From: hertzsprung at mail dot com
Operating system: linux 2.4
PHP version: 5.0.0b2 (beta2)
PHP Bug Type: Reproducible crash
Bug description: Segfault when throwing exceptions from function called by
call_user_func()
Description:
------------
Throwing exceptions from within a dynamically called function (via
call_user_func or equivalent) causes PHP to segfault.
Reproduce code:
---------------
<pre>
<?php
error_reporting(E_ALL);
class mzTestCase {
public function run() {
try {
call_user_func(array($this, 'runTest'));
} catch (Exception $e) {
print "Exception caught ($e)";
}
}
function runTest() {
print "mseoj\n";
//SEGFAULTS
throw new mzTestFailureException();
}
}
class mzTestFailureException extends Exception {}
$tc = new mzTestCase();
$tc->run();
?>
Expected result:
----------------
Exception caught (the mzTestFailureException details)
Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 674)]
0x4046975a in zend_do_fcall_common_helper (execute_data=0xbfffd050,
op_array=0x80b37b4) at
/root/temp/php-5.0.0b2/Zend/zend_execute.c:2628
2628 if (EG(exception) &&
EX(fbc)->common.fn_flags&ZEND_ACC_CTOR) {
(gdb) bt
#0 0x4046975a in zend_do_fcall_common_helper (execute_data=0xbfffd050,
op_array=0x80b37b4) at
/root/temp/php-5.0.0b2/Zend/zend_execute.c:2628
#1 0x40469a77 in zend_do_fcall_handler (execute_data=0xbfffd050,
op_array=0x80b37b4) at
/root/temp/php-5.0.0b2/Zend/zend_execute.c:2696
#2 0x40464e47 in execute (op_array=0x80b37b4)
at /root/temp/php-5.0.0b2/Zend/zend_execute.c:1271
#3 0x40469409 in zend_do_fcall_common_helper (execute_data=0xbfffd320,
op_array=0x80b2d50) at
/root/temp/php-5.0.0b2/Zend/zend_execute.c:2579
#4 0x40469947 in zend_do_fcall_by_name_handler (execute_data=0xbfffd320,
op_array=0x80b2d50) at
/root/temp/php-5.0.0b2/Zend/zend_execute.c:2665
#5 0x40464e47 in execute (op_array=0x80b2d50)
at /root/temp/php-5.0.0b2/Zend/zend_execute.c:1271
#6 0x40440ad4 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /root/temp/php-5.0.0b2/Zend/zend.c:1009
#7 0x403f9b2b in php_execute_script (primary_file=0xbffff638)
at /root/temp/php-5.0.0b2/main/main.c:1622
#8 0x40471d7e in apache_php_module_main (r=0x815c3b4,
display_source_mode=0)
at /root/temp/php-5.0.0b2/sapi/apache/sapi_apache.c:54
#9 0x40472e30 in send_php (r=0x815c3b4, display_source_mode=0,
filename=0x815df4c "/var/www/html/tmp/tests/call_user_func2.php")
at /root/temp/php-5.0.0b2/sapi/apache/mod_php5.c:621
#10 0x40472eaf in send_parsed_php (r=0x815c3b4)
at /root/temp/php-5.0.0b2/sapi/apache/mod_php5.c:636
#11 0x08053ab4 in ap_invoke_handler ()
#12 0x0806342c in ap_some_auth_required ()
#13 0x08063488 in ap_process_request ()
#14 0x0805cc6b in ap_child_terminate ()
#15 0x0805cdfc in ap_child_terminate ()
#16 0x0805cf19 in ap_child_terminate ()
#17 0x0805d3f5 in ap_child_terminate ()
#18 0x0805dafd in main ()
#19 0x400f814f in __libc_start_main () from /lib/libc.so.6
--
Edit bug report at http://bugs.php.net/?id=26520&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26520&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26520&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=26520&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=26520&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=26520&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=26520&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=26520&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=26520&r=support
Expected behavior: http://bugs.php.net/fix.php?id=26520&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=26520&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=26520&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=26520&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26520&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=26520&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=26520&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=26520&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=26520&r=float
