ID: 28565 Updated by: [EMAIL PROTECTED] Reported By: gavin at vess dot com -Status: Feedback +Status: No Feedback Bug Type: Scripting Engine problem Operating System: Linux 2.6.5 PHP Version: 4CVS-2004-05-29 (stable) New Comment:
No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". Previous Comments: ------------------------------------------------------------------------ [2004-05-31 12:04:00] [EMAIL PROTECTED] Recategorize, and you really need to come up with a small piece of example code, otherwise it's very hard to debug this. ------------------------------------------------------------------------ [2004-05-29 02:26:31] gavin at vess dot com Description: ------------ First, this is a Zend engine 1 problem (but I don't see that as an option in the bug report form). I am using a copy of php4-STABLE from 2 days ago, compiled with debuging enabled. Backtrace included below showing SEGV. Zend's output ============= pws/setup/set_config.php --------------------------------------- Zend/zend_ini.c(53) : Block 0x08A06B40 status: Beginning: Overrun (magic=0x6D6F682F, expected=0x7312F8DC) The fast cgi process then terminated itself. Reproduce code: --------------- Download http://phpwebsite.appstate.edu/downloads/daily-cvs/phpwebsite-cvs-core.tar.gz In setup/set_config.php, find "PHPWS_Form::formHidden" near line 234. Replace all code from there to end of file with: echo PHPWS_Form::formHidden($back); echo PHPWS_Form::formSubmit("Return to Setup"); } } ?> </body> </html> Expected result: ---------------- PHP process dies when accesing the web page /pws/. Strangely, commenting out either one of the two echo's above results in a normal page creation. Also, replacing the trivial method bodies of formHidden and/or formSubmit with a simple "return 'hello world'" does not stop PHP from dying. Also odd, adding "<? exit(); ?>" to the end of the file results in a normal page creation .. but looking at the backtrace, I can see how that is related to the area seg faulting. Actual result: -------------- '/home/vess/tiffany.vess.com/pws/setup/set_config.php' --------------------------------------- /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_ini.c(53) : Block 0x082D7348 status: Beginning: Overrun (magic=0x6D6F682F, expected=0x7312F8DC) Program received signal SIGSEGV, Segmentation fault. _mem_block_check (ptr=0x82d736c, silent=0, __zend_filename=0x81bb228 "/var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_ini.c", __zend_lineno=53, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_alloc.c:675 675 memcpy(&end_magic, (((char *) p)+sizeof(zend_mem_header)+MEM_HEADER_PADDING+p->size), sizeof(long)); (gdb) bt #0 _mem_block_check (ptr=0x82d736c, silent=0, __zend_filename=0x81bb228 "/var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_ini.c", __zend_lineno=53, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_alloc.c:675 #1 0x08151592 in _mem_block_check (ptr=0x82d736c, silent=1, __zend_filename=0x81bb228 "/var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_ini.c", __zend_lineno=53, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_alloc.c:683 #2 0x08150ae2 in _efree (ptr=0x82d736c, __zend_lineno=53, __zend_orig_lineno=0) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_alloc.c:243 #3 0x08168cdd in zend_restore_ini_entry_cb (ini_entry=0x81dfda8, stage=8) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_ini.c:53 #4 0x08163d7c in zend_hash_apply_with_argument (ht=0x81dbbe0, apply_func=0x8168c93 <zend_restore_ini_entry_cb>, argument=0x8) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_hash.c:717 #5 0x08168dda in zend_ini_deactivate () at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend_ini.c:89 #6 0x0815ee33 in zend_deactivate () at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/Zend/zend.c:674 #7 0x081353d9 in php_request_shutdown (dummy=0x0) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/main/main.c:996 #8 0x08175c80 in main (argc=7, argv=0xbffff7e4) at /var/tmp/portage/gb_phpbeta-4.3.7/work/gb_phpbeta-4.3.7/sapi/cgi/cgi_main.c:1774 (gdb) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=28565&edit=1