Bug #55704 [Opn->Csd]: php_flag engine off crashes apache
Edit report at https://bugs.php.net/bug.php?id=55704&edit=1
ID: 55704
User updated by: j dot amend at gmail dot com
Reported by: j dot amend at gmail dot com
Summary:php_flag engine off crashes apache
-Status: Open
+Status: Closed
Type: Bug
Package:Apache2 related
Operating System: Gentoo linux
PHP Version:5.4SVN-2011-09-19 (snap)
Block user comment: N
Private report: N
New Comment:
I just tested upgrading from RC4 and the release version, and I no longer get a
segfault when I do a config test or graceful/restart.
Previous Comments:
[2011-09-20 16:46:26] j dot amend at gmail dot com
I tried what I could, but I don't know C or how to use gdb properly. It looks
like var name makes it to _zend_hash_add_or_update intact as arKey, but then
the address of arKey mysteriously changes inside that function.
Breakpoint 1, _zend_hash_add_or_update (ht=0x10087d120, arKey=0x10088e298
"engine", nKeyLength=7, pData=0x7fff5fbff330, nDataSize=24, pDest=0x0, flag=1)
at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:201
201 TSRMLS_FETCH();
(gdb) info args
ht = (HashTable *) 0x10087d120
arKey = 0x10088e298 "engine"
nKeyLength = 7
pData = (void *) 0x7fff5fbff330
nDataSize = 24
pDest = (void **) 0x0
flag = 1
(gdb) print arKey
$6 = 0x10088e298 "engine"
(gdb) print &arKey
Address requested for identifier "arKey" which is in register $r13
(gdb) info address arKey
Symbol "arKey" is
0x1012e9a70 - 0x1012e9a98: in register rsi
0x1012e9a98 - 0x1012e9ace: in register r13
0x1012e9ace - 0x1012e9b94: in register rcx
0x1012e9b94 - 0x1012e9bc1: in register r13
0x1012e9bc1 - 0x1012e9c7c: in register rcx
0x1012e9c7c - 0x1012e9cd2: in register r13
0x1012e9d7f - 0x1012e9d8a: in register r13
0x1012e9d90 - 0x1012e9d9e: in register r13
0x1012e9da4 - 0x1012e9dff: in register r13
0x1012e9e2b - 0x1012e9f0f: in register r13
0x1012e9f15 - 0x1012e9f45: in register r13
0x1012e9fb5 - 0x1012e9fc6: in register r13
0x1012e9fd9 - 0x1012e9ff1: in register r13
0x1012ea00a - 0x1012ea02b: in register r13
0x1012ea062 - 0x1012ea0b0: in register r13.
(gdb) next
(gdb) print arKey
$6 = 0x10088e298 "engine"
(gdb) p/x $rcx
$17 = 0x10088e298
[...]
(gdb) next
278 case 6: hash = ((hash << 5) + hash) + *arKey++; /*
fallthrough... */
(gdb) p/x $rcx
$18 = 0x10088e299
[...]
(gdb) next
283 case 1: hash = ((hash << 5) + hash) + *arKey++; break;
(gdb) p/x $rcx
$21 = 0x10088e29e
(gdb) print (char*)0x10088e29e
$22 = 0x10088e29e ""
(gdb) next
218 p = ht->arBuckets[nIndex];
(gdb) print arKey
$24 = 0x10088e29e ""
(gdb) p/x *arKey
$27 = 0x0
[...]
(gdb) next
Breakpoint 8, _zend_hash_add_or_update (ht=0x10087d120, arKey=0x10088e298
"engine", nKeyLength=7, pData=0x7fff5fbff330, nDataSize=24, pDest=0x0, flag=1)
at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:253
253 p = (Bucket *) pemalloc(sizeof(Bucket) + nKeyLength,
ht->persistent);
(gdb) p/x *arKey
$32 = 0x65
(gdb) p/x $rcx
$33 = 0x10088e29e
(gdb) next
258 memcpy((char*)p->arKey, arKey, nKeyLength);
(gdb) p/x arKey
$41 = 0x10088e298
(gdb) print arKey
$42 = 0x10088e298 "engine"
[...]
