php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #46112 Segfault when throwing exception during class construction (PHP_5_2 only)
Submitted: 2008-09-18 10:04 UTC Modified: 2009-05-09 01:00 UTC
From: erikg at codepoet dot no Assigned: fb-req-jani (profile)
Status: No Feedback Package: Scripting Engine problem
PHP Version: 5.2CVS-2008-10-07 OS: Linux (64bit only)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: erikg at codepoet dot no
New email:
PHP Version: OS:

 

 [2008-09-18 10:04 UTC] erikg at codepoet dot no 
Description:
------------
Apache segfaults when throwing an exception in a function whose return value is used to construct a class within another class' constructor.

That sentence made my head hurt, just read the code :) I haven't been able to remove any code while still reproducing the crash.

Reproduce code:
---------------
function error($item) {
	throw new Exception("error");
}

class Foo {
	function __construct() {
		new Bar(error($item));
	}
}

class Bar {
	function __construct($param) {
	}
}

new Foo();

Expected result:
----------------
Foo object to be instantiated

Actual result:
--------------
Apache segfaults

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-18 10:07 UTC] erikg at codepoet dot no 
Oops, the $item variables weren't supposed to be there. Doesn't matter though, the segfault still triggers.
 [2008-09-18 14:26 UTC] scottmac@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows (zip):
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip

For Windows (installer):

  http://snaps.php.net/win32/php5.2-win32-installer-latest.msi

I can't reproduce this.

PHP Fatal error:  Uncaught exception 'Exception' with message 'error' in /tmp/test.php:3
Stack trace:
#0 /tmp/test.php(8): error()
#1 /tmp/test.php(17): Foo->__construct()
#2 {main}
  thrown in /tmp/test.php on line 3
 [2008-09-19 11:57 UTC] erikg at codepoet dot no 
CVS works when compiled on my laptop (32-bit Intel Core2), but still segfaults when compiled on a development server (64-bit AMD Opteron running in 32-bit mode).

Here is a backtrace (unfortunately only have debugging-symbols in apache and php, but it should be sufficient):

#0  0xb766c676 in zend_do_fcall_common_helper_SPEC ()
   from /usr/lib/apache/libphp5.so
#1  0xb7658758 in execute () from /usr/lib/apache/libphp5.so
#2  0xb762f886 in zend_execute_scripts () from /usr/lib/apache/libphp5.so
#3  0xb75e519a in php_execute_script () from /usr/lib/apache/libphp5.so
#4  0xb76a9f31 in php_handler () from /usr/lib/apache/libphp5.so
#5  0x08084fa8 in ap_run_handler ()
#6  0x080884f1 in ap_invoke_handler ()
#7  0x080c1056 in ap_process_request ()
#8  0x080bdab8 in ?? ()
#9  0x08410a88 in ?? ()
#10 0x00000004 in ?? ()
#11 0x08410a88 in ?? ()
#12 0x00000014 in ?? ()
#13 0x00000001 in ?? ()
#14 0x081eba60 in ?? ()
#15 0xbfbc4be8 in ?? ()
#16 0x0808ce98 in ap_run_process_connection ()
 [2008-10-07 17:44 UTC] erikg at codepoet dot no 
The crash doesn't occur when I compile PHP with debug symbols - no idea why.
 [2008-10-07 17:56 UTC] felipe@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows (zip):
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip

For Windows (installer):

  http://snaps.php.net/win32/php5.2-win32-installer-latest.msi
 [2008-10-07 19:11 UTC] erikg at codepoet dot no 
I can still reproduce the crash with the latest 5.2 snapshot. However, it seems to work fine using the 5.3 snapshot.
 [2008-10-31 15:57 UTC] jani@php.net 
Can you try running via valgrind using latest snapshot:

# USE_ZEND_ALLOC=0 valgrind --leak-check=full sapi/cli/php test.php
 [2008-11-08 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2009-05-01 21:28 UTC] felipe@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/
 [2009-05-09 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 25 14:01:31 2024 UTC