ID:               38534
 Updated by:       [EMAIL PROTECTED]
 Reported By:      dgehl at inverse dot ca
-Status:           Open
+Status:           Closed
 Bug Type:         Reproducible crash
 Operating System: RHEL 4
 PHP Version:      4.4.4
 New Comment:

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Previous Comments:

[2006-08-28 17:21:01] dgehl at inverse dot ca


session_set_save_handler('open', 'close', 'read', 'write', 'destroy',

setlocale(LC_ALL, $lang_charset);
@putenv('LANG=' . $lang_charset);
@putenv('LANGUAGE=' . $lang_charset);

$locale = setlocale(LC_TIME, 0);
setlocale(LC_TIME, 'C');
setlocale(LC_TIME, $locale);

function open($save_path, $session_name) {
  return true;

function close() {
  return true;

function read($id) {
  $locale = setlocale(LC_TIME, 0);
  setlocale(LC_TIME, 'C');
  setlocale(LC_TIME, $locale);

function write($id, $session_data) {
  $locale = setlocale(LC_TIME, 0);
  setlocale(LC_TIME, 'C');
  setlocale(LC_TIME, $locale);

function destroy($id) {
  $locale = setlocale(LC_TIME, 0);
  setlocale(LC_TIME, 'C');
  setlocale(LC_TIME, $locale);

function gc($maxlifetime = 300) {
  $locale = setlocale(LC_TIME, 0);
  setlocale(LC_TIME, 'C');
  setlocale(LC_TIME, $locale);


[2006-08-21 13:17:53] [EMAIL PROTECTED]

Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


[2006-08-21 13:15:59] dgehl at inverse dot ca

PHP segfaults on the setlocale function. I can reproduce this bug also
with php 4.3.9

Here are the PHP and apache versions:

# httpd -v
Server version: Apache/2.0.52
Server built:   Aug  2 2006 05:21:10

# php -v
PHP 4.4.4 (cgi) (built: Aug 21 2006 08:52:53) (DEBUG)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies

Reproduce code:
1. Install Horde 3.1.3, IMP 4.1.3 (
2. Configure horde with
$conf['log']['priority'] = PEAR_LOG_DEBUG
$conf['sessionhandler']['type'] = 'pgsql';
3. Open the Horde login page in a browser, followed by several other
pages. The bug is not related to one particular page, but will appear
sometime ...

Expected result:
no segfault

Actual result:
PHP was compiled with
'./configure' '--host=i686-redhat-linux-gnu'
'--build=i686-redhat-linux-gnu' '--target=i386-redhat-linux'
'--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib'
'--libexecdir=/usr/libexec' '--localstatedir=/var'
'--sharedstatedir=/usr/com' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--cache-file=../config.cache'
'--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d'
'--enable-force-cgi-redirect' '--enable-debug' '--enable-pic'
'--disable-rpath' '--enable-inline-optimization' '--with-bz2'
'--with-db4=/usr' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr'
'--with-png-dir=/usr' '--with-gd=shared' '--enable-gd-native-ttf'
'--without-gdbm' '--with-gettext' '--with-ncurses=shared' '--with-gmp'
'--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-png'
'--with-pspell' '--with-xml' '--with-expat-dir=/usr'
'--with-dom=shared,/usr' '--with-dom-xslt=/usr' '--with-dom-exslt=/usr'
'--with-xmlrpc=shared' '--with-pcre-regex=/usr' '--with-zlib'
'--with-mcrypt' '--with-layout=GNU' '--enable-exif' '--enable-ftp'
'--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem'
'--enable-sysvshm' '--enable-track-vars' '--enable-trans-sid'
'--with-pear=/usr/share/pear' '--with-imap=shared' '--with-imap-ssl'
'--with-kerberos' '--with-ldap=shared' '--with-mysql=shared,/usr'
'--with-pgsql=shared' '--with-snmp=shared,/usr' '--with-snmp=shared'
'--enable-ucd-snmp-hack' '--with-unixODBC=shared,/usr'
'--disable-memory-limit' '--disable-ipv6' '--enable-shmop'
'--enable-calendar' '--enable-dbx' '--enable-dio'
'--enable-mbstring=shared' '--enable-mbstr-enc-trans'
'--enable-mbregex' '--with-mime-magic=/usr/share/file/magic.mime'

And here's a gdb backtrace:

