php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #74071 Segfault in php_stream_context_set_option
Submitted: 2017-02-10 08:21 UTC Modified: 2021-07-23 10:17 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: kelunik@php.net Assigned: nikic (profile)
Status: Closed Package: Sockets related
PHP Version: Next Minor Version OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: kelunik@php.net
New email:
PHP Version: OS:

 

 [2017-02-10 08:21 UTC] kelunik@php.net 
Description:
------------
PHP segfaults when requesting HTTPS sites using https://github.com/amphp/artax @ ^2. I haven't been able yet to write a condensed test script.

Works fine with PHP 7.1.2RC1, but not with the current master.

Test script:
---------------
require __DIR__ . "/vendor/autoload.php";

Amp\run(function () {
    yield (new Amp\Artax\Client)->request("https://php.net/");
});'

Expected result:
----------------
No segfault.

Actual result:
--------------
php: /home/kelunik/.php-build/release/Zend/zend_hash.c:550: _zend_hash_add_or_update_i: Assertion `((ht)->gc.refcount == 1) || ((ht)->u.flags & (1<<6))' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff49c2428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54	../sysdeps/unix/sysv/linux/raise.c: Datei oder Verzeichnis nicht gefunden.
(gdb) bt
#0  0x00007ffff49c2428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ffff49c402a in __GI_abort () at abort.c:89
#2  0x00007ffff49babd7 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x12586b8 "((ht)->gc.refcount == 1) || ((ht)->u.flags & (1<<6))", 
    file=file@entry=0x1258640 "/home/kelunik/.php-build/release/Zend/zend_hash.c", line=line@entry=550, function=function@entry=0x12589e0 <__PRETTY_FUNCTION__.8867> "_zend_hash_add_or_update_i") at assert.c:92
#3  0x00007ffff49bac82 in __GI___assert_fail (assertion=0x12586b8 "((ht)->gc.refcount == 1) || ((ht)->u.flags & (1<<6))", file=0x1258640 "/home/kelunik/.php-build/release/Zend/zend_hash.c", line=550, 
    function=0x12589e0 <__PRETTY_FUNCTION__.8867> "_zend_hash_add_or_update_i") at assert.c:101
#4  0x000000000098a756 in _zend_hash_add_or_update_i (ht=0x7fffedf9c900, key=0x7fffedf0cf40, pData=0x7fffffffa040, flag=1, __zend_filename=0x123cb88 "/home/kelunik/.php-build/release/main/streams/streams.c", 
    __zend_lineno=2237) at /home/kelunik/.php-build/release/Zend/zend_hash.c:550
#5  0x000000000098acb1 in _zend_hash_str_update (ht=0x7fffedf9c900, str=0x7fffedece318 "ssl", len=3, pData=0x7fffffffa040, __zend_filename=0x123cb88 "/home/kelunik/.php-build/release/main/streams/streams.c", 
    __zend_lineno=2237) at /home/kelunik/.php-build/release/Zend/zend_hash.c:653
#6  0x0000000000908a70 in php_stream_context_set_option (context=0x7fffedfc9540, wrappername=0x7fffedece318 "ssl", optionname=0x7fffede9cba8 "peer_name", optionvalue=0x7fffed60c0a0)
    at /home/kelunik/.php-build/release/main/streams/streams.c:2237
#7  0x000000000084686f in parse_context_options (context=0x7fffedfc9540, options=0x7fffede169c0) at /home/kelunik/.php-build/release/ext/standard/streamsfuncs.c:896
#8  0x00000000008471f2 in zif_stream_context_set_option (execute_data=0x7fffede16960, return_value=0x7fffffffa1e0) at /home/kelunik/.php-build/release/ext/standard/streamsfuncs.c:1007
#9  0x00000000009d7f45 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER () at /home/kelunik/.php-build/release/Zend/zend_vm_execute.h:620
#10 0x00000000009d7925 in execute_ex (ex=0x7fffede13030) at /home/kelunik/.php-build/release/Zend/zend_vm_execute.h:429
#11 0x00000000009d7a06 in zend_execute (op_array=0x7fffede7a300, return_value=0x0) at /home/kelunik/.php-build/release/Zend/zend_vm_execute.h:474
#12 0x0000000000977583 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/kelunik/.php-build/release/Zend/zend.c:1543
#13 0x00000000008e7ed2 in php_execute_script (primary_file=0x7fffffffc8a0) at /home/kelunik/.php-build/release/main/main.c:2552
#14 0x0000000000a5c1db in do_cli (argc=3, argv=0x157db50) at /home/kelunik/.php-build/release/sapi/cli/php_cli.c:997
#15 0x0000000000a5d25b in main (argc=3, argv=0x157db50) at /home/kelunik/.php-build/release/sapi/cli/php_cli.c:1390

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-02-12 02:31 UTC] laruence@php.net 
I can not reproduce this.
 [2017-02-15 16:54 UTC] bwoebi@php.net
-Status: Open +Status: Verified
 [2017-02-15 16:54 UTC] bwoebi@php.net 
I could reproduce it too.
 [2021-07-23 10:17 UTC] nikic@php.net
-Status: Verified +Status: Closed -Assigned To: +Assigned To: nikic
 [2021-07-23 10:17 UTC] nikic@php.net 
I tried this after adjusting the code to be compatible with current artax:

require __DIR__ . "/vendor/autoload.php";

Amp\Loop::run(function () {
    yield (new Amp\Artax\DefaultClient)->request("https://php.net/");
});

Works fine. Also tried v2, which also didn't assert. I assume this got fixed in the meantime.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 01:01:30 2024 UTC