#38266 [NEW]: array += operator broken
From: jason at jasonjustman dot com Operating system: linux/windows PHP version: 4.4.2 PHP Bug Type: Arrays related Bug description: array += operator broken Description: array += operator is now broken in 4.4.1 and 4.4.2 Reproduce code: --- ? $x = array(a,b,c); $x +=array(d,e); print_r($x); Expected result: Array ( [0] = a [1] = b [2] = c [3] = d [4] = e) Actual result: -- Array ( [0] = a [1] = b [2] = c ) -- Edit bug report at http://bugs.php.net/?id=38266edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=38266r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=38266r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=38266r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=38266r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=38266r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=38266r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=38266r=needscript Try newer version:http://bugs.php.net/fix.php?id=38266r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=38266r=support Expected behavior:http://bugs.php.net/fix.php?id=38266r=notwrong Not enough info: http://bugs.php.net/fix.php?id=38266r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=38266r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=38266r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=38266r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=38266r=dst IIS Stability:http://bugs.php.net/fix.php?id=38266r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=38266r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=38266r=float No Zend Extensions: http://bugs.php.net/fix.php?id=38266r=nozend MySQL Configuration Error:http://bugs.php.net/fix.php?id=38266r=mysqlcfg
#38266 [Bgs]: array += operator broken
ID: 38266 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com Status: Bogus Bug Type: Arrays related Operating System: linux/windows PHP Version: 4.4.2 New Comment: Please refer to the following docs page: http://us3.php.net/manual/en/function.array-merge.php If you want to completely preserve the arrays and just want to append them to each other, use the + operator: ?php $array1 = array(); $array2 = array(1 = data); $result = $array1 + $array2; ? i know that array_merge is the proper function to use in my previous test case, for the output. but, regardless, if the key association is being maintaed in my previous test case, the output should really be [0] = d [1]=e [2]=c please revisit, or redoc on the manpage. Previous Comments: [2006-07-31 08:51:07] [EMAIL PROTECTED] This is how it works in 4.3.0, 4.3.6, 4.3.11, 5.0.x. No bug here. [2006-07-31 08:38:14] jason at jasonjustman dot com Description: array += operator is now broken in 4.4.1 and 4.4.2 Reproduce code: --- ? $x = array(a,b,c); $x +=array(d,e); print_r($x); Expected result: Array ( [0] = a [1] = b [2] = c [3] = d [4] = e) Actual result: -- Array ( [0] = a [1] = b [2] = c ) -- Edit this bug report at http://bugs.php.net/?id=38266edit=1
#34998 [WFx]: zend.ze1_compatibility_mode doesn't implict clone when passed in array
ID: 34998 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com Status: Wont fix Bug Type: Scripting Engine problem Operating System: * PHP Version: 5CVS-2005-10-27 (snap) Assigned To: dmitry New Comment: Please tell me this is because the php5.2 object model will operate like php 4 if this flag is going to be removed. thanks, jason Previous Comments: [2006-05-24 08:03:23] [EMAIL PROTECTED] zend.ze1_compatibility_mode was removed from HEAD and PHP_5_2 branches. [2005-11-26 09:02:15] jason at jasonjustman dot com still present in: PHP Version 5.1.0 System SunOS apache 5.10 Generic sun4u [2005-10-27 10:12:02] jason at jasonjustman dot com Description: Again, with zend.ze1_compatibility_mode, it fails to properly clone objects when calling as an argument for the array() function. This BC break is getting annoying... Reproduce code: --- ? $single_container = array(); $double_container = array(); class base_object {}; $x = new base_object; $x-value = 5; $single_container[1] = $x; $double_container[1] = array($x); $x-value = 10; $single_container[2] = $x; $double_container[2] = array($x); $x-value = 15; $single_container[3] = $x; $double_container[3] = array($x); print_r($single_container); print_r($double_container); Expected result: //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double, values are correct Array ( [1] = Array ( [0] = base_object Object ( [value] = 5 ) ) [2] = Array ( [0] = base_object Object ( [value] = 10 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) Actual result: -- //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double - values are incorrect Array ( [1] = Array ( [0] = base_object Object ( [value] = 15 ) ) [2] = Array ( [0] = base_object Object ( [value] = 15 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) -- Edit this bug report at http://bugs.php.net/?id=34998edit=1