(gdb) next
262 p->h = h;
(gdb) print arKey
$48 = 0x18
(gdb) p/x arKey
$49 = 0x18
(gdb) print *p
$51 = {
h = 0,
nKeyLength = 7,
pData = 0x100222bf0,
pDataPtr = 0x0,
pListNext = 0x2,
pListLast = 0x60001,
pNext = 0x52100010,
pLast = 0x0,
arKey = 0x100222be8 "engine"
}
[...]
(gdb) next
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x5448523c
0x0001012e9e72 in _zend_hash_add_or_update (ht=0x10087d120, arKey=0x18
, nKeyLength=7, pData=0x7fff5fbff330, nDataSize=24,
pDest=0x0, flag=1) at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:268
268 HANDLE_BLOCK_INTERRUPTIONS();
[2011-09-20 14:32:07] larue...@php.net
this is so weird, since in the frame #0, the arkey is an invalid pointer, but
it
shoud be exactlly same as the name in #1, since I can not reproduce this in my
environ, could you do me a favor and try to find out the reason for how could
this var be damaged?
you can try to use gdb httpd, make a break point "b real_value_hnd", then exam
it
step by step, thanks
[2011-09-20 13:43:29] j dot amend at gmail dot com
I just tried it with php5.4-201109192030 on my Mac (Apache/2.2.17, Mac OS X
10.6.7) with the same result.
#0 0x0001012e9e
[PHP-BUG] Bug #61306 [NEW]: Segfault at end of request
From: Operating system: Gentoo Linux PHP version: 5.4.0 Package: Apache2 related Bug Type: Bug Bug description:Segfault at end of request Description: Since PHP 5.4 RC5 (RC4 still works fine) and including the release, PHP is segfaulting on a few but not all requests, seemingly after the PHP script is executed but before it is sent to the browser. PHP 5.4.0--pl0-gentoo (cli) (built: Mar 6 2012 14:18:01) (DEBUG) Apache 2.2.21 (debug, mpm worker) zlib 1.2.5 Linux lws3 2.6.39-gentoo-r3 #1 SMP Tue Oct 4 18:09:16 EDT 2011 x86_64 Intel(R) Xeon(R) CPU E5645 @ 2.40GHz GenuineIntel GNU/Linux zlib.output_compression = Off php-config Usage: /usr/bin/php-config [OPTION] Options: --prefix[/usr/lib64/php5.4] --includes [-I/usr/lib64/php5.4/include/php -I/usr/lib64/php5.4/include/php/main -I/usr/lib64/php5.4/include/php/TSRM -I/usr/lib64/php5.4/include/php/Zend -I/usr/lib64/php5.4/include/php/ext -I/usr/lib64/php5.4/include/php/ext/date/lib] --ldflags [] --libs [-lcrypt -lc-client -lz -ltidy -lresolv -lcrypt -lreadline -lncurses -lmcrypt -lltdl -lonig -lcrypt -lpam -lt1 -lfreetype -lpng -lz -ljpeg -lgdbm -lcurl -lbz2 -lz -lpcre -lrt -lm -ldl -lnsl -lxml2 -lz -lm -lssl -lcrypto -lcurl -lrt -lz -lgnutls -lxml2 -lz -lm -lssl -lcrypto -lssl -lcrypto -lxml2 -lz -lm -lnetsnmp -lcrypt -lxml2 -lz -lm -lxml2 -lz -lm -lxml2 -lz -lm -lxml2 -lz -lm -lcrypt ] --extension-dir [/usr/lib64/php5.4/lib/extensions/debug-zts-20100525] --include-dir [/usr/lib64/php5.4/include/php] --man-dir [/usr/lib64/php5.4/man] --php-binary[/usr/lib64/php5.4/bin/php] --php-sapis [cli apache2handler] --configure-options [--prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --prefix=/usr/lib64/php5.4 --mandir=/usr/lib64/php5.4/man --infodir=/usr/lib64/php5.4/info --libdir=/usr/lib64/php5.4/lib --with-libdir=lib64 --without-pear --enable-maintainer-zts --disable-bcmath --with-bz2 --disable-calendar --enable-ctype --with-curl --without-curlwrappers --enable-dom --without-enchant --disable-exif --enable-fileinfo --enable-filter --enable-ftp --with-gettext --without-gmp --enable-hash --without-mhash --with-iconv --disable-intl --enable-ipv6 --enable-json --without-kerberos --enable-libxml --enable-mbstring --with-mcrypt --without-mssql --with-onig=/usr --with-openssl --with-openssl-dir=/usr --disable-pcntl --enable-phar --disable-pdo --without-pgsql --enable-posix --without-pspell --without-recode --enable-simplexml --disable-shmop --with-snmp --disable-soap --disable-sockets --without-sqlite3 --without-sybase-ct --disable-sysvmsg --disable-sysvsem --disable-sysvshm --with-tidy --enable-tokenizer --disable-wddx --enable-xml --enable-xmlreader --enable-xmlwriter --with-xmlrpc --without-xsl --enable-zip --with-zlib --enable-debug --enable-dba --without-cdb --without-db4 --disable-flatfile --with-gdbm --disable-inifile --without-qdbm --with-freetype-dir=/usr --with-t1lib=/usr --disable-gd-jis-conv --with-jpeg-dir=/usr --with-png-dir=/usr --without-xpm-dir --with-gd --with-imap --with-imap-ssl --with-mysql=mysqlnd --with-mysql-sock=/var/run/mysqld/mysqld.sock --with-mysqli=mysqlnd --with-readline --without-libedit --without-mm --with-pcre-regex=/usr --with-pcre-dir=/usr --with-config-file-path=/etc/php/cli-php5.4 --with-config-file-scan-dir=/etc/php/cli-php5.4/ext-active --disable-embed --enable-cli --disable-cgi --disable-fpm --without-apxs2] --version [5.4.0--pl0-gentoo] --vernum[50400] Test script: --- apache2 -f /etc/apache2/httpd.conf -k start -X test.php: http://localhost/test.php Expected result: Get consistent phpinfo() output every time Actual result: -- Most requests work, but a few come up blank because of a segfault httpd-error.log: ,.. [Tue Mar 06 13:37:42 2012] [notice] child pid 7091 exit signal Segmentation fault (11) ... backtrace: #0 0x74130cd7 in deflateEnd (strm=0x5a5a5a5a5a5a5a5a) at deflate.c:900 #1 0x71373d3a in php_zlib_cleanup_ob_gzhandler_mess (tsrm_ls=0x23ca570) at /usr/src/debug/dev-lang/php-5.4.0/sapis-build/apache2/ext/zlib/zlib.c:434 #2 0x713759d9 in zm_deactivate_zlib (type=1, module_number=6, tsrm_ls=0x23ca570) at /usr/src/debug/dev-lang/php-5.4.0/sapis-build/apache2/ext/zlib/zlib.c:972 #3 0x717c232b in zend_deactivate_modules (tsrm_ls=0x23ca570) at /usr/src/debug/dev-lang/php-5.4.0/sapis-build/apache2/Zend/zend_API.c:2325 #4 0x716f7d59 in php_request_shutdown (dummy=0x0) at /usr/src/debug/dev-lang/php-5.4.0/sapis-build/apache2/main/main.c:1755 #5 0x7193e583 in php_apache_request_dtor (r=0x191d43a0, tsrm_ls=0x23ca570) at /usr/src/debug/dev-lang/php-5.4.0/sapis-build/apache2/sapi/apache2handler/sapi_apache2.c:507 #6 0x7fff
Bug #61306 [Fbk->Asn]: Segfault at end of request
Edit report at https://bugs.php.net/bug.php?id=61306&edit=1 ID: 61306 User updated by: j dot amend at gmail dot com Reported by: j dot amend at gmail dot com Summary:Segfault at end of request -Status: Feedback +Status: Assigned Type: Bug Package:Apache2 related Operating System: Gentoo Linux PHP Version:5.4.0 Assigned To:cataphract Block user comment: N Private report: N New Comment: No actually. I'm using mod_deflate instead, and disabling it didn't help. I'd be happy to test your patch in any case. Previous Comments: [2012-03-07 00:09:52] cataphr...@php.net I'm assuming yes, in which case I think I know what the problem is. Please respond anyway, I'll post a patch tomorrow for you to test if my assumption is correct. [2012-03-06 23:43:31] cataphr...@php.net Are you using output_handler = ob_gzhandler ? -------- [2012-03-06 19:50:08] j dot amend at gmail dot com Description: Since PHP 5.4 RC5 (RC4 still works fine) and including the release, PHP is segfaulting on a few but not all requests, seemingly after the PHP script is executed but before it is sent to the browser. PHP 5.4.0--pl0-gentoo (cli) (built: Mar 6 2012 14:18:01) (DEBUG) Apache 2.2.21 (debug, mpm worker) zlib 1.2.5 Linux lws3 2.6.39-gentoo-r3 #1 SMP Tue Oct 4 18:09:16 EDT 2011 x86_64 Intel(R) Xeon(R) CPU E5645 @ 2.40GHz GenuineIntel GNU/Linux zlib.output_compression = Off php-config Usage: /usr/bin/php-config [OPTION] Options: --prefix[/usr/lib64/php5.4] --includes [-I/usr/lib64/php5.4/include/php -I/usr/lib64/php5.4/include/php/main -I/usr/lib64/php5.4/include/php/TSRM -I/usr/lib64/php5.4/include/php/Zend -I/usr/lib64/php5.4/include/php/ext -I/usr/lib64/php5.4/include/php/ext/date/lib] --ldflags [] --libs [-lcrypt -lc-client -lz -ltidy -lresolv -lcrypt -lreadline -lncurses -lmcrypt -lltdl -lonig -lcrypt -lpam -lt1 -lfreetype -lpng -lz -ljpeg -lgdbm -lcurl -lbz2 -lz -lpcre -lrt -lm -ldl -lnsl -lxml2 -lz -lm -lssl -lcrypto -lcurl -lrt -lz -lgnutls -lxml2 -lz -lm -lssl -lcrypto -lssl -lcrypto -lxml2 -lz -lm -lnetsnmp -lcrypt -lxml2 -lz -lm -lxml2 -lz -lm -lxml2 -lz -lm -lxml2 -lz -lm -lcrypt ] --extension-dir [/usr/lib64/php5.4/lib/extensions/debug-zts-20100525] --include-dir [/usr/lib64/php5.4/include/php] --man-dir [/usr/lib64/php5.4/man] --php-binary[/usr/lib64/php5.4/bin/php] --php-sapis [cli apache2handler] --configure-options [--prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --prefix=/usr/lib64/php5.4 --mandir=/usr/lib64/php5.4/man --infodir=/usr/lib64/php5.4/info --libdir=/usr/lib64/php5.4/lib --with-libdir=lib64 --without-pear --enable-maintainer-zts --disable-bcmath --with-bz2 --disable-calendar --enable-ctype --with-curl --without-curlwrappers --enable-dom --without-enchant --disable-exif --enable-fileinfo --enable-filter --enable-ftp --with-gettext --without-gmp --enable-hash --without-mhash --with-iconv --disable-intl --enable-ipv6 --enable-json --without-kerberos --enable-libxml --enable-mbstring --with-mcrypt --without-mssql --with-onig=/usr --with-openssl --with-openssl-dir=/usr --disable-pcntl --enable-phar --disable-pdo --without-pgsql --enable-posix --without-pspell --without-recode --enable-simplexml --disable-shmop --with-snmp --disable-soap --disable-sockets --without-sqlite3 --without-sybase-ct --disable-sysvmsg --disable-sysvsem --disable-sysvshm --with-tidy --enable-tokenizer --disable-wddx --enable-xml --enable-xmlreader --enable-xmlwriter --with-xmlrpc --without-xsl --enable-zip --with-zlib --enable-debug --enable-dba --without-cdb --without-db4 --disable-flatfile --with-gdbm --disable-inifile --without-qdbm --with-freetype-dir=/usr --with-t1lib=/usr --disable-gd-jis-conv --with-jpeg-dir=/usr --with-png-dir=/usr --without-xpm-dir --with-gd --with-imap --with-imap-ssl --with-mysql=mysqlnd --with-mysql-sock=/var/run/mysqld/mysqld.sock --with-mysqli=mysqlnd --with-readline --without-libedit --without-mm --with-pcre-regex=/usr --with-pcre-dir=/usr --with-config-file-path=/etc/php/cli-php5.4 --with-config-file-scan-dir=/etc/php/cli-php5.4/ext-active --disable-embed --enable-cli --disable-cgi --disable-fpm --without-apxs2] --version [5.4.0--pl0-gentoo] --vernum[50400] Test script: --- apache2 -f /etc/apache2/httpd.conf -k start -X test.php: http://localhost/test.php Expected result: Get consistent phpinfo() out
Bug #61306 [Fbk->Asn]: Segfault at end of request
Edit report at https://bugs.php.net/bug.php?id=61306&edit=1 ID: 61306 User updated by: j dot amend at gmail dot com Reported by: j dot amend at gmail dot com Summary:Segfault at end of request -Status: Feedback +Status: Assigned Type: Bug Package:Apache2 related Operating System: Gentoo Linux PHP Version:5.4.0 Assigned To:cataphract Block user comment: N Private report: N New Comment: Thank you, that seems to have fixed the problem. Previous Comments: [2012-03-07 08:53:07] cataphr...@php.net I've committed a tentative fix; please try with SVN (svn export https://svn.php.net/repository/php/php-src/branches/PHP_5_4). [2012-03-07 08:51:22] cataphr...