Bug #55867 [Opn->Fbk]: segfault while declaring function

2013-03-02 Thread reeze 
Edit report at https://bugs.php.net/bug.php?id=55867&edit=1

 ID: 55867
 Updated by: re...@php.net
 Reported by:savetheinternet at omegasdg dot com
 Summary:segfault while declaring function
-Status: Open
+Status: Feedback
 Type:   Bug
 Package:Unknown/Other Function
 Operating System:   Debian 2.6.26-26lenny3
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/




Previous Comments:

[2012-04-20 10:19:48] vnsavage at gmail dot com

Do you still get this? What is your PHP setup? 
Configuration parameters and modules? Do you use APC?


[2011-10-10 18:16:38] goingbackayear at hotmail dot com

I'll tell you what's wrong with the code STI when you ban Lazare and all the 
other Paulberg spammers.


[2011-10-08 08:33:35] savetheinternet at omegasdg dot com

Well, the file that short extract is from is quite a large file. It is a 
configuration file for https://github.com/savetheinternet/Tinyboard. Aside 
from the fhash function, all the file does is modify an associative array which 
is originally defined elsewhere.

---
 Oct  8 10:32:30 kernel: [9364589.325832] php-cgi[28124]: segfault at 0 ip 
b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000]
> Oct  8 10:32:30 kernel: [9364589.330222] php-cgi[28125]: segfault at 0 ip 
b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000]
> Oct  8 10:32:30 kernel: [9364589.335009] php-cgi[28126]: segfault at 0 ip 
b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000]
> Oct  8 10:32:30 kernel: [9364589.337822] php-cgi[28127]: segfault at 0 ip 
b6f67d5c sp bf844b6c error 4 in libc-2.7.so[b6ef+155000]


[2011-10-08 06:19:41] paj...@php.net

Can you paste the short example please? As in not only the place where it 
occurs.


[2011-10-07 17:21:10] savetheinternet at omegasdg dot com

Description:

Although I do have a short code sample, I'm not sure where exactly or what 
conditions causes the segfault; I am 
unable to reproduce it myself. The backtrace indicates that this is indeed 
where 
the bug occurs.

The code sample below is an extract from a file that is included various times 
throughout a much larger 
application. fhash is not defined anywhere else.

Test script:
---
if(!function_exists('fhash')) {
function fhash($file) {
 system('optipng ' . escapeshellarg(preg_replace('/src\/(\d+)\.(.+)$/', 
'thumb/$1.png', $file)) . ' > /dev/null');
 return sha1_file($file);
}
}

Expected result:

To ensure that fhash() is not declared multiple times as this file may be 
included multiple times.

Actual result:
--
(gdb) bt
#0  0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6
#0  0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6
#1  0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 
"fhash", nKeyLength=6, pData=0x0, 
nDataSize=144, pDest=0x0, flag=2, 
__zend_filename=0x88aa40c "/home//php-5.3.8/Zend/zend_compile.c", 
__zend_lineno=2956)
at /home//php-5.3.8/Zend/zend_hash.c:256
#2  0x084c3d48 in do_bind_function (opline=0xb49e88fc, 
function_table=0x9bb7498, 
compile_time=0 '\0')
at /home//php-5.3.8/Zend/zend_compile.c:2956
#3  0x0850aa49 in ZEND_DECLARE_FUNCTION_SPEC_HANDLER (execute_data=0x9d79da8)
at /home//php-5.3.8/Zend/zend_vm_execute.h:586
#4  0x08508506 in execute (op_array=0x9d5ceac) at /home//php-
5.3.8/Zend/zend_vm_execute.h:107
#5  0x084dcf8d in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /home//php-5.3.8/Zend/zend.c:1236
#6  0x08472037 in php_execute_script (primary_file=0xbfc62428)
at /home//php-5.3.8/main/main.c:2284
#7  0x085a504e in main (argc=3, argv=0xbfc62594) at /home//php-
5.3.8/sapi/cgi/cgi_main.c:2112

(gdb) print (char *)executor_globals.active_op_array->filename
$2 = 0xb49e34d0 "/var/www/inc/instance-config.php"

(gdb) frame 4
#4  0x08508506 in execute (op_array=0x9d5ceac) at /home//php-
5.3.8/Zend/zend_vm_execute.h:107
107 if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) 
> 0) {

(gdb) frame 2
#2  0x084c3d48 in do_bind_function (opline=0xb49e88fc, 
function_table=0x9bb7498, 
compile_time=0 '\0')
at /home//php-5.3.8/Zend/zend_compile.c:2956
2956if (zend_hash_add(function_table, opline-
>op2.u.constant.value.str.val, opline-
>op2.u.constant.value.str.len+1, function, sizeof(zend_function), 
NULL)==FAILURE) {

