|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2003-07-10 04:26 UTC] daniel dot goss at t-systems dot com
Description:
------------
The php-engine crashes with a segmentation fault if the function, that is called by usort calls another recursive function. The recoursion deepth is less than 10 so there could not be a global stack overflow. (Tested recursion deepth outside usort min. 8000.)
Reproduce code:
---------------
<?
function MyTest($A, $B, $C, $D, $E, $F, $G)
{
echo "|".$A++."|<BR>";
flush();
if ($A>10)
return 0;
MyTest($A, $B, $C, "", "", "", "");
return 0;
}
function MySort($A, $B)
{
return MyTest(0,$A,$B,"","","","");
}
for ($k=0; $k<100; $k++)
{
$Test[$k]=rand(1,100);
}
echo "BEGIN<BR>";
usort($Test, MySort);
echo "END<BR>";
?>
Expected result:
----------------
The recursion deepth inside the usort function should be min. 100.
Due to the recursive nature of modern sorting algorithms, I understand that the full recursion deepth, like outside of usort, is not available. But it should be much more than 10 (on my system)!
Actual result:
--------------
[notice] child pid 8651 exit signal Segmentation fault (11)
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Jul 03 19:01:35 2025 UTC |
Verified with PHP 4.3.3RC2-dev and PHP 5.0.0b2-dev, Backtrace for 4.3.3RC2-dev: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1024 (runnable)] 0x82c1020 in call_user_function_ex (function_table=0x85ad230, object_pp=0x0, function_name=0x5a5a5a5a, retval_ptr_ptr=0xbfffd1c4, param_count=2, params=0xbfffd1c8, no_separation=0, symbol_table=0x0) at /usr/src/web/php/php4_3/Zend/zend_execute_API.c:444 444 if (function_name->type==IS_ARRAY) { /* assume array($obj, $name) couple */ (gdb) bt #0 0x82c1020 in call_user_function_ex (function_table=0x85ad230, object_pp=0x0, function_name=0x5a5a5a5a, retval_ptr_ptr=0xbfffd1c4, param_count=2, params=0xbfffd1c8, no_separation=0, symbol_table=0x0) at /usr/src/web/php/php4_3/Zend/zend_execute_API.c:444 #1 0x81f1bd5 in array_user_compare (a=0x874c388, b=0x874c1fc) at /usr/src/web/php/php4_3/ext/standard/array.c:532 #2 0x82db4da in zend_qsort (base=0x874c1fc, nmemb=100, siz=4, compare=0x81f1b70 <array_user_compare>) at /usr/src/web/php/php4_3/Zend/zend_qsort.c:86 #3 0x82d46f4 in zend_hash_sort (ht=0x874d21c, sort_func=0x82db384 <zend_qsort>, compar=0x81f1b70 <array_user_compare>, renumber=1) at /usr/src/web/php/php4_3/Zend/zend_hash.c:1133 #4 0x81f1dd1 in zif_usort (ht=2, return_value=0x874d2d4, this_ptr=0x0, return_value_used=0) at /usr/src/web/php/php4_3/ext/standard/array.c:564 #5 0x82e03a2 in execute (op_array=0x874898c) at /usr/src/web/php/php4_3/Zend/zend_execute.c:1616 #6 0x82cce34 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/web/php/php4_3/Zend/zend.c:886 #7 0x828fefe in php_execute_script (primary_file=0xbffff8bc) at /usr/src/web/php/php4_3/main/main.c:1685 #8 0x82f4367 in main (argc=2, argv=0xbffff924) at /usr/src/web/php/php4_3/sapi/cli/php_cli.c:818 #9 0x406689cb in __libc_start_main (main=0x82f37e4 <main>, argc=2, argv=0xbffff924, init=0x80ab2c0 <_init>, fini=0x84525b4 <_fini>, rtld_fini=0x4000aea0 <_dl_fini>, stack_end=0xbffff91c) at ../sysdeps/generic/libc-start.c:92