From: rajivk at sparklit dot com Operating system: Debian Linux PHP version: 5.2.10 PHP Bug Type: Reproducible crash Bug description: calling get_defined_constans with any paramenter results in sigsev
Description: ------------ Calling get_defined_constants with a parameter causes a segfault. The occurs in 5.2.10 and 5.3.0 Reproduce code: --------------- === case 1 causes crash ====== <? var_dump(get_defined_constants(false)); ?> ============================================= === case 2 also causes crash ====== <? var_dump(get_defined_constants(false)); ?> ============================================= === case 3 NO CRASH ====== <? var_dump(get_defined_constants()); ?> ============================================= Expected result: ---------------- no crash Actual result: -------------- Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb73b1910 (LWP 15496)] 0xb77a2b01 in kill () from /lib/libc.so.6 (gdb) bt #0 0xb77a2b01 in kill () from /lib/libc.so.6 #1 0x0810ace9 in zend_mm_panic (message=0x84d1d40 "zend_mm_heap corrupted") at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:94 #2 0x0810d45f in _zend_mm_alloc_int (heap=0x89f7b70, size=44, __zend_filename=0x84d57d8 "/usr/src/2009july15/php-5.2.10/Zend/zend_hash.c", __zend_lineno=247, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:1895 #3 0x0810e6d6 in _emalloc (size=44, __zend_filename=0x84d57d8 "/usr/src/2009july15/php-5.2.10/Zend/zend_hash.c", __zend_lineno=247, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:2300 #4 0x08135f7b in _zend_hash_add_or_update (ht=0x87cb62c, arKey=0x89d9fc0 "E_STRICT", nKeyLength=9, pData=0xbfcc367c, nDataSize=4, pDest=0x0, flag=1, __zend_filename=0x84d4f30 "/usr/src/2009july15/php-5.2.10/Zend/zend_hash.h", __zend_lineno=341) at /usr/src/2009july15/php-5.2.10/Zend/zend_hash.c:247 #5 0x0812e86d in zend_symtable_update (ht=0x87cb62c, arKey=0x89d9fc0 "E_STRICT", nKeyLength=9, pData=0xbfcc367c, nDataSize=4, pDest=0x0) at /usr/src/2009july15/php-5.2.10/Zend/zend_hash.h:341 #6 0x0812ecb4 in add_assoc_zval_ex (arg=0x87e5838, key=0x89d9fc0 "E_STRICT", key_len=9, value=0x87e4ccc) at /usr/src/2009july15/php-5.2.10/Zend/zend_API.c:1056 #7 0x0813f211 in zif_get_defined_constants (ht=1, return_value=0x87e58e0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /usr/src/2009july15/php-5.2.10/Zend/zend_builtin_functions.c:1674 #8 0x0814e496 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfcc3818) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:200 #9 0x08153ead in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfcc3818) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:1739 #10 0x0814dffa in execute (op_array=0x87c19b8) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:92 #11 0x0812b810 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/2009july15/php-5.2.10/Zend/zend.c:1134 #12 0x080e4ad1 in php_execute_script (primary_file=0xbfcc5aec) at /usr/src/2009july15/php-5.2.10/main/main.c:2025 #13 0x081a47c1 in apache_php_module_main (r=0x87822bc, display_source_mode=0) at /usr/src/2009july15/php-5.2.10/sapi/apache/sapi_apache.c:53 #14 0x080d8792 in send_php () #15 0x080d87dd in send_parsed_php () #16 0x08468875 in ap_invoke_handler () #17 0x0847fe6d in process_request_internal () #18 0x0847feca in ap_process_request () #19 0x084760c0 in child_main () #20 0x084763f4 in make_child () #21 0x084767e2 in perform_idle_server_maintenance () #22 0x08476eb7 in standalone_main () #23 0x08477562 in main () (gdb) frame 10 #10 0x0814dffa in execute (op_array=0x87c19b8) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:92 92 if (EX(opline)->handler(&execute_data TSRMLS_CC) > 0) { (gdb) print (char *)(executor_globals.function_state_ptr->function)->common.function_name $1 = 0x84d5d1b "get_defined_constants" (gdb) print (char *)executor_globals.active_op_array->function_name $2 = 0x0 (gdb) print (char *)executor_globals.active_op_array->filename $3 = 0x87c6284 "/home/rajivk/dev/webroot/forum/www/forum.sparklit.com/foobar.spark" (gdb) -- Edit bug report at http://bugs.php.net/?id=48951&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=48951&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=48951&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=48951&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=48951&r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=48951&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=48951&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=48951&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=48951&r=needscript Try newer version: http://bugs.php.net/fix.php?id=48951&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=48951&r=support Expected behavior: http://bugs.php.net/fix.php?id=48951&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=48951&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=48951&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=48951&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=48951&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=48951&r=dst IIS Stability: http://bugs.php.net/fix.php?id=48951&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=48951&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=48951&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=48951&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=48951&r=mysqlcfg