PHP :: Bug #46907 :: PHP crashes when trying to install or run cacti-0.8.7b.2

Bug #46907	PHP crashes when trying to install or run cacti-0.8.7b.2_2
Submitted:	2008-12-19 13:52 UTC	Modified:	2008-12-22 08:45 UTC
From:	doserror at gmail dot com	Assigned:
Status:	Not a bug	Package:	Reproducible crash
PHP Version:	5.2.8	OS:	FreeBSD 7.0-RELEASE-p5
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	doserror at gmail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2008-12-19 13:52 UTC] doserror at gmail dot com

Description:
------------
php crashes when trying to run an install script for cacti

Reproduce code:
---------------
http://www.cacti.net/downloads/cacti-0.8.7b.tar.gz

Expected result:
----------------
core dump i generated

Actual result:
--------------
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...
Core was generated by `php'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libcrypt.so.4...done.
Loaded symbols for /lib/libcrypt.so.4
Reading symbols from /lib/libm.so.5...done.
Loaded symbols for /lib/libm.so.5
Reading symbols from /usr/local/lib/libxml2.so.5...done.
Loaded symbols for /usr/local/lib/libxml2.so.5
Reading symbols from /lib/libz.so.4...done.
Loaded symbols for /lib/libz.so.4
Reading symbols from /usr/local/lib/libiconv.so.3...done.
Loaded symbols for /usr/local/lib/libiconv.so.3
Reading symbols from /lib/libc.so.7...done.
Loaded symbols for /lib/libc.so.7
Reading symbols from /usr/local/lib/php/20060613-debug/gd.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/gd.so
Reading symbols from /usr/local/lib/libt1.so.5...done.
Loaded symbols for /usr/local/lib/libt1.so.5
Reading symbols from /usr/local/lib/libfreetype.so.9...done.
Loaded symbols for /usr/local/lib/libfreetype.so.9
Reading symbols from /usr/local/lib/libX11.so.6...done.
Loaded symbols for /usr/local/lib/libX11.so.6
Reading symbols from /usr/local/lib/libXpm.so.4...done.
Loaded symbols for /usr/local/lib/libXpm.so.4
Reading symbols from /usr/local/lib/libpng.so.5...done.
Loaded symbols for /usr/local/lib/libpng.so.5
Reading symbols from /usr/local/lib/libjpeg.so.9...done.
Loaded symbols for /usr/local/lib/libjpeg.so.9
Reading symbols from /usr/local/lib/libxcb-xlib.so.0...done.
Loaded symbols for /usr/local/lib/libxcb-xlib.so.0
Reading symbols from /usr/local/lib/libxcb.so.1...done.
Loaded symbols for /usr/local/lib/libxcb.so.1
Reading symbols from /usr/lib/librpcsvc.so.4...done.
Loaded symbols for /usr/lib/librpcsvc.so.4
Reading symbols from /usr/local/lib/libXau.so.6...done.
Loaded symbols for /usr/local/lib/libXau.so.6
Reading symbols from /usr/local/lib/libXdmcp.so.6...done.
Loaded symbols for /usr/local/lib/libXdmcp.so.6
Reading symbols from /usr/local/lib/php/20060613-debug/mysql.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/mysql.so
Reading symbols from /usr/local/lib/mysql/libmysqlclient.so.15...done.
Loaded symbols for /usr/local/lib/mysql/libmysqlclient.so.15
Reading symbols from /usr/local/lib/php/20060613-debug/simplexml.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/simplexml.so
Reading symbols from /usr/local/lib/php/20060613-debug/spl.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/spl.so
Reading symbols from /usr/local/lib/php/20060613-debug/mysqli.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/mysqli.so
Reading symbols from /usr/local/lib/php/20060613-debug/session.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/session.so
Reading symbols from /usr/local/lib/php/20060613-debug/snmp.so...done.
Loaded symbols for /usr/local/lib/php/20060613-debug/snmp.so
Reading symbols from /lib/libcrypto.so.5...done.
Loaded symbols for /lib/libcrypto.so.5
Reading symbols from /usr/lib/libssl.so.5...done.
Loaded symbols for /usr/lib/libssl.so.5
Reading symbols from /usr/local/lib/libnetsnmp.so.16...done.
Loaded symbols for /usr/local/lib/libnetsnmp.so.16
Reading symbols from /usr/lib/libelf.so.1...done.
Loaded symbols for /usr/lib/libelf.so.1
Reading symbols from /lib/libkvm.so.4...done.
Loaded symbols for /lib/libkvm.so.4
Reading symbols from /lib/libdevstat.so.6...done.
Loaded symbols for /lib/libdevstat.so.6
Reading symbols from /libexec/ld-elf.so.1...done.
Loaded symbols for /libexec/ld-elf.so.1
#0 0x0819822b in _zend_mm_realloc_int (heap=0x28708400, p=0x0, size=79, __zend_filename=0x82a9854 "/usr/ports/lang/php5/work/php-5.2.8/main/spprintf.c",
__zend_lineno=750, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend_alloc.c:2001
2001 return _zend_mm_alloc_int(heap, size ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC);

