Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.

Starting program: /usr/pkg/bin/php test.php
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x000000000050c86b in zif_metaphone ()
(gdb) bt
#0  0x000000000050c86b in zif_metaphone ()
#1  0x000000000050c761 in zif_metaphone ()
#2  0x000000000059f489 in execute ()
#3  0x000000000059ed20 in execute ()
#4  0x0000000000585a06 in zend_execute_scripts ()
#5  0x000000000054c169 in php_execute_script ()
#6  0x00000000005eac84 in main ()
#7  0x00000000004407a8 in ___start ()
(gdb)

./sapi/cli/php -r 'var_dump(metaphone("русский язык UTF8"));'
string(3) "UTF"

I can not try that since i am not able to submit real utf8 chars  through my shell.

test.php
<?php
echo "crash:".metaphone('?');
?>
php test.php

results in a segmentation fault test.php needs to be an UTF8 file.

file -i test.php
test.php: text/plain; charset=utf-8

Works perfectly fine: string(0) ""

So it is eigther a system specific issue (i was able to reproduce it on 2 maschines) or you did not used an utf8 file ;)

Can you please try the latest CVS, it has a 64bit fix that may 
fix the crash you are experiencing.

I checked out 5.2 from cvs but i am not able to build it on my maschine.
"Syntax error: Unterminated quoted string"

Any other way to check if the the 64bit fix works?

>"Syntax error: Unterminated quoted string"
Please elaborate.

Ok, i just copied the cvs metaphone.c to my 5.1.6 source tree and did a rebuild. Still segfault, same backtrace :

Program received signal SIGSEGV, Segmentation fault.
0x000000000050c86c in zif_metaphone ()
(gdb) bt
#0  0x000000000050c86c in zif_metaphone ()
#1  0x000000000050c762 in zif_metaphone ()
#2  0x000000000059f309 in execute ()
#3  0x000000000059eba0 in execute ()
#4  0x0000000000585886 in zend_execute_scripts ()
#5  0x000000000054bfe9 in php_execute_script ()
#6  0x00000000005eab04 in main ()
#7  0x00000000004407a8 in ___start ()

With --enable-debug we would get a lot more useful information.

recompiled using --enabled-debug -> same output

--enabled-debug != --enable-debug

Just a typo withhin my comment debug is enabled see beyond

PHP 5.1.6 (cli) (built: Sep 26 2006 18:33:22) (DEBUG)

And the backtrace is EXACTLY the same?
Just #0  0x000000000050c86c in zif_metaphone () ?

yes ...it is:
Starting program: /usr/pkg/bin/php /var/www/www.chaosbutze.de/htdocs/test.php
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x000000000051bb0f in zif_metaphone ()
(gdb) bt
#0  0x000000000051bb0f in zif_metaphone ()
#1  0x000000000051b9e2 in zif_metaphone ()
#2  0x00000000005bfa95 in execute ()
#3  0x00000000005bf21c in execute ()
#4  0x00000000005a2ef6 in zend_execute_scripts ()
#5  0x0000000000562c09 in php_execute_script ()
#6  0x00000000006133e9 in main ()
#7  0x0000000000440aa8 in ___start ()

i even tried -e but without any success...

Well, your PHP is built without --enable-debug, that's the fact.

..or your PHP binary is stripped.
Just get the sources, compile them with ./configure --enable-debug --disable-all and use the sapi/cli/php binary.

it is php -v returns (DEBUG) which indicates that it has been build with enable-debug:
PHP 5.1.6 (cli) (built: Sep 26 2006 18:33:22) (DEBUG)

Please do the following:
#1 fetch http://snaps.php.net/php5.2-200609261630.tar.bz2
#2 extract it
#3 cd into the directory
#4 ./configure --disable-all --enable-debug
#5 make
#6 sapi/cli/php your_test_file.php

sorry folks you have been right it seems as if the pkgsrc process somehow stripes debug informations :|. Anyway here is what i got using a native build process and the native sources (without the latest cvs patch provided by iliaa)
Program received signal SIGSEGV, Segmentation fault.
0x00000000004a00ff in metaphone (word=0x8127c0 "ö", word_len=2,
    max_phonemes=0, phoned_word=0x7f7fffffcc70, traditional=1)
    at /usr/local/src/php-5.1.6/ext/standard/metaphone.c:195
195             for (; !isalpha(Curr_Letter); w_idx++) {
(gdb) bt
#0  0x00000000004a00ff in metaphone (word=0x8127c0 "ö", word_len=2,
    max_phonemes=0, phoned_word=0x7f7fffffcc70, traditional=1)
    at /usr/local/src/php-5.1.6/ext/standard/metaphone.c:195
#1  0x000000000049ff40 in zif_metaphone (ht=1, return_value=0x812840,
    return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /usr/local/src/php-5.1.6/ext/standard/metaphone.c:46
#2  0x0000000000561366 in zend_do_fcall_common_helper_SPEC (
    execute_data=0x7f7fffffce20) at zend_vm_execute.h:200
#3  0x000000000056493d in ZEND_DO_FCALL_SPEC_CONST_HANDLER (
    execute_data=0x7f7fffffce20) at zend_vm_execute.h:1640
#4  0x0000000000560e6a in execute (op_array=0x783c40) at zend_vm_execute.h:92
#5  0x000000000053ddf6 in zend_execute_scripts (type=8, retval=0x0,
    file_count=3) at /usr/local/src/php-5.1.6/Zend/zend.c:1109
#6  0x00000000004eed77 in php_execute_script (primary_file=0x7f7fffffe7c0)
    at /usr/local/src/php-5.1.6/main/main.c:1737
#7  0x00000000005b1cd7 in main (argc=2, argv=0x7f7fffffe8c0)
    at /usr/local/src/php-5.1.6/sapi/cgi/cgi_main.c:1612

segfault on 5.1.6 and php5.2-200609261630 same backtrace

Looks like your libc is broken. 
Please type this in gdb after "bt":
f 0
p word[w_idx]
p toupper(word[w_idx])
p isalpha(toupper(word[w_idx]))

and paste the output here

(gdb) p word[w_idx]
No symbol table is loaded.  Use the "file" command.

seems as if i have to load a symbol table or something, any hints?

# gdb sapi/cli/php
(gdb) r /path/to/test/script.php
<here will be segfault>
(gdb) f 0
(gdb) p word[w_idx]
(gdb) p toupper(word[w_idx])
(gdb) p isalpha(toupper(word[w_idx]))

ah got it i had to run php -e 
(gdb) p word[w_idx]
$1 = -61 '?'
(gdb) p toupper(word[w_idx])
$2 = 28518
(gdb) p isalpha(toupper(word[w_idx]))

Program received signal SIGSEGV, Segmentation fault.
0x0000000200e4eced in isalpha () from /usr/lib/libc.so.12

I've reported it to NetBSD people, lets see what they say about it.

(gdb) p word[w_idx]
$1 = -61 '?'

in my native mind this should not result in a negative number. This seems to be related to wider datatypes on 64 bit maschines possible a compiler flag issue ...

Please apply this to the snapshot:
http://tony2001.phpclub.net/dev/tmp/bug38961.diff
Does this patch fix it for you? 

seems to work at least on my 64bit maschine tested against 5.1.6 and latest snapshot. Maybe someone can verify for 32bit maschines.

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.