Bug #55867 [Com]: segfault while declaring function
Edit report at https://bugs.php.net/bug.php?id=55867&edit=1 ID: 55867 Comment by: admin at dvaslona dot ru Reported by:savetheinternet at omegasdg dot com Summary:segfault while declaring function Status: Feedback Type: Bug Package:Unknown/Other Function Operating System: Debian 2.6.26-26lenny3 PHP Version:5.3.8 Block user comment: N Private report: N New Comment: Got same issue with PHP 5.3.27 on FreeBSD 8.3 Backtrace: #0 0x0008015b5266 in memcpy () from /lib/libc.so.7 #1 0x0008042f34ba in _zend_hash_add_or_update () from /usr/local/libexec/apache22/libphp5.so #2 0x0008042c994c in do_bind_function () from /usr/local/libexec/apache22/libphp5.so #3 0x00080430a52c in ZEND_DECLARE_FUNCTION_SPEC_HANDLER () from /usr/local/libexec/apache22/libphp5.so #4 0x00080430ddc0 in execute () from /usr/local/libexec/apache22/libphp5.so #5 0x0008042d95f5 in zend_call_function () from /usr/local/libexec/apache22/libphp5.so #6 0x00080421dd47 in zif_call_user_func_array () from /usr/local/libexec/apache22/libphp5.so #7 0x00080433792a in zend_do_fcall_common_helper_SPEC () from /usr/local/libexec/apache22/libphp5.so #8 0x00080430ddc0 in execute () from /usr/local/libexec/apache22/libphp5.so #9 0x0008042d95f5 in zend_call_function () from /usr/local/libexec/apache22/libphp5.so #10 0x00080421dd47 in zif_call_user_func_array () from /usr/local/libexec/apache22/libphp5.so #11 0x00080433792a in zend_do_fcall_common_helper_SPEC () from /usr/local/libexec/apache22/libphp5.so #12 0x00080430ddc0 in execute () from /usr/local/libexec/apache22/libphp5.so #13 0x0008042e460e in zend_execute_scripts () from /usr/local/libexec/apache22/libphp5.so #14 0x00080428f4c7 in php_execute_script () from /usr/local/libexec/apache22/libphp5.so #15 0x0008043707fe in php_handler () from /usr/local/libexec/apache22/libphp5.so Sadly we don't know what PHP code cause this. Previous Comments: [2013-03-02 19:00:09] re...@php.net Please try using this snapshot: http://snaps.php.net/php5.3-latest.tar.gz For Windows: http://windows.php.net/snapshots/ [2012-04-20 10:19:48] vnsavage at gmail dot com Do you still get this? What is your PHP setup? Configuration parameters and modules? Do you use APC? [2011-10-10 18:16:38] goingbackayear at hotmail dot com I'll tell you what's wrong with the code STI when you ban Lazare and all the other Paulberg spammers. [2011-10-08 08:33:35] savetheinternet at omegasdg dot com Well, the file that short extract is from is quite a large file. It is a configuration file for https://github.com/savetheinternet/Tinyboard. Aside from the fhash function, all the file does is modify an associative array which is originally defined elsewhere. --- Oct 8 10:32:30 kernel: [9364589.325832] php-cgi[28124]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.330222] php-cgi[28125]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.335009] php-cgi[28126]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.337822] php-cgi[28127]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] [2011-10-08 06:19:41] paj...@php.net Can you paste the short example please? As in not only the place where it occurs. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=55867 -- Edit this bug report at https://bugs.php.net/bug.php?id=55867&edit=1
Bug #55867 [Com]: segfault while declaring function