#34998 [Asn]: zend.ze1_compatibility_mode doesn't implict clone when passed in array
ID: 34998 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com Status: Assigned Bug Type: Scripting Engine problem Operating System: * PHP Version: 5CVS-2005-10-27 (snap) Assigned To: dmitry New Comment: still present in: PHP Version 5.1.0 System SunOS apache 5.10 Generic sun4u Previous Comments: [2005-10-27 10:12:02] jason at jasonjustman dot com Description: Again, with zend.ze1_compatibility_mode, it fails to properly clone objects when calling as an argument for the array() function. This BC break is getting annoying... Reproduce code: --- ? $single_container = array(); $double_container = array(); class base_object {}; $x = new base_object; $x-value = 5; $single_container[1] = $x; $double_container[1] = array($x); $x-value = 10; $single_container[2] = $x; $double_container[2] = array($x); $x-value = 15; $single_container[3] = $x; $double_container[3] = array($x); print_r($single_container); print_r($double_container); Expected result: //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double, values are correct Array ( [1] = Array ( [0] = base_object Object ( [value] = 5 ) ) [2] = Array ( [0] = base_object Object ( [value] = 10 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) Actual result: -- //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double - values are incorrect Array ( [1] = Array ( [0] = base_object Object ( [value] = 15 ) ) [2] = Array ( [0] = base_object Object ( [value] = 15 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) -- Edit this bug report at http://bugs.php.net/?id=34998edit=1
#34998 [NEW]: zend.ze1_compatibility_mode doesn't implict clone when passed in array
From: jason at jasonjustman dot com Operating system: irrelv PHP version: 5CVS-2005-10-27 (snap) PHP Bug Type: Scripting Engine problem Bug description: zend.ze1_compatibility_mode doesn't implict clone when passed in array Description: Again, with zend.ze1_compatibility_mode, it fails to properly clone objects when calling as an argument for the array() function. This BC break is getting annoying... Reproduce code: --- ? $single_container = array(); $double_container = array(); class base_object {}; $x = new base_object; $x-value = 5; $single_container[1] = $x; $double_container[1] = array($x); $x-value = 10; $single_container[2] = $x; $double_container[2] = array($x); $x-value = 15; $single_container[3] = $x; $double_container[3] = array($x); print_r($single_container); print_r($double_container); Expected result: //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double, values are correct Array ( [1] = Array ( [0] = base_object Object ( [value] = 5 ) ) [2] = Array ( [0] = base_object Object ( [value] = 10 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) Actual result: -- //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double - values are incorrect Array ( [1] = Array ( [0] = base_object Object ( [value] = 15 ) ) [2] = Array ( [0] = base_object Object ( [value] = 15 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) -- Edit bug report at http://bugs.php.net/?id=34998edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=34998r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=34998r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=34998r=trysnapshot51 Fixed in CVS:http://bugs.php.net/fix.php?id=34998r=fixedcvs Fixed in release:http://bugs.php.net/fix.php?id=34998r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=34998r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=34998r=needscript Try newer version: http://bugs.php.net/fix.php?id=34998r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=34998r=support Expected behavior: http://bugs.php.net/fix.php?id=34998r=notwrong Not enough info: http://bugs.php.net/fix.php?id=34998r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=34998r=submittedtwice register_globals:http://bugs.php.net/fix.php?id=34998r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=34998r=php3 Daylight Savings:http://bugs.php.net/fix.php?id=34998r=dst IIS Stability: http://bugs.php.net/fix.php?id=34998r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=34998r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=34998r=float No Zend Extensions: http://bugs.php.net/fix.php?id=34998r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=34998r=mysqlcfg
