php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73740 Segmentation fault it Zend/zend_language_scanner.c:1170
Submitted: 2016-12-14 17:25 UTC Modified: 2016-12-16 18:26 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: tom60 at op dot pl Assigned:
Status: Open Package: Reproducible crash
PHP Version: 7.0.14 OS: Debian Jessie 64 bit
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: tom60 at op dot pl
New email:
PHP Version: OS:

 

 [2016-12-14 17:25 UTC] tom60 at op dot pl
Description:
------------
I noticed a crash after upgrading from PHP 7.0.13 to 7.0.14. I've attached a backtrace from gdb.

Actual result:
--------------
#0  lex_scan (zendlval=zendlval@entry=0x7ffe6551de00) at Zend/zend_language_scanner.c:1170
#1  0x00007fee547044fb in zendlex (elem=elem@entry=0x7ffe6551deb0) at /src/php-7.0.14/Zend/zend_compile.c:1587
#2  0x00007fee546e8953 in zendparse () at /src/php-7.0.14/Zend/zend_language_parser.c:4225
#3  0x00007fee546ec20b in compile_file (file_handle=0x7ffe6551ed40, type=<optimized out>) at Zend/zend_language_scanner.l:591
#4  0x00007fee5457ee4f in phar_compile_file (file_handle=0x7ffe6551de00, type=-319) at /src/php-7.0.14/ext/phar/phar.c:3322
#5  0x00007fee4efcf547 in opcache_compile_file (file_handle=file_handle@entry=0x7ffe6551ed40, type=type@entry=2, op_array_p=op_array_p@entry=0x7ffe6551ec58, 
    key_length=<optimized out>, key=<optimized out>) at /src/php-7.0.14/ext/opcache/ZendAccelerator.c:1494
#6  0x00007fee4efd0e5d in persistent_compile_file (file_handle=0x7ffe6551ed40, type=2) at /src/php-7.0.14/ext/opcache/ZendAccelerator.c:1851
#7  0x00007fee546ec4b6 in compile_filename (type=2, filename=filename@entry=0x7fee4e8128a0) at Zend/zend_language_scanner.l:649
#8  0x00007fee547af6a7 in ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER () at /src/php-7.0.14/Zend/zend_vm_execute.h:29441
#9  0x00007fee5475f91b in execute_ex (ex=<optimized out>) at /src/php-7.0.14/Zend/zend_vm_execute.h:414
#10 0x00007fee547b3427 in zend_execute (op_array=0x7fee4e865000, op_array@entry=0x7fee3e39d3a0, return_value=return_value@entry=0x7fee4e812840)
    at /src/php-7.0.14/Zend/zend_vm_execute.h:458
#11 0x00007fee54722084 in zend_execute_scripts (type=type@entry=8, retval=0x7fee4e812840, retval@entry=0x0, file_count=file_count@entry=3)
    at /src/php-7.0.14/Zend/zend.c:1437
#12 0x00007fee546c53c0 in php_execute_script (primary_file=primary_file@entry=0x7ffe655212d0) at /src/php-7.0.14/main/main.c:2494
#13 0x00007fee547b4d2a in php_handler (r=<optimized out>) at /src/php-7.0.14/sapi/apache2handler/sapi_apache2.c:678
#14 0x000055b16f21a2f0 in ap_run_handler (r=r@entry=0x55b171852fc0) at config.c:170
#15 0x000055b16f21a839 in ap_invoke_handler (r=0x55b171852fc0) at config.c:434
#16 0x000055b16f23b502 in ap_process_async_request (r=0x55b171852fc0) at http_request.c:410
#17 0x000055b16f23b6a0 in ap_process_request (r=0x55b171852fc0) at http_request.c:445
#18 0x000055b16f2377f5 in ap_process_http_sync_connection (c=0x55b1717bfba0) at http_core.c:210
#19 ap_process_http_connection (c=0x55b1717bfba0) at http_core.c:251
#20 0x000055b16f223b20 in ap_run_process_connection (c=0x55b1717bfba0) at connection.c:42
#21 0x000055b16f29ada2 in child_main (child_num_arg=1699864064, child_bucket=1699878512) at prefork.c:723
#22 0x000055b16f29b020 in make_child (s=0x55b1714121b0, slot=0, bucket=0) at prefork.c:824
#23 0x000055b16f29be75 in perform_idle_server_maintenance (p=<optimized out>) at prefork.c:932
#24 prefork_run (_pconf=0x7ffe6551de00, plog=0x7ffe65521744, s=0x7ffe65521720) at prefork.c:1128
#25 0x000055b16f1fecce in ap_run_mpm (pconf=0x55b1713df138, plog=0x55b17141ab38, s=0x55b1714121b0) at mpm_common.c:94
#26 0x000055b16f1f7fd8 in main (argc=3, argv=0x7ffe655219f8) at main.c:783

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-12-14 17:38 UTC] nikic@php.net
This is odd, because there were no changed in this area between 7.0.13 and 7.0.14.

Under what circumstances does this occur? Only for a specific file? Only intermittently?
 [2016-12-16 17:23 UTC] tom60 at op dot pl
Probably the crash was introduced in one of the earlier versions. I can confirm that it occured intermittently in 7.0.13, too. I'm not sure about earlier PHP versions, I would have to dig deeper into error logs. The crash occured on one of our production servers 15 times during the last 30 days. Are there any steps we can take to help you find the root cause of the problem?
 [2016-12-16 18:26 UTC] nikic@php.net
It might be related to https://bugs.php.net/bug.php?id=52752.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Wed Nov 13 17:01:31 2019 UTC