php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34568 PHP and mod_dav conflicts
Submitted: 2005-09-20 21:35 UTC Modified: 2005-09-22 15:50 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: roso at despammed dot com Assigned:
Status: Closed Package: Apache2 related
PHP Version: 5.1.0RC1 OS: Fedora 2
Private report: No CVE-ID: None
 [2005-09-20 21:35 UTC] roso at despammed dot com
Description:
------------
I just upgraded  PHP to PHP 5.1.0RC1  and  I get  this nice error whenever I try to put a file into a Webdav folder.
Windows tells me: "An error occured copying some or all of the selected files."
At the same time Apache log shows this: ... child pid 18996 exit signal Segmentation fault (11)

I can create new Webdav folders, move files from a folder to another but cannot put new files.

If I disable the php module in Apache config file everything is back to normal.

What could be a fix for this? I know that there are some conflicts between mod_dav and the php module. 

Reproduce code:
---------------
Put a file on Web server with mod_dav using Windows Explorer

Expected result:
----------------
upload file

Actual result:
--------------
error message from Windows
Segmentation Fault in Apache error log

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-20 21:54 UTC] tony2001@php.net
Does PHP work for you with/without mod_dav enabled?
 [2005-09-20 22:33 UTC] roso at despammed dot com
Yes, php works with or withouth mod_dav.
To make a backtrace I will need PHP configured with --enable-debug.
The problem described above is absolutely similar on two servers on which I recently upgraded PHP from php-5.1.0b3 to 5.1.0RC1.
 [2005-09-22 02:55 UTC] roso at despammed dot com
Thread 1 (process 22993):
#0  0xb7bb3510 in _zend_hash_index_update_or_next_insert (ht=0xb7e67af8, h=0,
    pData=0xbfffda30, nDataSize=12, pDest=0x0, flag=1)
    at /tmp/php-5.1.0RC1/Zend/zend_hash.c:354
        nIndex = 0
        p = (Bucket *) 0x0
#1  0xb7bb4d2d in zend_list_insert (ptr=0x0, type=0)
    at /tmp/php-5.1.0RC1/Zend/zend_list.c:47
        index = 0
        le = {ptr = 0x846ef8c, type = 2, refcount = 1}
#2  0xb7bb4e09 in zend_register_resource (rsrc_result=0x0, 
rsrc_pointer=0x846ef8c,
    rsrc_type=2) at /tmp/php-5.1.0RC1/Zend/zend_list.c:99
        rsrc_id = 0
#3  0xb7b8a698 in _php_stream_alloc (ops=0x0, abstract=0x0, persistent_id=0x0,
    mode=0xb7cece68 "rb") at /tmp/php-5.1.0RC1/main/streams/streams.c:263
        le = {ptr = 0x11, type = 0, refcount = -1073751384}
        ret = (php_stream *) 0x846ef8c
#4  0xb7b8e3e7 in _php_stream_fopen_from_fd (fd=0, mode=0xb7cece68 "rb", 
persistent_id=0x0)
    at /tmp/php-5.1.0RC1/main/streams/plain_wrapper.c:204
        self = (php_stdio_stream_data *) 0x845ee14
        stream = (php_stream *) 0x0
#5  0xb7b8ede4 in _php_stream_fopen 
(filename=0x846c090 "/www/_error/404/index.php",
    mode=0xb7cece68 "rb", opened_path=0xbfffeeb8, options=133)
    at /tmp/php-5.1.0RC1/main/streams/plain_wrapper.c:881
        realpath = 0x83587e4 "/www/_error/404/index.php"
        open_flags = 0
        fd = 17
        ret = (php_stream *) 0x846c090
        persistent = 17
        persistent_id = 0x0
#6  0xb7b8f525 in _php_stream_fopen_with_path (

