#33332 [NEW]: Segmentation fault when extending DOMDocument

bjori at jeshus dot com Mon, 13 Jun 2005 22:28:52 -0700

From:             bjori at jeshus dot com
Operating system: FreeBSD 5.3-RELEASE
PHP version:      5.0.3
PHP Bug Type:     Reproducible crash
Bug description:  Segmentation fault when extending DOMDocument


Description:
------------
Segmentation fault is segmentation fault, should never happen, even thou
the code is stupid.

Not sure how to describe this problem, guess the example speak for it
self.
Short, and quite funny, example provided.

Reproduce code:
---------------
<?php
    class foo extends DOMDocument {
        function __construct() {
            $this->obj = $this;
            $this->obj = $this->obj->foobar;
        }
    }
    new foo;
?>


Actual result:
--------------
#0  _efree (ptr=0x5a5a5a5a, __zend_filename=0x817e4f4
"/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_variables.c",
    __zend_lineno=193, __zend_orig_filename=0x817d97c
"/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.h",
    __zend_orig_lineno=61) at
/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_alloc.c:263
#1  0x08111cee in _zval_ptr_dtor (zval_ptr=0x82901b0,
    __zend_filename=0x817e4f4
"/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_variables.c",
__zend_lineno=193)
    at zend_execute.h:61
#2  0x0811ce3b in _zval_ptr_dtor_wrapper (zval_ptr=0x82901b0)
    at /usr/ports/lang/php5/work/php-5.0.3/Zend/zend_variables.c:193
#3  0x0812504d in _zend_hash_quick_add_or_update (ht=0x82830a4,
arKey=0x8281864 "obj", nKeyLength=4, h=2090572832,
    pData=0xbfbfd0e8, nDataSize=4, pDest=0xbfbfd0a0, flag=1,
    __zend_filename=0x8180640
"/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_object_handlers.c",
__zend_lineno=371)
    at /usr/ports/lang/php5/work/php-5.0.3/Zend/zend_hash.c:294
#4  0x08132e62 in zend_std_write_property (object=0x82814e4,
member=0x81ad9d0, value=0x81975e4)
    at
/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_object_handlers.c:371
#5  0x284daca6 in dom_write_property () from
/usr/local/lib/php/20041030-debug/dom.so
#6  0x0814a993 in zend_assign_to_object (result=0x81ad9a4,
object_ptr=0x8197758, op2=0x81ad9cc, value_op=0x81ada04,
    Ts=0xbfbfd200, opcode=136) at
/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.c:436
#7  0x0814a28f in zend_assign_obj_handler (execute_data=0xbfbfd290,
opline=0x81ad9a0, op_array=0x8282724)
    at /usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.c:2203
#8  0x08142990 in execute (op_array=0x8282724) at
/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.c:1400
#9  0x0814e47a in zend_do_fcall_common_helper (execute_data=0xbfbfd410,
opline=0x81addec, op_array=0x8282624)
    at /usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.c:2740
#10 0x0814e8fc in zend_do_fcall_by_name_handler (execute_data=0x817d97c,
opline=0x81addec, op_array=0x8282624)
    at /usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.c:2825
#11 0x08142990 in execute (op_array=0x8282624) at
/usr/ports/lang/php5/work/php-5.0.3/Zend/zend_execute.c:1400
#12 0x0811e979 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/ports/lang/php5/work/php-5.0.3/Zend/zend.c:1069
#13 0x080e2f44 in php_execute_script (primary_file=0xbfbfeb50) at
/usr/ports/lang/php5/work/php-5.0.3/main/main.c:1628
#14 0x08157adc in main (argc=2, argv=0xbfbfebd0) at
/usr/ports/lang/php5/work/php-5.0.3/sapi/cli/php_cli.c:943


-- 
Edit bug report at http://bugs.php.net/?id=33332&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=33332&r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=33332&r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=33332&r=trysnapshot51
Fixed in CVS:                http://bugs.php.net/fix.php?id=33332&r=fixedcvs
Fixed in release:            http://bugs.php.net/fix.php?id=33332&r=alreadyfixed
Need backtrace:              http://bugs.php.net/fix.php?id=33332&r=needtrace
Need Reproduce Script:       http://bugs.php.net/fix.php?id=33332&r=needscript
Try newer version:           http://bugs.php.net/fix.php?id=33332&r=oldversion
Not developer issue:         http://bugs.php.net/fix.php?id=33332&r=support
Expected behavior:           http://bugs.php.net/fix.php?id=33332&r=notwrong
Not enough info:             
http://bugs.php.net/fix.php?id=33332&r=notenoughinfo
Submitted twice:             
http://bugs.php.net/fix.php?id=33332&r=submittedtwice
register_globals:            http://bugs.php.net/fix.php?id=33332&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=33332&r=php3
Daylight Savings:            http://bugs.php.net/fix.php?id=33332&r=dst
IIS Stability:               http://bugs.php.net/fix.php?id=33332&r=isapi
Install GNU Sed:             http://bugs.php.net/fix.php?id=33332&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=33332&r=float
No Zend Extensions:          http://bugs.php.net/fix.php?id=33332&r=nozend
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=33332&r=mysqlcfg

#33332 [NEW]: Segmentation fault when extending DOMDocument

Reply via email to