php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48680 5.3 segfaults where 5.2 doesn't
Submitted: 2009-06-24 21:16 UTC Modified: 2009-06-25 20:50 UTC
From: ms419 at freezone dot co dot uk Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.3CVS-2009-06-24 (snap) OS: Debian
Private report: No CVE-ID: None
 [2009-06-24 21:16 UTC] ms419 at freezone dot co dot uk
Description:
------------
http://www.sfu.ca/~jdbates/tmp/php/200906240/core

The project I contribute to works with PHP 5.2, but causes PHP 5.3 to segfault, http://qubit-toolkit.org/wiki/index.php?title=Main_Page

The project source is available from Subversion, http://qubit-toolkit.googlecode.com/svn/trunk/

I downloaded and built the latest 5.3 snapshot,

 $ ./configure --enable-debug --with-pdo-mysql
 [...]
 $ make
 [...]

I got a backtrace with gdb, http://www.sfu.ca/~jdbates/tmp/php/200906240/screenlog


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-06-24 21:20 UTC] pajoye@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2009-06-24 21:22 UTC] rasmus@php.net
Any chance you could extract a simple reproducing case from that code?  It is obviously related to the call_user_func_array() call there, so if you could figure out the exact arguments to the call and create a simple test case that causes the crash it would speed this up.
 [2009-06-25 11:43 UTC] johannes@php.net
I tried to reproduce it, fetched the tree, configured the database, the application didn't properly run but didn'T segfault.

Running fro mthe command line as in your backtrace gave me some HTML output. So please try to make the scrit shorter so we have a chance to understand it.

A good starting point might be a PHP-level backtrace to generate this we have a .gdbinit file with a dump_bt macro.

source /path/to/php-src/.gdbinit
help dump_bt

Should get oyu started there.

Thanks!
 [2009-06-25 19:26 UTC] ms419 at freezone dot co dot uk
Thanks for your help rasmus and johannes, I thought it was going to be very difficult to isolate this bug in a sample script, but with the help of dump_bt, it was not so hard. Thanks for that advice!

Here's a sample script which exposes the bug I think I'm experiencing in our project. It works in 5.2 but segfaults in 5.3.

<?php

class A
{
  public function x()
  {
  }
}

class B extends A
{
  public function x()
  {
    $args = func_get_args();

    return call_user_func_array(array($this, 'parent::x'), $args);
  }
}

class C extends B
{
}

$c = new C;
$c->x();
 [2009-06-25 20:50 UTC] johannes@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Thanks for the report. From the UPGRADING:

    call_user_func() now propagates $this even if the callee is
    the parent class

This includes the class to which the call is relative, might not be clear from the entry.

The fix for the code would be replacing parent::x with A::x.

Thanks for the report, I'll try to come up with a more clear wording for UPGRADING and other documentation.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sat Mar 28 19:01:27 2020 UTC