    filename=0x846c090 "/www/_error/404/index.php", mode=0xb7cece68 "rb",
    path=0x8385f60 ".:/www/_php/pear", opened_path=0xbfffeeb8, options=133)
    at /tmp/php-5.1.0RC1/main/streams/plain_wrapper.c:1275
        pathbuf = 0x10 <Address 0x10 out of bounds>
        ptr = 0x85 <Address 0x85 out of bounds>
        end = 0x846c090 "/www/_error/404/index.php"
        exec_fname = 0x2 <Address 0x2 out of bounds>
        trypath = "eregi\000??\002\000\000\000\020\000\000\000ereg_replace\000
\000\000\000ereg\000???\002\000\000\000\020\000\000\000is_callable\000\020\000
\000\000is_scalar\000\000\000\020\000\000\000is_object\000\000\000\020\000\000
\000is_array\000\000\000\000\020\000\000\000is_string\000\000\000\020\000\000
\000is_numeric\000\000\020\000\000\000is_real\000\002\000\000\000\020\000\000
\000is_double\000\000\000\020\000\000\000is_integer\000\000\020\000\000
\000is_int\000?"...
        sb = {st_dev = 13835039827440987236, __pad1 = 2, st_ino = 16, st_mode 
= 1600942451,
  st_nlink = 1667720562, st_uid = 6648673, st_gid = 16, st_rdev = 
13835039365436895082,
  __pad2 = 2, st_size = 16, st_blksize = 1768714355, st_blocks = -1090492044, 
st_atim = {
    tv_sec = 2, tv_nsec = 16}, st_mtim = {tv_sec = 1768714355, tv_nsec = -
1073807244},
  st_ctim = {tv_sec = 2, tv_nsec = 16}, __unused4 = 1734701669, __unused5 = 
1701994345}
        stream = (php_stream *) 0x8d
        path_length = 138854544
        exec_fname_length = 141
#7  0xb7b8c572 in _php_stream_open_wrapper_ex 
(path=0x846c090 "/www/_error/404/index.php",
    mode=0xb7cece68 "rb", options=141, opened_path=0x85, context=0x0)
    at /tmp/php-5.1.0RC1/main/streams/streams.c:1771
        stream = (php_stream *) 0x0
        wrapper = (php_stream_wrapper *) 0xb7e36028
        path_to_open = 0x846c090 "/www/_error/404/index.php"
        persistent = 0
        copy_of_path = 0x0
#8  0xb7b7cf34 in php_stream_open_for_zend 
(filename=0x846c090 "/www/_error/404/index.php",
    handle=0xbfffeeb0) at /tmp/php-5.1.0RC1/main/main.c:852
        stream = (php_stream *) 0x0
#9  0xb7bba32b in zend_stream_open 
(filename=0x846c090 "/www/_error/404/index.php",
    handle=0xbfffeeb0) at /tmp/php-5.1.0RC1/Zend/zend_stream.c:47
No locals.
#10 0xb7bba3ec in zend_stream_fixup (file_handle=0xbfffeeb0)
    at /tmp/php-5.1.0RC1/Zend/zend_stream.c:62
No locals.
#11 0xb7b96c88 in open_file_for_scanning (file_handle=0xbfffeeb0)
    at Zend/zend_language_scanner.c:3068
        file_path = 0x0
#12 0xb7b96d70 in compile_file (file_handle=0xbfffeeb0, type=2)
    at Zend/zend_language_scanner.c:3154
        original_lex_state = {buffer_state = 0x0, state = 0, in = 0x0, lineno 
= 0,
  filename = 0x0}
        op_array = (zend_op_array *) 0x845ebf4
        original_active_op_array = (zend_op_array *) 0x0
        retval = (zend_op_array *) 0xbfffedec
        compiler_result = -1073746256
        compilation_successful = 176 '?'
        retval_znode = {op_type = 1, u = {constant = {value = {lval = 1,
        dval = 1.4950491347092096e+93, str = {val = 0x1 <Address 0x1 out of 
bounds>,
          len = 1397157752}, ht = 0x1, obj = {handle = 1, handlers = 
0x5346ef78}},
      refcount = 1, type = 1 '\001', is_ref = 0 '\0'}, var = 1, opline_num = 1,
    op_array = 0x1, jmp_addr = 0x1, EA = {var = 1, type = 1397157752}}}
        original_in_compilation = 0 '\0'
#13 0xb7bae117 in zend_execute_scripts (type=2, retval=0x0, file_count=1)
    at /tmp/php-5.1.0RC1/Zend/zend.c:1070
        files = 0xbfffedf0 ""
        i = 0
        file_handle = (zend_file_handle *) 0xbfffeeb0
        orig_op_array = (zend_op_array *) 0x0
        local_retval = (zval *) 0x0
#14 0xb7c0c638 in php_handler (r=0x8468440)

