Edit report at http://bugs.php.net/bug.php?id=54585&edit=1
ID: 54585 Updated by: dmi...@php.net Reported by: arekm at maven dot pl Summary: track_errors causes segfault -Status: Assigned +Status: Closed Type: Bug Package: Reproducible crash Operating System: Linux PHP Version: 5.3SVN-2011-04-21 (snap) Assigned To: dmitry Block user comment: N Private report: N New Comment: This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2011-04-25 09:50:10] dmi...@php.net Automatic comment from SVN on behalf of dmitry Revision: http://svn.php.net/viewvc/?view=revision&revision=310465 Log: Fixed bug #54585 (track_errors causes segfault) ------------------------------------------------------------------------ [2011-04-21 11:02:20] arekm at maven dot pl Description: ------------ When track_errors is On then simple code causes php segfault. It was tested with 5.3.6 final and also with recent php5.3-201104201030 snap. Test script: --------------- [arekm@t400 ~/public_html]$ cat a.ini [PHP] track_errors = On [arekm@t400 ~/public_html]$ cat a.php <?php function testing($source) { unset($source[$cos]); } testing($_GET); ?> [arekm@t400 ~/public_html]$ php -n -c a.ini a.php zsh: segmentation fault php -n -c a.ini a.php Expected result: ---------------- No segfault. Actual result: -------------- Starting program: /usr/bin/php -n -c php.ini a.php [Thread debugging using libthread_db enabled] Program received signal SIGSEGV, Segmentation fault. zval_mark_grey (pz=<value optimized out>) at /usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:372 372 pz = *(zval**)p->pData; (gdb) bt #0 zval_mark_grey (pz=<value optimized out>) at /usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:372 #1 0x00007ffff7cb7c35 in gc_mark_roots () at /usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:435 #2 gc_collect_cycles () at /usr/src/debug/php-5.3.6.1/Zend/zend_gc.c:664 #3 0x00007ffff7c9b0ed in zend_deactivate () at /usr/src/debug/php-5.3.6.1/Zend/zend.c:900 #4 0x00007ffff7c48a20 in php_request_shutdown (dummy=<value optimized out>) at /usr/src/debug/php-5.3.6.1/main/main.c:1637 #5 0x0000000000403d0c in main (argc=5, argv=0x7fffffffeb68) at /usr/src/debug/php-5.3.6.1/sapi/cli/php_cli.c:1374 (gdb) print p $1 = (Bucket *) 0x400000000 (gdb) print p->pData Cannot access memory at address 0x400000010 (gdb) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=54585&edit=1
