From: david at eder dot us
Operating system: Fedora Core 5
PHP version: 5.1.4
PHP Bug Type: Reproducible crash
Bug description: glob(*) segfaults with 511,145 files
Description:
------------
When glob is called on a directory that has 511,145 files it segfaults.
Reproduce code:
---------------
<?php glob('*'); ?>
Expected result:
----------------
work or fail, but not crash.
Actual result:
--------------
GNU gdb Red Hat Linux (6.3.0.0-1.84rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host
libthread_db library "/lib/libthread_db.so.1".
(gdb) run test.php
Starting program: /tmp/php-5.1.4/sapi/cli/php test.php
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0xbcb000
[Thread debugging using libthread_db enabled]
[New Thread -1209100608 (LWP 28065)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1209100608 (LWP 28065)]
0x00c7fa4c in internal_fnwmatch () from /lib/libc.so.6
(gdb) bt
#0 0x00c7fa4c in internal_fnwmatch () from /lib/libc.so.6
#1 0x00c814ef in [EMAIL PROTECTED] () from /lib/libc.so.6
#2 0x00c7917b in glob_in_dir () from /lib/libc.so.6
#3 0x00c79fdc in glob () from /lib/libc.so.6
#4 0x0814ceb4 in zif_glob (ht=1, return_value=0x98ab1e4,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
at /tmp/php-5.1.4/ext/standard/dir.c:398
#5 0x081ec289 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfb026e0) at /tmp/php-5.1.4/Zend/zend_vm_execute.h:200
#6 0x081eba2d in execute (op_array=0x98aba44) at
/tmp/php-5.1.4/Zend/zend_vm_execute.h:92
#7 0x081d5a5b in zend_execute_scripts (type=8, retval=Variable "retval"
is not available.
) at /tmp/php-5.1.4/Zend/zend.c:1109
#8 0x081a1bb6 in php_execute_script (primary_file=0xbfb04b04) at
/tmp/php-5.1.4/main/main.c:1732
#9 0x0824e8dd in main (argc=2, argv=0xbfb04c44) at
/tmp/php-5.1.4/sapi/cli/php_cli.c:1092
--
Edit bug report at http://bugs.php.net/?id=37502&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=37502&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=37502&r=trysnapshot52
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=37502&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=37502&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=37502&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=37502&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=37502&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=37502&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=37502&r=support
Expected behavior: http://bugs.php.net/fix.php?id=37502&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=37502&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=37502&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=37502&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=37502&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=37502&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=37502&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=37502&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=37502&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=37502&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=37502&r=mysqlcfg
