ID: 38019 Updated by: [EMAIL PROTECTED] Reported By: judas dot iscariote at gmail dot com -Status: Assigned +Status: Closed Bug Type: Reproducible crash Operating System: Linux 64 bit PHP Version: 5CVS-2006-07-05 (CVS) Assigned To: dmitry New Comment:
Fixed in CVS HEAD and PHP_5_2. Previous Comments: ------------------------------------------------------------------------ [2006-07-06 07:36:43] [EMAIL PROTECTED] Dmitry, we've already discussed it - the problem is that shutdown_executor() destroys classes first and then runs objects destructors (in this case - it's mysqli_objects_free_storage()) which can access already destroyed class entries. Here is what valgrind says about it: http://gcov.php.net/PHP_5_2/tests/ext/mysqli/tests/bug33491.mem Though, no crash here, even with Zend MM disabled. This patch: http://tony2001.phpclub.net/dev/tmp/bug38019.diff fixes the problem for me and I don't see any new ones. ------------------------------------------------------------------------ [2006-07-05 23:11:00] judas dot iscariote at gmail dot com Description: ------------ the following code segfaults in current PHP 5_2 and PHP 6 CVS in **debug** mode.(just checked from the CVS, no need to try snapshots) ./configure --enable-debug --with-libdir=lib64 --with-mysqli=/usr/bin/mysql_config --with-zlib=/usr --disable-cgi not sure if this is related with bug #38003.. Reproduce code: --------------- <?php class DB extends mysqli { private function __construct() { echo "bug"; } } $DB = new DB(); ?> Expected result: ---------------- Fatal error: Call to private DB::__construct() from invalid context in /srv/www/htdocs/singleton.php Actual result: -------------- Fatal error: Call to private DB::__construct() from invalid context in /srv/www/htdocs/singleton.php on line 13 Program received signal SIGSEGV, Segmentation fault. 0x00000000005dd76a in instanceof_function_ex (instance_ce=0xa289b0, ce=0x9ed4f0, interfaces_only=0 '\0') at /local/local/bodegon/php-debug/Zend/zend_operators.c:1600 1600 if (instanceof_function(instance_ce->interfaces[i], ce TSRMLS_CC)) { (gdb) bt #0 0x00000000005dd76a in instanceof_function_ex (instance_ce=0xa289b0, ce=0x9ed4f0, interfaces_only=0 '\0') at /local/local/bodegon/php-debug/Zend/zend_operators.c:1600 #1 0x00000000005dd7ab in instanceof_function (instance_ce=<value optimized out>, ce=<value optimized out>) at /local/local/bodegon/php-debug/Zend/zend_operators.c:1618 #2 0x000000000049e5d9 in mysqli_objects_free_storage (object=<value optimized out>) at /local/local/bodegon/php-debug/ext/mysqli/mysqli.c:143 #3 0x000000000060329e in zend_objects_store_free_object_storage (objects=0x8be600) at /local/local/bodegon/php-debug/Zend/zend_objects_API.c:86 #4 0x00000000005d8e8c in shutdown_executor () at /local/local/bodegon/php-debug/Zend/zend_execute_API.c:281 #5 0x00000000005e5ab3 in zend_deactivate () at /local/local/bodegon/php-debug/Zend/zend.c:854 #6 0x00000000005a417b in php_request_shutdown (dummy=<value optimized out>) at /local/local/bodegon/php-debug/main/main.c:1300 #7 0x00000000006821ea in main (argc=2, argv=0x7fffffd96a48) at /local/local/bodegon/php-debug/sapi/cli/php_cli.c:1250 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=38019&edit=1