php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56517 mb_output_handler and xdebug_start_code_coverage() cause segfault
Submitted: 2005-08-31 12:49 UTC Modified: 2005-10-23 12:02 UTC
From: dimension at pat dot hi-ho dot ne dot jp Assigned: derick (profile)
Status: Not a bug Package: Xdebug (PECL)
PHP Version: Irrelevant OS: Linux
Private report: No CVE-ID: None
 [2005-08-31 12:49 UTC] dimension at pat dot hi-ho dot ne dot jp
Description:
------------
I'm using PHP4.3.11 and Xdebug-2.0.0beta3.
php.ini was copied from php.ini-recommended and modified output_handler for mb_output_handler.

When I executed [Reproduce code], I got segmentation fault.
If I commented output_handler out, no errors occur. 

o PHP4.3.11 (from tar ball)
# ./configure --with-apxs2=/usr/local/apache2/bin/apxs --prefix=/usr/local/lib/php4 --with-pear=/usr/local/lib/php4/pear --with-config-file-path=/usr/local/lib/php4/ini/4.3.11 --with-config-file-scan-dir=/usr/local/lib/php4/ini.d --enable-zend-multibyte --enable-mbstring --enable-mbregex --with-dom --with-gd=shared --with-jpeg-dir --with-png-dir --with-zlib-dir --with-ttf --with-freetype-dir --enable-gd-jis-conv --with-java=shared,/usr/local/jdk --enable-xslt --with-xslt-sablot --with-expat-dir=/usr --with-oci8=shared,/u01/app/oracle/product/10.1.0 --without-mysql --with-pgsql=shared --enable-debug

o Xdebug-2.0.0 beta3 (from tar ball)
# phpize
# ./configure --enable-xdebug --with-php-config=/usr/local/lib/php4/bin/php-config
# make
# cp -p .libs/xdebug.so /usr/local/lib/php4/lib/php/extensions/debug-non-zts-20020429/

o difference from php.ini-recommend
output_buffering = 4096
output_handler = mb_output_handler
display_errors = On 
extension_dir = "/usr/local/lib/php4/lib/php/extensions/debug-non-zts-20020429/"
mbstring.language = Japanese
mbstring.internal_encoding = EUC-JP
mbstring.http_input = auto
mbstring.http_output = SJIS
mbstring.encoding_translation = On
mbstring.detect_order = auto
mbstring.substitute_character = none;
mbstring.func_overload = 0
extension= "xdebug.so"
xdebug.dump.GET=*
xdebug.dump.POST=*
xdebug.dump.COOKIE=*
xdebug.dump.SESSION=*


Reproduce code:
---------------
<?php
function test() {
	echo 'hello';
}
	xdebug_start_code_coverage();
	test();
	var_dump(xdebug_get_code_coverage());
?>


Expected result:
----------------
hello

array
  '/path/to/xdebug_start_code_coverage.php' => 
    array
       :
     (snip)


Actual result:
--------------
# gdb /usr/local/apache2/bin/httpd
GNU gdb 5.2.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-vine-linux"...
(gdb) run -X
Starting program: /usr/local/apache2/bin/httpd -X
[New Thread 16384 (LWP 16971)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 16971)]
0x40bb9842 in xdebug_count_line (filename=0x0, lineno=0, executable=0)
    at /usr/local/src/xdebug-2.0.0beta3/xdebug_code_coverage.c:51
51              if (!xdebug_hash_find(XG(code_coverage), filename, strlen(filename), (void *) &file)) {
(gdb) bt
#0  0x40bb9842 in xdebug_count_line (filename=0x0, lineno=0, executable=0)
    at /usr/local/src/xdebug-2.0.0beta3/xdebug_code_coverage.c:51
#1  0x40bb69b1 in add_stack_frame (zdata=0xbfffe980, op_array=0x0, type=0)
    at /usr/local/src/xdebug-2.0.0beta3/xdebug.c:888
#2  0x40bb76af in xdebug_execute_internal (current_execute_data=0xbfffe980,
    return_value_used=1) at /usr/local/src/xdebug-2.0.0beta3/xdebug.c:1185
#3  0x4046cc74 in call_user_function_ex (function_table=0x815a300,
    object_pp=0x0, function_name=0x816ad74, retval_ptr_ptr=0xbfffeaa0,
    param_count=2, params=0xbfffea48, no_separation=1, symbol_table=0x0)
    at /usr/local/src/php-4.3.11/Zend/zend_execute_API.c:592
#4  0x40454bb7 in php_end_ob_buffer (send_buffer=1 '\001', just_flush=0 '\0')
    at /usr/local/src/php-4.3.11/main/output.c:242
#5  0x40454f8c in php_end_ob_buffers (send_buffer=1 '\001')
    at /usr/local/src/php-4.3.11/main/output.c:338
#6  0x40441f5d in php_request_shutdown (dummy=0x0)
    at /usr/local/src/php-4.3.11/main/main.c:970
#7  0x4048da42 in php_apache_request_dtor (r=0x81af7f0)
    at /usr/local/src/php-4.3.11/sapi/apache2handler/sapi_apache2.c:448
#8  0x4048e094 in php_handler (r=0x81af7f0)
    at /usr/local/src/php-4.3.11/sapi/apache2handler/sapi_apache2.c:577
#9  0x080672da in ap_run_handler (r=0x81af7f0) at config.c:152
#10 0x080677ee in ap_invoke_handler (r=0x81af7f0) at config.c:364
#11 0x08064bb3 in ap_process_request (r=0x81af7f0) at http_request.c:249
---Type <return> to continue, or q <return> to quit---
#12 0x08060c89 in ap_process_http_connection (c=0x81a95e8) at http_core.c:251
#13 0x0806f4e6 in ap_run_process_connection (c=0x81a95e8) at connection.c:43
#14 0x08065e77 in child_main (child_num_arg=3) at prefork.c:610
#15 0x0806601e in make_child (s=0x809c488, slot=0) at prefork.c:650
#16 0x08066077 in startup_children (number_to_start=5) at prefork.c:722
#17 0x08066771 in ap_mpm_run (_pconf=0x806582c, plog=0x80c4780, s=0x5)
    at prefork.c:941
#18 0x0806b6d6 in main (argc=2, argv=0xbffff414) at main.c:618
#19 0x4014cc1f in __libc_start_main (main=0x806b130 <main>, argc=2,
    ubp_av=0x2, init=0x8082f1c <__libc_csu_init>,
    fini=0x8082f64 <__libc_csu_fini>, rtld_fini=0x400144a0 <_rtld_local>,
    stack_end=0xbfffe7d4) at ../sysdeps/generic/libc-start.c:225
(gdb)
(gdb) quit
The program is running.  Exit anyway? (y or n) y
# 


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-23 11:02 UTC] php at derickrethans dot nl
Thank you for taking the time to report a problem with the package.
Unfortunately you are not using a current version of the package -- 
the problem might already be fixed. Please download a new
version from http://pecl.php.net/packages.php

If you are able to reproduce the bug with one of the latest
versions, please change the package version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PECL.

.
 [2005-10-23 12:02 UTC] dimension at pat dot hi-ho dot ne dot jp
thanks for your comments.
When using PHP4.4.0 and Xdebug-2.0.0beta4, It's fine!
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Apr 03 21:01:23 2020 UTC