@php.net Automatic comment from SVN on behalf of cataphract Revision: http://svn.php.net/viewvc/?view=revision&revision=323988 Log: - Tentative fix for bug #61306. #cjones: Will update NEWS when confirmed it fixes the problem. [2012-03-07 01:36:30] j dot amend at gmail dot com No actually. I'm using mod_deflate instead, and disabling it didn't help. I'd be happy to test your patch in any case. [2012-03-07 00:09:52] cataphr...@php.net I'm assuming yes, in which case I think I know what the problem is. Please respond anyway, I'll post a patch tomorrow for you to test if my assumption is correct. [2012-03-06 23:43:31] cataphr...@php.net Are you using output_handler = ob_gzhandler ? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=61306 -- Edit this bug report at https://bugs.php.net/bug.php?id=61306&edit=1
[PHP-BUG] Bug #65161 [NEW]: Generator + autoload + syntax error = segfault
From: j dot amend at gmail dot com Operating system: Gentoo Linux PHP version: 5.5.0 Package: Reproducible crash Bug Type: Bug Bug description:Generator + autoload + syntax error = segfault Description: I noticed an issue in my development environment with PHP 5.5 that whenever there was a syntax error in my code, I would get a segmentation fault. It seems to happen when I am auto-loading a class file that has the syntax error, within a generator. Somehow removing the parameter to the class instantiation that triggers the auto-load avoids the segmentation fault. I've included a minimal amount of code that can reproduce the issue. Test script: --- SyntaxError.php: https://bugs.php.net/bug.php?id=65161&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=65161&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=65161&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=65161&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=65161&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=65161&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=65161&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=65161&r=needscript Try newer version: https://bugs.php.net/fix.php?id=65161&r=oldversion Not developer issue:https://bugs.php.net/fix.php?id=65161&r=support Expected behavior: https://bugs.php.net/fix.php?id=65161&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=65161&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=65161&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=65161&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=65161&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=65161&r=dst IIS Stability: https://bugs.php.net/fix.php?id=65161&r=isapi Install GNU Sed:https://bugs.php.net/fix.php?id=65161&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=65161&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=65161&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=65161&r=mysqlcfg
Bug #62234 [Com]: PHP crashes if a trait + alias is used.
Edit report at https://bugs.php.net/bug.php?id=62234&edit=1
ID: 62234
Comment by: j dot amend at gmail dot com
Reported by:manchokapitancho at gmail dot com
Summary:PHP crashes if a trait + alias is used.
Status: Open
Type: Bug
Package:Reproducible crash
Operating System: win 7
PHP Version:5.4.5-dev
Block user comment: N
Private report: N
New Comment:
The Windows snapshots page seems to be broken since the git migration
(https://bugs.php.net/bug.php?id=61712). I found the latest snapshot here
though:
http://windows.php.net/downloads/snaps/php-5.4/r51a5e98/php-5.4-nts-windows-vc9-x86-r51a5e98.zip
Previous Comments:
[2012-06-06 12:02:44] manchokapitancho at gmail dot com
Tried this one: For Windows: http://windows.php.net/snapshots/
But when I click on the link (VC9 x86 Thread Safe Zip [15.27MB]) I get the
following error:
The page cannot be found.
I hope that someone will fix the windows build links. Then I can try again.
