PHP :: Bug #56459 :: apache crashes when method adopted by runkit_class

Bug #56459	apache crashes when method adopted by runkit_class_adopt() is called
Submitted:	2005-07-22 06:13 UTC	Modified:	2013-02-23 22:41 UTC
From:	kozlik at kufr dot cz	Assigned:	pollita (profile)
Status:	Closed	Package:	runkit (PECL)
PHP Version:	5.0.3	OS:	win xp
Private report:	No	CVE-ID:	None

View Developer Edit

[2005-07-22 06:13 UTC] kozlik at kufr dot cz

Description:
------------
Apache 2.0 crashes with this error 

szAppName : Apache.exe     
szAppVer : 2.0.52.0     
szModName : ntdll.dll     
szModVer : 5.1.2600.2180     
offset : 00011ec3     

0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 41 70 61   ure  Apa
0018: 63 68 65 2e 65 78 65 20   che.exe 
0020: 32 2e 30 2e 35 32 2e 30   2.0.52.0
0028: 20 69 6e 20 6e 74 64 6c    in ntdl
0030: 6c 2e 64 6c 6c 20 35 2e   l.dll 5.
0038: 31 2e 32 36 30 30 2e 32   1.2600.2
0040: 31 38 30 20 61 74 20 6f   180 at o
0048: 66 66 73 65 74 20 30 30   ffset 00
0050: 30 31 30 66 32 62         010f2b  

It look like that the crash caused call of method adopted by function runkit_class_adopt(). Crash is sometimes before any html output, sometimes after output whole page.


Reproduce code:
---------------
I am not able create any simple code which reproduce this error. I have quite complex application which working fine with:

- PHP4 and aggregate_methods()
- PHP5 and classkit_aggregate_methods()
but crashes with runkit_class_adopt()

Please let me know how can I help with debuging.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-10-23 10:57 UTC] mike@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PECL better.

[2006-02-27 07:23 UTC] mike@php.net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

[2006-03-16 06:13 UTC] kozlik at kufr dot cz

I am sorry for not provideing feedback for long time. But I did not have time to care of it. 

So the problem still remain.

The page you mentioned describeing how to generate backtrace in linuxh like system. But how to do it in windows?

[2006-05-04 08:08 UTC] kozlik at kufr dot cz

There is the backtrace generated with php 5.1.3 and runkit 0.7


#0  0x082499ac in php_message_handler_for_zend (message=-1073744896, data=0x0) at /home/kk/php-debug/php-5.1.3/main/main.c:1005
#1  0x08295763 in zend_message_dispatcher (message=0, data=0x0) at /home/kk/php-debug/php-5.1.3/Zend/zend.c:888
#2  0x0827a282 in _mem_block_check (ptr=0x84e90d8, silent=0,
    __zend_filename=0x837c060 "/home/kk/php-debug/php-5.1.3/Zend/zend_variables.c", __zend_lineno=175,
    __zend_orig_filename=0x837b180 "/home/kk/php-debug/php-5.1.3/Zend/zend_execute.h", __zend_orig_lineno=64)
    at /home/kk/php-debug/php-5.1.3/Zend/zend_alloc.c:691
#3  0x0827a190 in _mem_block_check (ptr=0x84e90d8, silent=1,
    __zend_filename=0x837c060 "/home/kk/php-debug/php-5.1.3/Zend/zend_variables.c", __zend_lineno=175,
    __zend_orig_filename=0x837b180 "/home/kk/php-debug/php-5.1.3/Zend/zend_execute.h", __zend_orig_lineno=64)
    at /home/kk/php-debug/php-5.1.3/Zend/zend_alloc.c:746
#4  0x0827968a in _efree (ptr=0x84e90d8, __zend_filename=0x0, __zend_lineno=0, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at /home/kk/php-debug/php-5.1.3/Zend/zend_alloc.c:288
#5  0x082876b0 in _zval_ptr_dtor (zval_ptr=0x84fa14c, __zend_filename=0x0, __zend_lineno=0) at zend_execute.h:64
#6  0x08293683 in _zval_ptr_dtor_wrapper (zval_ptr=0x0) at /home/kk/php-debug/php-5.1.3/Zend/zend_variables.c:175
#7  0x082a00ce in zend_hash_destroy (ht=0x84e8d10) at /home/kk/php-debug/php-5.1.3/Zend/zend_hash.c:521
#8  0x0828bbac in destroy_zend_class (pce=0x0) at /home/kk/php-debug/php-5.1.3/Zend/zend_opcode.c:178
#9  0x082a00ce in zend_hash_destroy (ht=0x84c1e18) at /home/kk/php-debug/php-5.1.3/Zend/zend_hash.c:521
#10 0x082946a6 in compiler_globals_dtor (compiler_globals=0x83e96f8, tsrm_ls=0x83e5018)
    at /home/kk/php-debug/php-5.1.3/Zend/zend.c:481
#11 0x08245ad0 in tsrm_shutdown () at /home/kk/php-debug/php-5.1.3/TSRM/TSRM.c:180
#12 0x083186c0 in main (argc=2, argv=0xbffffcf4) at /home/kk/php-debug/php-5.1.3/sapi/cli/php_cli.c:1255


Please let me know if I may somehow help.

[2009-07-21 19:50 UTC] pear dot neufeind at speedpartner dot de

Can you still reproduce this with your application? Could you please retry against a current php-version (at least 5.2.10 maybe)?

All "trivial" testcases I could imagine unfortunately didn't trigger the bug :-(

[2009-07-22 02:57 UTC] kozlik at kufr dot cz

oh, it's quite a long time ago. I don't remember much about it. I think I found some workaround in the meantime.

 If I am not mistaken the php crashed when some static variables was used in the adopted method (or maybe in the class). I will try play with it later (2 weeks maybe)

[2013-02-23 22:41 UTC] pollita@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: pollita

[2013-02-23 22:41 UTC] pollita@php.net

I'm going to just close this one since I've been unable to reproduce it and there 
have been a lot of other fixed.  It might have dealt with itself...

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Oct 30 19:00:01 2025 UTC