PHP :: Bug #35437 :: Segfault or Invalid Opcode 137/1/4

Bug #35437

Segfault or Invalid Opcode 137/1/4

Submitted:

2005-11-28 04:19 UTC

Modified:

2005-12-03 12:39 UTC

Votes:	2
Avg. Score:	2.5 ± 1.5
Reproduced:	2 of 2 (100.0%)
Same Version:	2 (100.0%)
Same OS:	2 (100.0%)

From:

me at dither dot spb dot ru

Assigned:

dmitry (profile)

Status:

Closed

Package:

Scripting Engine problem

PHP Version:

5CVS-2005-11-28 (cvs)

OS:

Private report:

CVE-ID:

None

View Developer Edit

[2005-11-28 04:19 UTC] me at dither dot spb dot ru

Description:
------------
PHP 5.1 Final Release.
(built: Nov 23 2005 23:59:35)

Easy repoducible segfault or Invalid opcode 137/1/4 Fatal Error.

Reproduce code:
---------------
<?php
function err2exception($errno, $errstr)
{
	throw new Exception("Error occuried: " . $errstr);
}

set_error_handler('err2exception');

class TestClass
{
	function testMethod()
	{
		//$GLOBALS['t'] = 'test';
		$GLOBALS['t'] = new stdClass;
	}
}

TestClass::testMethod();
?>

Expected result:
----------------
PHP Should cause Strict level Notice "Non-static method TestClass::testMethod() should not be called statically", and  after what error_handler err2exception() must be executed.

Finally, it must be an Uncaught exception 'Exception' with message 'Error occuried: Non-static method TestClass::testMethod() should not be called statically'.

Actual result:
--------------
Segfault.

Uncommenting line //$GLOBALS['t'] = 'test' causes Invalid opcode 137/1/4 Fatal Error.

Commenting both $GLOBALS lines completly fixes bug.

Marking method testMethod() as static (... static function testMethod() ...) fixes bug too, but no exception will be thrown.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-11-28 09:13 UTC] sniper@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

[2005-11-28 17:43 UTC] me at dither dot spb dot ru

PHP 5.1.2-dev (cli) (built: Nov 27 2005 20:24:18) (Win32).
No changes. Problem persists. Sorry, I dont have enought time to test latest unix snapshot. If needed, I can do some testing across different unix versions tomorrow.

Omg, sorry for my bad english..

[2005-11-28 17:53 UTC] sniper@php.net

Here's GDB backtrace:

0x0820c3bf in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe14f80) at /usr/src/php_5_1/Zend/zend_vm_execute.h:131
131             if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) {
(gdb) bt
#0  0x0820c3bf in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe14f80) at /usr/src/php_5_1/Zend/zend_vm_execute.h:131
#1  0x0820d0d7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe14f80) at /usr/src/php_5_1/Zend/zend_vm_execute.h:310
#2  0x0820c30c in execute (op_array=0x9bd5d2c) at /usr/src/php_5_1/Zend/zend_vm_execute.h:88
#3  0x0820c792 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe150d0) at /usr/src/php_5_1/Zend/zend_vm_execute.h:222
#4  0x0820d0d7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe150d0) at /usr/src/php_5_1/Zend/zend_vm_execute.h:310
#5  0x0820c30c in execute (op_array=0x9bcff0c) at /usr/src/php_5_1/Zend/zend_vm_execute.h:88
#6  0x081e3eca in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/php_5_1/Zend/zend.c:1090
#7  0x081a234e in php_execute_script (primary_file=0xbfe17500) at /usr/src/php_5_1/main/main.c:1704
#8  0x08252300 in main (argc=2, argv=0xbfe175d4) at /usr/src/php_5_1/sapi/cli/php_cli.c:1039

[2005-11-29 05:11 UTC] me at dither dot spb dot ru

That means bug has been confirmed?

[2005-12-01 13:56 UTC] dmitry@php.net

Fixed in CVS HEAD, PHP_5_1 and PHP_5_0.

[2005-12-03 12:39 UTC] me at dither dot spb dot ru

thnx guys, outstanding work =)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Oct 31 21:00:02 2025 UTC