PHP :: Bug #40658 :: Segmentation fault

Bug #40658

Segmentation fault

Submitted:

2007-02-27 11:23 UTC

Modified:

2007-02-28 12:03 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

errol at issi dot co dot za

Assigned:

Status:

Not a bug

Package:

CGI/CLI related

PHP Version:

5.2.1

OS:

Linux 2.6.20 on ARM

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	errol at issi dot co dot za
New email:
PHP Version:		OS:

New Comment:

[2007-02-27 11:23 UTC] errol at issi dot co dot za

Description:
------------
I was running 5.0.4 (cgi) on an ARM processor (embedded) with linux 2.4.27 and it worked successfully. I have now upgraded to linux 2.6.20 and PHP 5.2.1 (cgi) and I now get a segmentation fault on some of my scripts that previously worked. I have no gdb on the embedded system and have not been able to reproduce the problem on my SuSE linux systems.

Reproduce code:
---------------
Part of code ...

      <table>
<?php
         exec("/usr/sbin/ntpq -c peers",$result);
         while (list($key,$value) = each($result)){
            $table = split("  *",trim($value));
            if ($key == 0){
               echo "<tr>";
               echo "<th>Reference</th>";
               echo "<th>$table[0]</th>";
               echo "<th>$table[1]</th>";
               echo "<th>$table[2]</th>";
               echo "<th>$table[3]</th>";
               echo "<th>$table[4]</th>";
               echo "<th>$table[5]</th>";
               echo "<th>$table[6]</th>";
               echo "<th>$table[7]</th>";
               echo "<th>$table[8]</th>";
               echo "<th>$table[9]</th>";
               echo "</tr>";


Expected result:
----------------
-bash-3.2# ./php -v
PHP 5.2.1 (cgi) (built: Feb 23 2007 17:03:34)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies

Expected result is a table of values.

Actual result:
--------------
Result:
-bash-3.2# ./php ../htdocs/ntp.php
X-Powered-By: PHP/5.2.1
Content-type: text/html

<!--
#***********************************************************************
# Integrated Seismic System
# =========================
#
# $Id: ntp.php,v 1.9 2006/07/11 09:11:41 issd Exp $
#
#***********************************************************************
#
# All rights reserved. Copyright by ISS International Ltd., 1988-2003.
#
# No reproduction of this computer program in whole or in part, in
# any form, by any electronic, mechanical or other means is permitted
# without the written permission of ISS International Limited.
#
# END OF RCS HEADER
-->
<html>
  <head>
    <title>Seismic Controller</title>
    <link
      href="controller.css"
      rel="stylesheet"/>
      <script src="javascript/issupdate.js"></script>
         <!-- <meta
      content="30"
      http-equiv="Refresh"/>-->
  </head>
  <body onload=setTimeout("updateISS('ntp.php',30000)",3000)>
    <center>
      <h1>Seismic Controller</h1>
      <h1> ()</h1>
      <h2>Tue Feb 27 11:20:54 UTC 2007
</h2>
      <img
        src="monitors/images/ISSsmall_logo.png"/>
      <br/>
      <table>
Segmentation fault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2007-02-27 12:31 UTC] tony2001@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

[2007-02-27 12:45 UTC] errol at issi dot co dot za

I cannot generate a backtrace as I do not have gdb on the embedded ARM system. I have also been unable to reproduce the problem on a system where I have gdb.

I have been able to islolate the problem to this line of code.

while (list($key,$value) = each($result)){

I have checked and $result is a valid array of values.

[2007-02-27 13:20 UTC] tony2001@php.net

Well, I don't have an ARM system either. 
So I really doubt we can fix something we can't reproduce and there is no backtrace.

[2007-02-27 13:27 UTC] errol at issi dot co dot za

I am busy trying a cross-compile of gdb and will see if I can get it to run and produce the backtrace for you.

[2007-02-27 13:29 UTC] tony2001@php.net

Ok, thanks.

