php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #31828 Crash with zend.ze1_compatibility_mode=On
Submitted: 2005-02-03 13:25 UTC Modified: 2005-04-29 09:05 UTC
Votes:4
Avg. Score:5.0 ± 0.0
Reproduced:4 of 4 (100.0%)
Same Version:3 (75.0%)
Same OS:3 (75.0%)
From: jon dot williams at namtec dot co dot uk Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: 5CVS-2005-02-28 OS: *
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jon dot williams at namtec dot co dot uk
New email:
PHP Version: OS:

 

 [2005-02-03 13:25 UTC] jon dot williams at namtec dot co dot uk 
Description:
------------
Operating System: Windows 2000 Server
PHP Version: 5.0.3 and binary snapshot 200502030930
Apache versions: 2.0.52 and 1.3.31

I am using running the open source CMS system Mambo with the com_events component.  In some circumstances the code in this component would crash my installation.

After some tracing I narrowed the crash down to a small piece of code whereby the first element in a singleton array is re-assigned to a variable name the same as the originating array(See code example).  

By reassigning the array element to a new different variable name this crash can be avoided.


Reproduce code:
---------------
<?php
$o->id = 77;
$o->name = "Aerospace";
$a[] = $o;
$a = $a[0];
print_r($a);
?>

Expected result:
----------------
stdClass Object ( [id] => 77 [name] => Aerospace ) 

Actual result:
--------------
404 page not found error and Apache logs show a crash where Apache is forced to restart.

In Apache 2
child process exited with status 3221225477 -- Restarting.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-02-03 13:32 UTC] tony2001@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.0-win32-latest.zip

Can't reproduce it under Linux with latest snapshot.
 [2005-02-03 14:14 UTC] jon dot williams at namtec dot co dot uk 
Okay, more research - I reverted back to the dist php.ini file and the crash no longer happens.  Regressing through the changes I had made I've discovered that this crash only happens if PHP 4.x compatibility is enabled. i.e.
zend.ze1_compatibility_mode = On
 [2005-02-03 14:21 UTC] tony2001@php.net 
Oh, that was really useful hint, thanks.
Here is the bt:

0x0824fc6e in zend_get_class_entry (zobject=0x84d683c) at /home/dev/php-src_5_0/Zend/zend_API.c:204
204             if (Z_OBJ_HT_P(zobject)->get_class_entry) {
(gdb) bt
#0  0x0824fc6e in zend_get_class_entry (zobject=0x84d683c) at /home/dev/php-src_5_0/Zend/zend_API.c:204
#1  0x0827acc1 in zend_assign_to_variable (result=0x84df744, op1=0x84df758, op2=0x84df76c, value=0x84d683c, type=4,
    Ts=0xbfffb310) at /home/dev/php-src_5_0/Zend/zend_execute.c:600
#2  0x0827445d in zend_assign_handler (execute_data=0xbfffd410, opline=0x84df740, op_array=0x84d643c)
    at /home/dev/php-src_5_0/Zend/zend_execute.c:2252
#3  0x082723c8 in execute (op_array=0x84d643c) at /home/dev/php-src_5_0/Zend/zend_execute.c:1406
#4  0x0824f4ff in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/dev/php-src_5_0/Zend/zend.c:1068
#5  0x08210619 in php_execute_script (primary_file=0xbffff810) at /home/dev/php-src_5_0/main/main.c:1630
#6  0x0827dd59 in main (argc=2, argv=0xbffff8a4) at /home/dev/php-src_5_0/sapi/cli/php_cli.c:943
#7  0x420157a4 in __libc_start_main () from /lib/tls/libc.so.6
 [2005-02-28 20:51 UTC] sniper@php.net 
See also bug #32080
 [2005-04-29 09:05 UTC] dmitry@php.net 
Fixed in CVS HEAD and PHP_5_0.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Nov 03 18:00:01 2025 UTC