php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59318 Segmentation fault when the exchange doesn't exists
Submitted: 2010-07-22 11:10 UTC Modified: 2010-11-30 20:32 UTC
From: matteo at beccati dot com Assigned: pdezwart (profile)
Status: Closed Package: amqp (PECL)
PHP Version: 5.3.2 OS: FreeBSD 6.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: matteo at beccati dot com
New email:
PHP Version: OS:

 

 [2010-07-22 11:10 UTC] matteo at beccati dot com
Description:
------------
A segmentation fault is triggered when the exchange doesn't exists and a message is published.

Reproduce code:
---------------
$ex = new AmqpExchange(new AmqpConnection(), "foo");
$ex->publish("data", "bar");

Expected result:
----------------
An exception, most likely

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
0x0000000000742d84 in zend_object_store_get_object (zobject=0xdc7c80) at /root/compile/php-5.3.2-apache/Zend/zend_objects_API.c:272
272             return EG(objects_store).object_buckets[handle].bucket.obj.object;

(gdb) bt full
#0  0x0000000000742d84 in zend_object_store_get_object (zobject=0xdc7c80) at /root/compile/php-5.3.2-apache/Zend/zend_objects_API.c:272
No locals.
#1  0x0000000082491609 in zim_amqp_exchange_class_publish (ht=14449792, return_value=0xdc92c0, return_value_ptr=0xdb3ca0, this_ptr=0x82493224, return_value_used=14329312) at /tmp/pear/temp/amqp/amqp.c:1627
        str = "??H\202\000\000\000\000\000P?\200\000\000\000\000P????\177\000\000\023\000\000\000\001\000\000\000\001", '\0' <repeats 15 times>, "C\000\000\000\000\000\000\000??H\202\000\000\000\000\001\000\000\000\000\000\000\000??H\202\000\000\000\000\000??\200\000\000\000\000\206L?\200\000\000\000\000p????\177\000\000?????\177\000\000\000P?\200\000\000\000\000\000??\200\000\000\000\000?SY\202\000\000\000\000\001\000\000\000\000\000\000\000?EY\202\000\000\000\000?~?\200\000\000\000\0000?s\000\000\000\000\000\226B?\200\000\000\000\000k?4\202\000\000\000\000\000P?\200\000\000\000\000\200\221?\000\000\000\000\000\001\000\000\000\000"...
        pstr = (char **) 0xdc7c80
        id = (zval *) 0xdc7cb0
        iniArr = (zval *) 0x0
        zdata = (zval **) 0x80cda400
        ctx = (amqp_exchange_object *) 0xdc8f70
        ctx_cnn = (amqp_object *) 0xdc7c50
        key_name = 0xdca950 "bar"
        key_len = 3
        msg = 0xdc92a0 "data"
        msg_len = 4
        parms = 0
        res = {reply_type = AMQP_RESPONSE_SERVER_EXCEPTION, reply = {id = 17330400, decoded = 0x1087040}, library_errno = 320}
        props = {_flags = 17330760, content_type = {len = 2185830691, bytes = 0x1}, content_encoding = {len = 1310761, bytes = 0x0}, headers = {num_entries = 0, entries = 0xdb3d28}, delivery_mode = 16 '\020', priority = 233 '?',
  correlation_id = {len = 17330240, bytes = 0x742c41}, reply_to = {len = 14454673, bytes = 0x7fffffffe910}, expiration = {len = 140737488349456, bytes = 0x3}, message_id = {len = 14368040, bytes = 0x200000202}, timestamp = 7613419,
  type = {len = 140737488349456, bytes = 0x7fffffffe3a8}, user_id = {len = 17330240, bytes = 0x1087248}, app_id = {len = 2186888624, bytes = 0x0}, cluster_id = {len = 0, bytes = 0x3}}
        r = 925149184
#2  0x0000000000745992 in zend_do_fcall_common_helper_SPEC (execute_data=0x1087040) at zend_vm_execute.h:313
        i = 2
        p = (zval **) 0x1087258
