ID: 11582
Updated by: sniper
Old-Status: Feedback
Status: Open
Bug Type: Reproducible crash
Operating system: 
PHP Version: 4.0.5
Assigned To: 


Previous Comments:

[2001-06-20 16:41:27] [EMAIL PROTECTED]
status -> feedback


[2001-06-20 15:05:37] [EMAIL PROTECTED]

it took some time to isolate the problem, but here is the
testcase. the segfault is not triggered if PHP was compiled --enable-debug version, in 
which case it complains
that it "Cannot use scalar value as an array".

header("Content-type: text/plain");

$arr[data] = "scalar";

for ($i=0;$i < 200; $i++) {
  print $i."n";
  // trying to use scalar value as an array
  $arr[data][entries][] = array();


i hope this helps.



[2001-06-20 12:38:49] [EMAIL PROTECTED]
status -> feedback


[2001-06-20 11:34:39] [EMAIL PROTECTED]
please send the shortest possible testcase that shows your problem!


[2001-06-20 10:05:23] [EMAIL PROTECTED]

below is the backtrace of the SEGFAULT.

i can reproduce in 100% of the cases  by commenting in  the one line
                        $this->attributes[data][entries][$zone][] = $entry;
                         $this->attributes[data][entries][$zone] = array();

$zone is a string
$entry is an array.

these are perfectly okay and work. but in the project i'm working on,
the code-path leading to these statements screws something up.
these lines are 2 nested while loops, and the segfault happens (always)
after the 3rd iteration of the inner loop.

i was not yet able to extract a (short) script to reproduce the problem,
but i will continue trying to create one...


(gdb) bt
#0  0x21 in ?? ()
#1  0x405e24ad in zend_fetch_dimension_address_inner (ht=0x8535cec, 
    op2=0x86c61e4, Ts=0xbfff63f0, type=1) at ./zend_execute.c:521
#2  0x405d8823 in zend_fetch_dimension_address (result=0x86c61c4, 
    op1=0x86c61d4, op2=0x86c61e4, Ts=0xbfff63f0, type=1)
    at ./zend_execute.c:671
#3  0x405dacf5 in execute (op_array=0x86298d4) at ./zend_execute.c:1165
#4  0x405dcd0e in execute (op_array=0x8354af4) at ./zend_execute.c:1534
#5  0x405dcd0e in execute (op_array=0x84b837c) at ./zend_execute.c:1534
#6  0x405df2e1 in execute (op_array=0x83ee0cc) at ./zend_execute.c:2039
#7  0x405dcd0e in execute (op_array=0x83ee0cc) at ./zend_execute.c:1534
#8  0x405dcd0e in execute (op_array=0x8633d8c) at ./zend_execute.c:1534
#9  0x405eac25 in zend_execute_scripts (type=8, file_count=3) at zend.c:743
#10 0x405fc453 in php_execute_script (primary_file=0xbffff510) at main.c:1209
#11 0x405f8d1a in apache_php_module_main (r=0x80a4180, display_source_mode=0)
    at sapi_apache.c:89
#12 0x405f9679 in send_php (r=0x80a4180, display_source_mode=0, filename=0x0)
    at mod_php4.c:521
#13 0x405f96ae in send_parsed_php (r=0x80a4180) at mod_php4.c:532
#14 0x8054e7f in ap_invoke_handler ()
#15 0x806753c in ap_some_auth_required ()
#16 0x80675b3 in ap_process_request ()
#17 0x805fa17 in ap_child_terminate ()
---Type <return> to continue, or q <return> to quit---
#18 0x805fc5b in ap_child_terminate ()
#19 0x805ffab in ap_child_terminate ()
#20 0x80604ec in ap_child_terminate ()
#21 0x8060be3 in main ()
#22 0x40107b5c in __libc_start_main (main=0x8060760 <main>, argc=44, 
    ubp_av=0xbffff874, init=0x804fa3c <_init>, fini=0x808aafc <_fini>, 
    rtld_fini=0x4000d634 <_dl_fini>, stack_end=0xbffff86c)
    at ../sysdeps/generic/libc-start.c:129


The remainder of the comments for this report are too long.  To view the rest of the 
comments, please view the bug report online.

ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to