Edit report at http://bugs.php.net/bug.php?id=53022&edit=1
ID: 53022
Comment by: info at porkareh dot com
Reported by: hightman at twomice dot net
Summary: Segfault in php-cgi after executing a script with
syntax error
Status: Open
Type: Bug
Package: Reproducible crash
Operating System: FreeBSD Linux
PHP Version: 5.3.3
Block user comment: N
Private report: N
New Comment:
i need to php v5 or uper for my site
my address is www.porkareh.com
thanks
Previous Comments:
------------------------------------------------------------------------
[2010-10-08 15:16:26] hightman at twomice dot net
I have resolved this bug after some hours hard work, but I don't know
whether it is a good way and fully kill the bug.
1) Patch the source file 'zend/zend_language_scanner.l' as following
diff output:
*** zend/zend_language_scanner.l.orig 2010-10-08 20:48:35.000000000
+0800
--- zend/zend_language_scanner.l 2010-10-08 20:49:36.000000000
+0800
***************
*** 355,360 ****
--- 355,361 ----
zend_do_return(&retval_znode, 0 TSRMLS_CC);
CG(in_compilation) = original_in_compilation;
if (compiler_result==1) { /* parser error */
+ zend_restore_lexical_state(&original_lex_state
TSRMLS_CC);
zend_bailout();
}
compilation_successful=1;
2) Re-compile the php, and it will generate a new
zend/zend_language_scanner.c automatically, but you should install
`re2c` first. Otherwise, you should modify zend/zend_language_scanner.c
refers to the above patch.
------------------------------------------------------------------------
[2010-10-08 10:44:18] hightman at twomice dot net
Description:
------------
Every php-cgi/fastcgi process was designed to handle multi requests, but
after executing a script file which has syntax error, the php-cgi will
crash when next request comming in.
Test script:
---------------
1. start the php-cgi:
php-cgi -b /tmp/php53/php-cgi.sock
2. simple test script with syntax error:
<?php $++; ?>
3. run twice requests to this script
Actual result:
--------------
The first time, request was handled normally, but the second time,
php-cgi crashed.
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x0000000100418211 in _zend_mm_alloc_int (heap=0x101025a00, size=4) at
/Users/hightman/Temp/setup/php-5.3.3/Zend/zend_alloc.c:1825
1825 heap->cache[index] =
best_fit->prev_free_block;
(gdb) bt
#0 0x0000000100418211 in _zend_mm_alloc_int (heap=0x101025a00, size=4)
at /Users/hightman/Temp/setup/php-5.3.3/Zend/zend_alloc.c:1825
#1 0x00000001004196cc in _emalloc (size=4) at
/Users/hightman/Temp/setup/php-5.3.3/Zend/zend_alloc.c:2340
#2 0x0000000100432af4 in init_op_array (op_array=0x100e5c2d0, type=2
'\002', initial_ops_size=64) at
/Users/hightman/Temp/setup/php-5.3.3/Zend/zend_opcode.c:63
#3 0x00000001003fa309 in compile_file (file_handle=0x7fff5fbfd660,
type=8) at zend_language_scanner.l:351
#4 0x000000010043f8ee in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /Users/hightman/Temp/setup/php-5.3.3/Zend/zend.c:1186
#5 0x00000001003c6e01 in php_execute_script
(primary_file=0x7fff5fbfd660) at
/Users/hightman/Temp/setup/php-5.3.3/main/main.c:2260
#6 0x00000001005222f3 in main (argc=3, argv=0x7fff5fbff850) at
/Users/hightman/Temp/setup/php-5.3.3/sapi/cgi/cgi_main.c:2109
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=53022&edit=1
