php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #60634 Segmentation fault when trying to die() in SessionHandler::write()
Submitted: 2012-01-01 19:32 UTC Modified: 2012-03-08 03:31 UTC
Votes:2
Avg. Score:4.5 ± 0.5
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: bobwei9 at hotmail dot com Assigned: iliaa (profile)
Status: Closed Package: Reproducible crash
PHP Version: trunk-SVN-2012-01-01 (SVN) OS: Mac OS X 10.7
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: bobwei9 at hotmail dot com
New email:
PHP Version: OS:

 

 [2012-01-01 19:32 UTC] bobwei9 at hotmail dot com 
Description:
------------
The apache or the CLI reports an segmentation fault while trying to die() or to exit() a script in the write method of a class which extends the SessionHandler class.

Test script:
---------------
<?php
class session_handler extends SessionHandler
{
        function close () {return true;}
        function destroy ($a) {return true;}
        function open ($a,$b) {return true;}
        function gc ($a) {return true;}
        function read ($a) {return "";}
        function write ($a,$b) {die();}
}
session_set_save_handler(new session_handler);
session_start();
session_write_close(); # apache segfaults
print "never appears?";

Actual result:
--------------
Apache/cli segfaults

Backtrace:

#0  0x000000010261de30 in zval_delref_p [inlined] () at /Users/.../php-src-trunk-20120101/Zend/zend.h:82
#1  0x000000010261de30 in i_zval_ptr_dtor [inlined] () at /Users/.../php-src-trunk-20120101/Zend/zend_execute.h:82
#2  0x000000010261de30 in zend_vm_stack_clear_multiple [inlined] () at /Users/.../php-src-trunk-20120101/Zend/zend_execute.h:339
#3  0x000000010261de30 in zend_do_fcall_common_helper_SPEC (execute_data=0x109a170d8) at zend_execute.c:736
#4  0x000000010262720e in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x109a170d8) at zend_vm_execute.h:2215
#5  0x000000010261aec2 in execute (op_array=0x109a51d98) at zend_vm_execute.h:410
#6  0x00000001025c731b in zend_execute_scripts (type=8, retval=0x0, file_count=3) at zend.c:1272
#7  0x0000000102509153 in php_execute_script (primary_file=0x7fff6198ab60) at main.c:2476
#8  0x000000010279d153 in do_cli (argc=2, argv=0x7fff6198ae18) at php_cli.c:983
#9  0x000000010279ee95 in main (argc=2, argv=0x7fff6198ae18) at php_cli.c:1356

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-01-02 00:43 UTC] arpad@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: arpad
 [2012-01-03 21:46 UTC] arpad@php.net 
Automatic comment from SVN on behalf of arpad
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=321733
Log: add test for #60634
 [2012-01-03 21:47 UTC] arpad@php.net
-Assigned To: arpad +Assigned To:
 [2012-01-03 21:47 UTC] arpad@php.net 
This is present in 5.3 too using the old style session_set_save_handler(). Seems to be related to the zend_try in php_session_flush().
 [2012-01-04 11:43 UTC] arpad@php.net 
Automatic comment from SVN on behalf of arpad
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=321758
Log: add more tests for #60634 (stems from #21306) and xfail them all for the moment
 [2012-02-03 10:29 UTC] tony2001@php.net
-Status: Verified +Status: Assigned -Assigned To: +Assigned To: iliaa
 [2012-03-08 03:31 UTC] iliaa@php.net 
Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=324009
Log: Fixed bug #60634 (Segmentation fault when trying to die() in SessionHandler::write())
 [2012-03-08 03:31 UTC] iliaa@php.net
-Status: Assigned +Status: Closed
 [2012-03-08 03:31 UTC] iliaa@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-04-18 09:45 UTC] laruence@php.net 
Automatic comment on behalf of iliaa
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f82a562453c7aed180b7e8329466d96d470b5ade
Log: Fixed bug #60634 (Segmentation fault when trying to die() in SessionHandler::write())
 [2012-07-24 23:36 UTC] rasmus@php.net 
Automatic comment on behalf of iliaa
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f82a562453c7aed180b7e8329466d96d470b5ade
Log: Fixed bug #60634 (Segmentation fault when trying to die() in SessionHandler::write())
 [2013-04-14 16:23 UTC] pbxanime at gmail dot com 
Related To: Bug #64606
 [2013-11-17 09:33 UTC] laruence@php.net 
Automatic comment on behalf of iliaa
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f82a562453c7aed180b7e8329466d96d470b5ade
Log: Fixed bug #60634 (Segmentation fault when trying to die() in SessionHandler::write())
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 14:01:29 2024 UTC