bucket = (apr_bucket *) 0x0
rv = 0
parent_req = (request_rec *) 0x8468440
#15 0x080d5206 in ap_run_handler (r=0x8468440) at config.c:152
pHook = (ap_LINK_handler_t *) 0x0
n = 12
rv = 0
#16 0x080d571a in ap_invoke_handler (r=0x8468440) at config.c:364
new_handler = 0x1 <Address 0x1 out of bounds>
p2 = 0x0
handler = 0x0
result = 138839104
old_handler = 0x8245250 "application/x-httpd-php"
#17 0x080afe59 in ap_internal_redirect (new_uri=0x82482f8
"/error/404/?e",
r=0x8462fa0)
at http_request.c:465
new = (request_rec *) 0x8468440
access_status = 0
#18 0x080af906 in ap_process_request (r=0x8462fa0) at
http_request.c:262
access_status = 1
#19 0x080aba01 in ap_process_http_connection (c=0x845cd08) at
http_core.c:251
r = (request_rec *) 0x8462fa0
csd_set = 0
csd = (apr_socket_t *) 0x0
#20 0x080de5a6 in ap_run_process_connection (c=0x845cd08) at
connection.c:43
pHook = (ap_LINK_process_connection_t *) 0x0
n = 1
rv = 0
#21 0x080d3da3 in child_main (child_num_arg=0) at prefork.c:610
ptrans = (apr_pool_t *) 0x845cbf8
allocator = (apr_allocator_t *) 0x845ab68
current_conn = (conn_rec *) 0x845cd08
status = 138792200
i = 1
lr = (ap_listen_rec *) 0x845aca8
curr_pollfd = 1
last_pollfd = 1
pollset = (apr_pollfd_t *) 0x845aca8
offset = 0
csd = (void *) 0x845cc30
sbh = (ap_sb_handle_t *) 0x845ac78
rv = 0
bucket_alloc = (apr_bucket_alloc_t *) 0x8460f60
#22 0x080d3ebc in make_child (s=0x81be458, slot=1) at prefork.c:704
pid = 0
#23 0x080d3fa3 in startup_children (number_to_start=4) at
prefork.c:722
i = 1
#24 0x080d469d in ap_mpm_run (_pconf=0x81b90a8, plog=0x82031d0, s=0x5)
at
prefork.c:941
index = 0
remaining_children_to_start = 5
rv = 0
#25 0x080d9606 in main (argc=4, argv=0xbffff274) at main.c:618
exit_status = 0
c = 68 'D'
configtestonly = 0
confname = 0x817a0e0 "conf/httpd.conf"
def_server_root = 0x817ad38 "/usr/local/apache2"
temp_error_log = 0x0
process = (process_rec *) 0x81b7120
server_conf = (server_rec *) 0x81be458
pglobal = (apr_pool_t *) 0x81b70a0
pconf = (apr_pool_t *) 0x81b90a8
plog = (apr_pool_t *) 0x82031d0
ptemp = (apr_pool_t *) 0x82011c8
pcommands = (apr_pool_t *) 0x81bb0b0
opt = (apr_getopt_t *) 0x81bb148
rv = 0
mod = (module **) 0x81be458
optarg = 0xbffffad9 "SSL"
signal_server = (apr_OFN_ap_signal_server_t *) 0x1
------------------------------------------------------------------------
[2005-09-20 23:03:51] [EMAIL PROTECTED]
>Maybe I need to backtrace Apache.
YES, that's exactly what I'm asking for and what is written in "How to
report..".
I'm not asking you to get the backtrace using CLI, I'm talking about
mod_php/mod_dav and the only way to get their backtraces is to trace
httpd (see the link Derick gave you for details).
------------------------------------------------------------------------
[2005-09-20 22:51:28] roso at despammed dot com
In fact, the problem doesn't come up when accessing a php script.
Please read my report. The problem is that I cannot PUT a file in a
Webdav folder after upgrading the PHP from php-5.1.0b3 to 5.1.0RC1.
And the problem is replicated on two servers with PHP 5.1.0RC1 and
mod_dav on Apache 2.0.54.
If I --enable-debug that would help catching errors when accessing a
php script, right? Maybe I need to backtrace Apache.
------------------------------------------------------------------------
[2005-09-20 22:35:39] [EMAIL PROTECTED]
>To make a backtrace I will need PHP configured with --enable-debug.
Yes.
Please reopen the report when you have the backtrace. Thanks.
------------------------------------------------------------------------
[2005-09-20 22:33:00] roso at despammed dot com
Yes, php works with or withouth mod_dav.
To make a backtrace I will need PHP configured with --enable-debug.
The problem described above is absolutely similar on two servers on
which I recently upgraded PHP from php-5.1.0b3 to 5.1.0RC1.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/34568
--
Edit this bug report at http://bugs.php.net/?id=34568&edit=1
