php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #49626 Access violation in php.exe
Submitted: 2009-09-22 16:39 UTC Modified: 2009-09-22 17:58 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: jbreiding at hotmail dot com Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.3.0 OS: windows server 2008 x64
Private report: No CVE-ID: None
 [2009-09-22 16:39 UTC] jbreiding at hotmail dot com
Description:
------------
(b64.11a8): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
php5ts!guess_timezone+0x20:
100f3d20 8b4204          mov     eax,dword ptr [edx+4] ds:002b:180050ac=????????


Reproduce code:
---------------
<?php phpinfo(); ?>

Expected result:
----------------
phpinfo output

Actual result:
--------------
call stack:

00c0f9e0 100f3f1e 00000001 02ebfe68 00000020 php5ts!guess_timezone+0x20 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 843]
00c0f9f0 100f4c1b 02ab1250 02ab1250 00000003 php5ts!get_timezone_info+0x1e [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 928]
00c0fa00 100bda11 1036a294 0000000b 4ab8fb18 php5ts!php_format_date+0x1b [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 1179]
00c0fa2c 100be4e4 02c42850 02ab1250 00c0fa74 php5ts!php_log_err+0xa1 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 542]
00c0fa88 10002909 00000020 1035b924 00000000 php5ts!php_error_cb+0x354 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 952]
00c0fad4 100be066 00000020 1035b99c 02c42600 php5ts!zend_error+0x4d9 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend.c @ 1020]
00c0fb20 100be0d3 00000000 10520bcf 00000020 php5ts!php_verror+0x566 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 780]
00c0fb3c 101cd357 00000000 02ab1250 00000020 php5ts!php_error_docref0+0x23 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 791]
00c0fb74 100c5825 02c4f398 00000001 00000000 php5ts!php_load_extension+0x1e7 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\standard\dl.c @ 212]
00c0fb88 100a950c 02e536c0 02ab1250 0000000a php5ts!php_load_php_extension_cb+0x15 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\php_ini.c @ 330]
00c0fba0 100c6115 1054c7e8 100c5810 02ab1250 php5ts!zend_llist_apply+0x1c [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_llist.c @ 193]
00c0fbc0 100c0d61 02ab1250 00c0fbf0 00000000 php5ts!php_ini_register_extensions+0x25 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\php_ini.c @ 720]
00c0fdc8 004014bf 00407010 00000000 00000000 php5ts!php_module_startup+0x8e1 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 1992]
00c0fdd8 00401cb3 00407010 0040742c 00000001 php!php_cli_startup+0xf [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\sapi\cli\php_cli.c @ 399]
00c0ff44 00402e5a 00000002 02ab2f38 02ab1ac0 php!main+0x363 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\sapi\cli\php_cli.c @ 771]
00c0ff88 75f0eccb 7efde000 00c0ffd4 77c7d24d php!__tmainCRTStartup+0x10f [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 586]
00c0ff94 77c7d24d 7efde000 684dc29c 00000000 kernel32!BaseThreadInitThunk+0xe
00c0ffd4 77c7d45f 00402fa2 7efde000 ffffffff ntdll32!__RtlUserThreadStart+0x23
00c0ffec 00000000 00402fa2 7efde000 00000000 ntdll32!_RtlUserThreadStart+0x1b

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-09-22 16:41 UTC] jbreiding at hotmail dot com
adding exception analysis from windbg:

FAULTING_IP: 
php5ts!guess_timezone+20 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 843]
100f3d20 8b4204          mov     eax,dword ptr [edx+4]

EXCEPTION_RECORD:  ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 00000000100f3d20 (php5ts!guess_timezone+0x0000000000000020)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 00000000180050ac
Attempt to read from address 00000000180050ac

FAULTING_THREAD:  00000000000011a8

DEFAULT_BUCKET_ID:  INVALID_POINTER_READ

PROCESS_NAME:  php.exe

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  00000000180050ac

READ_ADDRESS:  00000000180050ac 

FOLLOWUP_IP: 
php5ts!guess_timezone+20 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 843]
100f3d20 8b4204          mov     eax,dword ptr [edx+4]