        arg_count = 0
        opline = (zend_op *) 0xdc8dc8
        should_change_scope = 1 '\001'
#3  0x0000000000744db9 in execute (op_array=0xdc83a0) at zend_vm_execute.h:104
        ret = 925149184
        execute_data = (zend_execute_data *) 0x1087040
        nested = 1 '\001'
        original_in_execution = 0 '\0'
#4  0x0000000000715ce6 in zend_eval_stringl (str=0xdaa380 "", str_len=0, retval_ptr=0x0, string_name=0xdc83a0 "\004\203?") at /root/compile/php-5.3.2-apache/Zend/zend_execute_API.c:1172
        local_retval_ptr = (zval *) 0x0
        original_return_value_ptr_ptr = (zval **) 0x0
        original_opline_ptr = (zend_op **) 0x0
        orig_interactive = 0
        pv = {value = {lval = 140737488350318, dval = 6.9533558075874774e-310, str = {val = 0x7fffffffec6e "$ex = new AmqpExchange(new AmqpConnection(), \"foo\"); $ex->publish(\"data\", \"bar\");", len = 81}, ht = 0x7fffffffec6e,
    obj = {handle = 4294962286, handlers = 0x51}}, refcount__gc = 1, type = 6 '\006', is_ref__gc = 0 '\0'}
        new_op_array = (zend_op_array *) 0xdc83a0
        original_active_op_array = (zend_op_array *) 0x0
        original_compiler_options = 0
        retval = 0
#5  0x0000000000715ea9 in zend_eval_stringl_ex (str=0xdc7c80 "?\222?", str_len=-2109132252, retval_ptr=0xdb3ca0, string_name=0x7fffffffe20c "\003", handle_exceptions=1) at /root/compile/php-5.3.2-apache/Zend/zend_execute_API.c:1214
        result = 14367904
#6  0x00000000007ac3f2 in main (argc=3, argv=0x7fffffffea80) at /root/compile/php-5.3.2-apache/sapi/cli/php_cli.c:1281
        len = 140737488349824
        argn = (zval *) 0x80cd4680
        input = 0x6e <Error reading address 0x6e: Bad address>
        index = 0
        argi = (zval *) 0x80cd9800
        exit_status = 0
        c = 925149184
        file_handle = {type = ZEND_HANDLE_FP, filename = 0xb77ab2 "-", opened_path = 0x0, handle = {fd = -2109351488, fp = 0x8245d9c0, stream = {handle = 0x8245d9c0, isatty = -2110479536, mmap = {len = 2160804502, pos = 0,
        map = 0x80cda000, buf = 0x7fffffffeaa0 "?????\177", old_handle = 0x3, old_closer = 0x7fffffffea80}, reader = 0x80cb341d <_rtld_bind_start+45>, fsizer = 0x256, closer = 0xffffffff}}, free_filename = 0 '\0'}
        behavior = 6
        reflection_what = 0x0
        orig_optind = 1
        orig_optarg = 0x0
        arg_free = 0x7fffffffec6e "$ex = new AmqpExchange(new AmqpConnection(), \"foo\"); $ex->publish(\"data\", \"bar\");"
        arg_excp = (char **) 0xdc7c80
        script_file = 0x0
        interactive = 0
        module_started = 1
        request_started = 1
        lineno = 0
        exec_direct = 0x7fffffffec6e "$ex = new AmqpExchange(new AmqpConnection(), \"foo\"); $ex->publish(\"data\", \"bar\");"
        exec_run = 0x0
        exec_begin = 0x0
        exec_end = 0x0
        param_error = 0x0
        hide_argv = 0
        ini_entries_len = 110


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-30 20:32 UTC] pdezwart at gmail dot com
This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

No longer segfaults. Publishing errors are asynchronous channel level errors, and as such will only be sent back to the client on close of channel. Proper handling of this error is therefore TBD, but it will no longer crash.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Fri Apr 16 03:01:23 2021 UTC