Edit report at https://bugs.php.net/bug.php?id=55867&edit=1 ID: 55867 Comment by: vnsavage at gmail dot com Reported by:savetheinternet at omegasdg dot com Summary:segfault while declaring function Status: Open Type: Bug Package:Unknown/Other Function Operating System: Debian 2.6.26-26lenny3 PHP Version:5.3.8 Block user comment: N Private report: N New Comment: Do you still get this? What is your PHP setup? Configuration parameters and modules? Do you use APC? Previous Comments: [2011-10-10 18:16:38] goingbackayear at hotmail dot com I'll tell you what's wrong with the code STI when you ban Lazare and all the other Paulberg spammers. [2011-10-08 08:33:35] savetheinternet at omegasdg dot com Well, the file that short extract is from is quite a large file. It is a configuration file for https://github.com/savetheinternet/Tinyboard. Aside from the fhash function, all the file does is modify an associative array which is originally defined elsewhere. --- Oct 8 10:32:30 kernel: [9364589.325832] php-cgi[28124]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.330222] php-cgi[28125]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.335009] php-cgi[28126]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.337822] php-cgi[28127]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] [2011-10-08 06:19:41] paj...@php.net Can you paste the short example please? As in not only the place where it occurs. [2011-10-07 17:21:10] savetheinternet at omegasdg dot com Description: Although I do have a short code sample, I'm not sure where exactly or what conditions causes the segfault; I am unable to reproduce it myself. The backtrace indicates that this is indeed where the bug occurs. The code sample below is an extract from a file that is included various times throughout a much larger application. fhash is not defined anywhere else. Test script: --- if(!function_exists('fhash')) { function fhash($file) { system('optipng ' . escapeshellarg(preg_replace('/src\/(\d+)\.(.+)$/', 'thumb/$1.png', $file)) . ' > /dev/null'); return sha1_file($file); } } Expected result: To ensure that fhash() is not declared multiple times as this file may be included multiple times. Actual result: -- (gdb) bt #0 0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6 #0 0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6 #1 0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 "fhash", nKeyLength=6, pData=0x0, nDataSize=144, pDest=0x0, flag=2, __zend_filename=0x88aa40c "/home//php-5.3.8/Zend/zend_compile.c", __zend_lineno=2956) at /home//php-5.3.8/Zend/zend_hash.c:256 #2 0x084c3d48 in do_bind_function (opline=0xb49e88fc, function_table=0x9bb7498, compile_time=0 '\0') at /home//php-5.3.8/Zend/zend_compile.c:2956 #3 0x0850aa49 in ZEND_DECLARE_FUNCTION_SPEC_HANDLER (execute_data=0x9d79da8) at /home//php-5.3.8/Zend/zend_vm_execute.h:586 #4 0x08508506 in execute (op_array=0x9d5ceac) at /home//php- 5.3.8/Zend/zend_vm_execute.h:107 #5 0x084dcf8d in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home//php-5.3.8/Zend/zend.c:1236 #6 0x08472037 in php_execute_script (primary_file=0xbfc62428) at /home//php-5.3.8/main/main.c:2284 #7 0x085a504e in main (argc=3, argv=0xbfc62594) at /home//php- 5.3.8/sapi/cgi/cgi_main.c:2112 (gdb) print (char *)executor_globals.active_op_array->filename $2 = 0xb49e34d0 "/var/www/inc/instance-config.php" (gdb) frame 4 #4 0x08508506 in execute (op_array=0x9d5ceac) at /home//php- 5.3.8/Zend/zend_vm_execute.h:107 107 if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) > 0) { (gdb) frame 2 #2 0x084c3d48 in do_bind_function (opline=0xb49e88fc, function_table=0x9bb7498, compile_time=0 '\0') at /home//php-5.3.8/Zend/zend_compile.c:2956 2956if (zend_hash_add(function_table, opline- >op2.u.constant.value.str.val, opline- >op2.u.constant.value.str.len+1, function, sizeof(zend_function), NULL)==FAILURE) { (gdb) print (char*)opline->op2.u.constant.value.str.val $1 = 0xb49e3c98 "fhash" (gdb) frame 1 #1 0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 "fhash", nKeyLength=6, pData=0x0, nDataSize=144, pDest=0x0, flag=2, __zend_filename=0x88aa40c "/home//php- 5.3.8/Ze
Bug #55867 [Com]: segfault while declaring function
