From: spam at pamignot dot org
Operating system: Linux 2.6.22-15-generic (Ubuntu)
PHP version: 5.3.0alpha2
PHP Bug Type: Apache2 related
Bug description: Segfault on script ending
Description:
------------
I just passed from 5.1.6 to 5.3.
I cannot give a quick code to reproduce the bug, but the script actually
does those actions :
- getting GET POST COOKIE information, giving them to HTMLPurifier and set
an array of the result
- define custom error handler
- execute action given by user
- display HTML result page
The script goes to the end, echo'ing wanted html page but it results in a
segfault.
If I comment out the next line, or if I comment out the static method
'exception_error_handler' from my class MyException, the script just works
fine :
set_error_handler(array('MyException', 'exception_error_handler'));
But if I let declared the method 'exception_error_handler', even with no
code inside, returning true or false, or throwing an exception, the script
ends up with a segfault.
Reproduce code:
---------------
/* some code using some PEAR packages,
custom error handler, echo'ing a HTML page */
exit();
Expected result:
----------------
Expected result is displaying HTML page to user.
Actual result:
--------------
The actual result is the output of my desired HTML page, ending with a
segfault :
# gdb php
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i486-linux-gnu"...
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
(gdb) r index.php
Starting program: /usr/local/bin/php index.php
[Thread debugging using libthread_db enabled]
[New Thread -1223292352 (LWP 21507)]
/* here comes my HTML page */
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1223292352 (LWP 21507)]
zend_hash_destroy (ht=0x8ce9ac4) at
/home/myhome/php-5.3.0alpha2/Zend/zend_hash.c:524
524 p = p->pListNext;
(gdb) bt
#0 zend_hash_destroy (ht=0x8ce9ac4) at
/home/myhome/php-5.3.0alpha2/Zend/zend_hash.c:524
#1 0x083d34e7 in _zval_dtor_func (zvalue=0x8ce9a78) at
/home/myhome/php-5.3.0alpha2/Zend/zend_variables.c:43
#2 0x083d2c55 in zend_ptr_stack_apply (stack=0x88ba628, func=0x83d3440
<_zval_dtor_func>) at
/home/myhome/php-5.3.0alpha2/Zend/zend_ptr_stack.c:90
#3 0x083d2c9f in zend_ptr_stack_clean (stack=0x88ba628, func=0x83d3440
<_zval_dtor_func>, free_elements=1 '\001')
at /home/myhome/php-5.3.0alpha2/Zend/zend_ptr_stack.c:97
#4 0x083c67f9 in shutdown_executor (tsrm_ls=0x88b82a0) at
/home/myhome/php-5.3.0alpha2/Zend/zend_execute_API.c:271
#5 0x083d3ab9 in zend_deactivate (tsrm_ls=0x88b82a0) at
/home/myhome/php-5.3.0alpha2/Zend/zend.c:899
#6 0x0837995a in php_request_shutdown (dummy=0x0) at
/home/myhome/php-5.3.0alpha2/main/main.c:1516
#7 0x0846a6da in main (argc=2, argv=0xbfc9d7a4) at
/home/myhome/php-5.3.0alpha2/sapi/cli/php_cli.c:1311
(gdb)
When I try from my browser and gdb "run -X" option, the backtrace looks
like this :
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1216632640 (LWP 21116)]
zend_hash_destroy (ht=0x85e50e8) at
/home/myhome/php-5.3.0alpha2/Zend/zend_hash.c:524
524 p = p->pListNext;
(gdb)
(gdb)
(gdb)
(gdb)
(gdb)
(gdb)
(gdb) bt
#0 zend_hash_destroy (ht=0x85e50e8) at
/home/myhome/php-5.3.0alpha2/Zend/zend_hash.c:524
#1 0xb72b9a57 in _zval_dtor_func (zvalue=0x85e509c) at
/home/myhome/php-5.3.0alpha2/Zend/zend_variables.c:43
#2 0xb72b91c5 in zend_ptr_stack_apply (stack=0x81e5980, func=0xb72b99b0
<_zval_dtor_func>) at
/home/myhome/php-5.3.0alpha2/Zend/zend_ptr_stack.c:90
#3 0xb72b920f in zend_ptr_stack_clean (stack=0x81e5980, func=0xb72b99b0
<_zval_dtor_func>, free_elements=1 '\001')
at /home/myhome/php-5.3.0alpha2/Zend/zend_ptr_stack.c:97
#4 0xb72acd69 in shutdown_executor (tsrm_ls=0x8132108) at
/home/myhome/php-5.3.0alpha2/Zend/zend_execute_API.c:271
#5 0xb72ba029 in zend_deactivate (tsrm_ls=0x8132108) at
/home/myhome/php-5.3.0alpha2/Zend/zend.c:899
#6 0xb725feca in php_request_shutdown (dummy=0x0) at
/home/myhome/php-5.3.0alpha2/main/main.c:1516
#7 0xb734fc1e in php_handler (r=0x8452b80) at
/home/myhome/php-5.3.0alpha2/sapi/apache2handler/sapi_apache2.c:470
#8 0x08079259 in ap_run_handler ()
#9 0x0807c5b7 in ap_invoke_handler ()
#10 0x08089998 in ap_process_request ()
#11 0x08086c9b in ?? ()
#12 0x08452b80 in ?? ()
#13 0x00000004 in ?? ()
#14 0x08452b80 in ?? ()
#15 0x00000000 in ?? ()
(gdb)
--
Edit bug report at http://bugs.php.net/?id=46338&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=46338&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=46338&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=46338&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=46338&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=46338&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=46338&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=46338&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=46338&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=46338&r=support
Expected behavior: http://bugs.php.net/fix.php?id=46338&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=46338&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=46338&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=46338&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=46338&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=46338&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=46338&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=46338&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=46338&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=46338&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=46338&r=mysqlcfg
