php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72737 Stack overflow
Submitted: 2016-08-02 15:02 UTC Modified: 2018-03-25 12:50 UTC
From: ivar at bitweb dot ee Assigned: cmb (profile)
Status: Not a bug Package: Class/Object related
PHP Version: 5.6.24 OS: Debian GNU/Linux 8 (jessie)
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ivar at bitweb dot ee
New email:
PHP Version: OS:

 

 [2016-08-02 15:02 UTC] ivar at bitweb dot ee
Description:
------------
Operating System: Debian GNU/Linux 8 (jessie)
Kernel: Linux 3.16.0-4-amd64
Architecture: x86-64



dpkg -l | grep php
ii  libapache2-mod-php5            5.6.24+dfsg-0+deb8u1         amd64        server-side, HTML-embedded scripting language (Apache 2 module)
ii  php5                           5.6.24+dfsg-0+deb8u1         all          server-side, HTML-embedded scripting language (metapackage)
ii  php5-cli                       5.6.24+dfsg-0+deb8u1         amd64        command-line interpreter for the php5 scripting language
ii  php5-common                    5.6.24+dfsg-0+deb8u1         amd64        Common files for packages built from the php5 source
ii  php5-curl                      5.6.24+dfsg-0+deb8u1         amd64        CURL module for php5
ii  php5-gd                        5.6.24+dfsg-0+deb8u1         amd64        GD module for php5
ii  php5-geoip                     1.1.0-2                      amd64        GeoIP module for php5
ii  php5-json                      1.3.6-1                      amd64        JSON module for php5
ii  php5-mcrypt                    5.6.24+dfsg-0+deb8u1         amd64        MCrypt module for php5
ii  php5-memcache                  3.0.8-5                      amd64        memcache extension module for PHP5
rc  php5-mysql                     5.6.23+dfsg-0+deb8u1         amd64        MySQL module for php5
ii  php5-mysqlnd                   5.6.24+dfsg-0+deb8u1         amd64        MySQL module for php5 (Native Driver)
ii  php5-readline                  5.6.24+dfsg-0+deb8u1         amd64        Readline module for php5



apachectl -V
Server version: Apache/2.4.10 (Debian)
Server built:   Jul 20 2016 06:48:18
Server's Module Magic Number: 20120211:37
Server loaded:  APR 1.5.1, APR-UTIL 1.5.4
Compiled using: APR 1.5.1, APR-UTIL 1.5.4
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"

Test script:
---------------
<?php
interface MyInterface {
    public function toHtml();
}

abstract class MyAbstract {
    protected function _toHtml()
    {
        return '';
    }

    final public function toHtml()
    {
        return $this->_toHtml();
    }
}

class MyClass extends MyAbstract implements MyInterface {
    function _toHtml() {
        return $this->toHtml();
    }
}

$obj = new MyClass();
var_dump($obj->_toHtml());
exit;

Actual result:
--------------
apache error.log
[core:notice] [pid 3031] AH00052: child pid 3516 exit signal Segmentation fault (11)

gdb backtrace
#68242 0x00007ff342d1b110 in execute_ex () from /usr/lib/apache2/modules/libphp5.so
#68243 0x00007ff342ccc9b8 in dtrace_execute_ex () from /usr/lib/apache2/modules/libphp5.so
#68244 0x00007ff342d8d2c3 in ?? () from /usr/lib/apache2/modules/libphp5.so
#68245 0x00007ff342d1b110 in execute_ex () from /usr/lib/apache2/modules/libphp5.so
#68246 0x00007ff342ccc9b8 in dtrace_execute_ex () from /usr/lib/apache2/modules/libphp5.so
#68247 0x00007ff342d8d2c3 in ?? () from /usr/lib/apache2/modules/libphp5.so
#68248 0x00007ff342d1b110 in execute_ex () from /usr/lib/apache2/modules/libphp5.so
#68249 0x00007ff342ccc9b8 in dtrace_execute_ex () from /usr/lib/apache2/modules/libphp5.so
#68250 0x00007ff342cdf500 in zend_execute_scripts () from /usr/lib/apache2/modules/libphp5.so
#68251 0x00007ff342c7ade0 in php_execute_script () from /usr/lib/apache2/modules/libphp5.so
#68252 0x00007ff342d8e9aa in ?? () from /usr/lib/apache2/modules/libphp5.so
#68253 0x00007ff34729e2a0 in ap_run_handler ()
#68254 0x00007ff34729e7e9 in ap_invoke_handler ()
#68255 0x00007ff3472b46c2 in ap_process_async_request ()
#68256 0x00007ff3472b4860 in ap_process_request ()
#68257 0x00007ff3472b1162 in ?? ()
#68258 0x00007ff3472a7b50 in ap_run_process_connection ()
#68259 0x00007ff3436b17ba in ?? () from /usr/lib/apache2/modules/mod_mpm_prefork.so
#68260 0x00007ff3436b1a01 in ?? () from /usr/lib/apache2/modules/mod_mpm_prefork.so
#68261 0x00007ff3436b2667 in ?? () from /usr/lib/apache2/modules/mod_mpm_prefork.so
#68262 0x00007ff347283e7e in ap_run_mpm ()
#68263 0x00007ff34727d3c3 in main ()

Repeating frames till the top:
??
execute_ex
dtrace_execute_ex

Similar to #70354

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-08-02 15:37 UTC] kalle@php.net
-Status: Open +Status: Feedback
 [2016-08-02 15:37 UTC] kalle@php.net
Hmm this is interesting, does it happen if you disable dtrace when compiling PHP? Also not sure which symbol that is missing from the trace coming from PHP either, is everything compiled with debugging symbols?
 [2016-08-02 16:48 UTC] ivar at bitweb dot ee
-Status: Feedback +Status: Open
 [2016-08-02 16:48 UTC] ivar at bitweb dot ee
Weren't you able to reproduce this? I probably had no debug symbols at all. Just a pretty standard LAMP setup (Debian 8, Apache httpd 2.4.10, PHP 5.6, MySQL 5.6, everything installed from official repositories). 

There has been similar stack overflow reports for older PHP versions that have ended up with Won't Fix status. Also caused by an infinite loop, produced with different language features.
 [2016-08-02 21:59 UTC] bwoebi@php.net
This is definitely related to dtrace overriding zend_execute_ex.

The fix would be in this case to convert dtrace to the normal executor style [i.e. do not do stack recursion ...]
 [2018-03-25 12:50 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2018-03-25 12:50 UTC] cmb@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

This is an infinite recursion (due to MyClass::_toHtml()
overriding MyAbstract::_toHtml()), which is deemed a userland
programming error, see
<http://www.php.net/manual/en/functions.user-defined.php>.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Oct 15 09:01:26 2024 UTC