php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61243 php-5.3.10 segfaults on imap
Submitted: 2012-03-02 11:40 UTC Modified: -
From: slim at inbox dot lv Assigned:
Status: Open Package: IMAP related
PHP Version: 5.3.10 OS: linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
13 - 3 = ?
Subscribe to this entry?

 
 [2012-03-02 11:40 UTC] slim at inbox dot lv
Description:
------------
php segfaults on unknown issues with imap. 
have no script to reproduce, conditions are unknown.

Mar  1 20:00:27 kernel: php-fpm[18747]: segfault at 63474590 ip 08468266 sp bfb12cc0 error 4 in php-fpm[8048000+97e000]
Mar  1 20:00:27 kernel: grsec: From 10.20.1.7: Segmentation fault occurred at 63474590 in /usr/lib/php5.3/bin/php-fpm[php-fpm:18747] uid/euid:103/103 gid/egid:442/442, parent /usr/lib/php5.3/bin/php-fpm[php-fpm:6808] uid/euid:0/0 gid/egid:0/0


php build as:
./configure --prefix=/usr --build=i686-pc-linux-gnu --host=i686-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --prefix=/usr/lib/php5.3 --mandir=/usr/lib/php5.3/man --infodir=/usr/lib/php5.3/info --libdir=/usr/lib/php5.3/lib --with-libdir=lib --without-pear --disable-maintainer-zts --disable-bcmath --with-bz2 --disable-calendar --enable-ctype --with-curl --without-curlwrappers --enable-dom --without-enchant --enable-exif --enable-fileinfo --enable-filter --disable-ftp --with-gettext --without-gmp --enable-hash --with-mhash --with-iconv --enable-intl --disable-ipv6 --enable-json --without-kerberos --enable-libxml --enable-mbstring --with-mcrypt --without-mssql --with-onig=/usr --with-openssl --with-openssl-dir=/usr --enable-pcntl --enable-phar --enable-pdo --without-pgsql --enable-posix --with-pspell --without-recode --enable-simplexml --enable-shmop --without-snmp --disable-soap --enable-sockets --without-sqlite --without-sqlite3 --without-sybase-ct --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-tidy --enable-tokenizer --disable-wddx --enable-xml --disable-xmlreader --disable-xmlwriter --with-xmlrpc --without-xsl --enable-zip --with-zlib --disable-debug --enable-dba --without-cdb --with-db4 --disable-flatfile --without-gdbm --disable-inifile --without-qdbm --without-freetype-dir --without-t1lib --disable-gd-jis-conv --with-jpeg-dir=/usr --with-png-dir=/usr --without-xpm-dir --with-gd --with-imap --with-imap-ssl --with-mysql=/usr --with-mysql-sock=/var/run/mysqld/mysqld.sock --with-mysqli=/usr/bin/mysql_config --without-pdo-dblib --with-pdo-mysql=/usr --without-pdo-pgsql --without-pdo-sqlite --without-pdo-odbc --with-readline --without-libedit --with-mm --with-pic --with-pcre-regex=/usr --with-pcre-dir=/usr --with-config-file-path=/etc/php/cli-php5.3 --with-config-file-scan-dir=/etc/php/cli-php5.3/ext-active --disable-embed --enable-cli --disable-cgi --disable-fpm --without-apxs2

