Bug #54585 [Opn->Asn]: track_errors causes segfault

Thu, 21 Apr 2011 07:50:39 -0700 

Edit report at http://bugs.php.net/bug.php?id=54585&edit=1

 ID:                 54585
 Updated by:         fel...@php.net
 Reported by:        arekm at maven dot pl
 Summary:            track_errors causes segfault
-Status:             Open
+Status:             Assigned
 Type:               Bug
 Package:            Reproducible crash
 Operating System:   Linux
 PHP Version:        5.3SVN-2011-04-21 (snap)
-Assigned To:        
+Assigned To:        dmitry
 Block user comment: N
 Private report:     N



Previous Comments:
------------------------------------------------------------------------
[2011-04-21 11:02:20] arekm at maven dot pl

Description:
------------
When track_errors is On then simple code causes php segfault.



It was tested with 5.3.6 final and also with recent php5.3-201104201030
snap.

Test script:
---------------
[arekm@t400 ~/public_html]$ cat a.ini

[PHP]

track_errors = On

[arekm@t400 ~/public_html]$ cat a.php

<?php

function testing($source) {

                unset($source[$cos]);

}

testing($_GET);

?>



[arekm@t400 ~/public_html]$ php -n -c a.ini a.php



zsh: segmentation fault  php -n -c a.ini a.php

Expected result:
----------------
No segfault.

Actual result:
--------------
Starting program: /usr/bin/php -n -c php.ini a.php

[Thread debugging using libthread_db enabled]



Program received signal SIGSEGV, Segmentation fault.

zval_mark_grey (pz=<value optimized out>) at
/usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:372

372                             pz = *(zval**)p->pData;

(gdb) bt

#0  zval_mark_grey (pz=<value optimized out>) at
/usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:372

#1  0x00007ffff7cb7c35 in gc_mark_roots () at
/usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:435

#2  gc_collect_cycles () at
/usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:664

#3  0x00007ffff7c9b0ed in zend_deactivate () at
/usr/src/debug/php-5.3.6.1/Zend/zend.c:900

#4  0x00007ffff7c48a20 in php_request_shutdown (dummy=<value optimized
out>) at /usr/src/debug/php-5.3.6.1/main/main.c:1637

#5  0x0000000000403d0c in main (argc=5, argv=0x7fffffffeb68) at
/usr/src/debug/php-5.3.6.1/sapi/cli/php_cli.c:1374

(gdb) print p

$1 = (Bucket *) 0x400000000

(gdb) print p->pData

Cannot access memory at address 0x400000010

(gdb)


------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=54585&edit=1

Reply via email to