ID: 43092 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Open +Status: Closed Bug Type: cURL related Operating System: Windows Vista PHP Version: 5.2CVS-2007-10-24 (snap) New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2007-11-12 21:24:55] [EMAIL PROTECTED] It looks like the debug symbols weren't loaded. Here's an updated version, also with a cleaner configuration: Thread 0 - System ID 5576 Entry point php!mainCRTStartup Create time 11/12/2007 4:22:10 PM Time spent in user mode 0 Days 0:0:0.15 Time spent in kernel mode 0 Days 0:0:0.15 Function Arg 1 Arg 2 Arg 3 Source php5ts!_zend_mm_alloc_int+49 00000030 00000027 100a07c8 php5ts!_emalloc+36 00000027 0190fe28 01911328 php5ts!_zend_hash_quick_add_or_update+208 00000006 01911288 00000004 php5ts!ZEND_RECV_SPEC_HANDLER+76a 00c0fb2c 003e2950 0190fda0 php5ts!execute+1b7 019111f0 003e2950 0190dcdd php5ts!zend_do_fcall_common_helper_SPEC+95b 00c0fc1c 003e2950 1001e207 php5ts!ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER+15 00c0fbd0 003e2950 003e2950 php5ts!execute+1b7 0190dd70 003e2950 00000000 php5ts!zend_execute_scripts+107 00000008 003e2950 00000000 php5ts!php_execute_script+20d 00c0fea8 003e2950 00000000 php!main+c0e 00000005 003e28c8 003e1948 php!mainCRTStartup+e3 7ffdf000 00c0ffec 7796a9bd kernel32!BaseThreadInitThunk+e 7ffdf000 00c0b59e 00000000 ntdll!_RtlUserThreadStart+23 00402c12 7ffdf000 00000000 PHP5TS!_ZEND_MM_ALLOC_INT+49In php__PID__1000__Date__11_12_2007__Time_04_22_20PM__712__Second_Chance_Exception_C0000005.dmp the assembly instruction at php5ts!_zend_mm_alloc_int+49 in C:\Software\PHP\versions\5.3.0-dev\php5ts.dll from The PHP Group has caused an access violation exception (0xC0000005) when trying to read from memory location 0x00000010 on thread 0 ------------------------------------------------------------------------ [2007-11-12 21:19:09] [EMAIL PROTECTED] I'm not sure if I did this correctly, but here goes. Crash analysis using Debug Diagnostic on a PHP 5.3 snap: Thread 0 - System ID 5952 Entry point php+2c12 Create time 11/12/2007 4:15:46 PM Time spent in user mode 0 Days 0:0:0.15 Time spent in kernel mode 0 Days 0:0:0.140 Function Arg 1 Arg 2 Arg 3 Source php5ts!zend_mm_shutdown+139 00000030 00000027 100a07c8 php5ts!emalloc+36 00000000 00000000 00000000 PHP5TS!ZEND_MM_SHUTDOWN+139WARNING - DebugDiag was not able to locate debug symbols for php5ts.dll, so the information below may be incomplete. In php__PID__4492__Date__11_12_2007__Time_04_15_56PM__383__Second_Chance_Exception_C0000005.dmp the assembly instruction at php5ts!zend_mm_shutdown+139 in C:\Software\PHP\versions\5.3.0-dev\php5ts.dll from The PHP Group has caused an access violation exception (0xC0000005) when trying to read from memory location 0x00000010 on thread 0 ------------------------------------------------------------------------ [2007-10-24 22:33:59] [EMAIL PROTECTED] Tested it on 5.2-dev and 6.0-dev snapshots, incorrect behavior is same on both. ------------------------------------------------------------------------ [2007-10-24 03:55:16] [EMAIL PROTECTED] Description: ------------ I don't know what to make of this behavior. When CURL creates a handle with 32 characters or more to the local filesystem, duplicates it, and then PHP attempts to create a new object while passing in a parameter that is an array of values, PHP crashes. I could only produce this behavior on Windows Vista. Reproduce code: --------------- <?php // for Windows Vista, PHP 5.2.4 class foo { function __construct($var) {} } curl_copy_handle(curl_init('12345678901234567890123456789012')); // 32 or longer new foo(array('foo')); echo 'Yay!'; Expected result: ---------------- Output of 'Yay!' Actual result: -------------- PHP aborts prematurely ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=43092&edit=1