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-12-19 13:59 UTC] derick@php.net

Please type "bt" on the gdb prompt, and paste the results here.

[2008-12-20 11:36 UTC] doserror at gmail dot com

The backtrace log is 17MB so this is the begging and the end of the log :


--- BEGINNING -- 


#0  0x0819822b in _zend_mm_realloc_int (heap=0x28708400, p=0x0, size=79, __zend_filename=0x82a9854 "/usr/ports/lang/php5/work/php-5.2.8/main/spprintf.c", 
    __zend_lineno=750, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend_alloc.c:2001
2001                    return _zend_mm_alloc_int(heap, size ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC);
(gdb) bt 
#0  0x0819822b in _zend_mm_realloc_int (heap=0x28708400, p=0x0, size=79, __zend_filename=0x82a9854 "/usr/ports/lang/php5/work/php-5.2.8/main/spprintf.c", 
    __zend_lineno=750, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend_alloc.c:2001
#1  0x08198fb8 in _erealloc (ptr=0x0, size=79, allow_failure=0, __zend_filename=0x82a9854 "/usr/ports/lang/php5/work/php-5.2.8/main/spprintf.c", 
    __zend_lineno=750, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend_alloc.c:2316
#2  0x08166cea in xbuf_format_converter (xbuf=0xbbc003ec, fmt=0x82c58da "d", ap=0xbbc00440 "<B0>v.\b<CC>\n<C0><BB><C4>\n<C0><BB>\001")
    at /usr/ports/lang/php5/work/php-5.2.8/main/spprintf.c:750
#3  0x08167016 in vspprintf (pbuf=0xbbc004c4, max_len=0, format=0x82c58d8 "%ld", ap=0xbbc0043c "<FF>\027")
    at /usr/ports/lang/php5/work/php-5.2.8/main/spprintf.c:769
#4  0x081d18b0 in zend_spprintf (message=0xbbc004c4, max_len=0, format=0x82c58d8 "%ld") at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend_exceptions.c:453
#5  0x081add16 in _convert_to_string (op=0xbbc004c4, __zend_filename=0x82c9c20 "/usr/ports/lang/php5/work/php-5.2.8/Zend/zend_vm_execute.h", 
    __zend_lineno=4990) at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend_operators.c:568
#6  0x081ea0cc in ZEND_END_SILENCE_SPEC_TMP_HANDLER (execute_data=0xbbc00aa8) at zend_vm_execute.h:4990
#7  0x081dbfe2 in execute (op_array=0x28f813c4) at zend_vm_execute.h:92
#8  0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc01208) at zend_vm_execute.h:234
#9  0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc01208) at zend_vm_execute.h:322
#10 0x081dbfe2 in execute (op_array=0x28f812b4) at zend_vm_execute.h:92
#11 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc016b8) at zend_vm_execute.h:234
#12 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc016b8) at zend_vm_execute.h:322
#13 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#14 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc01a68) at zend_vm_execute.h:234
#15 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbbc01a68) at zend_vm_execute.h:1729
#16 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#17 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc01f18) at zend_vm_execute.h:234
#18 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc01f18) at zend_vm_execute.h:322
#19 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#20 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc022c8) at zend_vm_execute.h:234
#21 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbbc022c8) at zend_vm_execute.h:1729
#22 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#23 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc02778) at zend_vm_execute.h:234
#24 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc02778) at zend_vm_execute.h:322
#25 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#26 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc02b28) at zend_vm_execute.h:234
#27 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbbc02b28) at zend_vm_execute.h:1729
#28 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#29 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc02fd8) at zend_vm_execute.h:234
#30 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc02fd8) at zend_vm_execute.h:322
#31 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#32 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc03388) at zend_vm_execute.h:234
#33 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbbc03388) at zend_vm_execute.h:1729
#34 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92

