Edit report at https://bugs.php.net/bug.php?id=62084&edit=1
ID: 62084 User updated by: victor dot kupriyanov at gmail dot com Reported by: victor dot kupriyanov at gmail dot com Summary: Segfault during inheritance check on method -Status: Feedback +Status: Open Type: Bug Package: Scripting Engine problem Operating System: Any PHP Version: 5.4.3 Block user comment: N Private report: N New Comment: I can not reproduce the bug on custom build from the specified snapshot: $ /tmp/php5.4/bin/php a.php PHP Strict Standards: Declaration of C::b() should be compatible with B::b(A $a) in /tmp/a.php on line 13 Strict Standards: Declaration of C::b() should be compatible with B::b(A $a) in /tmp/a.php on line 13 PHP Catchable fatal error: Argument 1 passed to B::b() must be an instance of A, none given, called in /tmp/a.php on line 16 and defined in /tmp/a.php on line 8 Catchable fatal error: Argument 1 passed to B::b() must be an instance of A, none given, called in /tmp/a.php on line 16 and defined in /tmp/a.php on line 8 $ /tmp/php5.4/bin/php -m [PHP Modules] apc Core ctype date dom ereg fileinfo filter hash iconv json libxml pcre PDO pdo_sqlite Phar posix Reflection session SimpleXML SPL sqlite3 standard tokenizer xml xmlreader xmlwriter [Zend Modules] So you may assume it is fixed or invalid. Previous Comments: ------------------------------------------------------------------------ [2012-05-21 03:07:05] fel...@php.net Please try using this snapshot: http://snaps.php.net/php5.4-latest.tar.gz For Windows: http://windows.php.net/snapshots/ ------------------------------------------------------------------------ [2012-05-21 02:54:42] victor dot kupriyanov at gmail dot com Ok, I disabled xdebug: $ php -m [PHP Modules] apc bcmath bz2 calendar Core ctype curl date dba dom enchant ereg exif fileinfo filter ftp gd gettext gmp hash iconv imagick imap intl json ldap libxml mbstring mcrypt mhash mssql mysql mysqli odbc openssl pcntl pcre PDO pdo_dblib pdo_mysql PDO_ODBC pdo_pgsql pdo_sqlite pgsql Phar posix pspell readline recode Reflection session shmop SimpleXML snmp soap sockets SPL sqlite3 ssh2 standard sysvmsg sysvsem sysvshm tidy tokenizer wddx xml xmlreader xmlrpc xmlwriter xsl zip zlib [Zend Modules] Still got the same stacktrace: $ gdb php GNU gdb (GDB) Fedora (7.2-52.fc14) ... (gdb) set args a.php (gdb) r Starting program: /usr/bin/php a.php [Thread debugging using libthread_db enabled] [New Thread 0x7fffe89f9700 (LWP 6709)] [Thread 0x7fffe89f9700 (LWP 6709) exited] Program received signal SIGSEGV, Segmentation fault. zend_get_function_declaration (fptr=0x0) at /usr/src/debug/php- 5.4.3/Zend/zend_compile.c:3046 3046 if (fptr->op_array.fn_flags & ZEND_ACC_RETURN_REFERENCE) { (gdb) bt #0 zend_get_function_declaration (fptr=0x0) at /usr/src/debug/php- 5.4.3/Zend/zend_compile.c:3046 #1 0x00000000005a2479 in do_inheritance_check_on_method (child=0x7ffff7fc05e0, parent=0x7ffff7fc1000) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3267 #2 0x00000000005a2665 in do_inherit_method_check (child_function_table=<value optimized out>, parent=<value optimized out>, hash_key=<value optimized out>, child_ce= 0x7ffff7fc0398) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3288 #3 0x00000000005d3cf1 in zend_hash_replace_checker_wrapper (target=0x7ffff7fc03c0, source=<value optimized out>, pCopyConstructor=0x5a7bc0 <do_inherit_method>, size=240, pMergeSource=0x5a2620 <do_inherit_method_check>, pParam=0x7ffff7fc0398) at /usr/src/debug/php-5.4.3/Zend/zend_hash.c:878 #4 zend_hash_merge_ex (target=0x7ffff7fc03c0, source=<value optimized out>, pCopyConstructor=0x5a7bc0 <do_inherit_method>, size=240, pMergeSource= 0x5a2620 <do_inherit_method_check>, pParam=0x7ffff7fc0398) at /usr/src/debug/php-5.4.3/Zend/zend_hash.c:892 #5 0x00000000005a850b in zend_do_inheritance (ce=0x7ffff7fc0398, parent_ce=0x7ffff7fc00e0) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3519 #6 0x00000000005a962c in do_bind_inherited_class (op_array=<value optimized out>, opline=<value optimized out>, class_table=0xdf4c30, parent_ce=0x7ffff7fc00e0, compile_time=1 '\001') at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:4569 #7 0x00000000005a985a in zend_do_early_binding () at /usr/src/debug/php- 5.4.3/Zend/zend_compile.c:4626 #8 0x000000000058c1ca in zendparse () at /usr/src/debug/php- 5.4.3/Zend/zend_language_parser.c:3547 #9 0x000000000058fa0d in compile_file (file_handle=0x7fffffffdec0, type=<value optimized out>) at Zend/zend_language_scanner.l:579 #10 0x00007fffeb906042 in phar_compile_file (file_handle=0x7fffffffdec0, type=8) at /usr/src/debug/php-5.4.3/ext/phar/phar.c:3391 #11 0x00000000005c70ca in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/debug/php-5.4.3/Zend/zend.c:1264 #12 0x0000000000566cc3 in php_execute_script (primary_file=0x7fffffffdec0) at /usr/src/debug/php-5.4.3/main/main.c:2473 #13 0x0000000000672395 in do_cli (argc=2, argv=0x7fffffffe1f8) at /usr/src/debug/php-5.4.3/sapi/cli/php_cli.c:983 #14 0x0000000000672cbc in main (argc=2, argv=0x7fffffffe1f8) at /usr/src/debug/php-5.4.3/sapi/cli/php_cli.c:1356 I checked also on Windows build, and another Linux distribution with the same effect. ------------------------------------------------------------------------ [2012-05-21 02:39:01] fel...@php.net I can't reproduce it. Try disabling the xdebug and testing it again. ------------------------------------------------------------------------ [2012-05-21 02:27:31] victor dot kupriyanov at gmail dot com Description: ------------ When inherited method has different type hinting information for the method parameters and E_STRICT error reporting level is set - PHP tries to report method declaration incompatibility and segfaults on attempt to dereference a null pointer. Test script: --------------- <?php class A {} class B { public function b(A $a) {} } class C extends B { public function b($a) {} } $a = new C(); Expected result: ---------------- Valid message explaining that inherited method has a different signature. Actual result: -------------- $ php a.php Segmentation fault (core dumped) ... (gdb) bt #0 zend_get_function_declaration (fptr=0x0) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3046 #1 0x00000000005a2479 in do_inheritance_check_on_method (child= 0x7ffff7fc3558, parent=0x7ffff7fc3f18) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3267 #2 0x00000000005a2665 in do_inherit_method_check ( child_function_table=<value optimized out>, parent=<value optimized out>, hash_key=<value optimized out>, child_ce=0x7ffff7fc3310) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3288 #3 0x00000000005d3cf1 in zend_hash_replace_checker_wrapper (target= 0x7ffff7fc3338, source=<value optimized out>, pCopyConstructor= 0x5a7bc0 <do_inherit_method>, size=240, pMergeSource= 0x5a2620 <do_inherit_method_check>, pParam=0x7ffff7fc3310) at /usr/src/debug/php-5.4.3/Zend/zend_hash.c:878 #4 zend_hash_merge_ex (target=0x7ffff7fc3338, source=<value optimized out>, pCopyConstructor=0x5a7bc0 <do_inherit_method>, size=240, pMergeSource= 0x5a2620 <do_inherit_method_check>, pParam=0x7ffff7fc3310) at /usr/src/debug/php-5.4.3/Zend/zend_hash.c:892 #5 0x00000000005a850b in zend_do_inheritance (ce=0x7ffff7fc3310, parent_ce= 0x7ffff7fc2ff8) at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:3519 #6 0x00000000005a962c in do_bind_inherited_class ( op_array=<value optimized out>, opline=<value optimized out>, class_table= 0xdf4c30, parent_ce=0x7ffff7fc2ff8, compile_time=1 '\001') at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:4569 #7 0x00000000005a985a in zend_do_early_binding () at /usr/src/debug/php-5.4.3/Zend/zend_compile.c:4626 #8 0x000000000058c1ca in zendparse () at /usr/src/debug/php-5.4.3/Zend/zend_language_parser.c:3547 #9 0x000000000058fa0d in compile_file (file_handle=0x7fffffffdec0, type=<value optimized out>) at Zend/zend_language_scanner.l:579 #10 0x00007fffeb6d4042 in phar_compile_file (file_handle=0x7fffffffdec0, type= 8) at /usr/src/debug/php-5.4.3/ext/phar/phar.c:3391 #11 0x00007ffff1d8101d in xdebug_compile_file ( file_handle=<value optimized out>, type=<value optimized out>) at /usr/src/debug/php-pecl-xdebug-2.2.0/xdebug-2.2.0/xdebug.c:1537 #12 0x00000000005c70ca in zend_execute_scripts (type=8, retval=0x0, file_count= 3) at /usr/src/debug/php-5.4.3/Zend/zend.c:1264 #13 0x0000000000566cc3 in php_execute_script (primary_file=0x7fffffffdec0) at /usr/src/debug/php-5.4.3/main/main.c:2473 #14 0x0000000000672395 in do_cli (argc=2, argv=0x7fffffffe1f8) at /usr/src/debug/php-5.4.3/sapi/cli/php_cli.c:983 #15 0x0000000000672cbc in main (argc=2, argv=0x7fffffffe1f8) at /usr/src/debug/php-5.4.3/sapi/cli/php_cli.c:1356 ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=62084&edit=1