php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #15058 crash on complex page
Submitted: 2002-01-15 17:11 UTC Modified: 2002-03-13 00:00 UTC
From: jonatan at cyberdude dot com Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 4.1.1 OS: Mac OS X 10.1.2 (Build 5P48)
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: jonatan at cyberdude dot com
New email:
PHP Version: OS:

 

 [2002-01-15 17:11 UTC] jonatan at cyberdude dot com
when rendering a rather complex page php causes apache to 
crash. the page causes a 1200 line function (in a 6000 line 
included file) to be called recursively a number of times, 
and it seems that it crashes when it is called too many 
times. i tried upping the memory to "memory_limit = 128M;" 
in /usr/local/lib/php.ini, but that didn't help. i verified 
that it is not an infinite include problem (bug #10230, 
which sounds similar). i am using the precompiled apache 
php module version 4.1.1 from <http://www.entropy.ch/
software/macosx/php/> on macosx 10.1.2. the configure line 
is:

'./configure' '--with-mysql' '--with-pgsql' '--with-apxs' 
'--with-gd=/usr/local' '--with-png-dir=/usr/local' '--with-
zlib-dir=/usr' '--with-jpeg-dir=/usr/local' '--with-
freetype-dir=/usr/local' '--enable-trans-sid' '--enable-
exif' '--with-xml' '--enable-wddx' '--with-curl=/usr/local' 
'--with-pdflib=/usr/local' '--with-t1lib=/usr/local' '--
enable-ftp' '--enable-bcmath'

and the crashlog:

**********

Date/Time:  2002-01-15 16:14:38 +0100
OS Version: 10.1.2 (Build 5P48)
Host:       localhost

Command:    httpd
PID:        951

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_INVALID_ADDRESS (0x0001) at 0xbff7d440

Thread 0 Crashed:
 #0   0x00a301f4 in execute
 #1   0x00a33a70 in execute
 #2   0x00a33a70 in execute
 #3   0x00a33a70 in execute
 #4   0x00a33a70 in execute
 #5   0x00a33a70 in execute
 #6   0x00a3608c in execute
 #7   0x00a1ef64 in zend_execute_scripts
 #8   0x00a55158 in php_execute_script
 #9   0x00a51d34 in apache_php_module_main
 #10  0x00a507e0 in send_php
 #11  0x0000c5ac in ap_invoke_handler
 #12  0x00016530 in process_request_internal
 #13  0x00016874 in ap_internal_redirect
 #14  0x00181674 in handler_redirect
 #15  0x0000c5ac in ap_invoke_handler
 #16  0x00016530 in process_request_internal
 #17  0x00016874 in ap_internal_redirect
 #18  0x00181674 in handler_redirect
 #19  0x0000c5ac in ap_invoke_handler
 #20  0x00016530 in process_request_internal
 #21  0x000165ac in ap_process_request
 #22  0x00005d5c in child_main
 #23  0x00005fcc in make_child
 #24  0x00006830 in standalone_main
 #25  0x00006f64 in main
 #26  0x00001e18 in _start
 #27  0x00001c48 in start

PPC Thread State:
  srr0: 0x00a301f4 srr1: 0x0200f030                vrsave: 
0x00000000
   xer: 0x20000020   lr: 0x00a30178  ctr: 0x00a30160   mq: 
0x00000000
    r0: 0xbff8f180   r1: 0xbff8eff0   r2: 0x005cfc30   r3: 
0x00231af0
    r4: 0x00000002   r5: 0x00000004   r6: 0x00000000   r7: 
0x000008dc
    r8: 0x000008dd   r9: 0xfffee450  r10: 0x0008dd00  r11: 
0x00011ba3
   r12: 0x00a30160  r13: 0x00000000  r14: 0x00000000  r15: 
0x00000000
   r16: 0x00000000  r17: 0x00000000  r18: 0x00000000  r19: 
0x00000000
   r20: 0x00000000  r21: 0x00ce364c  r22: 0x00ce3654  r23: 
0x00000003
   r24: 0xbfffdb78  r25: 0x00000000  r26: 0x00000001  r27: 
0x00000000
   r28: 0xbfffdbdc  r29: 0x005db290  r30: 0xbff8eff0  r31: 
0x00a30178

**********

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-15 19:42 UTC] yohgaki@php.net
Your PHP is not built with --enable-debug option. Could you send backtrace again?
 [2002-01-16 01:29 UTC] derick@php.net
Hello,

I'm afraid that there can be little done about it, to me it seems a stack overflow. I guess that it is not possible to dump these files somewhere to download, so that we can try ourselves.

Note to Yasuo: He didn't compile it himself.

