ID: 29929
Comment by: jeremias at terragate dot net
Reported By: jr at terragate dot net
Status: Open
Bug Type: Reproducible crash
Operating System: Gentoo Linux 1.4
PHP Version: 5.0.1
New Comment:
IMHO this bug is serious and should block 5.0.3
May anyone confirm this bug please.
Previous Comments:
------------------------------------------------------------------------
[2004-09-25 23:52:37] stv at seznam dot cz
Same problem with apache 1.3.31 with php 5.0.1 or 5.0.2 as module on
Win2000.
Vasek
------------------------------------------------------------------------
[2004-09-01 10:25:25] jr at terragate dot net
Description:
------------
An Apache child (1.3.x and 2.0.x prefork) crashes if a call to
array_walk_recursive has been made in a previous request.
For this reason this bug isn't reproduceable with php-cgi nor
php-cli.
To reliably reproduce this bug run apache (with mod_php) in single
process mode (-X) to be sure that the same process will serve the two
requests and request the given page twice (or any other php page as
second request).
PHP configure:
'./configure' '--prefix=/usr' '--host=i686-pc-linux-gnu'
'--mandir=/usr/share/man' '--infodir=/usr/share/info'
'--datadir=/usr/share' '--sysconfdir=/etc' '--localstatedir=/var/lib'
'--with-apxs=/usr/sbin/apxs'
'--with-config-file-path=/etc/php/apache1-php5' '--without-pear'
'--disable-bcmath' '--without-bz2' '--disable-calendar'
'--without-jpeg-dir' '--without-cpdflib' '--disable-ctype'
'--without-curl' '--without-curlwrappers' '--disable-dbase'
'--disable-dio' '--disable-exif' '--without-fam' '--without-fbsql'
'--without-fdftk' '--disable-filepro' '--disable-ftp' '--with-gettext'
'--without-gmp' '--without-hwapi' '--without-iconv'
'--without-informix' '--without-ingres' '--without-interbase'
'--enable-mbstring' '--with-mcrypt' '--without-openssl-dir'
'--without-mcve' '--disable-memory-limit' '--without-mhash'
'--without-mime-magic' '--without-ming' '--without-mnogosearch'
'--without-msql' '--without-mssql' '--with-ncurses' '--without-oci8'
'--without-oracle' '--with-openssl' '--without-ovrimos'
'--enable-pcntl' '--without-pfpro' '--without-pgsql' '--with-pspell'
'--without-recode' '--disable-simplexml' '--disable-shmop'
'--without-snmp' '--disable-soap' '--disable-sockets' '--disable-spl'
'--without-sybase' '--without-sybase-ct' '--disable-sysvmsg'
'--disable-sysvsem' '--disable-sysvshm' '--without-tidy'
'--disable-tokenizer' '--disable-wddx' '--without-xsl'
'--without-xmlrpc' '--disable-yp' '--with-zlib' '--without-cdb'
'--with-db4' '--without-dbm' '--without-flatfile' '--with-gdbm'
'--without-inifile' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--enable-gd-jis-conf' '--enable-gd-native-ttf'
'--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-tiff-dir=/usr'
'--without-xpm-dir' '--with-gd' '--with-ldap' '--without-ldap-sasl'
'--with-mysql' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mm' '--without-msession' '--without-sqlite' '--enable-dba'
'--with-readline' '--without-libedit'
Reproduce code:
---------------
<?php
function process_value($key, $value)
{
// nothing done here
}
$nested_array = array('foo' => array('bar' => 'baz'));
array_walk_recursive($nested_array, 'process_value');
?>
Expected result:
----------------
No Segmentation fault
Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 15154)]
0x00000006 in ?? ()
(gdb) bt
#0 0x00000006 in ?? ()
#1 0x4062404f in zend_call_function (fci=0xbfffcd60,
fci_cache=0x4083458c)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend_execute_API.c:853
#2 0x4056dfa0 in php_array_walk (target_hash=0x81724ac, userdata=0x0,
recursive=1)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/ext/standard/array.c:1045
#3 0x4056de86 in php_array_walk (target_hash=0x81725fc, userdata=0x0,
recursive=1)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/ext/standard/array.c:1019
#4 0x4056e3f7 in zif_array_walk_recursive (ht=2,
return_value=0x81725b4, this_ptr=0x0,
return_value_used=0) at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/ext/standard/array.c:1135
#5 0x40651739 in execute_internal (execute_data_ptr=0xbfffd030,
return_value_used=0)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend_execute.c:1347
#6 0x4083f0ba in apd_execute_internal (execute_data_ptr=0x6,
return_value_used=6)
at /tmp/tmphGEKR6/apd-1.0/php_apd.c:538
#7 0x406552f1 in zend_do_fcall_common_helper (execute_data=0xbfffd030,
opline=0x8176acc,
op_array=0x81723b4) at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend_execute.c:2710
#8 0x406559ad in zend_do_fcall_handler (execute_data=0xbfffd030,
opline=0x8176acc, op_array=0x81723b4)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend_execute.c:2840
#9 0x406518da in execute (op_array=0x81723b4)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend_execute.c:1400
#10 0x4083f01a in apd_execute (op_array=0x81723b4) at
/tmp/tmphGEKR6/apd-1.0/php_apd.c:518
#11 0x4062f5ac in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend.c:1061
#12 0x405eaf14 in php_execute_script (primary_file=0xbffff3e0)
at /var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/main/main.c:1627
#13 0x4065d18e in apache_php_module_main (r=0x8161d28,
display_source_mode=0)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/sapi/apache/sapi_apache.c:54
#14 0x4065e123 in send_php (r=0x8161d28, display_source_mode=0,
filename=0x8163e30 "/var/www/localhost/htdocs/crash.php")
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/sapi/apache/mod_php5.c:622
#15 0x4065e1a8 in send_parsed_php (r=0x8161d28)
at
/var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/sapi/apache/mod_php5.c:637
#16 0x0805595a in ap_invoke_handler (r=0x8161d28) at http_config.c:475
#17 0x0806c403 in process_request_internal (r=0x8161d28) at
http_request.c:1289
#18 0x0806c460 in ap_process_request (r=0x8161d28) at
http_request.c:1305
#19 0x08062ccb in child_main (child_num_arg=0) at http_main.c:4873
#20 0x08062e9a in make_child (s=0x80990b0, slot=0, now=1094026044) at
http_main.c:4997
#21 0x08063023 in startup_children (number_to_start=4) at
http_main.c:5079
#22 0x08063738 in standalone_main (argc=2, argv=0xbffff894) at
http_main.c:5401
#23 0x08063ffe in main (argc=2, argv=0xbffff894) at http_main.c:5758
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=29929&edit=1
