php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #30021 Infinite loop causing SIGBUS
Submitted: 2004-09-08 05:19 UTC Modified: 2005-05-07 01:00 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: curt@php.net Assigned:
Status: No Feedback Package: Scripting Engine problem
PHP Version: 5CVS-2005-03-07 OS: *
Private report: No CVE-ID: None
 [2004-09-08 05:19 UTC] curt@php.net
Description:
------------
Calling parent::__construct with call_user_func*() causes what appears to be an infinite loop. (see backtrace)

Reproduce code:
---------------
class A {
  function __construct() {}
}
class B extends A {
  function __construct() {
    call_user_func(array("parent", "__construct"));
  }
}

$d= new B();

Expected result:
----------------
nothing

Actual result:
--------------
#0  0x285da2a9 in malloc () from /lib/libc.so.5
#1  0x081cc5b5 in _emalloc (size=32,
    __zend_filename=0x8283de0 "/usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c", __zend_lineno=826,
    __zend_orig_filename=0x8285d00 "/usr/home/curt/cvs/php/php-src/Zend/zend_hash.c", __zend_orig_lineno=169)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_alloc.c:181
#2  0x081cca85 in _ecalloc (nmemb=8, size=4,
    __zend_filename=0x8283de0 "/usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c", __zend_lineno=826,
    __zend_orig_filename=0x8285d00 "/usr/home/curt/cvs/php/php-src/Zend/zend_hash.c", __zend_orig_lineno=169)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_alloc.c:319
#3  0x081ed3cf in _zend_hash_init (ht=0x8543224, nSize=0, pHashFunction=0,
    pDestructor=0x81e52ac <_zval_ptr_dtor_wrapper>, persistent=0 '\0',
    __zend_filename=0x8283de0 "/usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c", __zend_lineno=826)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_hash.c:169
#4  0x081daf19 in zend_call_function (fci=0xbfb001f0, fci_cache=0x0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c:826
#5  0x081da044 in call_user_function_ex (function_table=0x82c8000,
    object_pp=0x0, function_name=0x8542624, retval_ptr_ptr=0xbfb00268,
    param_count=0, params=0x85426a8, no_separation=0, symbol_table=0x0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c:556
#6  0x08126406 in zif_call_user_func (ht=1, return_value=0x8542664,
    this_ptr=0x0, return_value_used=0)
    at /usr/home/curt/cvs/php/php-src/ext/standard/basic_functions.c:2010
#7  0x0820fb4b in zend_do_fcall_common_helper (execute_data=0xbfb00350)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:2983
#8  0x082102c7 in zend_do_fcall_handler (execute_data=0xbfb00350)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:3117
#9  0x0820bec6 in execute (op_array=0x835a424)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:1498
#10 0x081daf7b in zend_call_function (fci=0xbfb004a0, fci_cache=0x0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c:834
#11 0x081da044 in call_user_function_ex (function_table=0x82c8000,
    object_pp=0x0, function_name=0x8542424, retval_ptr_ptr=0xbfb00518,
    param_count=0, params=0x85424a8, no_separation=0, symbol_table=0x0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c:556
#12 0x08126406 in zif_call_user_func (ht=1, return_value=0x8542464,
    this_ptr=0x0, return_value_used=0)
    at /usr/home/curt/cvs/php/php-src/ext/standard/basic_functions.c:2010
#13 0x0820fb4b in zend_do_fcall_common_helper (execute_data=0xbfb00600)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:2983
#14 0x082102c7 in zend_do_fcall_handler (execute_data=0xbfb00600)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:3117
#15 0x0820bec6 in execute (op_array=0x835a424)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:1498
....

#9028 0x081daf7b in zend_call_function (fci=0xbfbfcbf0, fci_cache=0x0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c:834
#9029 0x081da044 in call_user_function_ex (function_table=0x82c8000,
    object_pp=0x0, function_name=0x8359624, retval_ptr_ptr=0xbfbfcc68,
    param_count=0, params=0x83596a8, no_separation=0, symbol_table=0x0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute_API.c:556
#9030 0x08126406 in zif_call_user_func (ht=1, return_value=0x8359664,
    this_ptr=0x0, return_value_used=0)
    at /usr/home/curt/cvs/php/php-src/ext/standard/basic_functions.c:2010
#9031 0x0820fb4b in zend_do_fcall_common_helper (execute_data=0xbfbfcd50)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:2983
#9032 0x082102c7 in zend_do_fcall_handler (execute_data=0xbfbfcd50)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:3117
#9033 0x0820bec6 in execute (op_array=0x835a424)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:1498
#9034 0x0820fce4 in zend_do_fcall_common_helper (execute_data=0xbfbfcee0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:3012
#9035 0x082101b2 in zend_do_fcall_by_name_handler (execute_data=0xbfbfcee0)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:3097
#9036 0x0820bec6 in execute (op_array=0x835a124)
    at /usr/home/curt/cvs/php/php-src/Zend/zend_execute.c:1498
#9037 0x081e7315 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/home/curt/cvs/php/php-src/Zend/zend.c:1054
#9038 0x081a0d05 in php_execute_script (primary_file=0xbfbfe608)
    at /usr/home/curt/cvs/php/php-src/main/main.c:1634
#9039 0x08219ee1 in main (argc=2, argv=0xbfbfe678)
    at /usr/home/curt/cvs/php/php-src/sapi/cli/php_cli.c:943
#9040 0x0807aaf2 in _start ()


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-04-29 11:54 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.0-win32-latest.zip

Can't reproduce with latest HEAD & 5.0, seems to be fixed.
 [2005-05-07 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Nov 13 17:01:30 2024 UTC