From: cnorthcote at underground dot co dot uk Operating system: Debian Linux PHP version: 5.2.6 PHP Bug Type: Unknown/Other Function Bug description: call_user_function_ex in seperate thread causes segfault
Description: ------------ I am developing an in-house extension which executes call_user_function_ex() within a seperate thread from the main PHP executable. When this function is called, there is a segmentation in free(). I am also able to reproduce this on Debian stable (Etch) as well. PHP was configured with --enable-debug --enable-maintainer-zts. Reproduce code: --------------- See http://pastebin.com/m2ddefa48 Expected result: ---------------- The thread should be run (it is), and "Hello World!" printed to the screen. Actual result: -------------- Thread starts, then: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1213146192 (LWP 9615)] 0xb7cf2abe in free () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt #0 0xb7cf2abe in free () from /lib/tls/i686/cmov/libc.so.6 #1 0xb7cf49ef in malloc () from /lib/tls/i686/cmov/libc.so.6 #2 0x082c6b7a in allocate_new_resource (thread_resources_ptr=0x84a105c, thread_id=3081821104) at /home/ugr/php-5.2.6/TSRM/TSRM.c:275 #3 0x082c6e02 in ts_resource_ex (id=0, th_id=0x0) at /home/ugr/php-5.2.6/TSRM/TSRM.c:361 #4 0x0830cb39 in _emalloc (size=8, __zend_filename=0x8473abc "/home/ugr/php-5.2.6/Zend/zend_operators.h", __zend_lineno=296, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /home/ugr/php-5.2.6/Zend/zend_alloc.c:2277 #5 0x08321fbd in zend_str_tolower_dup (source=0x859edd8 "test_userfunc", length=7) at /home/ugr/php-5.2.6/Zend/zend_operators.h:296 #6 0x08320ef1 in zend_call_function (fci=0xb7b0d3e4, fci_cache=0x0, tsrm_ls=0x84a1050) at /home/ugr/php-5.2.6/Zend/zend_execute_API.c:848 #7 0x08320075 in call_user_function_ex (function_table=0x84a2438, object_pp=0x0, function_name=0x859ebc0, retval_ptr_ptr=0xb7b0d448, param_count=0, params=0x0, no_separation=0, symbol_table=0x0, tsrm_ls=0x84a1050) at /home/ugr/php-5.2.6/Zend/zend_execute_API.c:640 #8 0xb7f781a0 in userfunc_execute (args=0x859edc8) at /home/ugr/php_ugmt/ugmt.c:160 #9 0xb7dc4240 in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 #10 0xb7d5849e in clone () from /lib/tls/i686/cmov/libc.so.6 -- Edit bug report at http://bugs.php.net/?id=45542&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=45542&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=45542&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=45542&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=45542&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=45542&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=45542&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=45542&r=needscript Try newer version: http://bugs.php.net/fix.php?id=45542&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=45542&r=support Expected behavior: http://bugs.php.net/fix.php?id=45542&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=45542&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=45542&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=45542&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=45542&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=45542&r=dst IIS Stability: http://bugs.php.net/fix.php?id=45542&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=45542&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=45542&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=45542&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=45542&r=mysqlcfg