#34998 [Opn]: zend.ze1_compatibility_mode doesn't implict clone when passed in array
ID: 34998 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com Status: Open Bug Type: Scripting Engine problem Operating System: irrelv PHP Version: 5CVS-2005-10-27 (snap) New Comment: PHP Version 5.1.0RC4-dev Oct 27 2005 08:24:52 Previous Comments: [2005-10-27 10:12:02] jason at jasonjustman dot com Description: Again, with zend.ze1_compatibility_mode, it fails to properly clone objects when calling as an argument for the array() function. This BC break is getting annoying... Reproduce code: --- ? $single_container = array(); $double_container = array(); class base_object {}; $x = new base_object; $x-value = 5; $single_container[1] = $x; $double_container[1] = array($x); $x-value = 10; $single_container[2] = $x; $double_container[2] = array($x); $x-value = 15; $single_container[3] = $x; $double_container[3] = array($x); print_r($single_container); print_r($double_container); Expected result: //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double, values are correct Array ( [1] = Array ( [0] = base_object Object ( [value] = 5 ) ) [2] = Array ( [0] = base_object Object ( [value] = 10 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) Actual result: -- //single Array ( [1] = base_object Object ( [value] = 5 ) [2] = base_object Object ( [value] = 10 ) [3] = base_object Object ( [value] = 15 ) ) //double - values are incorrect Array ( [1] = Array ( [0] = base_object Object ( [value] = 15 ) ) [2] = Array ( [0] = base_object Object ( [value] = 15 ) ) [3] = Array ( [0] = base_object Object ( [value] = 15 ) ) ) -- Edit this bug report at http://bugs.php.net/?id=34998edit=1
#34712 [Asn]: zend.ze1_compatibility_mode = on segfault
ID: 34712 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com Status: Assigned Bug Type: Reproducible crash Operating System: * PHP Version: 5CVS-2005-10-03 (snap) Assigned To: dmitry New Comment: still present in: PHP 5.1.0RC3 (cli) (built: Oct 18 2005 08:28:41) Copyright (c) 1997-2005 The PHP Group Zend Engine v2.1.0-dev, Copyright (c) 1998-2005 Zend Technologies Previous Comments: [2005-10-04 09:18:27] [EMAIL PROTECTED] Dmitry, with the provided script I can reproduce this. [2005-10-04 08:44:10] jason at jasonjustman dot com http://www.jasonjustman.com/crash.phps line 114 is what causes the segfault: $this-_transform_actions = new base_object_meta_transform_actions($this); its not clean nor tight, but an example of the pattern that causes it to crash [2005-10-03 22:23:13] [EMAIL PROTECTED] We really need a reproducing script. Please try come up with one. [2005-10-03 18:02:29] jason at jasonjustman dot com Like i said before, i can't track down the exact sequence (stacktrace of the .php script code shows its in the 12-14th depth), and for full debug - only after parsing about 15kloc of code. When adding in debugging php source code in the new call ( $this-_helper = new helper($this);), it prevents the crash but in one case a print_r($this) in the aggrevator:: scope resulted in an empty object. This testcase is more pseudocode of the segfault pattern than actual instance. If you'd like I can privately attach the application source - but again, its not an application problem - as turning off ze1_compat doesn't cause a segfault , but is required for implicit clone. This happens in the same spot for the 5.0.5, 5.0.6-dev and 5.0.6-latest - even after building in seperate directories with no caching enabled. [2005-10-03 12:13:48] [EMAIL PROTECTED] This test case must not work at all. $ php -d zend.ze1_compatibility_mode=1 bug34712.php Fatal error: Cannot use 'parent' as class name as it is reserved in /home/dmitry/php/test/bug34712.php on line 20 Without parent it works fine on Linux/i386. Try to make full rebuild. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/34712 -- Edit this bug report at http://bugs.php.net/?id=34712edit=1
#34767 [Com]: Zend Engine 1 Compatibility not copying objects correctly
