#45805 [NEW]: sebastian

[EMAIL PROTECTED] Tue, 12 Aug 2008 23:44:13 -0700

From:             [EMAIL PROTECTED]
Operating system: Linux
PHP version:      5.3CVS-2008-08-13 (CVS)
PHP Bug Type:     Reproducible crash
Bug description:  sebastian


Description:
------------
The attached PHP script segfaults with both PHP_5_2 and PHP_5_3.

Reproduce code:
---------------
<?php
class PHPUnit_Util_ErrorHandler
{
    public static function handleError($errno, $errstr, $errfile,
$errline)
    {
        throw new RuntimeException;
    }
}

class A {
    public function getX() {
        return NULL;
    }
}

class B {
    public function foo() {
        $obj    = new A;
        $source = &$obj->getX();
    }

    public function bar() {
        $m = new ReflectionMethod('B', 'foo');
        $m->invoke($this);
    }
}

set_error_handler(
  array('PHPUnit_Util_ErrorHandler', 'handleError'), E_ALL | E_STRICT
);
            
$o = new B;
$o->bar();
?>

Actual result:
--------------
[EMAIL PROTECTED] ~ % gdb php
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(gdb) r test.php
Starting program: /usr/local/php-5.3/bin/php test.php
[Thread debugging using libthread_db enabled]
[New Thread 0xb77fc6b0 (LWP 21404)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb77fc6b0 (LWP 21404)]
0x085674c0 in _get_zval_ptr_var (node=0x8a5546c, Ts=0x8c0f888,
should_free=0xbfe03efc, tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_execute.c:197
197                     if (T->str_offset.str->type != IS_STRING
(gdb) bt
#0  0x085674c0 in _get_zval_ptr_var (node=0x8a5546c, Ts=0x8c0f888,
should_free=0xbfe03efc, tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_execute.c:197
#1  0x085c65fa in ZEND_ASSIGN_SPEC_CV_VAR_HANDLER (execute_data=0x8c0f82c,
tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_vm_execute.h:27470
#2  0x085c69fd in ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER
(execute_data=0x8c0f82c, tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_vm_execute.h:27515
#3  0x085628ec in execute (op_array=0x8be2214, tsrm_ls=0x8a53070) at
/usr/local/src/php/php-5.3/Zend/zend_vm_execute.h:104
#4  0x08523d5e in zend_call_function (fci=0xbfe04144,
fci_cache=0xbfe04168, tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_execute_API.c:876
#5  0x08237261 in zim_reflection_method_invoke (ht=1,
return_value=0x8be3e5c, return_value_ptr=0x0, this_ptr=0x8be0854, 
    return_value_used=0, tsrm_ls=0x8a53070) at
/usr/local/src/php/php-5.3/ext/reflection/php_reflection.c:2510
#6  0x085639bf in zend_do_fcall_common_helper_SPEC
(execute_data=0x8c0f738, tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_vm_execute.h:315
#7  0x08564a4f in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(execute_data=0x8c0f738, tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/Zend/zend_vm_execute.h:428
#8  0x085628ec in execute (op_array=0x8be2b68, tsrm_ls=0x8a53070) at
/usr/local/src/php/php-5.3/Zend/zend_vm_execute.h:104
#9  0x085347e4 in zend_execute_scripts (type=8, tsrm_ls=0x8a53070,
retval=0x0, file_count=3)
    at /usr/local/src/php/php-5.3/Zend/zend.c:1199
#10 0x084ad611 in php_execute_script (primary_file=0xbfe06630,
tsrm_ls=0x8a53070)
    at /usr/local/src/php/php-5.3/main/main.c:2073
#11 0x085d19a4 in main (argc=2, argv=0xbfe067a4) at
/usr/local/src/php/php-5.3/sapi/cli/php_cli.c:1132

-- 
Edit bug report at http://bugs.php.net/?id=45805&edit=1
-- 
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=45805&r=trysnapshot52
Try a CVS snapshot (PHP 5.3): 
http://bugs.php.net/fix.php?id=45805&r=trysnapshot53
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=45805&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=45805&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=45805&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=45805&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=45805&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=45805&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=45805&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=45805&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=45805&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=45805&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=45805&r=globals
PHP 4 support discontinued:   http://bugs.php.net/fix.php?id=45805&r=php4
Daylight Savings:             http://bugs.php.net/fix.php?id=45805&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=45805&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=45805&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=45805&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=45805&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=45805&r=mysqlcfg

#45805 [NEW]: sebastian

Reply via email to