[2012-06-06 08:09:30] larue...@php.net
Please try using this snapshot:
http://snaps.php.net/php-trunk-latest.tar.gz
For Windows:
http://windows.php.net/snapshots/
[2012-06-06 06:32:09] manchokapitancho at gmail dot com
Reopening...
[2012-06-06 06:31:48] manchokapitancho at gmail dot com
Sorry, my fault. The bug is still there. If I don't have aliases, everything is
fine. But once I uncomment one, the error is back.
Tried 5.5.0-dev and 5.4.5-dev.
class XXX {
use \logi\tile\html\feature { getTemplateNames as getTemplateNamesBase; }
protected function getTemplateNames() {
$tpls = (array)$this->getTemplateNamesBase();
array_push ($tpls, "/listing\\template");
array_push ($tpls, "admin\\listing\\template");
return $tpls;
}
}
It is worth mentioning that the trait is autoloaded.
[2012-06-06 06:06:54] manchokapitancho at gmail dot com
My bug seems to be a duplicate of this one.
https://bugs.php.net/bug.php?id=61998
I had 3 occurrences of use X as Y. After removing them, there were no more
crashes.
I tried the latest snapshot and I have no more problems with the original code.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=62234
--
Edit this bug report at https://bugs.php.net/bug.php?id=62234&edit=1
#50356 [Com]: mysql_connect timeout / server reset when executing as module
ID: 50356 Comment by: j dot amend at gmail dot com Reported By: monochromec at gmail dot com Status: No Feedback Bug Type: MySQL related Operating System: Windows 7 PHP Version: 5.2.11 New Comment: Config: Windows 7 x64 Apache 2.2.14 x86 using php5_module PHP 5.3.1 thread safe x86 VC6 MySQL 5.1 x86 Doesn't work: mysql_errno(): 2002 mysql_error(): A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. This works: I'm thinking this has something to do with IPv6 (localhost is resolving to ::1 when I ping it). Clients like mysql's CLI (mysql -h localhost) connect without issues. Previous Comments: [2009-12-09 01:00:01] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". [2009-12-06 12:49:24] jonathan at techcube dot net Same problem with 64bit windows 7. Sample code: http://sg.php.net/manual/en/mysql.examples-basic.php This would show the problem. As long as mysql_connect() is present, the problem would occur. [2009-12-01 21:10:07] paj...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2009-12-01 21:02:12] monochromec at gmail dot com Description: When executing mysql_connect with 5.2.11 running as a module under Apache 2.2.14 on a Windows 7 platform, mysql_connect times out and the browser reports "connection reset" or similar depending on the used browser. This behaviour was first observed with phpMyAdmin 3.2.3 (file library/dbi/mysql.dbi.lib.php, line 38). When changing the invocation type from module to (f)cgi, the problem disappears. This behaviour is reproducible with 5.3.1 (vc6-x86). MySQL is version 5.1, client side 5.0.51a (as reported by phpinfo). Reproduce code: --- Cf. mysql.dbi.lib.php -- Edit this bug report at http://bugs.php.net/?id=50356&edit=1
[PHP-BUG] Bug #55704 [NEW]: php_flag engine off crashes apache
From: Operating system: Gentoo linux PHP version: 5.4SVN-2011-09-15 (snap) Package: Apache2 related Bug Type: Bug Bug description:php_flag engine off crashes apache Description: Since PHP 5.4 alpha 2 (alpha 1 still worked), apache crashes with a segmentation fault if "php_flag engine off" is anywhere in my apache configuration files. Test script: --- httpd.conf: ... php_flag engine off ... Expected result: PHP is disabled in whatever context "php_flag engine off" is used. Actual result: -- Apache crashes with a segmentation fault, even for a configtest (apache2 -t). Program received signal SIGSEGV, Segmentation fault. 