PHP :: Bug #44711 :: parser crashes with ibase

Bug #44711	parser crashes with ibase_query
Submitted:	2008-04-13 19:32 UTC	Modified:	2008-04-14 18:07 UTC
From:	m dot muncke at computer1020 dot at	Assigned:
Status:	Not a bug	Package:	Reproducible crash
PHP Version:	5.2.5	OS:	freeBSD-7.0-RELEASE
Private report:	No	CVE-ID:	None

View Developer Edit

[2008-04-13 19:32 UTC] m dot muncke at computer1020 dot at

Description:
------------
while parsing a script that contains 
$x->query("select * from table");
I know that it is during parse because before query I can add
jdsgjg;
and there is no error message
I use a db_fbsql.php include file that contains the class DB;

I get Segmentation fault when I run httpd -X and execute the php but I do not find a core file
When I run 
gdb httpd 
run -X 
I get a segfault in gdb
The same script was running under php 5.2.3 but does not under php 5.2.5
 

Reproduce code:
---------------
http://www.trackseller.com/phpbug.txt



Expected result:
----------------
execute php -> echo finished;
page returns empty.

Actual result:
--------------
I get a segfault but i do not find the core.
Can you tell me where I find that under freeBSD ?

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-04-13 19:36 UTC] m dot muncke at computer1020 dot at

php is running in mod_php
apache22
php modules installed: 
php-interbase, php-ftp, php-imap, php-pcre

[2008-04-13 20:01 UTC] jani@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

[2008-04-13 21:05 UTC] m dot muncke at computer1020 dot at

Problem is, when I run httpd -X and execute phpbug.php I receive a Segfault with gdb.core ????!!!

[2008-04-13 21:11 UTC] m dot muncke at computer1020 dot at

gdb gdb /var/gdb.core
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...(no debugging symbols found)...
Core was generated by `gdb'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libm.so.5...(no debugging symbols found)...done.
Loaded symbols for /lib/libm.so.5
Reading symbols from /lib/libreadline.so.7...(no debugging symbols found)...done.
Loaded symbols for /lib/libreadline.so.7
Reading symbols from /lib/libncurses.so.7...(no debugging symbols found)...done.
Loaded symbols for /lib/libncurses.so.7
Reading symbols from /usr/lib/libgnuregex.so.4...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libgnuregex.so.4
Reading symbols from /lib/libc.so.7...(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.7
Reading symbols from /usr/lib/libthread_db.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libthread_db.so
Reading symbols from /libexec/ld-elf.so.1...(no debugging symbols found)...done.
Loaded symbols for /libexec/ld-elf.so.1
#0  0x2837594d in calloc () from /lib/libc.so.7

[2008-04-14 17:11 UTC] m dot muncke at computer1020 dot at

I am sorry, but I can not follow the procedures as stated in the document you indicated because gdb crashes in both scenarios.

[2008-04-14 17:48 UTC] jani@php.net

Fix your system. No PHP bug here.

[2008-04-14 17:54 UTC] m dot muncke at computer1020 dot at

I installed gdb 6.6 and received the following executing phpbug.php :


---Type <return> to continue, or q <return> to quit---
Program received signal SIGSEGV, Segmentation fault.
0x28b5adff in ThreadData::restoreSpecific ()
   from /usr/local/lib/libfbclient.so.2
(gdb)
(gdb)
(gdb) bt
#0  0x28b5adff in ThreadData::restoreSpecific ()
   from /usr/local/lib/libfbclient.so.2
#1  0x28b6fd1f in error () from /usr/local/lib/libfbclient.so.2
#2  0x28b7733a in REM_attach_database () from /usr/local/lib/libfbclient.so.2
#3  0x28b64b1b in isc_attach_database () from /usr/local/lib/libfbclient.so.2
#4  0x28b2f411 in _php_ibase_attach_db ()
   from /usr/local/lib/php/20060613-debug/interbase.so
#5  0x28b2f845 in _php_ibase_connect ()
   from /usr/local/lib/php/20060613-debug/interbase.so
#6  0x289107a0 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbfcc78)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:200
#7  0x28916299 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbfcc78)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:1681
#8  0x289102f2 in execute (op_array=0x28c48168)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:92
#9  0x2891091a in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbfd018)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:234
#10 0x2891143d in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbfd018)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:322
#11 0x289102f2 in execute (op_array=0x28c483cc)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:92
#12 0x2891091a in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbfd398)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:234
---Type <return> to continue, or q <return> to quit---
#13 0x2891143d in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbfd398)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:322
#14 0x289102f2 in execute (op_array=0x28c32258)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend_vm_execute.h:92
#15 0x288ea902 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/ports/lang/php5/work/php-5.2.5/Zend/zend.c:1215
#16 0x28896406 in php_execute_script (primary_file=0xbfbfe98c)
    at /usr/ports/lang/php5/work/php-5.2.5/main/main.c:2025
#17 0x289665b2 in php_handler (r=0x28cc3050)
    at /usr/ports/lang/php5/work/php-5.2.5/sapi/apache2handler/sapi_apache2.c:635
#18 0x08074559 in ap_run_handler ()
#19 0x08077827 in ap_invoke_handler ()
#20 0x08082650 in ap_process_request ()
#21 0x0807f8eb in ap_process_http_connection ()
#22 0x0807b759 in ap_run_process_connection ()
#23 0x08086c97 in child_main ()
#24 0x08086f63 in make_child ()
#25 0x08087b11 in ap_mpm_run ()
#26 0x08061fe5 in main ()

[2008-04-14 18:07 UTC] jani@php.net

It's still bogus, the crash obviously happens outside PHP, in some 3rd party library.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Apr 02 15:01:30 2025 UTC