php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #15766 Apache/2.0.32 (Unix) PHP/4.3.0-dev crashes during output
Submitted: 2002-02-27 18:20 UTC Modified: 2002-04-06 11:10 UTC
From: brad at info-link dot net Assigned:
Status: Closed Package: Apache2 related
PHP Version: 4.0CVS-2002-02-27 OS: Linux 2.4.2 - RedHat 7.1
Private report: No CVE-ID: None
 [2002-02-27 18:20 UTC] brad at info-link dot net
The first few requests are handled fine, then suddenly Apache children start segfaulting.  The following script reproduces this crash, backtrace is included after script:

--------------------------------------------

<HTML>
<HEAD>
<HTML>
<HEAD>
<TITLE> Test crash </TITLE>
</HEAD>

<BODY>
<?php

  $rows = 10;
  $cols = 10;

  echo "<TABLE>\n";

  for ($i = 0; $i < $rows; ++$i) {
    echo "<TR>";
    for ($j = 0; $j < $cols; ++$j) {
      echo "<TD>Hello World</TD>";
    }
    echo "</TR>\n";
  }

  echo "</TABLE>";

?>
</BODY>
</HTML>

------------ backtrace follows -----------------------

[root@auth bin]# gdb httpd
GNU gdb 5.0rh-5 Red Hat Linux 7.1
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux"...
(gdb) run -X
Starting program: /usr/local/apache2/bin/httpd -X
[New Thread 1024 (LWP 9570)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 9570)]
0x08082b38 in ap_pass_brigade (next=0x4001d3dc, bb=0x81a5000) at util_filter.c:445
445             return next->frec->filter_func.out_func(next, bb);
(gdb) bt
#0  0x08082b38 in ap_pass_brigade (next=0x4001d3dc, bb=0x81a5000) at util_filter.c:445
#1  0x40307e40 in php_apache_sapi_ub_write (str=0x81a01b7 "", str_length=0, tsrm_ls=0x8136dd0) at sapi_apache2.c:66
#2  0x403131ff in php_ub_body_write_no_header (str=0x81a01ac "</TD></TR>\n", str_length=11, tsrm_ls=0x8136dd0)
    at output.c:440
#3  0x403127b8 in php_body_write (str=0x81a01ac "</TD></TR>\n", str_length=11, tsrm_ls=0x8136dd0) at output.c:99
#4  0x4030a59a in php_body_write_wrapper (str=0x81a01ac "</TD></TR>\n", str_length=11) at main.c:762
#5  0x402fd24d in zend_print_zval_ex (write_func=0x4030a568 <php_body_write_wrapper>, expr=0x819ee7c, indent=0)
    at zend.c:187
#6  0x402fd1ed in zend_print_zval (expr=0x819ee7c, indent=0) at zend.c:168
#7  0x402fce9e in zend_print_variable (var=0x819ee7c) at zend_variables.c:169
#8  0x402ed960 in execute (op_array=0x817e228, tsrm_ls=0x8136dd0) at ./zend_execute.c:1231
#9  0x402efc28 in execute (op_array=0x8175ca4, tsrm_ls=0x8136dd0) at ./zend_execute.c:1638
#10 0x402fe6a2 in zend_execute_scripts (type=8, tsrm_ls=0x8136dd0, retval=0x0, file_count=3) at zend.c:810
#11 0x4030b976 in php_execute_script (primary_file=0xbffff840, tsrm_ls=0x8136dd0) at main.c:1333
#12 0x40308686 in php_output_filter (f=0x81a4a48, bb=0x81a4b90) at sapi_apache2.c:381
#13 0x08082b3b in ap_pass_brigade (next=0x81a4a48, bb=0x81a4b90) at util_filter.c:445
#14 0x08088898 in default_handler (r=0x81a3790) at core.c:2995
#15 0x080796d6 in ap_run_handler (r=0x81a3790) at config.c:185
#16 0x08079b41 in ap_invoke_handler (r=0x81a3790) at config.c:359
#17 0x0806a6e2 in ap_process_request (r=0x81a3790) at http_request.c:290
#18 0x08066ff1 in ap_process_http_connection (c=0x8167de0) at http_core.c:287
#19 0x0808143e in ap_run_process_connection (c=0x8167de0) at connection.c:85
#20 0x08078467 in child_main (child_num_arg=0) at prefork.c:717
#21 0x08078510 in make_child (s=0x81311c8, slot=0) at prefork.c:753
#22 0x080785fa in startup_children (number_to_start=2) at prefork.c:830
#23 0x0807888f in ap_mpm_run (_pconf=0x80aec98, plog=0x80e6d78, s=0x81311c8) at prefork.c:1021
#24 0x0807d2cd in main (argc=2, argv=0xbffffb3c) at main.c:501
#25 0x40185177 in __libc_start_main (main=0x807cc20 <main>, argc=2, ubp_av=0xbffffb3c, init=0x805e00c <_init>, 
    fini=0x8091dc0 <_fini>, rtld_fini=0x4000e184 <_dl_fini>, stack_end=0xbffffb2c)
    at ../sysdeps/generic/libc-start.c:129

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-02-27 18:25 UTC] brad at info-link dot net
Here is my apache configuration:

./configure --prefix=/usr/local/apache2 --enable-so

And my PHP configuration:

./configure     --with-xml \
                --enable-ftp \
                --with-imap=/usr/local/imap/imap-2001a \
                --with-apxs2=/usr/local/apache2/bin/apxs \
                --with-config-file-path=/usr/local/php/cvs/conf \
                --with-mysql=/usr/local/mysql
 [2002-03-27 04:18 UTC] smow at mz dot tramonline dot net
try http://bugs.php.net/bug.php?id=14999 .
Perhaps, all works fine.
 [2002-04-06 11:10 UTC] sniper@php.net
Reopen if you get same problems with latest CVS of Apache2 and PHP.

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC