php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60682 Infinite recursion through call_user_func causes segmentation fault
Submitted: 2012-01-07 15:49 UTC Modified: 2012-01-09 10:47 UTC
Votes:14
Avg. Score:4.0 ± 1.3
Reproduced:9 of 12 (75.0%)
Same Version:7 (77.8%)
Same OS:2 (22.2%)
From: charlie at charliesomerville dot com Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.3.8 OS: Irrelevant
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: charlie at charliesomerville dot com
New email:
PHP Version: OS:

 

 [2012-01-07 15:49 UTC] charlie at charliesomerville dot com
Description:
------------
The PHP interpreter crashes when a call_user_func recurses too deep, rather than 
dying with a memory error.

Test script:
---------------
<?php

function f() { call_user_func("f"); }
f();

Expected result:
----------------
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 
523800 bytes) in /Users/charlie/crap/notsegfault.php on line 4

Actual result:
--------------
Segmentation fault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-01-09 04:26 UTC] laruence@php.net
-Status: Open +Status: Bogus
 [2012-01-09 04:26 UTC] laruence@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

reason is stack overflow, not php issues, but fyi, you can install xdebug to 
prevent this.
 [2012-01-09 04:32 UTC] charlie at charliesomerville dot com
I believe a segmentation fault due to a VM stack overflow is *definitely* a bug. 
You'd be hard-pressed to find another managed language where user code that 
recurses too deep actually crashes the VM.

PHP manages to handle stack overflows just fine in other situations anyway:

    function f() { f(); }

    function f() { $a = "f"; $a(); }

Neither of those functions will crash the interpreter when called.
 [2012-01-09 07:53 UTC] laruence@php.net
sure, that is because there is some improvment in zend_execute which make the 
function call no-need to call zend_execute recursivly, 

but call to zend_call_user_function is definitly will be recursivly.

thanks
 [2012-01-09 10:47 UTC] charlie at charliesomerville dot com
> but call to zend_call_user_function is definitly will be recursivly.

So there *is* an issue here, and this bug is definitely not bogus.

Maybe it would be a good idea to set a hard coded or perhaps php.ini configurable recursion 
limit for calls going through zend_call_user_function(), that when exceeded causes a fatal 
error.

I understand that xdebug is a very helpful extension, but this sort of problem should definitely 
be caught by PHP. I didn't have xdebug installed when I found this bug in some code I was 
working on, so I wasted a fair amount of time head scratching trying to figure out why PHP was 
segfaulting before I found the typo that was causing my code to infinitely recurse.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Sat Jul 05 08:01:33 2025 UTC