ID: 34767 Comment by: jason at jasonjustman dot com Reported By: dstarr at allofe dot net Status: Assigned Bug Type: Scripting Engine problem Operating System: * PHP Version: 5CVS-2005-10-06 (cvs) Assigned To: dmitry New Comment: if you're going to nuke ze1_compat then add the clone keyword into the 4.x branch (like i recommended A YEAR AGO: http://bugs.php.net/bug.php?id=30332). j Previous Comments: [2005-10-06 20:56:31] [EMAIL PROTECTED] The expected result you do get without setting the option..so.. :) [2005-10-06 20:55:38] [EMAIL PROTECTED] Dmitry, this thing doesn't really seem to work. Somehow I'm getting the impression that it would be much better to just nuke this option and make people fix their scripts.. [2005-10-06 20:49:00] dstarr at allofe dot net Description: When zend.ze1_compatibility_mode is On, copying objects that have references to other objects the object that was referenced is copied instead of the reference itself. The Expected Results were obtained by using PHP 4.4.0 The Actual is a result of running on 5.0.5 Reproduce code: --- $a-y = new stdClass(); print_r($a); echo br/; $b = $a; $a-y-z = 1; print_r($b); Expected result: // Expected Output // stdClass Object ( [y] = stdClass Object ( ) ) // stdClass Object ( [y] = stdClass Object ( [z] = 1 ) ) Actual result: -- // Actual Output // stdClass Object ( [y] = stdClass Object ( ) ) // stdClass Object ( [y] = stdClass Object ( ) ) -- Edit this bug report at http://bugs.php.net/?id=34767edit=1
#34712 [Fbk-Opn]: zend.ze1_compatibility_mode = on segfault
ID: 34712 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com -Status: Feedback +Status: Open Bug Type: Reproducible crash -Operating System: solars 10 +Operating System: solaris 10 PHP Version: 5CVS-2005-10-03 (snap) Assigned To: dmitry New Comment: http://www.jasonjustman.com/crash.phps line 114 is what causes the segfault: $this-_transform_actions = new base_object_meta_transform_actions($this); its not clean nor tight, but an example of the pattern that causes it to crash Previous Comments: [2005-10-03 22:23:13] [EMAIL PROTECTED] We really need a reproducing script. Please try come up with one. [2005-10-03 18:02:29] jason at jasonjustman dot com Like i said before, i can't track down the exact sequence (stacktrace of the .php script code shows its in the 12-14th depth), and for full debug - only after parsing about 15kloc of code. When adding in debugging php source code in the new call ( $this-_helper = new helper($this);), it prevents the crash but in one case a print_r($this) in the aggrevator:: scope resulted in an empty object. This testcase is more pseudocode of the segfault pattern than actual instance. If you'd like I can privately attach the application source - but again, its not an application problem - as turning off ze1_compat doesn't cause a segfault , but is required for implicit clone. This happens in the same spot for the 5.0.5, 5.0.6-dev and 5.0.6-latest - even after building in seperate directories with no caching enabled. [2005-10-03 12:13:48] [EMAIL PROTECTED] This test case must not work at all. $ php -d zend.ze1_compatibility_mode=1 bug34712.php Fatal error: Cannot use 'parent' as class name as it is reserved in /home/dmitry/php/test/bug34712.php on line 20 Without parent it works fine on Linux/i386. Try to make full rebuild. [2005-10-03 10:29:43] jason at jasonjustman dot com last two lines of sample code should be: $c = new child; $a = new aggrevator($c); [2005-10-03 10:05:08] jason at jasonjustman dot com Description: segfault in solaris 10, using php-5.0.6-dev - php5-STABLE-200510030637 Program received signal SIGSEGV, Segmentation fault. 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 181 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 #1 0xff019970 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:127 Reproduce code: --- can't exactly pin down reproduceable code, but it seems to be something similar to the following: class aggrevator { function aggrevator($obj) { $this-obj = $obj; $this-_call(); } function _call() { $this-obj-callback(); } } class helper { function helper($obj) { $this-obj_ref = $obj; } } class parent { } class child extends parent { function callback() { $this-_helper = new helper($this); } } $c = new child; $h = new helper($c); Expected result: not to crash... Actual result: -- f'd in the a, segfault -- Edit this bug report at http://bugs.php.net/?id=34712edit=1
#34712 [NEW]: zend.ze1_compatibility_mode = on segfault