NTGLOBALFLAG:  70

APPLICATION_VERIFIER_FLAGS:  0

PRIMARY_PROBLEM_CLASS:  INVALID_POINTER_READ

BUGCHECK_STR:  APPLICATION_FAULT_INVALID_POINTER_READ

LAST_CONTROL_TRANSFER:  from 00000000100f3f1e to 00000000100f3d20

STACK_TEXT:  
00c0f9e0 100f3f1e 00000001 02ebfe68 00000020 php5ts!guess_timezone+0x20 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 843]
00c0f9f0 100f4c1b 02ab1250 02ab1250 00000003 php5ts!get_timezone_info+0x1e [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 928]
00c0fa00 100bda11 1036a294 0000000b 4ab8fb18 php5ts!php_format_date+0x1b [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 1179]
00c0fa2c 100be4e4 02c42850 02ab1250 00c0fa74 php5ts!php_log_err+0xa1 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 542]
00c0fa88 10002909 00000020 1035b924 00000000 php5ts!php_error_cb+0x354 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 952]
00c0fad4 100be066 00000020 1035b99c 02c42600 php5ts!zend_error+0x4d9 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend.c @ 1020]
00c0fb20 100be0d3 00000000 10520bcf 00000020 php5ts!php_verror+0x566 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 780]
00c0fb3c 101cd357 00000000 02ab1250 00000020 php5ts!php_error_docref0+0x23 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 791]
00c0fb74 100c5825 02c4f398 00000001 00000000 php5ts!php_load_extension+0x1e7 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\standard\dl.c @ 212]
00c0fb88 100a950c 02e536c0 02ab1250 0000000a php5ts!php_load_php_extension_cb+0x15 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\php_ini.c @ 330]
00c0fba0 100c6115 1054c7e8 100c5810 02ab1250 php5ts!zend_llist_apply+0x1c [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_llist.c @ 193]
00c0fbc0 100c0d61 02ab1250 00c0fbf0 00000000 php5ts!php_ini_register_extensions+0x25 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\php_ini.c @ 720]
00c0fdc8 004014bf 00407010 00000000 00000000 php5ts!php_module_startup+0x8e1 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 1992]
00c0fdd8 00401cb3 00407010 0040742c 00000001 php!php_cli_startup+0xf [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\sapi\cli\php_cli.c @ 399]
00c0ff44 00402e5a 00000002 02ab2f38 02ab1ac0 php!main+0x363 [d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\sapi\cli\php_cli.c @ 771]
00c0ff88 75f0eccb 7efde000 00c0ffd4 77c7d24d php!__tmainCRTStartup+0x10f [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 586]
00c0ff94 77c7d24d 7efde000 684dc29c 00000000 kernel32!BaseThreadInitThunk+0xe
00c0ffd4 77c7d45f 00402fa2 7efde000 ffffffff ntdll32!__RtlUserThreadStart+0x23
00c0ffec 00000000 00402fa2 7efde000 00000000 ntdll32!_RtlUserThreadStart+0x1b


FAULTING_SOURCE_CODE:  
   839: {
   840: 	char *env;
   841: 
   842: 	/* Checking configure timezone */
>  843: 	if (DATEG(timezone) && (strlen(DATEG(timezone)) > 0)) {
   844: 		return DATEG(timezone);
   845: 	}
   846: 	/* Check environment variable */
   847: 	env = getenv("TZ");
   848: 	if (env && *env && timelib_timezone_id_is_valid(env, tzdb)) {


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  php5ts!guess_timezone+20

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: php5ts

IMAGE_NAME:  php5ts.dll

DEBUG_FLR_IMAGE_TIMESTAMP:  4a4929bb

STACK_COMMAND:  ~0s ; kb

FAILURE_BUCKET_ID:  INVALID_POINTER_READ_c0000005_php5ts.dll!guess_timezone

BUCKET_ID:  X64_APPLICATION_FAULT_INVALID_POINTER_READ_php5ts!guess_timezone+20

WATSON_IBUCKET:  1347127945

WATSON_IBUCKETTABLE:  1

WATSON_STAGEONE_URL:  http://watson.microsoft.com/StageOne/php_exe/5_3_0_0/4a492b1f/php5ts_dll/5_3_0_0/4a4929bb/c0000005/000f3d20.htm?Retriage=1

Followup: MachineOwner
---------
 [2009-09-22 16:56 UTC] pajoye@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/


 [2009-09-22 17:12 UTC] jbreiding at hotmail dot com
nogo, same problem. am i possibly missing some configuration?
 [2009-09-22 17:15 UTC] pajoye@php.net
Most likely yes, I can't reproduce it, no matter which SAPI I use. fastcgi, apache or CLI. Which one do you use?

Can you try using CLI and then using your server without any extension loaded (no php.ini either, be sure that no php.ini are in windows\ or common directories).
 [2009-09-22 17:22 UTC] jbreiding at hotmail dot com
ok that worked, here are my extensions below:

[PHP_LDAP]
extension=php_ldap.dll
[PHP_MYSQL]
extension=php_mysql.dll
[PHP_PDO]
extension=php_pdo.dll
[PHP_PDO_MYSQL]
extension=php_pdo_mysql.dll
[PHP_CURL]
extension=php_curl.dll
[PHP_BZ2]
extension=php_bz2.dll
[PHP_FDF]
extension=php_fdf.dll
[PHP_MCRYPT]
extension=php_mcrypt.dll
[PHP_MHASH]
extension=php_mhash.dll
[PHP_SHMOP]
extension=php_shmop.dll
[PHP_ZIP]
extension=php_zip.dll
[PHP_GD2]
extension=php_gd2.dll
[PHP_OPENSSL]
extension=php_openssl.dll
[PHP_GETTEXT]
extension=php_gettext.dll
 [2009-09-22 17:56 UTC] jbreiding at hotmail dot com
looks like this was due to missing extensions that were referenced in the ini file.

thanks for the help. shouldnt this have shown itself in a more helpful error? or at least died when the extension was attempting to load?
 [2009-09-22 17:58 UTC] pajoye@php.net
It is sometimes not possible to get the hand before bad things happen.

Not a bug >> bogus.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Wed Apr 01 12:01:22 2020 UTC