#31579 [NEW]: Segfault in _zval_ptr_dtor

chris-php at bolt dot cx Sun, 16 Jan 2005 17:32:26 -0800

From:             chris-php at bolt dot cx
Operating system: Linux 2.4
PHP version:      4CVS-2005-01-17 (stable)
PHP Bug Type:     Reproducible crash
Bug description:  Segfault in _zval_ptr_dtor


Description:
------------
Bug 31332 (http://bugs.php.net/bug.php?id=31332) hit me hard, since I use
memcached (http://www.danga.com/memcached/) for cacheing, along with the
memcache PECL extension (http://pecl.php.net/memcache). When it was
resolved, I upgraded to PHP 4.3 CVS 200501162130 and now PHP crashes,
apparently in the PECL extension, however the crash appears to be caused
by the fix for bug 31332, so I'm reporting it both here and to the
memcache PECL bug database.

Reproduce code:
---------------
<?
$mc = memcache_connect("localhost", 11211, 1);
var_dump($mc->set("test", array("hello")));
var_dump($mc->get(array("test")));
/*
one thing to note:
var_dump($mc->get("test"));
works fine.
*/
?>


Expected result:
----------------
bool(true)
array(1) {
  ["test"]=>
  array(1) {
    [0]=>
    string(5) "hello"
  }
}


Actual result:
--------------
bool(true)
Segmentation fault (core dumped)


Program received signal SIGSEGV, Segmentation fault.
0x403f86d6 in _zval_ptr_dtor (zval_ptr=0x84433c8)
    at /home/chris/php4-STABLE-200501162130/Zend/zend_execute_API.c:287
287             (*zval_ptr)->refcount--;
(gdb) bt
#0  0x403f86d6 in _zval_ptr_dtor (zval_ptr=0x84433c8)
    at /home/chris/php4-STABLE-200501162130/Zend/zend_execute_API.c:287
#1  0x403b55f9 in var_destroy (var_hashx=0x1)
    at
/home/chris/php4-STABLE-200501162130/ext/standard/var_unserializer.c:132
#2  0x4061d201 in mmc_exec_retrieval_cmd_multi (mmc=0x83d4d48,
keys=0x844341c,
    result=0xbfff77b4) at /root/memcache-1.4/memcache.c:906
#3  0x4061e7ef in zif_memcache_get (ht=808530489, return_value=0x844347c,
    this_ptr=0x84433c4, return_value_used=1)
    at /root/memcache-1.4/memcache.c:1581
#4  0x4041031e in execute (op_array=0x83421bc)
    at /home/chris/php4-STABLE-200501162130/Zend/zend_execute.c:1648
#5  0x4041009f in execute (op_array=0x8344c34)
    at /home/chris/php4-STABLE-200501162130/Zend/zend_execute.c:1692
#6  0x4041009f in execute (op_array=0x82145c4)
    at /home/chris/php4-STABLE-200501162130/Zend/zend_execute.c:1692
#7  0x40411731 in execute (op_array=0x820f844)
    at /home/chris/php4-STABLE-200501162130/Zend/zend_execute.c:2218
#8  0x40400d70 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/chris/php4-STABLE-200501162130/Zend/zend.c:900
#9  0x403d7148 in php_execute_script (primary_file=0xbffff7b0)
    at /home/chris/php4-STABLE-200501162130/main/main.c:1739
#10 0x4041447e in apache_php_module_main (r=0x8203b0c,
display_source_mode=0)
    at /home/chris/php4-STABLE-200501162130/sapi/apache/sapi_apache.c:54
#11 0x40414fca in send_php (r=0x8203b0c, display_source_mode=0,
filename=0x0)
    at /home/chris/php4-STABLE-200501162130/sapi/apache/mod_php4.c:621
#12 0x40415173 in send_parsed_php (r=0x8203b0c)
    at /home/chris/php4-STABLE-200501162130/sapi/apache/mod_php4.c:636
#13 0x0808b5cb in ap_invoke_handler ()
#14 0x080a0b3b in ap_some_auth_required ()
#15 0x080a0f96 in ap_internal_redirect ()
#16 0x0806250a in ap_get_server_built ()
#17 0x0808b5cb in ap_invoke_handler ()
#18 0x080a0b3b in ap_some_auth_required ()
#19 0x080a0b9a in ap_process_request ()
#20 0x08097b20 in ap_child_terminate ()
#21 0x08097dae in ap_child_terminate ()
#22 0x08097e54 in ap_child_terminate ()
#23 0x08098514 in ap_child_terminate ()
#24 0x08098d4c in main ()
#25 0x401afd06 in __libc_start_main () from /lib/libc.so.6


-- 
Edit bug report at http://bugs.php.net/?id=31579&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=31579&r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=31579&r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=31579&r=trysnapshot51
Fixed in CVS:                http://bugs.php.net/fix.php?id=31579&r=fixedcvs
Fixed in release:            http://bugs.php.net/fix.php?id=31579&r=alreadyfixed
Need backtrace:              http://bugs.php.net/fix.php?id=31579&r=needtrace
Need Reproduce Script:       http://bugs.php.net/fix.php?id=31579&r=needscript
Try newer version:           http://bugs.php.net/fix.php?id=31579&r=oldversion
Not developer issue:         http://bugs.php.net/fix.php?id=31579&r=support
Expected behavior:           http://bugs.php.net/fix.php?id=31579&r=notwrong
Not enough info:             
http://bugs.php.net/fix.php?id=31579&r=notenoughinfo
Submitted twice:             
http://bugs.php.net/fix.php?id=31579&r=submittedtwice
register_globals:            http://bugs.php.net/fix.php?id=31579&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=31579&r=php3
Daylight Savings:            http://bugs.php.net/fix.php?id=31579&r=dst
IIS Stability:               http://bugs.php.net/fix.php?id=31579&r=isapi
Install GNU Sed:             http://bugs.php.net/fix.php?id=31579&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=31579&r=float
No Zend Extensions:          http://bugs.php.net/fix.php?id=31579&r=nozend
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=31579&r=mysqlcfg

#31579 [NEW]: Segfault in _zval_ptr_dtor

Reply via email to