From: jason at jasonjustman dot com Operating system: solars 10 PHP version: 5CVS-2005-10-03 (snap) PHP Bug Type: Reproducible crash Bug description: zend.ze1_compatibility_mode = on segfault Description: segfault in solaris 10, using php-5.0.6-dev - php5-STABLE-200510030637 Program received signal SIGSEGV, Segmentation fault. 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 181 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 #1 0xff019970 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:127 Reproduce code: --- can't exactly pin down reproduceable code, but it seems to be something similar to the following: class aggrevator { function aggrevator($obj) { $this-obj = $obj; $this-_call(); } function _call() { $this-obj-callback(); } } class helper { function helper($obj) { $this-obj_ref = $obj; } } class parent { } class child extends parent { function callback() { $this-_helper = new helper($this); } } $c = new child; $h = new helper($c); Expected result: not to crash... Actual result: -- f'd in the a, segfault -- Edit bug report at http://bugs.php.net/?id=34712edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=34712r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=34712r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=34712r=trysnapshot51 Fixed in CVS:http://bugs.php.net/fix.php?id=34712r=fixedcvs Fixed in release:http://bugs.php.net/fix.php?id=34712r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=34712r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=34712r=needscript Try newer version: http://bugs.php.net/fix.php?id=34712r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=34712r=support Expected behavior: http://bugs.php.net/fix.php?id=34712r=notwrong Not enough info: http://bugs.php.net/fix.php?id=34712r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=34712r=submittedtwice register_globals:http://bugs.php.net/fix.php?id=34712r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=34712r=php3 Daylight Savings:http://bugs.php.net/fix.php?id=34712r=dst IIS Stability: http://bugs.php.net/fix.php?id=34712r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=34712r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=34712r=float No Zend Extensions: http://bugs.php.net/fix.php?id=34712r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=34712r=mysqlcfg
#34712 [Fbk-Opn]: zend.ze1_compatibility_mode = on segfault
ID: 34712 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com -Status: Feedback +Status: Open Bug Type: Reproducible crash Operating System: solars 10 PHP Version: 5CVS-2005-10-03 (snap) New Comment: still present: (gdb) n Single stepping until exit from function child_main, which has no line number information. Program received signal SIGSEGV, Segmentation fault. 0xfef36f20 in zend_objects_clone_obj (zobject=0xff3fffc8) at /export/apache/php5-200510030630/Zend/zend_objects.c:167 167 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xfef36f20 in zend_objects_clone_obj (zobject=0xff3fffc8) at /export/apache/php5-200510030630/Zend/zend_objects.c:167 #1 0xfef36de0 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-200510030630/Zend/zend_objects.c:129 sniped Previous Comments: [2005-10-03 10:06:07] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip [2005-10-03 10:05:08] jason at jasonjustman dot com Description: segfault in solaris 10, using php-5.0.6-dev - php5-STABLE-200510030637 Program received signal SIGSEGV, Segmentation fault. 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 181 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 #1 0xff019970 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:127 Reproduce code: --- can't exactly pin down reproduceable code, but it seems to be something similar to the following: class aggrevator { function aggrevator($obj) { $this-obj = $obj; $this-_call(); } function _call() { $this-obj-callback(); } } class helper { function helper($obj) { $this-obj_ref = $obj; } } class parent { } class child extends parent { function callback() { $this-_helper = new helper($this); } } $c = new child; $h = new helper($c); Expected result: not to crash... Actual result: -- f'd in the a, segfault -- Edit this bug report at http://bugs.php.net/?id=34712edit=1
#34712 [Opn]: zend.ze1_compatibility_mode = on segfault