0x704ddff9 in _zend_hash_add_or_update () from /usr/lib64/apache2/modules/libphp5.so -- Edit bug report at https://bugs.php.net/bug.php?id=55704&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=55704&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=55704&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=55704&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=55704&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=55704&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=55704&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=55704&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=55704&r=needscript Try newer version: https://bugs.php.net/fix.php?id=55704&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=55704&r=support Expected behavior: https://bugs.php.net/fix.php?id=55704&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=55704&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=55704&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=55704&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=55704&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=55704&r=dst IIS Stability: https://bugs.php.net/fix.php?id=55704&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=55704&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=55704&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=55704&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=55704&r=mysqlcfg
Bug #55704 [Fbk->Opn]: php_flag engine off crashes apache
Edit report at https://bugs.php.net/bug.php?id=55704&edit=1 ID: 55704 User updated by: j dot amend at gmail dot com Reported by: j dot amend at gmail dot com Summary:php_flag engine off crashes apache -Status: Feedback +Status: Open Type: Bug Package:Apache2 related Operating System: Gentoo linux -PHP Version:5.4SVN-2011-09-15 (snap) +PHP Version:5.4SVN-2011-09-19 (snap) Block user comment: N Private report: N New Comment: I just tried it with php5.4-201109192030 on my Mac (Apache/2.2.17, Mac OS X 10.6.7) with the same result. #0 0x0001012e9e72 in _zend_hash_add_or_update (ht=0x10087d118, arKey=0x18 , nKeyLength=7, pData=0x7fff5fbff350, nDataSize=24, pDest=0x0, flag=1) at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:268 #1 0x00010139a944 in real_value_hnd (cmd=0x7fff5fbff820, dummy=0x10087d118, name=0x100890f58 "engine", value=, status=2) at /Users/Grayling/php5.4-201109192030/sapi/apache2handler/apache_config.c:73 #2 0x00010139a9dd in real_flag_hnd (cmd=0x7fff5fbff820, dummy=0x10087d118, arg1=0x100890f58 "engine", arg2=0x100890f60 "off", status=2) at /Users/Grayling/php5.4-201109192030/sapi/apache2handler/apache_config.c:98 #3 0x00013595 in invoke_cmd () #4 0x000147d8 in ap_walk_config_sub () #5 0x0001488b in ap_walk_config () #6 0x00015ddd in ap_process_config_tree () #7 0x0001a26a in main () Previous Comments: [2011-09-16 08:30:13] larue...@php.net Please try using this snapshot: http://snaps.php.net/php5.4-latest.tar.gz For Windows: http://windows.php.net/snapshots/ I can not reproduce this in my environ, plz test with the svn-snap plz, thanks -------- [2011-09-15 20:48:23] j dot amend at gmail dot com Description: Since PHP 5.4 alpha 2 (alpha 1 still worked), apache crashes with a segmentation fault if "php_flag engine off" is anywhere in my apache configuration files. Test script: --- httpd.conf: ... php_flag engine off ... Expected result: PHP is disabled in whatever context "php_flag engine off" is used. Actual result: -- Apache crashes with a segmentation fault, even for a configtest (apache2 -t). Program received signal SIGSEGV, Segmentation fault. 0x704ddff9 in _zend_hash_add_or_update () from /usr/lib64/apache2/modules/libphp5.so -- Edit this bug report at https://bugs.php.net/bug.php?id=55704&edit=1
Bug #55704 [Fbk->Opn]: php_flag engine off crashes apache
Edit report at https://bugs.php.net/bug.php?id=55704&edit=1
ID: 55704
User updated by: j dot amend at gmail dot com
Reported by: j dot amend at gmail dot com
Summary:php_flag engine off crashes apache
-Status: Feedback
+Status: Open
Type: Bug
Package:Apache2 related
Operating System: Gentoo linux
PHP Version:5.4SVN-2011-09-19 (snap)
Block user comment: N
Private report: N
New Comment:
I tried what I could, but I don't know C or how to use gdb properly. It looks
like var name makes it to _zend_hash_add_or_update intact as arKey, but then
the address of arKey mysteriously changes inside that function.
