|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2002-07-26 22:19 UTC] sniper@php.net
[2002-08-27 01:00 UTC] php-bugs at lists dot php dot net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Nov 18 01:00:01 2025 UTC |
Hello, using a user-supplied comparison function for array_sort() causes php to segfault. While this does not happen every time, the problem is reproducible once it occurs. My configure line is as follows: ./configure --prefix=/home/webm --with-apxs=/home/webm/bin/apxs --with-config-file-path=/home/webm/conf --with-imap=/home/chs/build/imap-2001a.RELEASE-CANDIDATE.1 --with-mysql=/opt/local/mysql --enable-ftp --with-java=/usr/java --with-zlib=/home/chs --enable-sysvsem --enable-sysvshm --with-oci8=/opt/app/oracle/product/8.0.5 --with-ldap=/home/chs --with-openssl=/home/chs Here is a sample gdb session: GNU gdb 5.2 Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "sparc-sun-solaris2.8"... (no debugging symbols found)... (gdb) run -X Starting program: /home/webm/bin/httpd -X (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. call_user_function_ex (function_table=0x151f80, object_pp=0x0, function_name=0x45522042, retval_ptr_ptr=0xffbeb704, param_count=2, params=0xffbeb708, no_separation=0, symbol_table=0x0) at zend_execute_API.c:400 400 if (function_name->type==IS_ARRAY) { /* assume array($obj, $name) couple */ (gdb) bt #0 call_user_function_ex (function_table=0x151f80, object_pp=0x0, function_name=0x45522042, retval_ptr_ptr=0xffbeb704, param_count=2, params=0xffbeb708, no_separation=0, symbol_table=0x0) at zend_execute_API.c:400 #1 0x7f290a00 in array_user_compare (a=0x785e24, b=0xffbeb704) at array.c:530 #2 0x7f23ba38 in zend_qsort (base=0x785e24, nmemb=7888272, siz=4, compare=0x7f290994 <array_user_compare>) at zend_qsort.c:87 #3 0x7f236de0 in zend_hash_sort (ht=0x7755f0, sort_func=0x7f23b980 <zend_qsort>, compar=0x7f290994 <array_user_compare>, renumber=1) at zend_hash.c:1131 #4 0x7f290b6c in zif_usort (ht=17408, return_value=0x784280, this_ptr=0x0, return_value_used=0) at array.c:562 #5 0x7f220e3c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #6 0x7f22110c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #7 0x7f22110c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #8 0x7f22110c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #9 0x7f22110c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #10 0x7f22110c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #11 0x7f22110c in execute () from /export/home1/chs/build/php-4.2.2/.libs/libphp4.so #12 0x7f2316fc in zend_execute_scripts (type=8, retval=0x0, file_count=3) at zend.c:810 #13 0x7f240b70 in php_execute_script (primary_file=0xffbef5f8) at main.c:1381 #14 0x7f23bcc0 in apache_php_module_main (r=0x5311a8, display_source_mode=0) at sapi_apache.c:90 #15 0x7f23cab4 in send_php (r=0x5311a8, display_source_mode=0, filename=0x0) at mod_php4.c:575 #16 0x7f23cb28 in send_parsed_php (r=0x5311a8) at mod_php4.c:590 #17 0x00050798 in ap_invoke_handler () #18 0x00067e5c in process_request_internal () #19 0x00067ea8 in ap_process_request () #20 0x0005c424 in child_main () #21 0x0005d2d8 in standalone_main () #22 0x0005e440 in main () (gdb) frame 0 #0 call_user_function_ex (function_table=0x151f80, object_pp=0x0, function_name=0x45522042, retval_ptr_ptr=0xffbeb704, param_count=2, params=0xffbeb708, no_separation=0, symbol_table=0x0) at zend_execute_API.c:400 400 if (function_name->type==IS_ARRAY) { /* assume array($obj, $name) couple */ (gdb) info local i = 5507440 original_return_value = (zval **) 0x2 calling_symbol_table = (HashTable *) 0x774f00 function_state = {function_symbol_table = 0xff00, function = 0x58e538, reserved = {0x74db9c, 0x0, 0xffbeb684, 0x780400}} original_function_state_ptr = (zend_function_state *) 0xffbebb54 original_op_array = (zend_op_array *) 0x540970 original_opline_ptr = (zend_op **) 0x151f80 orig_free_op1 = 0 orig_free_op2 = 1163010114 orig_unary_op = (int (*)()) 0xffbeb704 orig_binary_op = (int (*)()) 0x786044 function_name_copy = {value = {lval = 7881304, dval = 2.1591364891357192e-306, str = {val = 0x784258 "", len = 10}, ht = 0x784258, obj = {ce = 0x784258, properties = 0xa}}, type = 3 '\003', is_ref = 0 '\0', refcount = 3} For what it's worth, the comparison function used utilizes the OCI8-Interface; this may or not be related to this bug. Apache versions tried include 1.3.20 and 1.3.26. Thank you a lot!