ID: 41130 User updated by: mumu at seznam dot cz Reported By: mumu at seznam dot cz -Status: Bogus +Status: Open Bug Type: Reproducible crash Operating System: FreeBSD PHP Version: 5CVS-2007-04-18 (snap) New Comment:
I am still not convinced that I have an infinite loop in my very code. Please follow with me the following. The PHP crashes in the infinite loop; presume, that I have the infinite loop in the code. Now, I am moving with the "exit;" inside the same loop (you can see, there is no loop on command "$a = $b"). Therefore, the server would either crash everytime nor anytime, because whenever the interpret reaches the "exit;" command it ends whole the script, not depending on the cycles. However, the server crashes after, but not before the command. Therefore, the only one line which would cause the infinite loop might in my code is the "$a = $b;" line; unfortunately, this command does not make any cycle. This is the contradiction to the presumption. Let me give you the summary of the contradiction: The infinite loop is caused by an assignement command from a variable to another variable, which would not cause any cycle. Previous Comments: ------------------------------------------------------------------------ [2007-04-18 12:59:32] [EMAIL PROTECTED] Infinite recursion in the code is expected to eat the stack and that might result in crash. ------------------------------------------------------------------------ [2007-04-18 12:54:51] mumu at seznam dot cz Please double-check the information provided in the Reproduce code section. From my point of view it does not seem to be the infinite loop in my code. The provided executed command is assignement a simple variable to another variable without any loop. Moreover, please provide me with the information, how to get the place in my code where the infinite loop occurs. I could not find it in the manual or web. Thank you. ------------------------------------------------------------------------ [2007-04-18 12:47:14] [EMAIL PROTECTED] Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://www.php.net/manual/ and the instructions on how to report a bug at http://bugs.php.net/how-to-report.php Your code has infinite recursion... ------------------------------------------------------------------------ [2007-04-18 12:42:11] mumu at seznam dot cz Description: ------------ The PHP Zend engine falls into the infinite loop and crashes. Moreover, the last stable version PHP 5.2.1 is also affected by the crash. Configure Command './configure' '--enable-versioning' '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--enable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection' '--program-prefix=' '--disable-cgi' '--with-apxs2=/usr/local/sbin/apxs' '--with-regex=php' '--with-zend-vm=CALL' '--enable-debug' '--enable-zend-multibyte' '--disable-ipv6' '--prefix=/usr/local/php-dev' '--with-mysql' '--with-pcre-regex' Reproduce code: --------------- The simple reproduce code is not available; however, the following was discovered. The PHP crashes on the line where the value assignement is made. There was no crash in the previous version, even the both McSession and current file, where the crash probably occures, have not been changed from the previous version of the web site. Therefore, the code would be without problems. Moreover, the following three circumstances has been debugged. I. Original (crashes) --- $GLOBALS['McSession']->data['authorization']['user'] = $id; --- II. Exit before (ok) --- echo 1; exit; $GLOBALS['McSession']->data['authorization']['user'] = $id; --- III. Exit after (crashes) --- $GLOBALS['McSession']->data['authorization']['user'] = $id; echo 1; exit; --- Expected result: ---------------- No crash ;) Actual result: -------------- The following backtrace has been retrieved using php CLI interface; however, the crash occures also while the PHP is used as an Apache module. The first 10 and last 10 items of the backtrace are included in the list (the rest cca 230000 rows is the infinite cycle). The code lines are valid for php5.2-200704180630 source snapshot. Program received signal SIGSEGV, Segmentation fault. 0x081aac97 in execute (op_array=0x84a846c) at zend_vm_execute.h:53 53 memset(EX(CVs), 0, sizeof(zval**) * op_array->last_var); (gdb) bt 10 #0 0x081aac97 in execute (op_array=0x84a846c) at zend_vm_execute.h:53 #1 0x081ab291 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc00e70) at zend_vm_execute.h:234 #2 0x081abb81 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc00e70) at zend_vm_execute.h:322 #3 0x081aad6e in execute (op_array=0x84a0254) at zend_vm_execute.h:92 #4 0x081ab291 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc01390) at zend_vm_execute.h:234 #5 0x081abb81 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc01390) at zend_vm_execute.h:322 #6 0x081aad6e in execute (op_array=0x84d6020) at zend_vm_execute.h:92 #7 0x081ab291 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc01530) at zend_vm_execute.h:234 #8 0x081abb81 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbbc01530) at zend_vm_execute.h:322 #9 0x081aad6e in execute (op_array=0x8566e70) at zend_vm_execute.h:92 #10 0x081ab291 in zend_do_fcall_common_helper_SPEC (execute_data=0xbbc016b0) at zend_vm_execute.h:234 (gdb) bt -10 #234680 0x081abb81 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbfbe00) at zend_vm_execute.h:322 #234681 0x081aad6e in execute (op_array=0x855d874) at zend_vm_execute.h:92 #234682 0x081ab291 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbfc870) at zend_vm_execute.h:234 #234683 0x081abb81 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbfc870) at zend_vm_execute.h:322 #234684 0x081aad6e in execute (op_array=0x82ac748) at zend_vm_execute.h:92 #234685 0x081b59b7 in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER (execute_data=0xbfbfd430) at zend_vm_execute.h:4600 #234686 0x081aad6e in execute (op_array=0x82aafd4) at zend_vm_execute.h:92 #234687 0x0818a515 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/local/src/php5.2-200704180630/Zend/zend.c:1134 #234688 0x0814154b in php_execute_script (primary_file=0xbfbfeb10) at /usr/local/src/php5.2-200704180630/main/main.c:1790 #234689 0x081f1c80 in main (argc=3, argv=0xbfbfebac) at /usr/local/src/php5.2-200704180630/sapi/cli/php_cli.c:1130 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=41130&edit=1
