php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61156 Segfault when using get_defined_constants(true)
Submitted: 2012-02-21 16:08 UTC Modified: 2013-02-18 00:35 UTC
Votes:4
Avg. Score:4.0 ± 0.7
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:0 (0.0%)
From: damien at overeem dot org Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: Irrelevant OS: openSUSE 11.4
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2012-02-21 16:08 UTC] damien at overeem dot org
Description:
------------
ATTN: This is a bug in php verison 5.3.5 !!

I do realize that this is about an earlier version, but I have no available 
environments on which i could simply upgrade. So consider this bug report as a 
notification. It can be closed if not considered a valid report. We resolved our 
issue by circumventing use of the categorization of get_defined_constants.


The function get_defined_constants(true) causes a client segfault ([Tue Feb 21 
16:18:24 2012] [notice] child pid 12564 exit signal Segmentation fault (11))

There are some references to this issue occurring ie. #51788. In that particular 
case however, the issue seemed to have been caused by suhosin.

My installation is running native php2 engine v2.3.0.

When using get_defined_constants() (without the categorization parameter) there 
is no problem.

Further information:

OS: openSUSE 11.4
Kernel: 2.6.37.6-0.11-default
Apache version: 2.2.17 ( API Version 20051115)
PHP Version: 5.3.5

Loaded modules:
core prefork http_core mod_so mod_unique_id mod_actions mod_alias mod_auth_basic 
mod_authn_file mod_authz_host mod_authz_groupfile mod_authz_default 
mod_authz_user mod_authn_dbm mod_autoindex mod_cgi mod_dir mod_env mod_expires 
mod_include mod_log_config mod_mime mod_negotiation mod_setenvif mod_ssl 
mod_status mod_suexec mod_userdir mod_vhost_alias mod_rewrite mod_php5 mod_info 
mod_dav mod_deflate mod_proxy mod_proxy_http













Test script:
---------------
<?php
get_defined_constants(true);
?>

Expected result:
----------------
No output, no error logging.

Actual result:
--------------
Output:
Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection without 
sending any data.

Apache error log:
[Tue Feb 21 16:18:24 2012] [notice] child pid 12564 exit signal Segmentation fault 
(11)



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-02-23 03:43 UTC] carloschilazo at gmail dot com
Could not reproduce on 5.3.10, this can be closed
 [2012-02-23 08:18 UTC] damien at overeem dot org
Thank you for testing carloschilazo. It would be quite nasty if this issue still 
caused a crash in 5.3.10. 

It would be good to know if this issue was specifically adressed in one of the 
updates between 5.3.5. and 5.3.10 though. Unfortunately it would be quite hard to 
test against exactly the same circumstances (same libraries, apache version, 
combination of modules etc.).

In any case i'm happy that this problem does not exist in 5.3.10.
 [2012-02-23 08:48 UTC] damien at overeem dot org
Something important that I forgot, definatly noteworthy while testing.

After an apache RESTART, the issue does not exist. But if one performs an apache 
RELOAD, the problem raises its ugly head. Though sometimes it takes 2-3 reloads 
before it happens.

So please, when testing, start up apache and do 2-3 apache reloads and then check 
if the problem shows up.
 [2012-03-11 17:56 UTC] iliaa@php.net
-Status: Open +Status: Not a bug
 [2012-03-11 17:56 UTC] iliaa@php.net
Thank you for taking the time to report a problem with PHP.
Unfortunately you are not using a current version of PHP -- 
the problem might already be fixed. Please download a new
PHP version from http://www.php.net/downloads.php

If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.


 [2012-04-13 00:50 UTC] david at panmedia dot co dot nz
This is happening for me too on PHP 5.4 built in server Windows 7 64bit (no suhosin), and on Ubuntu with fast CGI, and the built in server.

Its fine on a simple test case like <?php var_dump(get_defined_constants(true));
But deep in my app (on my debug error reporting page) it crashes.

The Windows event viewer reports:
Faulting application name: php.exe, version: 5.4.0.0, time stamp: 0x4f4e6d84
Faulting module name: php5.dll, version: 5.4.0.0, time stamp: 0x4f4e7c5f
Exception code: 0xc0000005
Fault offset: 0x00027d83
Faulting process id: 0x1b24
Faulting application start time: 0x01cd190edd8e40c7
Faulting application path: C:\xampp\php54\php.exe
Faulting module path: C:\xampp\php54\php5.dll
Report Id: 54cd188e-8502-11e1-b220-e0cb4e5b154a
 [2013-02-06 18:52 UTC] keithdavis at solidtechservice dot com
I can confirm that in 5.4.10, this issue occurs for me as well.
 [2013-02-06 20:07 UTC] pajoye@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

keithdavis at solidtechservice dot com

can't reproduce, please list the extensions loaded in you configaration and also 
provide a backtrace.
 [2013-02-06 20:07 UTC] pajoye@php.net
-Status: Not a bug +Status: Feedback
 [2013-02-18 00:35 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun Apr 21 16:01:25 2019 UTC