ID: 36626
User updated by: fcartegnie at nordnet dot fr
Reported By: fcartegnie at nordnet dot fr
-Status: Feedback
+Status: Open
Bug Type: Reproducible crash
Operating System: Linux
PHP Version: 4.4.2
New Comment:
I can't give you the code, as it's more like thousand lines with
dependancies.
I sent you privately a core dump.
As far as I identified, it seems it's a running schema like this ->
uksort (data, function_a)
function_a(a,b)
{
return function_b(a) < function_b(b)
}
with
function_b(x)
{
(code)
//in come cases
include_once("morefunctions.inc.php");
}
commenting the include_once, let it work flawless.
Included functions are just sql code without uksort.
So this currently seems from include_once. Also debugging gives me that
the referenced user function is out of bounds.
The last lines of strace output:
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0
fcntl64(7, F_SETFL, O_RDWR|O_NONBLOCK) = 0
read(7, 0x8b84aa8, 8192) = -1 EAGAIN (Resource
temporarily unavailable)
fcntl64(7, F_SETFL, O_RDWR) = 0
write(7, "\1\0\0\0\1", 5) = 5
shutdown(7, 2 /* send and receive */) = 0
close(7) = 0
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV (core dumped) +++
I don't have the error on Athlon/2.6.15. Error comes on a Xeon/2.6.12.
First I thought about a stat_64 flaw, but the include and the 2.6.15
trace shows the right next instructions are to load the file (the
included_once one).
include_once causes too much locking ?
Previous Comments:
------------------------------------------------------------------------
[2006-03-06 11:33:56] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2006-03-06 11:20:16] fcartegnie at nordnet dot fr
Description:
------------
SEGFAULT
--enable-debug gives nothing.
Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1214049024 (LWP 28608)]
0x0817502f in call_user_function_ex (function_table=0x81f9078,
object_pp=0x0, function_name=0x5a5a5a5a,
retval_ptr_ptr=0xbffecbc8, param_count=2, params=0x8b6da24,
no_separation=1, symbol_table=0x0)
at /usr/src/php-4.4.2/Zend/zend_execute_API.c:443
443 if (function_name->type==IS_ARRAY) { /* assume
array($obj, $name) couple */
(gdb) bt
#0 0x0817502f in call_user_function_ex (function_table=0x81f9078,
object_pp=0x0,
function_name=0x5a5a5a5a, retval_ptr_ptr=0xbffecbc8, param_count=2,
params=0x8b6da24,
no_separation=1, symbol_table=0x0) at
/usr/src/php-4.4.2/Zend/zend_execute_API.c:443
#1 0x08174f36 in call_user_function (function_table=0x81f9078,
object_pp=0x0,
function_name=0x5a5a5a5a, retval_ptr=0xbffecc10, param_count=2,
params=0xbffecc28)
at /usr/src/php-4.4.2/Zend/zend_execute_API.c:407
#2 0x080c9bb6 in array_user_key_compare (a=0x9b5a064, b=0x9b59fb4)
at /usr/src/php-4.4.2/ext/standard/array.c:659
#3 0x0818a349 in zend_qsort (base=0x9b59fb4, nmemb=55, siz=4,
compare=0x80c9abf <array_user_key_compare>) at
/usr/src/php-4.4.2/Zend/zend_qsort.c:86
#4 0x08184938 in zend_hash_sort (ht=0x9b5f90c, sort_func=0x818a214
<zend_qsort>,
compar=0x80c9abf <array_user_key_compare>, renumber=0) at
/usr/src/php-4.4.2/Zend/zend_hash.c:1146
#5 0x080c9d29 in zif_uksort (ht=2, return_value=0x9bb48b4,
this_ptr=0x0, return_value_used=0)
at /usr/src/php-4.4.2/ext/standard/array.c:694
#6 0x08190c0d in execute (op_array=0x8551790) at
/usr/src/php-4.4.2/Zend/zend_execute.c:1675
#7 0x08190df6 in execute (op_array=0x825dfd0) at
/usr/src/php-4.4.2/Zend/zend_execute.c:1719
#8 0x08190df6 in execute (op_array=0x825f19c) at
/usr/src/php-4.4.2/Zend/zend_execute.c:1719
#9 0x08190df6 in execute (op_array=0x82bc478) at
/usr/src/php-4.4.2/Zend/zend_execute.c:1719
#10 0x08190df6 in execute (op_array=0x840d460) at
/usr/src/php-4.4.2/Zend/zend_execute.c:1719
#11 0x08190df6 in execute (op_array=0x82519c4) at
/usr/src/php-4.4.2/Zend/zend_execute.c:1719
#12 0x0817e58d in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /usr/src/php-4.4.2/Zend/zend.c:934
#13 0x0814c744 in php_execute_script (primary_file=0xbffff7f0) at
/usr/src/php-4.4.2/main/main.c:1753
#14 0x08196370 in main (argc=2, argv=0xbffff8b4) at
/usr/src/php-4.4.2/sapi/cli/php_cli.c:830
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=36626&edit=1