--- BEGINNING ---

--- END --- 

#187670 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf4ae8) at zend_vm_execute.h:234
#187671 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf4ae8) at zend_vm_execute.h:1729
#187672 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187673 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf4f98) at zend_vm_execute.h:234
#187674 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbf4f98) at zend_vm_execute.h:322
#187675 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#187676 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf5348) at zend_vm_execute.h:234
#187677 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf5348) at zend_vm_execute.h:1729
#187678 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187679 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf57f8) at zend_vm_execute.h:234
#187680 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbf57f8) at zend_vm_execute.h:322
#187681 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#187682 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf5ba8) at zend_vm_execute.h:234
#187683 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf5ba8) at zend_vm_execute.h:1729
#187684 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187685 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf6058) at zend_vm_execute.h:234
#187686 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbf6058) at zend_vm_execute.h:322
#187687 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#187688 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf6408) at zend_vm_execute.h:234
#187689 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf6408) at zend_vm_execute.h:1729
#187690 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187691 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf68b8) at zend_vm_execute.h:234
#187692 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbf68b8) at zend_vm_execute.h:322
#187693 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#187694 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf6c68) at zend_vm_execute.h:234
#187695 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf6c68) at zend_vm_execute.h:1729
#187696 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187697 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf7118) at zend_vm_execute.h:234
#187698 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbf7118) at zend_vm_execute.h:322
#187699 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#187700 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf74c8) at zend_vm_execute.h:234
#187701 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf74c8) at zend_vm_execute.h:1729
#187702 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187703 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf7978) at zend_vm_execute.h:234
#187704 0x081dd0d3 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbf7978) at zend_vm_execute.h:322
#187705 0x081dbfe2 in execute (op_array=0x287ffe50) at zend_vm_execute.h:92
#187706 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf7d28) at zend_vm_execute.h:234
#187707 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf7d28) at zend_vm_execute.h:1729
#187708 0x081dbfe2 in execute (op_array=0x28d10620) at zend_vm_execute.h:92
#187709 0x081dc5f9 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbf90c8) at zend_vm_execute.h:234
#187710 0x081e2027 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfbf90c8) at zend_vm_execute.h:1729
#187711 0x081dbfe2 in execute (op_array=0x2900a7bc) at zend_vm_execute.h:92
#187712 0x081e9194 in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER (execute_data=0xbfbfa318) at zend_vm_execute.h:4662
#187713 0x081dbfe2 in execute (op_array=0x287480fc) at zend_vm_execute.h:92
#187714 0x081e2e0f in ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER (execute_data=0xbfbfd548) at zend_vm_execute.h:2087
#187715 0x081dbfe2 in execute (op_array=0x2871bc14) at zend_vm_execute.h:92
#187716 0x081b654d in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/ports/lang/php5/work/php-5.2.8/Zend/zend.c:1134
#187717 0x08163980 in php_execute_script (primary_file=0xbfbfebf4) at /usr/ports/lang/php5/work/php-5.2.8/main/main.c:2023
#187718 0x08233b80 in main (argc=2, argv=0xbfbfecd0) at /usr/ports/lang/php5/work/php-5.2.8/sapi/cli/php_cli.c:1133


--- END ---

[2008-12-20 12:14 UTC] crroriguez at opensuse dot org

Saw this one , it is not a bug, is just the script causes an infinite recursion problem that ends crashing PHP as expected..

[2008-12-20 16:50 UTC] jani@php.net

Like mentioned, this is not a bug in PHP but in that script.

[2008-12-22 08:45 UTC] doserror at gmail dot com

That is very strange, because on my other server this software is working fine with php 5.2.6

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 14:01:31 2024 UTC