(gdb) print (char*)o

Bug #55867 [Opn->Fbk]: segfault while declaring function

2011-10-07 Thread pajoye 
Edit report at https://bugs.php.net/bug.php?id=55867&edit=1

 ID: 55867
 Updated by: paj...@php.net
 Reported by:savetheinternet at omegasdg dot com
 Summary:segfault while declaring function
-Status: Open
+Status: Feedback
 Type:   Bug
 Package:Unknown/Other Function
 Operating System:   Debian 2.6.26-26lenny3
 PHP Version:5.3.8
 Block user comment: N
 Private report: N



Previous Comments:

[2011-10-08 06:19:41] paj...@php.net

Can you paste the short example please? As in not only the place where it 
occurs.


[2011-10-07 17:21:10] savetheinternet at omegasdg dot com

Description:

Although I do have a short code sample, I'm not sure where exactly or what 
conditions causes the segfault; I am 
unable to reproduce it myself. The backtrace indicates that this is indeed 
where 
the bug occurs.

The code sample below is an extract from a file that is included various times 
throughout a much larger 
application. fhash is not defined anywhere else.

Test script:
---
if(!function_exists('fhash')) {
function fhash($file) {
 system('optipng ' . escapeshellarg(preg_replace('/src\/(\d+)\.(.+)$/', 
'thumb/$1.png', $file)) . ' > /dev/null');
 return sha1_file($file);
}
}

Expected result:

To ensure that fhash() is not declared multiple times as this file may be 
included multiple times.

Actual result:
--
(gdb) bt
#0  0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6
#0  0xb6f2ed5c in memcpy () from /lib/i686/cmov/libc.so.6
#1  0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 
"fhash", nKeyLength=6, pData=0x0, 
nDataSize=144, pDest=0x0, flag=2, 
__zend_filename=0x88aa40c "/home//php-5.3.8/Zend/zend_compile.c", 
__zend_lineno=2956)
at /home//php-5.3.8/Zend/zend_hash.c:256
#2  0x084c3d48 in do_bind_function (opline=0xb49e88fc, 
function_table=0x9bb7498, 
compile_time=0 '\0')
at /home//php-5.3.8/Zend/zend_compile.c:2956
#3  0x0850aa49 in ZEND_DECLARE_FUNCTION_SPEC_HANDLER (execute_data=0x9d79da8)
at /home//php-5.3.8/Zend/zend_vm_execute.h:586
#4  0x08508506 in execute (op_array=0x9d5ceac) at /home//php-
5.3.8/Zend/zend_vm_execute.h:107
#5  0x084dcf8d in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /home//php-5.3.8/Zend/zend.c:1236
#6  0x08472037 in php_execute_script (primary_file=0xbfc62428)
at /home//php-5.3.8/main/main.c:2284
#7  0x085a504e in main (argc=3, argv=0xbfc62594) at /home//php-
5.3.8/sapi/cgi/cgi_main.c:2112

(gdb) print (char *)executor_globals.active_op_array->filename
$2 = 0xb49e34d0 "/var/www/inc/instance-config.php"

(gdb) frame 4
#4  0x08508506 in execute (op_array=0x9d5ceac) at /home//php-
5.3.8/Zend/zend_vm_execute.h:107
107 if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) 
> 0) {

(gdb) frame 2
#2  0x084c3d48 in do_bind_function (opline=0xb49e88fc, 
function_table=0x9bb7498, 
compile_time=0 '\0')
at /home//php-5.3.8/Zend/zend_compile.c:2956
2956if (zend_hash_add(function_table, opline-
>op2.u.constant.value.str.val, opline-
>op2.u.constant.value.str.len+1, function, sizeof(zend_function), 
NULL)==FAILURE) {

(gdb) print (char*)opline->op2.u.constant.value.str.val
$1 = 0xb49e3c98 "fhash"

(gdb) frame 1
#1  0x084e9e17 in _zend_hash_add_or_update (ht=0x9bb7498, arKey=0xb49e3c98 
"fhash", nKeyLength=6, pData=0x0, 
nDataSize=144, pDest=0x0, 
flag=2, __zend_filename=0x88aa40c "/home//php-
5.3.8/Zend/zend_compile.c", __zend_lineno=2956)
at /home//php-5.3.8/Zend/zend_hash.c:256
256 INIT_DATA(ht, p, pData, nDataSize);







-- 
Edit this bug report at https://bugs.php.net/bug.php?id=55867&edit=1