php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48409 Exception + nested functions + classes crash PHP 5.2
Submitted: 2009-05-27 17:02 UTC Modified: 2009-05-30 16:38 UTC
From: nightstorm at tlen dot pl Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 5.2CVS-2009-05-27 (snap) OS: Linux gcc
Private report: No CVE-ID: None
 [2009-05-27 17:02 UTC] nightstorm at tlen dot pl
Description:
------------
This an extended version of the code I've sent for bug #48408 that also crashes both PHP 5.2.9 and the latest snapshot of PHP 5.2 (with different debug backtrace).

The same script crashes also the latest PHP 5.3-dev snapshot but generates a different backtrace. The information about the environment:
 - The script was run from PHP Command-Line Interface
 - No extra patches or modifications were used (pure snapshot)
 - No debugging symbols were used.
 - Operating system: Arch Linux x86_64.

The problem may be related to http://bugs.php.net/bug.php?id=48408 as the reproduce code is similar.

Reproduce code:
---------------
See:
http://media.zyxist.com/snippets/exception_segfault1.phps

Expected result:
----------------
"Exception thrown"

Actual result:
--------------
Core was generated by `/usr/local/php/bin/php exception_segfault1.php'.
Program terminated with signal 11, Segmentation fault.
[New process 12255]
#0  zend_do_fcall_common_helper_SPEC (execute_data=0x7fff56fcab90) at /usr/src/php-5.2-dev/Zend/zend_vm_execute.h:289
289                             if (RETURN_VALUE_USED(ctor_opline)) {
(gdb) backtrace
#0  zend_do_fcall_common_helper_SPEC (execute_data=0x7fff56fcab90) at /usr/src/php-5.2-dev/Zend/zend_vm_execute.h:289
#1  0x0000000000704cd4 in execute (op_array=0x7feb4ee45b90) at /usr/src/php-5.2-dev/Zend/zend_vm_execute.h:92
#2  0x00000000006e2741 in zend_execute_scripts (type=8, retval=0x51, file_count=3) at /usr/src/php-5.2-dev/Zend/zend.c:1134
#3  0x00000000006a020f in php_execute_script (primary_file=0x7fff56fcd200) at /usr/src/php-5.2-dev/main/main.c:2025
#4  0x0000000000754afe in main (argc=2, argv=0x7fff56fcd3e8) at /usr/src/php-5.2-dev/sapi/cli/php_cli.c:1162

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-27 18:26 UTC] jani@php.net
<?php

class ABCException extends Exception {}

class BBB
{
	public function xyz($d, $x)
	{
		if ($x == 34) {
			throw new ABCException;
		}
		return array('foo' => 'xyz');
	}
}
	
class CCC
{
	public function process($p)
	{
		return $p;
	}
}

class AAA
{
	public function func()
	{
		$b = new BBB;
		$c = new CCC;
		$i = 34;
		$item = array('foo' => 'bar');
		try {
			$c->process($b->xyz($item['foo'], $i));
		}
		catch(ABCException $e) {
			$b->xyz($item['foo'], $i);
		}
	} // end func();
}

class Runner
{
	public function run($x)
	{
		try {
			$x->func();
		}
		catch(ABCException $e) {
			throw new Exception;
		}
	}
}

try {
	$runner = new Runner;
	$runner->run(new AAA);
}
catch(Exception $e) {
	die('Exception thrown');
}

?>
 [2009-05-27 18:27 UTC] jani@php.net
Did you use --enable-debug or not? Change -O (optimizer level) compile 
parameter?
 [2009-05-27 18:28 UTC] jani@php.net
Note: I can not reproduce this.
 [2009-05-27 18:42 UTC] lbarnaud@php.net
Looks like the same as bug #48228

Can reproduce on a 64bit system, not on 32bit.
"./configure --disable-all", default CFLAGS (-O2)
 [2009-05-27 19:22 UTC] jani@php.net
Arnaud: I'd like to see the reportee's answers to my questions. And I 
tested in 64bit system, gcc 4.1.2. 

What was the GCC version you (both) used? :)
 [2009-05-30 16:38 UTC] lbarnaud@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 09:01:32 2024 UTC