Core was generated by `php-fpm: pool www'.
Program terminated with signal 11, Segmentation fault.
#0  0x08468266 in zend_mm_check_ptr (heap=0x8a41d80, ptr=0x8eceb58, silent=1, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=611, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:1357
1357    /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c: No such file or directory.
        in /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c
(gdb) bt
#0  0x08468266 in zend_mm_check_ptr (heap=0x8a41d80, ptr=0x8eceb58, silent=1, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=611, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:1357
#1  0x08469c25 in _zend_mm_free_int (heap=0x8a41d80, p=0x8eceb58, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=611, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:1993
#2  0x0846b0dc in _efree (ptr=0x8eceb58, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=611, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:2361
#3  0x081eb52a in mail_close_it (rsrc=0xa20ca98) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c:611
#4  0x084a65d9 in list_entry_destructor (ptr=0xa20ca98) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_list.c:184
#5  0x084a34d1 in zend_hash_del_key_or_index (ht=0x8a36a2c, arKey=0x0, nKeyLength=0, h=33, flag=1)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_hash.c:500
#6  0x084a6227 in _zend_list_delete (id=33) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_list.c:58
#7  0x0848fe66 in _zval_dtor_func (zvalue=0x8cf8d18, 
    __zend_filename=0x89b8d18 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c", __zend_lineno=447)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c:60
#8  0x0847f08f in _zval_dtor (zvalue=0x8cf8d18, 
    __zend_filename=0x89b8d18 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c", __zend_lineno=447)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.h:35
#9  0x084804a6 in _zval_ptr_dtor (zval_ptr=0x8cfb890, 
    __zend_filename=0x89b9f64 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c", __zend_lineno=189)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c:447
#10 0x08490308 in _zval_ptr_dtor_wrapper (zval_ptr=0x8cfb890)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c:189
#11 0x084a3640 in zend_hash_destroy (ht=0x8d0a070) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_hash.c:529
#12 0x084bcfac in zend_object_std_dtor (object=0x8d08fc4)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects.c:45
#13 0x084bd3aa in zend_objects_free_object_storage (object=0x8d08fc4)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects.c:126
#14 0x084c3200 in zend_objects_store_del_ref_by_handle_ex (handle=10, handlers=0x8a18880)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects_API.c:220
#15 0x084c2ef6 in zend_objects_store_del_ref (zobject=0x8d09a48)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects_API.c:172
#16 0x0848fe56 in _zval_dtor_func (zvalue=0x8d09a48, 
    __zend_filename=0x89b8d18 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c", __zend_lineno=447)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c:52
#17 0x0847f08f in _zval_dtor (zvalue=0x8d09a48, 
    __zend_filename=0x89b8d18 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c", __zend_lineno=447)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.h:35
#18 0x084804a6 in _zval_ptr_dtor (zval_ptr=0x8d03dbc, 
    __zend_filename=0x89b9f64 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c", __zend_lineno=189)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c:447
#19 0x08490308 in _zval_ptr_dtor_wrapper (zval_ptr=0x8d03dbc)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c:189
#20 0x084a3640 in zend_hash_destroy (ht=0x8d09bdc) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_hash.c:529
#21 0x084bcfac in zend_object_std_dtor (object=0xa22e9e0)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects.c:45
#22 0x084bd3aa in zend_objects_free_object_storage (object=0xa22e9e0)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects.c:126
#23 0x084c3200 in zend_objects_store_del_ref_by_handle_ex (handle=11, handlers=0x8a18880)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects_API.c:220
#24 0x084c2ef6 in zend_objects_store_del_ref (zobject=0x8d0a1e4)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_objects_API.c:172
#25 0x0848fe56 in _zval_dtor_func (zvalue=0x8d0a1e4, 
    __zend_filename=0x89b8d18 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c", __zend_lineno=447)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c:52
#26 0x0847f08f in _zval_dtor (zvalue=0x8d0a1e4, 
    __zend_filename=0x89b8d18 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c", __zend_lineno=447)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.h:35
---Type <return> to continue, or q <return> to quit---
#27 0x084804a6 in _zval_ptr_dtor (zval_ptr=0x8d7e818, 
    __zend_filename=0x89b9f64 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c", __zend_lineno=189)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c:447
#28 0x08490308 in _zval_ptr_dtor_wrapper (zval_ptr=0x8d7e818)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_variables.c:189
#29 0x084a381e in zend_hash_clean (ht=0x8d7e2d8) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_hash.c:561
#30 0x08485ed7 in zend_cleanup_class_data (pce=0x8d5a59c)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_opcode.c:163
#31 0x084a3cd2 in zend_hash_apply (ht=0x8a42058, apply_func=0x8485e78 <zend_cleanup_class_data>)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_hash.c:674
#32 0x0847feda in shutdown_executor () at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_execute_API.c:298
#33 0x084920a5 in zend_deactivate () at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend.c:891
#34 0x08410ba2 in php_request_shutdown (dummy=0x0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/main/main.c:1661
#35 0x08585e04 in main (argc=5, argv=0xbfb15a64) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/sapi/fpm/fpm/fpm_main.c:1886

Program terminated with signal 11, Segmentation fault.
#0  0x08468266 in zend_mm_check_ptr (heap=0x8a41d80, ptr=0x8c8b9f4, silent=1, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=1217, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:1357
1357    /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c: No such file or directory.
        in /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c
(gdb) bt
#0  0x08468266 in zend_mm_check_ptr (heap=0x8a41d80, ptr=0x8c8b9f4, silent=1, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=1217, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:1357
#1  0x08469c25 in _zend_mm_free_int (heap=0x8a41d80, p=0x8c8b9f4, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=1217, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:1993
#2  0x0846b0dc in _efree (ptr=0x8c8b9f4, 
    __zend_filename=0x87c26f4 "/var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c", __zend_lineno=1217, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_alloc.c:2361
#3  0x081ece88 in php_imap_do_open (ht=4, return_value=0x8eb2610, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, persistent=0)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c:1217
#4  0x081ed194 in zif_imap_open (ht=4, return_value=0x8eb2610, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/ext/imap/php_imap.c:1266
#5  0x084c9be4 in zend_do_fcall_common_helper_SPEC (execute_data=0x8f6ce98)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_vm_execute.h:320
#6  0x084ca2e1 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x8f6ce98)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_vm_execute.h:425
#7  0x084c9043 in execute (op_array=0x91aaba4) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend_vm_execute.h:107
#8  0x0849325a in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/Zend/zend.c:1236
#9  0x08411e11 in php_execute_script (primary_file=0xbfb15910)
    at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/main/main.c:2308
#10 0x08585cb2 in main (argc=5, argv=0xbfb15a64) at /var/tmp/portage/dev-lang/php-5.3.10/work/sapis-build/fpm/sapi/fpm/fpm/fpm_main.c:1858




Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Nov 15 10:01:36 2019 UTC