Derick
 [2002-01-20 18:15 UTC] jonatan at cyberdude dot com
i have now rebuilt php with --enable-debug, and i managed 
to get a backtrace. hth...

the configure line is now:

'./configure' '--with-apxs' '--enable-debug'

and the crashlog:

**********

Date/Time:  2002-01-21 00:01:44 +0100
OS Version: 10.1.2 (Build 5P48)
Host:       localhost

Command:    httpd
PID:        1184

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_INVALID_ADDRESS (0x0001) at 0xbff7f910

Thread 0 Crashed:
 #0   0x005247f0 in php_error_cb
 #1   0x004ed84c in zend_error
 #2   0x00508e10 in zend_fetch_dimension_address_inner
 #3   0x004fedcc in zend_fetch_dimension_address
 #4   0x005015e0 in execute
 #5   0x005036c4 in execute
 #6   0x005036c4 in execute
 #7   0x005036c4 in execute
 #8   0x005036c4 in execute
 #9   0x005036c4 in execute
 #10  0x005036c4 in execute
 #11  0x00505c40 in execute
 #12  0x00505c40 in execute
 #13  0x004eddcc in zend_execute_scripts
 #14  0x00526954 in php_execute_script
 #15  0x005232bc in apache_php_module_main
 #16  0x00521d44 in send_php
 #17  0x0000c5ac in ap_invoke_handler
 #18  0x00016530 in process_request_internal
 #19  0x00016874 in ap_internal_redirect
 #20  0x00136674 in handler_redirect
 #21  0x0000c5ac in ap_invoke_handler
 #22  0x00016530 in process_request_internal
 #23  0x00016874 in ap_internal_redirect
 #24  0x00136674 in handler_redirect
 #25  0x0000c5ac in ap_invoke_handler
 #26  0x00016530 in process_request_internal
 #27  0x000165ac in ap_process_request
 #28  0x00005d5c in child_main
 #29  0x00005f18 in make_child
 #30  0x00006084 in startup_children
 #31  0x000066a8 in standalone_main
 #32  0x00006f64 in main
 #33  0x00001e18 in _start
 #34  0x00001c48 in start

PPC Thread State:
  srr0: 0x005247f0 srr1: 0x0200f030                vrsave: 
0x00000000
   xer: 0x20000020   lr: 0x004ed84c  ctr: 0x005247dc   mq: 
0x00000000
    r0: 0x24224245   r1: 0xbff80180   r2: 0x00a4c098   r3: 
0x00000008
    r4: 0x001a4888   r5: 0x0000009a   r6: 0x005cd76c   r7: 
0xbff80250
    r8: 0x009833d8   r9: 0x006105f4  r10: 0x0020ec53  r11: 
0x0020ec53
   r12: 0x005247dc  r13: 0x00000000  r14: 0x00000000  r15: 
0x00000000
   r16: 0x00000000  r17: 0x00000000  r18: 0x00000000  r19: 
0x005cd76c
   r20: 0xbff80250  r21: 0x0000009a  r22: 0x001a4888  r23: 
0x00000003
   r24: 0x00000008  r25: 0x00000000  r26: 0x00000000  r27: 
0x0098b2c8
   r28: 0xbff80368  r29: 0x00265b4c  r30: 0xbff80230  r31: 
0x004ed6c4

**********

and finally the backtrace:

Program received signal EXC_BAD_ACCESS, Could not access 
memory.
0x005247f0 in php_error_cb (type=10007528, error_filename=
0x3 <Address 0x3 out of bounds>, error_lineno=1722824, 
format=0x5cd76c "Undefined index:  %s", args=0xbff80210 "") 
at main.c:360
360     main.c: No such file or directory.
        in main.c
(gdb) bt
#0  0x005247f0 in php_error_cb (type=10007528, 
error_filename=0x3 <Address 0x3 out of bounds>, 
error_lineno=1722824, format=0x5cd76c "Undefined index:  
%s", args=0xbff80210 "") at main.c:360
#1  0x00508e10 in zend_fetch_dimension_address_inner (ht=
0x98b3e8, op2=0x265b4c, Ts=0xbff80328, type=0) at ./
zend_execute.c:615
#2  0x004fedcc in zend_fetch_dimension_address (result=
0x265b24, op1=0x265b38, op2=0x265b4c, Ts=0xbff80328, type=
0) at ./zend_execute.c:762
#3  0x005015e0 in execute (op_array=warning: 
ppc_frame_chain_valid: stack frame from 0xbff802f0 to 
0xbff944e0 larger than 65536 bytes; assuming invalid
0x2316c0) at ./zend_execute.c:1262
warning: ppc_frame_chain_valid: stack frame from 0xbff802f0 
to 0xbff944e0 larger than 65536 bytes; assuming invalid
(gdb)
 [2002-03-13 00:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 06:01:30 2024 UTC