php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70291 Segmentation fault in solarium php library
Submitted: 2015-08-18 11:09 UTC Modified: 2015-08-18 11:19 UTC
From: to dot kandy at gmail dot com Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.5.28 OS: ubuntu 14.04.3
Private report: No CVE-ID: None
 [2015-08-18 11:09 UTC] to dot kandy at gmail dot com
Description:
------------
vagrant@vagrant-ubuntu-trusty-64:/vagrant/$ sudo gdb /usr/sbin/php5-fpm /tmp/core-php5-fpm.19717
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/php5-fpm...Reading symbols from /usr/lib/debug/.build-id/1b/030b99d3ad989ccbb2ac535e027354752f4feb.debug...done.
done.
[New LWP 19717]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `php-fpm: pool www                                                       '.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00000000006aaf89 in _zend_mm_alloc_int (heap=0x153a300, size=27) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_alloc.c:1881
1881	/build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_alloc.c: No such file or directory.
Traceback (most recent call last):
  File "/usr/share/gdb/auto-load/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.19-gdb.py", line 63, in <module>
    from libstdcxx.v6.printers import register_libstdcxx_printers
ImportError: No module named 'libstdcxx'
(gdb) bt
#0  0x00000000006aaf89 in _zend_mm_alloc_int (heap=0x153a300, size=27) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_alloc.c:1881
#1  0x00000000006ce683 in zend_str_tolower_dup (source=source@entry=0x6079150 "Solarium\\Core\\Configurable::toArray", length=length@entry=26)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_operators.c:1984
#2  0x00000000006d40a1 in zend_is_callable_check_class (name=0x6079150 "Solarium\\Core\\Configurable::toArray", name_len=name_len@entry=26, fcc=fcc@entry=0x7ffe0a5cc480,
    strict_class=strict_class@entry=0x7ffe0a5cc0bc, error=error@entry=0x7ffe0a5cc238) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:2678
#3  0x00000000006d458e in zend_is_callable_check_func (check_flags=check_flags@entry=0, fcc=fcc@entry=0x7ffe0a5cc480, strict_class=strict_class@entry=0, error=error@entry=0x7ffe0a5cc238,
    callable=0x60796f0, callable=0x60796f0) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:2800
#4  0x00000000006d9858 in zend_is_callable_ex (callable=callable@entry=0x60796f0, object_ptr=object_ptr@entry=0x0, check_flags=check_flags@entry=0, callable_name=callable_name@entry=0x0,
    callable_name_len=0x7ffe0a5cc120, callable_name_len@entry=0x0, fcc=fcc@entry=0x7ffe0a5cc480, error=error@entry=0x7ffe0a5cc238) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:3064
#5  0x00000000006d9cc7 in zend_fcall_info_init (callable=0x60796f0, check_flags=check_flags@entry=0, fci=0x7ffe0a5cc4b0, fcc=0x7ffe0a5cc480, callable_name=callable_name@entry=0x0,
    error=error@entry=0x7ffe0a5cc238) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:3240
#6  0x00000000006da425 in zend_parse_arg_impl (arg_num=1, severity=<synthetic pointer>, error=0x7ffe0a5cc230, spec=0x7ffe0a5cc2b8, va=0x7ffe0a5cc308, arg=0x603c410)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:632
#7  zend_parse_arg (arg_num=arg_num@entry=1, arg=0x603c410, va=va@entry=0x7ffe0a5cc308, spec=spec@entry=0x7ffe0a5cc2b8, quiet=quiet@entry=0) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:691
#8  0x00000000006db615 in zend_parse_va_args (num_args=<optimized out>, num_args@entry=2, type_spec=<optimized out>, va=va@entry=0x7ffe0a5cc308, flags=flags@entry=0)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:873
#9  0x00000000006dbb58 in zend_parse_parameters (num_args=2, type_spec=type_spec@entry=0xaf548c "f!+") at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_API.c:924
#10 0x00000000005f54c6 in zif_array_map (ht=<optimized out>, return_value=0x6079720, return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/ext/standard/array.c:4285
#11 0x00000000006c1b9b in dtrace_execute_internal (execute_data_ptr=<optimized out>, fci=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:97
#12 0x0000000000782e20 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:552
#13 0x00000000006fbea8 in execute_ex (execute_data=0x603c360) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:363
#14 0x00000000006c1a99 in dtrace_execute_ex (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:73
#15 0x00000000006c3d91 in zend_call_function (fci=fci@entry=0x7ffe0a5cc8f0, fci_cache=<optimized out>, fci_cache@entry=0x7ffe0a5cc8c0)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_execute_API.c:934
#16 0x00000000005f5920 in zif_array_map (ht=<optimized out>, return_value=0x6078cd0, return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/ext/standard/array.c:4371
#17 0x00000000006c1b9b in dtrace_execute_internal (execute_data_ptr=<optimized out>, fci=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:97
#18 0x0000000000782e20 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:552
#19 0x00000000006fbea8 in execute_ex (execute_data=0x603c208) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:363
#20 0x00000000006c1a99 in dtrace_execute_ex (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:73
#21 0x00000000006c3d91 in zend_call_function (fci=fci@entry=0x7ffe0a5ccd30, fci_cache=<optimized out>, fci_cache@entry=0x7ffe0a5ccd00)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_execute_API.c:934
#22 0x00000000005f5920 in zif_array_map (ht=<optimized out>, return_value=0x6078710, return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/ext/standard/array.c:4371
#23 0x00000000006c1b9b in dtrace_execute_internal (execute_data_ptr=<optimized out>, fci=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:97
#24 0x0000000000782e20 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:552
#25 0x00000000006fbea8 in execute_ex (execute_data=0x603c0b0) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:363
#26 0x00000000006c1a99 in dtrace_execute_ex (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:73
#27 0x00000000006c3d91 in zend_call_function (fci=fci@entry=0x7ffe0a5cd170, fci_cache=<optimized out>, fci_cache@entry=0x7ffe0a5cd140)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_execute_API.c:934
#28 0x00000000005f5920 in zif_array_map (ht=<optimized out>, return_value=0x6077cc0, return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/ext/standard/array.c:4371
#29 0x00000000006c1b9b in dtrace_execute_internal (execute_data_ptr=<optimized out>, fci=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_dtrace.c:97
#30 0x0000000000782e20 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:552
#31 0x00000000006fbea8 in execute_ex (execute_data=0x603bf58) at /build/php5-G0kJPa/php5-5.5.28+dfsg/Zend/zend_vm_execute.h:363


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-08-18 11:14 UTC] to dot kandy at gmail dot com
-Status: Open +Status: Closed
 [2015-08-18 11:14 UTC] to dot kandy at gmail dot com
infinity reqursion
 [2015-08-18 11:18 UTC] cmb@php.net
-Status: Closed +Status: Feedback
 [2015-08-18 11:18 UTC] cmb@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2015-08-18 11:19 UTC] cmb@php.net
-Status: Feedback +Status: Not a bug
 [2015-08-18 11:19 UTC] cmb@php.net
> infinity reqursion

Ah. Then it's not a bug.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri May 29 17:01:40 2020 UTC