From: radek dot karpowicz at gmail dot com Operating system: Gentoo/Linux PHP version: 5.2.11 PHP Bug Type: Reproducible crash Bug description: Segmentation fault after infinite recursion loop, affects <= 5.2.11
Description: ------------ After running php into infinite recursion loop by defining function and executing it, binary will output segmentation fault. Same bug here: #15522 http://bugs.php.net/bug.php?id=15522 Why it's not patched since 4.1.1? Reproduce code: --------------- <?php function foo() { foo(); } foo(); ?> Expected result: ---------------- Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 261900 bytes) in /bug.php on line 4 Actual result: -------------- Segmentation fault GDB Trace: Starting program: /php-5.2.11/sapi/cli/php -f /bug.php [Thread debugging using libthread_db enabled] [New Thread 0xb7be16c0 (LWP 832)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7be16c0 (LWP 832)] 0x082d8a25 in zend_mm_check_ptr (heap=0x845f1d8, ptr=0x852040c, silent=1, __zend_filename=0x8432a34 "/php-5.2.11/Zend/zend_vm_execute.h", __zend_lineno=766, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /home/radekk/tmp/php-5.2.11/Zend/zend_alloc.c:1439 1439 if (memcmp(end_magic, &_mem_block_end_magic, END_MAGIC_SIZE)==0) { -- Edit bug report at http://bugs.php.net/?id=49823&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=49823&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=49823&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=49823&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=49823&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=49823&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=49823&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=49823&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=49823&r=needscript Try newer version: http://bugs.php.net/fix.php?id=49823&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=49823&r=support Expected behavior: http://bugs.php.net/fix.php?id=49823&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=49823&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=49823&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=49823&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49823&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=49823&r=dst IIS Stability: http://bugs.php.net/fix.php?id=49823&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=49823&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=49823&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=49823&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=49823&r=mysqlcfg