Edit report at https://bugs.php.net/bug.php?id=60158&edit=1
ID: 60158 User updated by: michael dot irey at gmail dot com Reported by: michael dot irey at gmail dot com -Summary: Segmentation fault in _zend_mm_free_canary_int +Summary: Segmentation fault in zend_variables.c Status: Bogus Type: Bug Package: Apache2 related Operating System: Ubuntu 10.04.3 LTS PHP Version: 5.3.x Block user comment: N Private report: N New Comment: Updated the summary line to contain zend_variables.c Previous Comments: ------------------------------------------------------------------------ [2011-10-31 18:47:39] michael dot irey at gmail dot com Ok, I have reproduced the bug from a clean PHP build using 5.3.8 Here is the new gdb details: Program terminated with signal 11, Segmentation fault. #0 0x00007fabd4b288b6 in _zval_dtor_func (zvalue=0x7fff0a50eb70, __zend_filename=0x7fabd4ea8558 "/root/downloads/php- 5.3.8/Zend/zend_object_handlers.c", __zend_lineno=441) at /root/downloads/php-5.3.8/Zend/zend_variables.c:35 35 CHECK_ZVAL_STRING_REL(zvalue); (gdb) dump_bt executor_globals.current_execute_data [0xd8959e80] setElement() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Form/Decorator/Abstract.php:186 [0xd8959b18] setElement() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Form/Element.php:2030 [0xd8959940] render() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Form/Element.php:2046 [0x0a50eec0] __toString() [0xd89580d0] ??? /web/vhosts/imac.michael.dev.bluehawk.evanta.com/website/application/views/scrip ts/contacts/duplicate.phtml:62 [0xd8957ed0] ??? /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/View.php:108 [0xd8957c88] _run() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/View/Abstract.php:888 [0xd89579b8] render() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/Helper/ViewRenderer.php:900 [0xd89577b0] renderScript() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/Helper/ViewRenderer.php:921 [0xd8957670] render() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/Helper/ViewRenderer.php:960 [0xd89574a8] postDispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/HelperBroker.php:277 [0xd8956e20] notifyPostDispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action.php:527 [0xd8956008] dispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Dispatcher/Standard.php:295 [0xd89545e0] dispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Front.php:954 [0xd89541e0] dispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Application/Bootstrap/Bootstrap.php:97 [0xd89540a0] run() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Application.php:366 [0xd8953090] run() /web/vhosts/imac.michael.dev.bluehawk.evanta.com/website/public/index.php:69 ------------------------------------------------------------------------ [2011-10-28 16:14:44] fel...@php.net zend_alloc_canary.c is from Suhosin project, not PHP. So, try reproduce the crash in a clean PHP build. ------------------------------------------------------------------------ [2011-10-28 16:10:58] michael dot irey at gmail dot com Added more detail in the summary ------------------------------------------------------------------------ [2011-10-28 16:05:50] michael dot irey at gmail dot com Description: ------------ Using ZendFramework-1.11.10. Seg fault occurs also in 5.3.2 as well as 5.3.8. Does not occur in 5.2.4. Difficult to reproduce, but I will include the gdb backtrace. Basically assigning the value of variable to another, causes the seg fault. I can not determine why. The line $this->_element = $element; causes the seg fault. Test script: --------------- public function setElement($element) { if ((!$element instanceof Zend_Form_Element) && (!$element instanceof Zend_Form) && (!$element instanceof Zend_Form_DisplayGroup)) { require_once 'Zend/Form/Decorator/Exception.php'; throw new Zend_Form_Decorator_Exception('Invalid element type passed to decorator'); } $this->_element = $element; return $this; } Expected result: ---------------- Not this: exit signal Segmentation fault (11) Actual result: -------------- Program terminated with signal 11, Segmentation fault. #0 0x00007ffd348abe53 in _zend_mm_free_canary_int (heap=0x7ffd39b11130, p=0x21143c453bb97f0f) at /build/buildd/php5-5.3.2/Zend/zend_alloc_canary.c:2090 2090 /build/buildd/php5-5.3.2/Zend/zend_alloc_canary.c: No such file or directory. in /build/buildd/php5-5.3.2/Zend/zend_alloc_canary.c (gdb) dump_bt executor_globals.current_execute_data [0x386f2e30] setElement() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Form/Decorator/Abstract.php:186 [0x386f2ac8] setElement() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Form/Element.php:2030 [0x386f28f0] render() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Form/Element.php:2046 [0xa59d03f0] __toString() [0x386f1080] ??? /web/vhosts/imac.michael.dev.bluehawk.evanta.com/website/application/views/scrip ts/contacts/duplicate.phtml:186 [0x386f0e80] ??? /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/View.php:108 [0x386f0c38] _run() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/View/Abstract.php:888 [0x386f0968] render() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/Helper/ViewRenderer.php:900 [0x386f0760] renderScript() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/Helper/ViewRenderer.php:921 [0x386f0620] render() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/Helper/ViewRenderer.php:960 [0x386f0458] postDispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action/HelperBroker.php:277 [0x386efdd0] notifyPostDispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Action.php:527 [0x386eefb8] dispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Dispatcher/Standard.php:295 [0x386ed590] dispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Controller/Front.php:954 [0x386ed190] dispatch() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Application/Bootstrap/Bootstrap.php:97 [0x386ed050] run() /web/lib/zend/ZendFramework-1.11.10- minimal/library/Zend/Application.php:366 [0x386ec068] run() /web/vhosts/imac.michael.dev.bluehawk.evanta.com/website/public/index.php:69 ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=60158&edit=1