PHP :: Bug #26520 :: Segfault when throwing exceptions from function called by call_user

Bug #26520

Segfault when throwing exceptions from function called by call_user_func()

Submitted:

2003-12-04 06:51 UTC

Modified:

2003-12-09 06:10 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

hertzsprung at mail dot com

Assigned:

Status:

No Feedback

Package:

Reproducible crash

PHP Version:

5.0.0b2 (beta2)

OS:

linux 2.4

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	hertzsprung at mail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2003-12-04 06:51 UTC] hertzsprung at mail dot com

Description:
------------
Throwing exceptions from within a dynamically called function (via call_user_func or equivalent) causes PHP to segfault.

Reproduce code:
---------------
<pre>
<?php

error_reporting(E_ALL);

class mzTestCase {
	public function run() {
		try {
			call_user_func(array($this, 'runTest'));
		} catch (Exception $e) {
			print "Exception caught ($e)";
		}
	}

	function runTest() {
		print "mseoj\n";
		//SEGFAULTS
		throw new mzTestFailureException();
	}
}

class mzTestFailureException extends Exception {}

$tc = new mzTestCase();
$tc->run();

?>


Expected result:
----------------
Exception caught (the mzTestFailureException details)

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 674)]
0x4046975a in zend_do_fcall_common_helper (execute_data=0xbfffd050,
    op_array=0x80b37b4) at /root/temp/php-5.0.0b2/Zend/zend_execute.c:2628
2628                    if (EG(exception) && EX(fbc)->common.fn_flags&ZEND_ACC_CTOR) {
(gdb) bt
#0  0x4046975a in zend_do_fcall_common_helper (execute_data=0xbfffd050,
    op_array=0x80b37b4) at /root/temp/php-5.0.0b2/Zend/zend_execute.c:2628
#1  0x40469a77 in zend_do_fcall_handler (execute_data=0xbfffd050,
    op_array=0x80b37b4) at /root/temp/php-5.0.0b2/Zend/zend_execute.c:2696
#2  0x40464e47 in execute (op_array=0x80b37b4)
    at /root/temp/php-5.0.0b2/Zend/zend_execute.c:1271
#3  0x40469409 in zend_do_fcall_common_helper (execute_data=0xbfffd320,
    op_array=0x80b2d50) at /root/temp/php-5.0.0b2/Zend/zend_execute.c:2579
#4  0x40469947 in zend_do_fcall_by_name_handler (execute_data=0xbfffd320,
    op_array=0x80b2d50) at /root/temp/php-5.0.0b2/Zend/zend_execute.c:2665
#5  0x40464e47 in execute (op_array=0x80b2d50)
    at /root/temp/php-5.0.0b2/Zend/zend_execute.c:1271
#6  0x40440ad4 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /root/temp/php-5.0.0b2/Zend/zend.c:1009
#7  0x403f9b2b in php_execute_script (primary_file=0xbffff638)
    at /root/temp/php-5.0.0b2/main/main.c:1622
#8  0x40471d7e in apache_php_module_main (r=0x815c3b4,
    display_source_mode=0)
    at /root/temp/php-5.0.0b2/sapi/apache/sapi_apache.c:54
#9  0x40472e30 in send_php (r=0x815c3b4, display_source_mode=0,
    filename=0x815df4c "/var/www/html/tmp/tests/call_user_func2.php")
    at /root/temp/php-5.0.0b2/sapi/apache/mod_php5.c:621
#10 0x40472eaf in send_parsed_php (r=0x815c3b4)
    at /root/temp/php-5.0.0b2/sapi/apache/mod_php5.c:636
#11 0x08053ab4 in ap_invoke_handler ()
#12 0x0806342c in ap_some_auth_required ()
#13 0x08063488 in ap_process_request ()
#14 0x0805cc6b in ap_child_terminate ()
#15 0x0805cdfc in ap_child_terminate ()
#16 0x0805cf19 in ap_child_terminate ()
#17 0x0805d3f5 in ap_child_terminate ()
#18 0x0805dafd in main ()
#19 0x400f814f in __libc_start_main () from /lib/libc.so.6

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-12-04 09:32 UTC] sniper@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

[2003-12-09 06:10 UTC] sniper@php.net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

[2004-07-27 20:11 UTC] chibisuke at web dot de

I am using the windows version of PHP. (and of course I get a access violation instead of a segmentation fault)

I experienced similiar problems as noted above but it works when using the deprecated funcation call_user_methode instead.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Apr 28 10:01:30 2024 UTC