|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #16905 mkdir crashes
Submitted: 2002-04-29 10:55 UTC Modified: 2002-05-06 13:35 UTC
Avg. Score:4.7 ± 0.5
Reproduced:6 of 6 (100.0%)
Same Version:5 (83.3%)
Same OS:5 (83.3%)
From: mav at alkar dot net Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: 4.2.0 OS: FreeBSD 4.5
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: mav at alkar dot net
New email:
PHP Version: OS:


 [2002-04-29 10:55 UTC] mav at alkar dot net
Simple test like this makes segmentation fault:



This error occurs in both Apache DSO module and console version.
PHP configures as:
./configure  --with-apxs=/usr/local/apache/bin/apxs --with-config-file-path=/usr/local/apache/conf --with-mysql=
/usr/local/mysql --with-gd=/usr/local --enable-trans-sid --enable-versioning --enable-inline-optimization --enabl
e-ftp --enable-dbase --enable-gd-native-ttf --with-ttf --with-freetype-dir=/usr/local

Here is back trace by gdb from core file:
# gdb php /www/www/clients/alkar/hotline/ 
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
Core was generated by `php'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/
Reading symbols from /usr/local/mysql/lib/mysql/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/local/lib/
Reading symbols from /usr/local/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/local/lib/
Reading symbols from /usr/local/lib/
Reading symbols from /usr/libexec/
#0  0x80fed24 in execute (op_array=0x0) at ./zend_execute.c:1602
1602                                                    EX(Ts)[EX(opline)->result.u.var].var.ptr->is_ref = 0;
(gdb) bt
#0  0x80fed24 in execute (op_array=0x0) at ./zend_execute.c:1602


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2002-04-29 16:16 UTC]
I can not reproduce this with PHP 4.3.0.
Please try latest CVS snapshot from

 [2002-05-02 04:54 UTC] jason at jase dot org
I've just tried a 4.3.0 snapshot using the same test file as posted above.

Operating system is FreeBSD 4.5.


php4-200205020000# ./php ~/test.php
X-Powered-By: PHP/4.3.0-dev
Content-type: text/html

<br />
<b>Warning</b>:  mkdir() failed (No such file or directory) in <b>/disk1/home/jase/bigmailbox/test.php</b> on line <b>3</b><br />
Segmentation fault (core dumped)
 [2002-05-02 06:04 UTC] jason at jase dot org
Just to further confuse the issue.  If I build the 4.3.0-DEV snaphost (php4-200205020000) with --enable-debug then it behaves normally.

 [2002-05-06 11:37 UTC]
Happens in 4.2.1RC1 as well.  When compiled with --enable-debug, works fine.  When compiled with --disable-debug, it doesn't work
 [2002-05-06 13:35 UTC]
This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at

fix was merged into 4.2 branch, so it should be included in 4.2.1. (we were passing a pointer to a mode_t, which is a short on freebsd, and it was being treated elsewhere as a pointer to a long. this is the fun sort of bug that usually only shows up on non-debug builds.)
 [2002-05-07 08:23 UTC] jason at jase dot org

I've submitted a pr to the FreeBSD php port maintainer, including a patch.  

The patch can be downloaded from:

 [2002-05-29 18:18 UTC] pav at oook dot cz
I have very similar thing happening. Script is reading directory with a lot of image files, printing them in colors. The script crash as both mod_php4 in apache and command-line. It crash every time at same position, however it crash in different positions when called thru apache and when run from command line. Relevant part of script:

$handle = opendir("/home/pav/images/fit"); 
while ($fajl = readdir($handle)) {
	if ($fajl == "." || $fajl == "..") continue;
	echo '<a href="wow.php3?showme='.$fajl.'" target="_blank" style="color: '; 
	if ($rates[$fajl]) echo calclinkcolor($ratingy[$fajl]); 
	else echo calclinkcolor(-1);
	echo '">'.$fajl."</a>\n";

#0  0x2836aaed in readdir_r () from /usr/lib/
(gdb) bt
#0  0x2836aaed in readdir_r () from /usr/lib/
#1  0x8091935 in php_if_readdir ()
#2  0x80ed79c in execute ()
#3  0x80d9171 in zend_execute_scripts ()
#4  0x8062406 in php_execute_script ()
#5  0x8060288 in main ()
#6  0x805f629 in _start ()

PHP 4.2.1, Apache 1.3.24, FreeBSD 4.5-STABLE
 [2002-05-29 18:20 UTC] pav at oook dot cz
Yeah sorry! Commented bad bug. Sorry. This apply to bug #15665. Sorry again.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Fri Oct 22 04:03:33 2021 UTC