|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77693 Crash on multiple separate exception thrown inside custom error handler
Submitted: 2019-03-05 12:50 UTC Modified: 2020-06-10 12:51 UTC
From: jean dot beguin at free dot fr Assigned: cmb (profile)
Status: Closed Package: Reproducible crash
PHP Version: 7.3.2 OS: Windows 7 & Ubuntu 18.04
Private report: No CVE-ID: None
 [2019-03-05 12:50 UTC] jean dot beguin at free dot fr
When running the test script, the apache server processes crashes with exit status 3221225725.

The timing is of no importance as this still crash after around the same number of cycles, even with a sleep inside the loop.

This crash persists even with the use of gc_collect_cycles().

Tested on:
  Windows 7, Apache 2.4.38, PHP 7.3.2 via XAMPP
  Windows 7, Apache 2.4.29, PHP 7.2.2 via XAMPP
  Ubuntu Server 18.04, Apache/2.4.29 (Ubuntu), PHP 7.2.15-0ubuntu0.18.04.1

Test script:


function errorHandler(int $errorNumber, string $errorMessage)
    throw new \Exception();

$previousHandler = set_error_handler("errorHandler");

// 1000 is enough to crash on Windows 7 with XAMPP, but more is needed for Ubuntu
$operations = 10000;

for($i = 0; $i < $operations; $i++) {
        //Used to generate a warning.
    } catch (\Exception $e) {}


Expected result:
The process should not crash, as exception are thrown, caught and discarded, and should be garbage collected.

Actual result:
Apache error.loh:
[mpm_winnt:notice] [pid 6000:tid 244] AH00428: Parent: child process 3904 exited with status 3221225725 -- Restarting.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2019-03-05 13:29 UTC]
-Status: Open +Status: Feedback
 [2019-03-05 13:29 UTC]
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read for *NIX and for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

 [2019-03-05 13:31 UTC]
Generating the backtrace on Ubuntu would probably be best.

As you're seeing this crash under both OSes, if you can also run a memory checker on your machine...
 [2019-03-05 14:27 UTC]
-Status: Feedback +Status: Open
 [2019-03-05 14:27 UTC]
This is a stack overflow caused by a destruction of a deeply nested object. This happens because the exception captures backtrace arguments and the error handler is passed the variable scope of the error, which also includes the previous exception in $e. This creates a chain of exceptions.

In PHP 8 the error context is gone, not sure if there's anything actionable here before that. The fact that exceptions capture backtrace args is a common problem for a number of reasons, we might want to address that in some way (possibly ini option to disable).
 [2020-06-10 12:51 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb
 [2020-06-10 12:51 UTC]
As of PHP 7.4.0, there is zend.exception_ignore_args, so I think
this ticket can be closed.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Wed May 12 03:01:24 2021 UTC