php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57279 PHP crashes with any bcompiled class
Submitted: 2006-10-05 04:37 UTC Modified: 2006-12-17 06:26 UTC
From: ivoras at yahoo dot com Assigned: val (profile)
Status: Not a bug Package: bcompiler (PECL)
PHP Version: 5.1.6 OS: FreeBSD
Private report: No CVE-ID: None
 [2006-10-05 04:37 UTC] ivoras at yahoo dot com
Description:
------------
PHP crashes when using any bcompiled class.

Reproduce code:
---------------
Main file:

<?php
require('tcc.php');

$a = new A();
$a = new B();
?>

tcc.php:
compiled version of:
<?php

    class A {
        function __construct() {
            echo "A::ctor\n";
        }
    }

    class B extends A {
        function __construct() {
            echo "B::ctor\n";
        }
    }
?>


Expected result:
----------------
A working program ("A::ctor" and "B::ctor" on console)

Actual result:
--------------
Signal 11 when PHP executable tries to exit. It processes the script, writes ctor messages, and crashes.


$ gdb /usr/local/bin/php php.core
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...
Core was generated by `php'.
Program terminated with signal 11, Segmentation fault.

...

#0  _efree (ptr=0x0, __zend_filename=0x81fd224 "/usr/ports/lang/php5/work/php-5.1.6/Zend/zend_hash.c", __zend_lineno=528, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_alloc.c:300
300		CALCULATE_REAL_SIZE_AND_CACHE_INDEX(p->size);
(gdb) bt
#0  _efree (ptr=0x0, __zend_filename=0x81fd224 "/usr/ports/lang/php5/work/php-5.1.6/Zend/zend_hash.c", __zend_lineno=528, 
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_alloc.c:300
#1  0x0814c94d in zend_hash_destroy (ht=0x859eac4) at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_hash.c:528
#2  0x0813a8ee in destroy_zend_class (pce=0x859eac4) at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_opcode.c:180
#3  0x0814cbb8 in zend_hash_apply_deleter (ht=0x825f140, p=0x859b100) at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_hash.c:576
#4  0x0814cee3 in zend_hash_reverse_apply (ht=0x825f140, apply_func=0x8136774 <clean_non_persistent_class>)
    at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_hash.c:737
#5  0x08136ecd in shutdown_executor () at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend_execute_API.c:273
#6  0x0814349d in zend_deactivate () at /usr/ports/lang/php5/work/php-5.1.6/Zend/zend.c:854
#7  0x08108f69 in php_request_shutdown (dummy=0x0) at /usr/ports/lang/php5/work/php-5.1.6/main/main.c:1292
#8  0x081ca43f in main (argc=2, argv=0xbfbfead4) at /usr/ports/lang/php5/work/php-5.1.6/sapi/cli/php_cli.c:1246


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-12-13 14:47 UTC] val@php.net
doesn't reproduce on my system with
$ ./php -v
PHP 5.1.5-dev (cli) (built: Jul 29 2006 13:56:53)

but I will study it with 5.1.6
 [2006-12-17 06:26 UTC] val@php.net
Thank you for taking the time to report a problem with the package.
Unfortunately you are not using a current version of the package -- 
the problem might already be fixed. Please download a new
version from http://pecl.php.net/packages.php

If you are able to reproduce the bug with one of the latest
versions, please change the package version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PECL.

This bug doesn't reproduce with PHP 5.1.5/5.1.7 and bcompiler 0.8
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 26 18:01:31 2024 UTC