|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2004-11-26 10:35 UTC] philippe dot ventrillon at fr dot netcentrex dot net
Description:
------------
I get a seg fault when i try to record a soapClient into the Session.
the crash occurs with both standalone php (php -q client10b.php) and apache running php.
The bt have been produced with gdb and stanalone php.
Reproduce code:
---------------
<?php
session_start();
$client = new SoapClient("soap10.wsdl", Array('trace'=>1));
ini_set("soap.wsdl_cache_enabled", "0"); // disabling WSDL cache
var_dump($client->__getFunctions());
echo("<BR>\n");
var_dump($client->__getTypes());
$_SESSION['phvclient10'] = $client;
?>
plus soap10.wsdl===========================================
<?xml version ='1.0' encoding ='UTF-8' ?>
<definitions name='Increment'
targetNamespace='http://example.org/increment'
xmlns:tns=' http://example.org/increment '
xmlns:soap='http://schemas.xmlsoap.org/wsdl/soap/'
xmlns:xsd='http://www.w3.org/2001/XMLSchema'
xmlns:soapenc='http://schemas.xmlsoap.org/soap/encoding/'
xmlns:wsdl='http://schemas.xmlsoap.org/wsdl/'
xmlns='http://schemas.xmlsoap.org/wsdl/'>
<message name='getTempRequest'>
<part name='symbol' type='xsd:string'/>
</message>
<message name='getTempResponse'>
<part name='Result' type='xsd:float'/>
</message>
<message name='IncrementRequest'>
<part name='symbol' type='xsd:positiveInteger'/>
</message>
<message name='IncrementResponse'>
<part name='Result' type='xsd:integer'/>
</message>
<portType name='IncPortType'>
<operation name='getTemp'>
<input message='tns:getTempRequest'/>
<output message='tns:getTempResponse'/>
</operation>
<operation name='increment'>
<input message='tns:IncrementRequest'/>
<output message='tns:IncrementResponse'/>
</operation>
</portType>
<binding name='IncrementBinding' type='tns:IncPortType'>
<soap:binding style='rpc'
transport='http://schemas.xmlsoap.org/soap/http'/>
<operation name='increment'>
<soap:operation soapAction='urn:localhost-increment#increment'/>
<input>
<soap:body use='litteral' namespace='urn:localhost-increment'
encodingStyle='http://schemas.xmlsoap.org/soap/encoding/'/>
</input>
<output>
<soap:body use='litteral' namespace='urn:localhost-increment'
encodingStyle='http://schemas.xmlsoap.org/soap/encoding/'/>
</output>
</operation>
<operation name='getTemp'>
<soap:operation soapAction='urn:localhost-increment#getTemp'/>
<input>
<soap:body use='litteral' namespace='urn:localhost-increment'
encodingStyle='http://schemas.xmlsoap.org/soap/encoding/'/>
</input>
<output>
<soap:body use='litteral' namespace='urn:localhost-increment'
encodingStyle='http://schemas.xmlsoap.org/soap/encoding/'/>
</output>
</operation>
</binding>
<service name='IncrementService'>
<port name='TempPort' binding='IncrementBinding'>
<soap:address location='http://localhost/phv/server10.php'/>
</port>
</service>
</definitions>
===========================================================
Expected result:
----------------
No seg fault
Actual result:
--------------
#0 0x081b166c in zend_throw_exception_internal (exception=0xbfe2aff0)
at /root/php5/php-5.0.2/Zend/zend_exceptions.c:53
#1 0x081b2cb9 in zend_throw_exception_object (exception=0x9e8099c)
at /root/php5/php-5.0.2/Zend/zend_exceptions.c:571
#2 0x080a984a in do_soap_call (this_ptr=0x9e81bac,
function=0x9e81b74 "__sleep", function_len=7, arg_count=0, real_args=0x0,
return_value=0x9e81c14, soap_action=0x0, call_uri=0x0, soap_headers=0x0,
