php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #27868 segfault on apache and php5 cli (only with --disable-debug!)
Submitted: 2004-04-05 07:26 UTC Modified: 2005-05-23 01:00 UTC
Votes:15
Avg. Score:4.9 ± 0.2
Reproduced:13 of 13 (100.0%)
Same Version:11 (84.6%)
Same OS:11 (84.6%)
From: blackei2k at gmx dot de Assigned:
Status: No Feedback Package: Scripting Engine problem
PHP Version: 5CVS-2005-04-30 OS: *
Private report: No CVE-ID: None
 [2004-04-05 07:26 UTC] blackei2k at gmx dot de
Description:
------------
I get a segfault while running a script of mine. Here what apache's error.log says:

[Mon Apr  5 13:36:36 2004] [notice] child pid 2072 exit signal Segmentation fault (11)


It happens when i call the function 
set_common_vars() which is a method of a class. If i run var_dump($o) ($o being an instance of the class set_common_vars is a member of) the script errors as it should withoot segfaulting. 

The function ist defined as:
    function sets_common_vars() 
    {
        $this->strCat = (isset ($_GET['load']) ? $_GET['load'] : 'homepage');
        $this->strGet = $_SERVER['PHP_SELF'] . '?' . 'load=' . $strCat;

        return true;
    }

This is very strange. I tried to build up a test-case as i thought it was related to the try {} catch blocks in the contructor, but it wasn't. My test-case did it's work as it was supposed to. I'm not sure what i can do, as the provided information above will most likely not help much tracing the bug to its source. 


As the new object model is based on ZE2 i have classified this as an engine issue. 


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-04-05 07:47 UTC] blackei2k at gmx dot de
I got a working (segfaulting) test-case here:


<?php
class foo {

    function __construct() {
        $a = 0 ;
        if ($a == 0)   
            throw new Exception ('$a == 0 in foo::_constructor');
    }

    function zar()
    {
        return 0;
    }

}
    class bar extends foo {
        function __construct()
        {
            try {
                parent::__construct();        
            } catch (Exception $e) {
                echo $e->getMessage() . "\n"; 
            }
            return true;
        }
    }

$o  = new bar;
$o->zar();
?>  

Hope that helps
 [2004-07-25 21:23 UTC] blackei2k at gmx dot de
Still there the segfault.
error.log of apache:

[Sun Jul 25 21:28:17 2004] [notice] child pid 11664 exit signal Segmentation fault (11)

php configured like: 

 './configure' '--disable-debug' '--disable-cli' '--with-apxs=/usr/bin/apxs' '--disable-pear' 

System tested on:

Linux baggy 2.4.21 #1 Fri Jun 27 21:24:38 CEST 2003 i686

PHP Version 5.1.0-dev

PHP API 	20031224
PHP Extension 	20040718
Zend Extension 	220040718


Sorry stas, but this is still happening.
 [2005-04-29 10:20 UTC] sniper@php.net
0x0811ffce in zend_std_get_method (object_ptr=0xbfe6aab8, method_name=0x835cce4 "zar", method_len=3)
    at /usr/src/php/php5/Zend/zend_object_handlers.c:626
626             if (zend_hash_find(&zobj->ce->function_table, lc_method_name, method_len+1, (void **)&fbc) == FAILURE) {
(gdb) bt
#0  0x0811ffce in zend_std_get_method (object_ptr=0xbfe6aab8, method_name=0x835cce4 "zar", method_len=3)
    at /usr/src/php/php5/Zend/zend_object_handlers.c:626
#1  0x0816257b in ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER (execute_data=0xbfe6ac10) at zend_vm_execute.h:20272
#2  0x0812c3c9 in execute (op_array=0x83568e4) at zend_vm_execute.h:78
#3  0x0810ea63 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/php/php5/Zend/zend.c:1059
#4  0x080dcd78 in php_execute_script (primary_file=0xbfe6d0b0) at /usr/src/php/php5/main/main.c:1653
#5  0x08186a5f in main (argc=2, argv=0xbfe6d174) at /usr/src/php/php5/sapi/cli/php_cli.c:954

 [2005-05-16 00:14 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.0-win32-latest.zip

Works fine with latest CVS (both 5.0 & 5.1), outputs "$a == 0 in foo::_constructor".
 [2005-05-23 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 16:01:28 2024 UTC