ID: 40185 Updated by: [EMAIL PROTECTED] Reported By: darkwinter at tiscali dot es -Status: Open +Status: Bogus Bug Type: Reproducible crash Operating System: Linux - Ubuntu Dapper 6.06 LTS PHP Version: 5.2.0 New Comment:
. Previous Comments: ------------------------------------------------------------------------ [2007-01-21 12:13:16] [EMAIL PROTECTED] This is no forum for questions about API usage, if you need help contact pecl-dev (or internals) mailing list. I didn't check your code in detail but I guess you missed to initialized some variables. Therefore you should use zend_eval_string() instead of calling zend_compile_string() and zend_execute() directly. For any further help one would also need a backtrace... ------------------------------------------------------------------------ [2007-01-21 11:10:19] darkwinter at tiscali dot es Description: ------------ Let's see... I'm trying to write an extension module for PHP (shared extension, ie: myext.so) that compiles and executes some PHP code that I will pass to it. Extension is working already but crashes on zend_execute() call depending on what PHP code I give to it. Trying to pin down the problem, I've found that it crashes trying to execute ANY code that declares a variable (ie $a=1;) BEFORE any function declaration. Weird. I can reproduce the crash (Segmentation Fault (11) in Apache error.log) anytime. See the "Reproduce Code" for tips. Also, I could fix the problem "in lab" somewhat: I have to create and call a function (even a dummy one works) BEFORE the first variable use, ON EVERY PHP CODE SNIPPET/SCRIPT I want to use, which will (might?) overflow the global function table over time (I guess :m), as every function have to have different names (so I don't try to redeclare a function twice, AFAIK). As you can see, this is not a long term soluction I guess... :( but it works for testing and may give you a clue to what's going on. Tested with the Following Env. Ubuntu Dapper 6.06 LTS (Linux) Apache 2.2.3 PHP 5.2.0 - myext.so Reproduce code: --------------- --- PHP CODE ----------- <?php $a=1; ?> --- END OF PHP CODE ---- --- EXTENSION CODE THAT I'M TRYING TO USE: --- myext.so /* FAULTY CODE */ char faulty_code[] = "echo 'Hi all<br>';?><?php $a = 5; echo $a; ?>"; // this code crashes. char faulty_code2[] = "?><?php $a = 5; echo $a; ?>"; // this code crashes. char working_code[] = "function foo() {}; foo(); echo 'Hi all<br>';?><?php $a = 5; echo $a; ?>"; // this code works. Prepending a function declaration AND a function call works (¿?)... zend_op_array *op_array = NULL; zval *new_string; char *buf = (char *)emalloc(20 * 1024); // have plenty of space for this test. strcpy(buf, faulty_code); // replace faulty_code with working_code to see the difference. MAKE_STD_ZVAL(new_string); ZVAL_STRING(new_string, buf, 0); op_array = zend_compile_string(new_string, "test"); if (op_array != NULL) { zend_execute(op_array); // this crashes. } /* END OF FAULTY CODE */ --- END OF EXTENSION CODE THAT I'M TRYING TO USE: --- Expected result: ---------------- It is expected for the PHP code to be executed: faulty_code[] arrays contain valid PHP code and should execute, not give a segfault. char faulty_code[] = "echo 'Hi all<br>';?><?php $a = 5; echo $a; ?>"; // this code crashes. Actual result: -------------- faulty_code[] crashes with a SegFault #11 in apache logs. working_code[] fix works flawless but need to create a function on every snippet of code. Of course, that would be a different problem and requires different names each time, but that is not the real problem here. // this code crashes and should work. Works in "php -r" char faulty_code2[] = "?><?php $a = 5; echo $a; ?>"; Note that i *require* to close and open PHP tags as I might have in between some HTML code, for example: // this code crashes and should work. Works in "php -r" char faulty_code3[] = "?><center>Hello World from HTML</center><?php $a = 5; echo $a; ?>"; In few words: A. Trying to execute faulty_code[] below from my PHP extension (or loading the PHP CODE snippet (without the --- PHP CODE ---- lines) from a .php file crashes on zend_execute() B. Trying to execute working_code[] or adding a function foo() {}; foo(); line before the line $a = 1 in the PHP CODE script works too. C. Might be useful to know, so I remark it: I've tried also to execute this code trough the PHP CLI successfully: # php -r "$a = 1; echo $a;" and it works. Even with tags leave on it: # php -r "?><? $a = 1; echo $a; ?>" also works. Hope all of this helps. Please contact me for any issue you might have. Thank you. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=40185&edit=1