output_headers=0x0) at /root/php5/php-5.0.2/ext/soap/soap.c:2225
#3 0x080aa25c in zif_SoapClient___call (ht=2, return_value=0x9e81c14,
this_ptr=0x9e81bac, return_value_used=1)
at /root/php5/php-5.0.2/ext/soap/soap.c:2315
#4 0x0819acde in zend_call_function (fci=0xbfe2b060, fci_cache=0x0)
at /root/php5/php-5.0.2/Zend/zend_execute_API.c:856
#5 0x0819a851 in call_user_function_ex (function_table=0x0, object_pp=0x0,
function_name=0x0, retval_ptr_ptr=0x0, param_count=0, params=0x0,
no_separation=0, symbol_table=0x0)
at /root/php5/php-5.0.2/Zend/zend_execute_API.c:553
#6 0x081b3c8a in zend_std_call_user_call (ht=0, return_value=0x9e81be4,
this_ptr=0x9e81bac, return_value_used=1)
at /root/php5/php-5.0.2/Zend/zend_object_handlers.c:572
#7 0x0819acde in zend_call_function (fci=0xbfe2b240, fci_cache=0x0)
at /root/php5/php-5.0.2/Zend/zend_execute_API.c:856
#8 0x0819a851 in call_user_function_ex (function_table=0x0, object_pp=0x0,
function_name=0x0, retval_ptr_ptr=0x0, param_count=0, params=0x0,
no_separation=0, symbol_table=0x0)
at /root/php5/php-5.0.2/Zend/zend_execute_API.c:553
#9 0x0815455c in php_var_serialize_intern (buf=0xbfe2b3f0, struc=0x9e81640,
var_hash=0xbfe2b3c0) at /root/php5/php-5.0.2/ext/standard/var.c:686
#10 0x08154b02 in php_var_serialize (buf=0xbfe2b3f0, struc=0x9e81640,
var_hash=0xbfe2b3c0) at /root/php5/php-5.0.2/ext/standard/var.c:780
#11 0x0809d86f in ps_srlzr_encode_php (newstr=0x0, newlen=0xbfe2b460)
at /root/php5/php-5.0.2/ext/session/session.c:452
#12 0x0809de3c in php_session_encode (newlen=0xbfe2b460)
at /root/php5/php-5.0.2/ext/session/session.c:546
#13 0x0809e513 in php_session_save_current_state ()
at /root/php5/php-5.0.2/ext/session/session.c:805
#14 0x080a0ff1 in php_session_flush ()
at /root/php5/php-5.0.2/ext/session/session.c:1713
#15 0x080a100f in zm_deactivate_session (type=1, module_number=9)
---Type <return> to continue, or q <return> to quit---
at /root/php5/php-5.0.2/ext/session/session.c:1727
#16 0x081a76dd in module_registry_cleanup (module=0x0)
at /root/php5/php-5.0.2/Zend/zend_API.c:1536
#17 0x081a9fc9 in zend_hash_apply (ht=0x8225fc0,
apply_func=0x81a76ac <module_registry_cleanup>)
at /root/php5/php-5.0.2/Zend/zend_hash.c:664
#18 0x081a3d68 in zend_deactivate_modules ()
at /root/php5/php-5.0.2/Zend/zend.c:803
#19 0x08171978 in php_request_shutdown (dummy=0x0)
at /root/php5/php-5.0.2/main/main.c:1198
#20 0x081ca853 in main (argc=3, argv=0xbfe2bd24)
at /root/php5/php-5.0.2/sapi/cli/php_cli.c:1046
(gdb)
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Oct 31 01:00:01 2025 UTC |
The problem is that the exception is thrown during serialization when there is no opline. It can be easily reproduced without SOAP: <? class test { function __call($a, $b) { throw new Exception('test'); } } $obj = new test; session_start(); $_SESSION['bla'] = $obj; ?> The patch below should fix the bug: Index: zend_exceptions.c =================================================================== RCS file: /repository/ZendEngine2/zend_exceptions.c,v retrieving revision 1.74 diff -u -r1.74 zend_exceptions.c --- zend_exceptions.c 30 Oct 2004 10:13:27 -0000 1.74 +++ zend_exceptions.c 26 Nov 2004 13:17:23 -0000 @@ -51,7 +51,7 @@ zend_throw_exception_hook(exception TSRMLS_CC); } - if ((EG(current_execute_data)->opline+1)->opcode == ZEND_HANDLE_EXCEPTION) { + if (EG(current_execute_data)->opline == NULL || (EG(current_execute_data)->opline+1)->opcode == ZEND_HANDLE_EXCEPTION) { /* no need to rethrow the exception */ return; }