Breakpoint 1, _zend_hash_add_or_update (ht=0x10087d120, arKey=0x10088e298
"engine", nKeyLength=7, pData=0x7fff5fbff330, nDataSize=24, pDest=0x0, flag=1)
at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:201
201 TSRMLS_FETCH();
(gdb) info args
ht = (HashTable *) 0x10087d120
arKey = 0x10088e298 "engine"
nKeyLength = 7
pData = (void *) 0x7fff5fbff330
nDataSize = 24
pDest = (void **) 0x0
flag = 1
(gdb) print arKey
$6 = 0x10088e298 "engine"
(gdb) print &arKey
Address requested for identifier "arKey" which is in register $r13
(gdb) info address arKey
Symbol "arKey" is
0x1012e9a70 - 0x1012e9a98: in register rsi
0x1012e9a98 - 0x1012e9ace: in register r13
0x1012e9ace - 0x1012e9b94: in register rcx
0x1012e9b94 - 0x1012e9bc1: in register r13
0x1012e9bc1 - 0x1012e9c7c: in register rcx
0x1012e9c7c - 0x1012e9cd2: in register r13
0x1012e9d7f - 0x1012e9d8a: in register r13
0x1012e9d90 - 0x1012e9d9e: in register r13
0x1012e9da4 - 0x1012e9dff: in register r13
0x1012e9e2b - 0x1012e9f0f: in register r13
0x1012e9f15 - 0x1012e9f45: in register r13
0x1012e9fb5 - 0x1012e9fc6: in register r13
0x1012e9fd9 - 0x1012e9ff1: in register r13
0x1012ea00a - 0x1012ea02b: in register r13
0x1012ea062 - 0x1012ea0b0: in register r13.
(gdb) next
(gdb) print arKey
$6 = 0x10088e298 "engine"
(gdb) p/x $rcx
$17 = 0x10088e298
[...]
(gdb) next
278 case 6: hash = ((hash << 5) + hash) + *arKey++; /*
fallthrough... */
(gdb) p/x $rcx
$18 = 0x10088e299
[...]
(gdb) next
283 case 1: hash = ((hash << 5) + hash) + *arKey++; break;
(gdb) p/x $rcx
$21 = 0x10088e29e
(gdb) print (char*)0x10088e29e
$22 = 0x10088e29e ""
(gdb) next
218 p = ht->arBuckets[nIndex];
(gdb) print arKey
$24 = 0x10088e29e ""
(gdb) p/x *arKey
$27 = 0x0
[...]
(gdb) next
Breakpoint 8, _zend_hash_add_or_update (ht=0x10087d120, arKey=0x10088e298
"engine", nKeyLength=7, pData=0x7fff5fbff330, nDataSize=24, pDest=0x0, flag=1)
at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:253
253 p = (Bucket *) pemalloc(sizeof(Bucket) + nKeyLength,
ht->persistent);
(gdb) p/x *arKey
$32 = 0x65
(gdb) p/x $rcx
$33 = 0x10088e29e
(gdb) next
258 memcpy((char*)p->arKey, arKey, nKeyLength);
(gdb) p/x arKey
$41 = 0x10088e298
(gdb) print arKey
$42 = 0x10088e298 "engine"
[...]
(gdb) next
262 p->h = h;
(gdb) print arKey
$48 = 0x18
(gdb) p/x arKey
$49 = 0x18
(gdb) print *p
$51 = {
h = 0,
nKeyLength = 7,
pData = 0x100222bf0,
pDataPtr = 0x0,
pListNext = 0x2,
pListLast = 0x60001,
pNext = 0x52100010,
pLast = 0x0,
arKey = 0x100222be8 "engine"
}
[...]
(gdb) next
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x5448523c
0x0001012e9e72 in _zend_hash_add_or_update (ht=0x10087d120, arKey=0x18
, nKeyLength=7, pData=0x7fff5fbff330, nDataSize=24,
pDest=0x0, flag=1) at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:268
268 HANDLE_BLOCK_INTERRUPTIONS();
Previous Comments:
[2011-09-20 14:32:07] larue...@php.net
this is so weird, since in the frame #0, the arkey is an invalid pointer, but
it
shoud be exactlly same as the name in #1, since I can not reproduce this in my
environ, could you do me a favor and try to find out the reason for how could
this var be damaged?
you can try to use gdb httpd, make a break point "b real_value_hnd", then exam
it
step by step, thanks
[2011-09-20 13:43:29] j dot amend at gmail dot com
I just tried it with php5.4-201109192030 on my Mac (Apache/2.2.17, Mac OS X
10.6.7) with the same result.
#0 0x0001012e9e72 in _zend_hash_add_or_update (ht=0x10087d118, arKey=0x18
, nKeyLength=7, pData=0x7fff5fbff350, nDataSize=24,
pDest=0x0, flag=1) at /Users/Grayling/php5.4-201109192030/Zend/zend_hash.c:268
#1 0x00010139a944 in real_value_hnd (cmd=0x7ff
