php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #51043 apache crashes on php return statement
Submitted: 2010-02-14 00:28 UTC Modified: 2013-10-15 11:54 UTC
From: php at lokedupont dot info Assigned: stas (profile)
Status: No Feedback Package: Reproducible crash
PHP Version: 5.4.17 OS: OS X Snow leopard
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: php at lokedupont dot info
New email:
PHP Version: OS:

 

 [2010-02-14 00:28 UTC] php at lokedupont dot info
Description:
------------
apache crashes on a return statement in php5 uwing Zend Framework 1.10 on the following line:

        return $dbSelect;

If this line is removed, no creashes are experienced. 

Reproduce code:
---------------
The function in which the line resides
    protected function _authenticateCreateSelect()
    {

     [UNRELATED CODE REMOVED]

        // get select
        $dbSelect = clone $this->getDbSelect();
        $dbSelect->from($this->_tableName, array('*', $credentialExpression))
                 ->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity);

        return $dbSelect;
    }

This is part of Zend Auth Adapter DbTable in Zend Framework.

Expected result:
----------------
Working auth using Zend Framework

Actual result:
--------------
Blank page returned. 

[Sun Feb 14 01:20:39 2010] [notice] child pid 73195 exit signal Segmentation fault (11)
in apaches logfiles.

Backtrace:
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x00000001011acf85 in _zend_mm_free_int ()
(gdb) bt
#0  0x00000001011acf85 in _zend_mm_free_int ()
#1  0x00000001011ee213 in zend_std_write_property ()
#2  0x000000010123144f in zend_assign_to_object ()
#3  0x0000000101231ccd in ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER ()
#4  0x00000001011f0adb in execute ()
#5  0x00000001011c119c in zend_call_function ()
#6  0x00000001011e33c9 in zend_call_method ()
#7  0x00000001011ec0d8 in zend_std_cast_object_tostring ()
#8  0x0000000101210f92 in ZEND_ECHO_SPEC_VAR_HANDLER ()
#9  0x00000001011f0adb in execute ()
#10 0x00000001011cc5eb in zend_execute_scripts ()
#11 0x00000001011758ff in php_execute_script ()
#12 0x000000010125b64c in php_handler ()
#13 0x000000010000149b in ap_run_handler ()
#14 0x000000010000331a in ap_invoke_handler ()
#15 0x0000000100024d28 in ap_process_request ()
#16 0x0000000100021998 in ap_process_http_connection ()
#17 0x000000010000ebeb in ap_run_process_connection ()
#18 0x00000001000295bd in child_main ()
#19 0x00000001000297df in make_child ()
#20 0x000000010002a469 in ap_mpm_run ()
#21 0x0000000100007e58 in main ()
(gdb) 


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-02-14 12:22 UTC] php at lokedupont dot info
I am also seeing the same issue with the code on 5.2.12 on FreeBSD using the Zend Framework 1.10.1
 [2010-02-14 12:33 UTC] pajoye@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2010-02-14 19:41 UTC] php at lokedupont dot info
I am not sure how to reproduce it without the zend framework. As i have only experienced it using this.

If you have any ideas please let me know. Meanwhile i'll see if i can provoke it some other way. But i haven't yet seen anything else fail.
 [2010-02-14 20:15 UTC] pajoye@php.net
Try to catch where it crashed in ZF and write a script to reproduce the same situation. Or try to convince the ZF developers to figure out why it crashes. But using the ZF to fix a crash is not smtg we can do.

Assigned to Stas so he can ping the ZF guys if necessary.
 [2010-02-16 10:43 UTC] php at lokedupont dot info
I haven't been able to get it to crash without using that ZF bit.

Should i open a bug with the ZF guys or does stas have some contact he/she will ping?
 [2010-02-16 10:45 UTC] pajoye@php.net
Try to figure out where it crashes in ZF and then try to write a script to reproduce the same context.

You can also try to report a bug in the ZF tracker, they could help.
 [2010-02-24 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2010-04-25 20:03 UTC] felipe@php.net
-Status: No Feedback +Status: Feedback
 [2010-04-25 20:03 UTC] felipe@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/


 [2010-09-01 20:07 UTC] stas@php.net
-Status: Feedback +Status: No Feedback
 [2010-09-01 20:07 UTC] stas@php.net
If you still have repro example (with zf is ok) and it works with latest 5.3 build please send it to me.
 [2013-08-08 10:34 UTC] admin at vodoo dot ro
I have the same issue, Zend_auth and the following php version:
PHP 5.4.17-1~precise+1 (cli) (built: Jul 17 2013 16:48:16)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
 [2013-08-08 10:55 UTC] yohgaki@php.net
-Status: No Feedback +Status: Re-Opened -PHP Version: 5.3.1 +PHP Version: 5.4.17
 [2013-08-08 10:55 UTC] yohgaki@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

admin at vodoo dot ro, could send backtrace?
 [2013-08-08 10:58 UTC] yohgaki@php.net
This sounds like recently fix issue. If anyone experienced similar crash, please 
try git versions.
 [2013-08-08 17:51 UTC] stas@php.net
-Status: Re-Opened +Status: Feedback
 [2013-10-15 11:54 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sat Aug 13 09:05:44 2022 UTC