From:
Operating system: Linux
PHP version: 5.3.2
Package: Streams related
Bug Type: Bug
Bug description:Segfault when using stream_filter_append()
Description:
------------
PHP segfaulting when appending a user-defined filter in WRITE mode. I can
confirm that if I switch to READ mode, or I use a PHP built-in filter, the
segfault goes away.
Test script:
---------------
The code that causes this to happen looks like this:
$fp = fopen('php://temp', 'w+');
stream_filter_register('user_filter', 'User_Filter_Class_Name');
stream_filter_append($fp, 'user_filter', STREAM_FILTER_WRITE);
Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
0x0000000000743918 in zend_hash_find (ht=0x2682b28, arKey=0xc32354
"stream",
nKeyLength=7, pData=0x7fffc9b123f8)
at /disk2/src/php-5.3.2/Zend/zend_hash.c:880
880 p = ht->arBuckets[nIndex];
-----
#0 0x0000000000743918 in zend_hash_find (ht=0x2682b28,
arKey=0xc32354 "stream", nKeyLength=7, pData=0x7fffc9b123f8)
at /disk2/src/php-5.3.2/Zend/zend_hash.c:880
#1 0x00000000006c2a79 in userfilter_filter (stream=0x269c908,
thisfilter=<value optimized out>, buckets_in=0x7fffc9b12480,
buckets_out=0x7fffc9b12470, bytes_consumed=0x7fffc9b12498, flags=2)
at /disk2/src/php-5.3.2/ext/standard/user_filters.c:183
#2 0x00000000006fc727 in _php_stream_write_filtered (stream=0x269c908,
buf=<value optimized out>, count=<value optimized out>, flags=2)
at /disk2/src/php-5.3.2/main/streams/streams.c:997
#3 0x00000000006fc93c in _php_stream_flush (stream=0x269c908,
closing=<value optimized out>)
at /disk2/src/php-5.3.2/main/streams/streams.c:1046
#4 0x00000000006fcb43 in _php_stream_free (stream=0x269c908,
close_options=11)
at /disk2/src/php-5.3.2/main/streams/streams.c:331
#5 0x00000000006fce11 in stream_resource_regular_dtor (
rsrc=<value optimized out>)
at /disk2/src/php-5.3.2/main/streams/streams.c:1426
#6 0x0000000000745bbe in list_entry_destructor (ptr=0x269d1c0)
at /disk2/src/php-5.3.2/Zend/zend_list.c:184
#7 0x0000000000744da5 in zend_hash_del_key_or_index (ht=0xfbdef0,
arKey=0xc32354 "stream", nKeyLength=3383829656, h=229483039115121,
flag=<value optimized out>) at
/disk2/src/php-5.3.2/Zend/zend_hash.c:497
#8 0x0000000000745e67 in _zend_list_delete (id=<value optimized out>)
at /disk2/src/php-5.3.2/Zend/zend_list.c:58
#9 0x000000000072b8d5 in _zval_dtor (zval_ptr=0x27e6ee8)
at /disk2/src/php-5.3.2/Zend/zend_variables.h:35
#10 _zval_ptr_dtor (zval_ptr=0x27e6ee8)
at /disk2/src/php-5.3.2/Zend/zend_execute_API.c:439
#11 0x0000000000742abb in zend_hash_destroy (ht=0x27ab938)
at /disk2/src/php-5.3.2/Zend/zend_hash.c:526
#12 0x00000000007369d6 in _zval_dtor_func (zvalue=0x269c090)
at /disk2/src/php-5.3.2/Zend/zend_variables.c:43
#13 0x000000000072b8d5 in _zval_dtor (zval_ptr=0x27add00)
at /disk2/src/php-5.3.2/Zend/zend_variables.h:35
#14 _zval_ptr_dtor (zval_ptr=0x27add00)
at /disk2/src/php-5.3.2/Zend/zend_execute_API.c:439
#15 0x0000000000742abb in zend_hash_destroy (ht=0x26469f8)
at /disk2/src/php-5.3.2/Zend/zend_hash.c:526
#16 0x00000000007369d6 in _zval_dtor_func (zvalue=0x26bfff8)
at /disk2/src/php-5.3.2/Zend/zend_variables.c:43
#17 0x000000000072b8d5 in _zval_dtor (zval_ptr=0x27e68c0)
at /disk2/src/php-5.3.2/Zend/zend_variables.h:35
#18 _zval_ptr_dtor (zval_ptr=0x27e68c0)
at /disk2/src/php-5.3.2/Zend/zend_execute_API.c:439
#19 0x0000000000742abb in zend_hash_destroy (ht=0x26ed608)
at /disk2/src/php-5.3.2/Zend/zend_hash.c:526
#20 0x0000000000754cd9 in zend_object_std_dtor (object=0x27de0d0)
at /disk2/src/php-5.3.2/Zend/zend_objects.c:45
#21 0x0000000000754cf9 in zend_objects_free_object_storage
(object=0x2682b28)
at /disk2/src/php-5.3.2/Zend/zend_objects.c:114
#22 0x000000000075816a in zend_objects_store_free_object_storage (
objects=0xfbe018) at /disk2/src/php-5.3.2/Zend/zend_objects_API.c:92
#23 0x000000000072bc5c in shutdown_executor ()
at /disk2/src/php-5.3.2/Zend/zend_execute_API.c:302
#24 0x00000000007375e3 in zend_deactivate ()
at /disk2/src/php-5.3.2/Zend/zend.c:890
#25 0x00000000006e74e0 in php_request_shutdown (dummy=<value optimized
out>)
at /disk2/src/php-5.3.2/main/main.c:1633
#26 0x00000000007bc7a7 in main (argc=<value optimized out>,
argv=<value optimized out>)
at /disk2/src/php-5.3.2/sapi/cgi/cgi_main.c:2152
--
Edit bug report at http://bugs.php.net/bug.php?id=51658&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=51658&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=51658&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=51658&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=51658&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=51658&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=51658&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=51658&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=51658&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=51658&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=51658&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=51658&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=51658&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=51658&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=51658&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=51658&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=51658&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=51658&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=51658&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=51658&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=51658&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=51658&r=mysqlcfg
