Edit report at https://bugs.php.net/bug.php?id=54604&edit=1
ID: 54604 Updated by: [email protected] Reported by: bugs dot php dot net at zetafleet dot com Summary: Segfault in ZEND_SWITCH_FREE_SPEC_VAR_HANDLER -Status: Feedback +Status: No Feedback Type: Bug Package: Reproducible crash Operating System: Debian Linux PHP Version: 5.3.6 New Comment: No feedback was provided. The bug is being suspended because we assume that you are no longer experiencing the problem. If this is not the case and you are able to provide the information that was requested earlier, please do so and change the status of the bug back to "Open". Thank you. Previous Comments: ------------------------------------------------------------------------ [2011-07-10 13:14:42] [email protected] Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with <?php and ends with ?>, is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. ------------------------------------------------------------------------ [2011-04-26 04:23:12] bugs dot php dot net at zetafleet dot com Description: ------------ Iâm not able to safely create a reduced test case. The crash is occurring from inside a custom error handler when it calls Smarty::display on a Smarty 2.6.26 template. Reproduced using both dotdeb 5.3.6-6~dotdeb.1 and debian unstable 5.3.6-8. Expected result: ---------------- No crash. Actual result: -------------- Program received signal SIGSEGV, Segmentation fault. ZEND_SWITCH_FREE_SPEC_VAR_HANDLER (execute_data=0x7fb3ed373a30) at /tmp/buildd/php5-5.3.6/Zend/zend.h:385 385 /tmp/buildd/php5-5.3.6/Zend/zend.h: No such file or directory. in /tmp/buildd/php5-5.3.6/Zend/zend.h (gdb) t a a bt Thread 1 (Thread 0x7fb3f7bfd720 (LWP 9215)): #0 ZEND_SWITCH_FREE_SPEC_VAR_HANDLER (execute_data=0x7fb3ed373a30) at /tmp/buildd/php5-5.3.6/Zend/zend.h:385 #1 0x00000000006abb34 in execute (op_array=0x2832d68) at /tmp/buildd/php5-5.3.6/Zend/zend_vm_execute.h:107 #2 0x000000000067862f in zend_call_function (fci=0x7fffa5018100, fci_cache=0x7fb3ed36b1f8) at /tmp/buildd/php5-5.3.6/Zend/zend_execute_API.c:964 #3 0x0000000000678a60 in call_user_function_ex (function_table=0x7fb3ed373af0, object_pp=0x0, function_name=0x0, retval_ptr_ptr=0x0, param_count=0, params=0x101010101010101, no_separation=6838809, symbol_table=0x1) at /tmp/buildd/php5-5.3.6/Zend/zend_execute_API.c:754 #4 0x0000000000685a19 in zend_error (type=8192, format=0xaaff40 "Assigning the return value of new by reference is deprecated") at /tmp/buildd/php5-5.3.6/Zend/zend.c:1173 #5 0x0000000000655ae7 in zendparse () at /tmp/buildd/php5-5.3.6/Zend/zend_language_parser.c:4247 #6 0x0000000000657b62 in compile_file (file_handle=<incomplete type>, type=0) at Zend/zend_language_scanner.l:364 #7 0x0000000000511d11 in phar_compile_file (file_handle=<incomplete type>, type=0) at /tmp/buildd/php5-5.3.6/ext/phar/phar.c:3393 #8 0x0000000000657d22 in compile_filename (type=2, filename=0x282bfd8) at Zend/zend_language_scanner.l:407 #9 0x00000000006cc4e8 in ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER (execute_data=0x7fb3ed36b1f8) at /tmp/buildd/php5-5.3.6/Zend/zend_vm_execute.h:1925 #10 0x00000000006abb34 in execute (op_array=0x27ff180) at /tmp/buildd/php5-5.3.6/Zend/zend_vm_execute.h:107 #11 0x0000000000686796 in zend_execute_scripts (type=0, retval=0x7fffa501a590, file_count=3) at /tmp/buildd/php5-5.3.6/Zend/zend.c:1266 #12 0x0000000000632063 in php_execute_script (primary_file=0x29e0f60) at /tmp/buildd/php5-5.3.6/main/main.c:2296 #13 0x0000000000724306 in main (argc=41836840, argv=0xda8300) at /tmp/buildd/php5-5.3.6/sapi/fpm/fpm/fpm_main.c:1917 ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=54604&edit=1