    at /tmp/php-5.1.0RC1/sapi/apache2handler/sapi_apache2.c:564
        zfd = {type = 0 '\0', filename = 0x846c090 "/www/_error/404/index.php",
  opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, 
reader = 0,
      closer = 0, fteller = 0, interactive = 0}}, free_filename = 0 '\0'}
        orig_bailout = {{__jmpbuf = {0, 0, 0, 0, 0, 0}, __mask_was_saved = 0, 
__saved_mask = {
      __val = {0 <repeats 32 times>}}}}
        ctx = (php_struct *) 0x8468388
        conf = (void *) 0x8245268
        brigade = (apr_bucket_brigade *) 0x0
        bucket = (apr_bucket *) 0x0
        rv = 0
        parent_req = (request_rec *) 0x8468440
#15 0x080d5206 in ap_run_handler (r=0x8468440) at config.c:152
        pHook = (ap_LINK_handler_t *) 0x0
        n = 12
        rv = 0
#16 0x080d571a in ap_invoke_handler (r=0x8468440) at config.c:364
        new_handler = 0x1 <Address 0x1 out of bounds>
        p2 = 0x0
        handler = 0x0
        result = 138839104
        old_handler = 0x8245250 "application/x-httpd-php"
#17 0x080afe59 in ap_internal_redirect (new_uri=0x82482f8 "/error/404/?e", 
r=0x8462fa0)
    at http_request.c:465
        new = (request_rec *) 0x8468440
        access_status = 0
#18 0x080af906 in ap_process_request (r=0x8462fa0) at http_request.c:262
        access_status = 1
#19 0x080aba01 in ap_process_http_connection (c=0x845cd08) at http_core.c:251
        r = (request_rec *) 0x8462fa0
        csd_set = 0
        csd = (apr_socket_t *) 0x0
#20 0x080de5a6 in ap_run_process_connection (c=0x845cd08) at connection.c:43
        pHook = (ap_LINK_process_connection_t *) 0x0
        n = 1
        rv = 0
#21 0x080d3da3 in child_main (child_num_arg=0) at prefork.c:610
        ptrans = (apr_pool_t *) 0x845cbf8
        allocator = (apr_allocator_t *) 0x845ab68
        current_conn = (conn_rec *) 0x845cd08
        status = 138792200
        i = 1
        lr = (ap_listen_rec *) 0x845aca8
        curr_pollfd = 1
        last_pollfd = 1
        pollset = (apr_pollfd_t *) 0x845aca8
        offset = 0
        csd = (void *) 0x845cc30
        sbh = (ap_sb_handle_t *) 0x845ac78
        rv = 0
        bucket_alloc = (apr_bucket_alloc_t *) 0x8460f60
#22 0x080d3ebc in make_child (s=0x81be458, slot=1) at prefork.c:704
        pid = 0
#23 0x080d3fa3 in startup_children (number_to_start=4) at prefork.c:722
        i = 1
#24 0x080d469d in ap_mpm_run (_pconf=0x81b90a8, plog=0x82031d0, s=0x5) at 
prefork.c:941
        index = 0
        remaining_children_to_start = 5
        rv = 0
#25 0x080d9606 in main (argc=4, argv=0xbffff274) at main.c:618
        exit_status = 0
        c = 68 'D'
        configtestonly = 0
        confname = 0x817a0e0 "conf/httpd.conf"
        def_server_root = 0x817ad38 "/usr/local/apache2"
        temp_error_log = 0x0
        process = (process_rec *) 0x81b7120
        server_conf = (server_rec *) 0x81be458
        pglobal = (apr_pool_t *) 0x81b70a0
        pconf = (apr_pool_t *) 0x81b90a8
        plog = (apr_pool_t *) 0x82031d0
        ptemp = (apr_pool_t *) 0x82011c8
        pcommands = (apr_pool_t *) 0x81bb0b0
        opt = (apr_getopt_t *) 0x81bb148
        rv = 0
        mod = (module **) 0x81be458
        optarg = 0xbffffad9 "SSL"
        signal_server = (apr_OFN_ap_signal_server_t *) 0x1
 [2005-09-22 02:57 UTC] roso at despammed dot com
I just posted the core dump for the process that ended with a Segmentation fault after trying to PUT a file in a Webdav folder.

Also, I just found out that there are many other processes ending with a Segmentation fault, all of them happening when the server looking for a file which is not found is trying to access a 404 custom file made in PHP. if I change the 404 to a simple HTML everything is back to normal. 
Therefore, it seems that the PHP (5.1.0RC1) is responsible for this fault. It used to work with the previous version (5.1.0b3).
 [2005-09-22 03:07 UTC] roso at despammed dot com
BTW, it is not the Custom 404 page php script that is causing an error, even if I put an empty file there and name it index.php I still get the Segmentation fault.
 [2005-09-22 08:29 UTC] sniper@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip


 [2005-09-22 15:50 UTC] roso at despammed dot com
I already did, I've been told by the Apache developers that the 404 handling in PHP/apache2handler was broken recently. And yes, it works fine now (I wonder what other bugs are in this snapshot of 5.1.0RC2 I just installed). Thank you.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Wed Jan 15 10:01:29 2025 UTC