ID: 34712 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com Status: Open Bug Type: Reproducible crash Operating System: solars 10 PHP Version: 5CVS-2005-10-03 (snap) New Comment: last two lines of sample code should be: $c = new child; $a = new aggrevator($c); Previous Comments: [2005-10-03 10:26:29] jason at jasonjustman dot com still present: (gdb) n Single stepping until exit from function child_main, which has no line number information. Program received signal SIGSEGV, Segmentation fault. 0xfef36f20 in zend_objects_clone_obj (zobject=0xff3fffc8) at /export/apache/php5-200510030630/Zend/zend_objects.c:167 167 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xfef36f20 in zend_objects_clone_obj (zobject=0xff3fffc8) at /export/apache/php5-200510030630/Zend/zend_objects.c:167 #1 0xfef36de0 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-200510030630/Zend/zend_objects.c:129 sniped [2005-10-03 10:06:07] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip [2005-10-03 10:05:08] jason at jasonjustman dot com Description: segfault in solaris 10, using php-5.0.6-dev - php5-STABLE-200510030637 Program received signal SIGSEGV, Segmentation fault. 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 181 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xff019b38 in zend_objects_clone_obj (zobject=0xff3fffd8) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:181 #1 0xff019970 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-STABLE-200510030637/Zend/zend_objects.c:127 Reproduce code: --- can't exactly pin down reproduceable code, but it seems to be something similar to the following: class aggrevator { function aggrevator($obj) { $this-obj = $obj; $this-_call(); } function _call() { $this-obj-callback(); } } class helper { function helper($obj) { $this-obj_ref = $obj; } } class parent { } class child extends parent { function callback() { $this-_helper = new helper($this); } } $c = new child; $h = new helper($c); Expected result: not to crash... Actual result: -- f'd in the a, segfault -- Edit this bug report at http://bugs.php.net/?id=34712edit=1
#34712 [Fbk-Opn]: zend.ze1_compatibility_mode = on segfault
ID: 34712 User updated by: jason at jasonjustman dot com Reported By: jason at jasonjustman dot com -Status: Feedback +Status: Open Bug Type: Reproducible crash Operating System: solars 10 PHP Version: 5CVS-2005-10-03 (snap) Assigned To: dmitry New Comment: Like i said before, i can't track down the exact sequence (stacktrace of the .php script code shows its in the 12-14th depth), and for full debug - only after parsing about 15kloc of code. When adding in debugging php source code in the new call ( $this-_helper = new helper($this);), it prevents the crash but in one case a print_r($this) in the aggrevator:: scope resulted in an empty object. This testcase is more pseudocode of the segfault pattern than actual instance. If you'd like I can privately attach the application source - but again, its not an application problem - as turning off ze1_compat doesn't cause a segfault , but is required for implicit clone. This happens in the same spot for the 5.0.5, 5.0.6-dev and 5.0.6-latest - even after building in seperate directories with no caching enabled. Previous Comments: [2005-10-03 12:13:48] [EMAIL PROTECTED] This test case must not work at all. $ php -d zend.ze1_compatibility_mode=1 bug34712.php Fatal error: Cannot use 'parent' as class name as it is reserved in /home/dmitry/php/test/bug34712.php on line 20 Without parent it works fine on Linux/i386. Try to make full rebuild. [2005-10-03 11:24:37] [EMAIL PROTECTED] Dmitry, you did something related to this lately? [2005-10-03 10:29:43] jason at jasonjustman dot com last two lines of sample code should be: $c = new child; $a = new aggrevator($c); [2005-10-03 10:26:29] jason at jasonjustman dot com still present: (gdb) n Single stepping until exit from function child_main, which has no line number information. Program received signal SIGSEGV, Segmentation fault. 0xfef36f20 in zend_objects_clone_obj (zobject=0xff3fffc8) at /export/apache/php5-200510030630/Zend/zend_objects.c:167 167 new_obj_val = zend_objects_new(new_object, old_object-ce TSRMLS_CC); (gdb) backtrace #0 0xfef36f20 in zend_objects_clone_obj (zobject=0xff3fffc8) at /export/apache/php5-200510030630/Zend/zend_objects.c:167 #1 0xfef36de0 in zval_add_ref_or_clone (p=0x0) at /export/apache/php5-200510030630/Zend/zend_objects.c:129 sniped [2005-10-03 10:06:07] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/34712 -- Edit this bug report at http://bugs.php.net/?id=34712edit=1