(gdb) bt
#0  0x00377a2c in memcpy () from /lib/tls/
#1  0x01125795 in _mem_block_check (ptr=0x9a286dc, silent=0,
ng.c", __zend_lineno=3153, __zend_orig_filename=0x0,
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_alloc.c:698
#2  0x01125757 in _mem_block_check (ptr=0x9a286dc, silent=1,
ng.c", __zend_lineno=3153, __zend_orig_filename=0x0,
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_alloc.c:690
#3  0x01124aa4 in _efree (ptr=0x9a286dc,
ng.c", __zend_lineno=3153, __zend_orig_filename=0x0,
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_alloc.c:258
#4  0x010d6c42 in zif_setlocale (ht=2, return_value=0x9a7045c,
    at /usr/src/redhat/BUILD/php-4.4.4/ext/standard/string.c:3153
#5  0x0114bd8a in execute (op_array=0x95d9cb4)
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute.c:1675
#6  0x0114bfb6 in execute (op_array=0x979af2c)
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute.c:1719
#7  0x0112d7ab in call_user_function_ex (function_table=0x97ac060,
    object_pp=0x97a4610, function_name=0x979b6fc,
    param_count=2, params=0x9a68f9c, no_separation=1,
---Type <return> to continue, or q <return> to quit---
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute_API.c:570
#8  0x0112ce4d in call_user_function (function_table=0x94a9140,
    function_name=0x97a46ec, retval_ptr=0x9ad6de4, param_count=2,
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute_API.c:407
#9  0x01076fad in ps_call_handler (func=0x97a46ec, argc=2,
    at /usr/src/redhat/BUILD/php-4.4.4/ext/session/mod_user.c:60
#10 0x01077576 in ps_write_user (mod_data=0x1195b50,
    key=0x97509a4 "0c603dda253af1e1e712d42b20dfb3c7",
ser\";s:23:\"[EMAIL PROTECTED]";s:6:\"server\";s:9:\"localhost\";s:3:\"ac
l\";b:0;s:5:"..., vallen=80442)
    at /usr/src/redhat/BUILD/php-4.4.4/ext/session/mod_user.c:148
#11 0x01072f90 in php_session_save_current_state ()
    at /usr/src/redhat/BUILD/php-4.4.4/ext/session/session.c:727
#12 0x0107610c in php_session_flush ()
    at /usr/src/redhat/BUILD/php-4.4.4/ext/session/session.c:1683
#13 0x01076150 in zm_deactivate_session (type=1, module_number=8)
    at /usr/src/redhat/BUILD/php-4.4.4/ext/session/session.c:1697
#14 0x0113a76c in module_registry_cleanup (module=0x9546760)
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_API.c:1168
#15 0x0113d57e in zend_hash_apply (ht=0x1199f60,
---Type <return> to continue, or q <return> to quit---
    apply_func=0x113a729 <module_registry_cleanup>)
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_hash.c:703
#16 0x011369bf in zend_deactivate_modules ()
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend.c:674
#17 0x010fe32b in php_request_shutdown (dummy=0x0)
    at /usr/src/redhat/BUILD/php-4.4.4/main/main.c:984
#18 0x01151543 in php_apache_request_dtor (r=0x95adf30)
#19 0x01151baf in php_handler (r=0x95adf30)
#20 0x00f7c9d7 in ap_run_handler () from /usr/sbin/httpd
#21 0x00f7ce43 in ap_invoke_handler () from /usr/sbin/httpd
#22 0x00f798c5 in ap_process_request () from /usr/sbin/httpd
#23 0x00f7463f in _start () from /usr/sbin/httpd
#24 0x095adf30 in ?? ()
#25 0x00000004 in ?? ()
#26 0x095adf30 in ?? ()
#27 0x095a1a38 in ?? ()
#28 0x095a1ee7 in ?? ()
#29 0x00000000 in ?? ()
(gdb) frame 5
#5  0x0114bd8a in execute (op_array=0x95d9cb4)
    at /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute.c:1675
1675    /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute.c: No such
file or directory.
        in /usr/src/redhat/BUILD/php-4.4.4/Zend/zend_execute.c

(gdb) print (char
$1 = 0x1161c1d "setlocale"

(gdb) print (char *)executor_globals.active_op_array->function_name
$2 = 0x95d1bc4 "logmessage"

(gdb) print (char *)executor_globals.active_op_array->filename
$3 = 0x95d8a2c "/var/www/html/horde-3.1.3/lib/Horde.php"


Edit this bug report at

Reply via email to