From: archer at priorityonline dot net
Operating system: Debian-AMD64
PHP version: 5.1.4
PHP Bug Type: Reproducible crash
Bug description: Segmentation fault on using invalid save handler
Description:
------------
PHP Seems to crash (Segmentation Fault) when you provide it with an
invalid save_handler in PHP.ini.
I've attached a backtrace below.
Reproduce code:
---------------
Setting the save_handler value in php.ini to an invalid value
eg.
session.save_handler = file
Expected result:
----------------
PHP Fatal error: Unknown: Cannot find save handler file in Unknown on
line 0
Actual result:
--------------
(gdb) bt
#0 0x000000000067a493 in zend_objects_store_mark_destructed
(objects=0xaa00f8) at /root/php-5.1.4/Zend/zend_objects_API.c:70
#1 0x0000000000624132 in php_error_cb (type=0, error_filename=0x86911d
"Unknown", error_lineno=0, format=<value optimized out>, args=<value
optimized out>) at /root/php-5.1.4/main/main.c:827
#2 0x0000000000661174 in zend_error (type=1, format=0x86f486 "%s") at
/root/php-5.1.4/Zend/zend.c:967
#3 0x000000000062383d in php_verror (docref=0x0, params=<value optimized
out>, type=1, format=<value optimized out>, args=0xe88138) at
/root/php-5.1.4/main/main.c:572
#4 0x0000000000623bcb in php_error_docref0 (docref=0xaa00f8 "", type=16,
format=0x1 <Address 0x1 out of bounds>) at
/root/php-5.1.4/main/main.c:592
#5 0x0000000000559e74 in OnUpdateSaveHandler (entry=<value optimized
out>, new_value=0xab0340 "file", new_value_length=<value optimized out>,
mh_arg1=<value optimized out>,
mh_arg2=<value optimized out>, mh_arg3=<value optimized out>, stage=8)
at /root/php-5.1.4/ext/session/session.c:102
#6 0x000000000067190b in zend_restore_ini_entry_cb (ini_entry=0xbc91b0,
stage=8) at /root/php-5.1.4/Zend/zend_ini.c:55
#7 0x000000000066a6bb in zend_hash_apply_with_argument (ht=0xaa6250,
apply_func=0x671830 <zend_restore_ini_entry_cb>, argument=0x8) at
/root/php-5.1.4/Zend/zend_hash.c:685
#8 0x00000000006719da in zend_ini_deactivate () at
/root/php-5.1.4/Zend/zend_ini.c:101
#9 0x0000000000660c26 in zend_deactivate () at
/root/php-5.1.4/Zend/zend.c:863
#10 0x0000000000624e2c in php_request_shutdown (dummy=<value optimized
out>) at /root/php-5.1.4/main/main.c:1287
#11 0x00000000006ecf8a in main (argc=3, argv=0x7fffa1fa11a8) at
/root/php-5.1.4/sapi/cgi/cgi_main.c:1666
--
Edit bug report at http://bugs.php.net/?id=38405&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=38405&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=38405&r=trysnapshot52
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=38405&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=38405&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=38405&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=38405&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=38405&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=38405&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=38405&r=support
Expected behavior: http://bugs.php.net/fix.php?id=38405&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=38405&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=38405&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=38405&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=38405&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=38405&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=38405&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=38405&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=38405&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=38405&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=38405&r=mysqlcfg