[2007-02-27 14:48 UTC] errol at issi dot co dot za

I managed to get gdb to cross-compile and run on the ARM. Here is the backtrace

#0  ZEND_ASSIGN_SPEC_CV_VAR_HANDLER (execute_data=0xbef2f730)
    at /home/issarm/Projects/arm-2007-02-18/src/php-5.2.1/Zend/zend_execute.c:183
#1  0x0020e6fc in execute (op_array=0x40334308)
    at /home/issarm/Projects/arm-2007-02-18/src/php-5.2.1/Zend/zend_vm_execute.h:92
#2  0x001f18b8 in zend_execute_scripts (type=8, retval=<value optimized out>,
    file_count=1701011824)
    at /home/issarm/Projects/arm-2007-02-18/src/php-5.2.1/Zend/zend.c:1135
#3  0x001b50e0 in php_execute_script (primary_file=Cannot access memory at address 0xfffffe03
)
    at /home/issarm/Projects/arm-2007-02-18/src/php-5.2.1/main/main.c:1784
#4  0x0026d480 in main (argc=0, argv=0x643030)
    at /home/issarm/Projects/arm-2007-02-18/src/php-5.2.1/sapi/cgi/cgi_main.c:1738

[2007-02-27 14:54 UTC] tony2001@php.net

The backtrace isn't really useful, the most important information is missing - on which line the crash happens.
Make sure PHP is compiled with --enable-debug.

[2007-02-27 15:57 UTC] errol at issi dot co dot za

I have run after compiling with --enable-debug and e-mailed you the results.

I hope this helps.

[2007-02-27 15:59 UTC] tony2001@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip

[2007-02-27 16:23 UTC] errol at issi dot co dot za

Here is the backtrace from the latest build I downloaded from snaps.

(gdb) bt
#0  ZEND_ASSIGN_SPEC_CV_VAR_HANDLER (execute_data=0xbeec5730)
    at /home/issarm/Projects/arm-2007-02-18/src/php5.2-200702271530/Zend/zend_execute.c:69
#1  0x002126c8 in execute (op_array=0x40334310)
    at /home/issarm/Projects/arm-2007-02-18/src/php5.2-200702271530/Zend/zend_vm_execute.h:92
#2  0x001f5878 in zend_execute_scripts (type=8, retval=<value optimized out>,
    file_count=0)
    at /home/issarm/Projects/arm-2007-02-18/src/php5.2-200702271530/Zend/zend.c:1134
#3  0x001b8ba0 in php_execute_script (primary_file=Cannot access memory at address 0xfffffe03
)
    at /home/issarm/Projects/arm-2007-02-18/src/php5.2-200702271530/main/main.c:1787
#4  0x002713f8 in main (argc=0, argv=0x643030)
    at /home/issarm/Projects/arm-2007-02-18/src/php5.2-200702271530/sapi/cgi/cgi_main.c:1746

[2007-02-27 18:35 UTC] tony2001@php.net

>Here is the backtrace
Again, we would like to know where exactly it happens, not just the function name.
Try to compile it with CFAGS="-O0 -g" and regenerate the backtrace.
Btw, is there valgrind for Linux on ARM? It would help very much.

[2007-02-27 18:50 UTC] errol at issi dot co dot za

It does not look like valgrind runs on ARM.

See http://valgrind.org/info/platforms.html

[2007-02-27 19:01 UTC] tony2001@php.net

That's bad.
The other request still applies, though.

[2007-02-27 19:12 UTC] errol at issi dot co dot za

Will do. I am at home and the embedded setup is at work.

[2007-02-27 19:38 UTC] errol at issi dot co dot za

Just logged in to work and did the compile with -O0 -g (it was using -O2 -g.

Now the same php script runs without a seg fault!!

I will give it a full test tomorrow when I can access via browser.

[2007-02-27 19:44 UTC] tony2001@php.net

Heh. What version of GCC are you using?

[2007-02-27 19:55 UTC] errol at issi dot co dot za

I am using gcc 4.1.1 on linux 2.6.20 with eabi toolchain (arm-unknown-linux-gnueabi).

[2007-02-27 20:01 UTC] tony2001@php.net

Could you please upgrade to GCC 4.1.2 ?
Or (that would be perfect) downgrade to 3.4.x ?

[2007-02-28 11:51 UTC] errol at issi dot co dot za

I have downloaded and built gcc 4.1.2 as a cross compiler for the ARM and php 5.2.1 now runs without a segmentation fault even when compiled with -g -O2.

Thanks for the help.

[2007-02-28 12:03 UTC] tony2001@php.net

Great news, thanks.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jul 03 08:01:34 2025 UTC