php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34584 Segfault with SPL autoload handler
Submitted: 2005-09-21 18:52 UTC Modified: 2005-09-27 10:13 UTC
From: php dot net at benjamin dot schulz dot name Assigned: helly
Status: Closed Package: Reproducible crash
PHP Version: 5.1.0-rc1 OS: *
Private report: No CVE-ID:
 [2005-09-21 18:52 UTC] php dot net at benjamin dot schulz dot name
Description:
------------
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 6664)]
0xb792bfb4 in _zend_hash_add_or_update (ht=0x82ac114, arKey=0xbfc97a40 "foo_autoload",
    nKeyLength=14, pData=0xbfc97a68, nDataSize=4, pDest=0xbfc97a60, flag=2)
    at /home/bs/workspace/src/php5-cvs-5_1/Zend/zend_hash.c:215
215                     if ((p->h == h) && (p->nKeyLength == nKeyLength)) {
(gdb) bt
#0  0xb792bfb4 in _zend_hash_add_or_update (ht=0x82ac114, arKey=0xbfc97a40 "foo_autoload",
    nKeyLength=14, pData=0xbfc97a68, nDataSize=4, pDest=0xbfc97a60, flag=2)
    at /home/bs/workspace/src/php5-cvs-5_1/Zend/zend_hash.c:215
#1  0xb786645f in zif_spl_autoload_register (ht=1, return_value=0x82d70a4,
    return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /home/bs/workspace/src/php5-cvs-5_1/ext/spl/php_spl.c:424
#2  0xb794994c in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc97bf0)
    at zend_vm_execute.h:186
#3  0xb7949358 in execute (op_array=0x83608b4) at zend_vm_execute.h:87
#4  0xb79569b7 in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER (execute_data=0xbfc97fe0)
    at zend_vm_execute.h:4338
#5  0xb7949358 in execute (op_array=0x8287e7c) at zend_vm_execute.h:87
#6  0xb794f8d7 in ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER (execute_data=0xbfc98a20)
    at zend_vm_execute.h:1921
#7  0xb7949358 in execute (op_array=0x82d80cc) at zend_vm_execute.h:87
#8  0xb794f8d7 in ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER (execute_data=0xbfc99130)
    at zend_vm_execute.h:1921
#9  0xb7949358 in execute (op_array=0x831a344) at zend_vm_execute.h:87
#10 0xb7923f60 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/bs/workspace/src/php5-cvs-5_1/Zend/zend.c:1087
#11 0xb78e91bd in php_execute_script (primary_file=0xbfc9b490)
    at /home/bs/workspace/src/php5-cvs-5_1/main/main.c:1677
#12 0xb79b4a72 in php_handler (r=0x8292d98)
    at /home/bs/workspace/src/php5-cvs-5_1/sapi/apache2handler/sapi_apache2.c:568
#13 0x08068aa5 in ap_run_handler ()
#14 0x08068f1c in ap_invoke_handler ()
#15 0x08065ce8 in ap_process_request ()
#16 0x08060ec8 in _start ()
#17 0x08292d98 in ?? ()
---Type <return> to continue, or q <return> to quit---
#18 0x00000004 in ?? ()
#19 0x08292d98 in ?? ()
#20 0x08072bbc in ap_run_pre_connection ()
#21 0x08072a75 in ap_run_process_connection ()
#22 0x08066c6b in ap_graceful_stop_signalled ()
#23 0x08066e69 in ap_graceful_stop_signalled ()
#24 0x08066f70 in ap_graceful_stop_signalled ()
#25 0x080677ad in ap_mpm_run ()
#26 0x0806e090 in main ()


Reproduce code:
---------------
simplified autoload function:
function foo_autoload($class)
{
    $search = array(
        // FOO_BAR -> FOO/BAR.php
        str_replace('_', DIRECTORY_SEPARATOR, $class)
    );

    // FOO/BAR/BAR.php
    array_push($search, $search[0].DIRECTORY_SEPARATOR.basename($search[0]));
    $paths = explode(PATH_SEPARATOR, get_include_path());

    foreach($search AS $file)
    {
        foreach($paths AS $path)
        {
            if (file_exists($f = $path.DIRECTORY_SEPARATOR.$file.'.php'))
			{
				$GLOBALS['_FOO_AUTOLOAD'][$class] = $f;
                return include_once($f);
			}
        }
    }

    return false;
}


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-21 19:31 UTC] helly@php.net
Please try with head that uses a different implementation.
 [2005-09-25 01:12 UTC] helly@php.net
Looking at the back trace i can tell that the error happens during registering your autoload function. So i need you registering code and probably what happens before as reproducible script. And anyway you need to check whether it runs with latest version.
 [2005-09-25 20:11 UTC] helly@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip


 [2005-09-26 19:59 UTC] helly@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip


 [2005-09-27 10:13 UTC] helly@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 21:01:56 2014 UTC