|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67321 Segfault in dab with persistent handler
Submitted: 2014-05-22 02:12 UTC Modified: 2016-08-18 09:10 UTC
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: Assigned: cmb (profile)
Status: Duplicate Package: DBM/DBA related
PHP Version: 5.4.28 OS:
Private report: No CVE-ID: None
 [2014-05-22 02:12 UTC]
ext/dba/tests/dba015.phpt passes, but result a segfault

with backtrace is:

(gdb) bt
#0  0x00000000008fdfb1 in _php_stream_seek (stream=0x724a850, offset=0, whence=0)
    at /home/huixinchen/opensource/trunk/main/streams/streams.c:1304
#1  0x00000000005b7391 in flatfile_findkey (dba=0x724a5e0, key_datum=...)
    at /home/huixinchen/opensource/trunk/ext/dba/libflatfile/flatfile.c:172
#2  0x00000000005b6fbd in flatfile_fetch (dba=0x724a5e0, key_datum=...)
    at /home/huixinchen/opensource/trunk/ext/dba/libflatfile/flatfile.c:90
#3  0x00000000005b54d0 in dba_fetch_flatfile (info=0x7249fd0, key=0x2ac3de2a5910 "key1", keylen=4, skip=0,
    newlen=0x7fff48c7df3c) at /home/huixinchen/opensource/trunk/ext/dba/dba_flatfile.c:70
#4  0x00000000005b31b9 in zif_dba_fetch (ht=2, return_value=0x2ac3de2a8940, return_value_ptr=0x2ac3de26b218,
    this_ptr=0x0, return_value_used=1) at /home/huixinchen/opensource/trunk/ext/dba/dba.c:1035
#5  0x00000000009ba23c in zend_do_fcall_common_helper_SPEC (execute_data=0x2ac3de26b4b0)
    at /home/huixinchen/opensource/trunk/Zend/zend_vm_execute.h:558
#6  0x00000000009c04c1 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x2ac3de26b4b0)
    at /home/huixinchen/opensource/trunk/Zend/zend_vm_execute.h:2585
#7  0x00000000009b96d4 in execute_ex (execute_data=0x2ac3de26b4b0)
    at /home/huixinchen/opensource/trunk/Zend/zend_vm_execute.h:363
#8  0x00000000009b975d in zend_execute (op_array=0x2ac3de2a3e38)
    at /home/huixinchen/opensource/trunk/Zend/zend_vm_execute.h:388
#9  0x0000000000978352 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/huixinchen/opensource/trunk/Zend/zend.c:1330
#10 0x00000000008e0685 in php_execute_script (primary_file=0x7fff48c81670)
    at /home/huixinchen/opensource/trunk/main/main.c:2549
#11 0x0000000000a2717e in do_cli (argc=66, argv=0x6ece940) at /home/huixinchen/opensource/trunk/sapi/cli/php_cli.c:994
#12 0x0000000000a2835b in main (argc=66, argv=0x6ece940) at /home/huixinchen/opensource/trunk/sapi/cli/php_cli.c:1378
(gdb) f 9
#9  0x0000000000978352 in zend_execute_scripts (type=8, retval=0x0, file_count=3)

it's due to persistent handler implemented and our persistent refcount handling...

I will try to fix it later

Test script:

Expected result:

Actual result:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2014-05-22 02:13 UTC]
-Assigned To: +Assigned To: laruence
 [2016-08-18 09:10 UTC]
-Status: Assigned +Status: Duplicate -Assigned To: laruence +Assigned To: cmb
 [2016-08-18 09:10 UTC]
Duplicate of #61390.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Jul 13 17:01:30 2024 UTC