Edit report at https://bugs.php.net/bug.php?id=55867&edit=1 ID: 55867 Comment by: goingbackayear at hotmail dot com Reported by:savetheinternet at omegasdg dot com Summary:segfault while declaring function Status: Open Type: Bug Package:Unknown/Other Function Operating System: Debian 2.6.26-26lenny3 PHP Version:5.3.8 Block user comment: N Private report: N New Comment: I'll tell you what's wrong with the code STI when you ban Lazare and all the other Paulberg spammers. Previous Comments: [2011-10-08 08:33:35] savetheinternet at omegasdg dot com Well, the file that short extract is from is quite a large file. It is a configuration file for https://github.com/savetheinternet/Tinyboard. Aside from the fhash function, all the file does is modify an associative array which is originally defined elsewhere. --- Oct 8 10:32:30 kernel: [9364589.325832] php-cgi[28124]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.330222] php-cgi[28125]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.335009] php-cgi[28126]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] > Oct 8 10:32:30 kernel: [9364589.337822] php-cgi[28127]: segfault at 0 ip b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000] [2011-10-08 06:19:41] paj...@php.net Can you paste the short example please? As in not only the place where it occurs. [2011-10-07 17:21:10] savetheinternet at omegasdg dot com Description: Although I do have a short code sample, I'm not sure where exactly or what conditions causes the segfault; I am unable to reproduce it myself. The backtrace indicates that this is indeed where the bug occurs. The code sample below is an extract from a file that is included various times throughout a much larger application. fhash is not defined anywhere else. Test script: --- if(!function_exists('fhash')) { function fhash($file) { system('optipng ' . escapeshellarg(preg_replace('/src\/(\d+)\.(.+)$/', 'thumb/$1.png', $file)) . ' > /dev/null'); return sha1_file($file); } } Expected result: To ensure that fhash() is not declared multiple times as this file may be included multiple times. Actual result: -- (gdb) bt #0 0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6 #0 0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6 #1 0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 "fhash", nKeyLength=6, pData=0x0, nDataSize=144, pDest=0x0, flag=2, __zend_filename=0x88aa40c "/home//php-5.3.8/Zend/zend_compile.c", __zend_lineno=2956) at /home//php-5.3.8/Zend/zend_hash.c:256 #2 0x084c3d48 in do_bind_function (opline=0xb49e88fc, function_table=0x9bb7498, compile_time=0 '\0') at /home//php-5.3.8/Zend/zend_compile.c:2956 #3 0x0850aa49 in ZEND_DECLARE_FUNCTION_SPEC_HANDLER (execute_data=0x9d79da8) at /home//php-5.3.8/Zend/zend_vm_execute.h:586 #4 0x08508506 in execute (op_array=0x9d5ceac) at /home//php- 5.3.8/Zend/zend_vm_execute.h:107 #5 0x084dcf8d in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home//php-5.3.8/Zend/zend.c:1236 #6 0x08472037 in php_execute_script (primary_file=0xbfc62428) at /home//php-5.3.8/main/main.c:2284 #7 0x085a504e in main (argc=3, argv=0xbfc62594) at /home//php- 5.3.8/sapi/cgi/cgi_main.c:2112 (gdb) print (char *)executor_globals.active_op_array->filename $2 = 0xb49e34d0 "/var/www/inc/instance-config.php" (gdb) frame 4 #4 0x08508506 in execute (op_array=0x9d5ceac) at /home//php- 5.3.8/Zend/zend_vm_execute.h:107 107 if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) > 0) { (gdb) frame 2 #2 0x084c3d48 in do_bind_function (opline=0xb49e88fc, function_table=0x9bb7498, compile_time=0 '\0') at /home//php-5.3.8/Zend/zend_compile.c:2956 2956if (zend_hash_add(function_table, opline- >op2.u.constant.value.str.val, opline- >op2.u.constant.value.str.len+1, function, sizeof(zend_function), NULL)==FAILURE) { (gdb) print (char*)opline->op2.u.constant.value.str.val $1 = 0xb49e3c98 "fhash" (gdb) frame 1 #1 0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 "fhash", nKeyLength=6, pData=0x0, nDataSize=144, pDest=0x0, flag=2, __zend_filename=0x88aa40c "/home//php- 5.3.8/Zend/zend_compile.c", __zend_lineno=2956) at /home//php-5.3.8/Zend/zend_hash.c:256 256 INIT_DATA(ht, p, pData, nDataSize); -- Edit