From: Operating system: Ubuntu 8.04 and CentOS 5.5 PHP version: 5.3.3 Package: Scripting Engine problem Bug Type: Bug Bug description:call_user_func and throw Exception causes segmentation fault
Description: ------------ tested on 5.3.4-dev and 5.3.2. Here is a gdb bt from each: == 5.3.2 GNU gdb (GDB) Red Hat Enterprise Linux (7.0.1-23.el5_5.1) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/php...(no debugging symbols found)...done. (gdb) run test.php Starting program: /usr/bin/php test.php [Thread debugging using libthread_db enabled] Starting call #1 GOTCHA call #2 GOTCHA call #3 == 5.3.4-dev GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu"... (gdb) run test.php Starting program: /usr/local/bin/php test.php [Thread debugging using libthread_db enabled] [New Thread 0xb73ba6d0 (LWP 21760)] Starting call #1 GOTCHA call #2 GOTCHA call #3 Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb73ba6d0 (LWP 21760)] 0x083a6804 in zend_parse_va_args (num_args=1, type_spec=0x884f1d1 "*", va=0xbf6e912c, flags=0) at /root/src/php-src/PHP_5_3/Zend/zend_API.c:588 588 /root/src/php-src/PHP_5_3/Zend/zend_API.c: No such file or directory. in /root/src/php-src/PHP_5_3/Zend/zend_API.c Program received signal SIGSEGV, Segmentation fault. 0x00000000006018ca in ?? () == Valgrind on 5.3.4-dev Starting call #1 GOTCHA call #2 GOTCHA call #3 ==27936== Stack overflow in thread 1: can't grow stack to 0xBE79AFF4 ==27936== ==27936== Process terminating with default action of signal 11 (SIGSEGV) ==27936== Access not within mapped region at address 0xBE79AFF4 ==27936== at 0x83A560C: zend_parse_va_args (zend_API.c:672) ==27936== Stack overflow in thread 1: can't grow stack to 0xBE79AFAC ==27936== ==27936== Process terminating with default action of signal 11 (SIGSEGV) ==27936== Access not within mapped region at address 0xBE79AFAC ==27936== at 0x401E200: _vgnU_freeres (vg_preloaded.c:56) ==27936== ==27936== ERROR SUMMARY: 36 errors from 8 contexts (suppressed: 223 from 1) ==27936== malloc/free: in use at exit: 7,047,765 bytes in 22,064 blocks. ==27936== malloc/free: 23,225 allocs, 1,161 frees, 7,402,213 bytes allocated. ==27936== For counts of detected errors, rerun with: -v ==27936== searching for pointers to 22,064 not-freed blocks. ==27936== checked 13,202,628 bytes. ==27936== ==27936== LEAK SUMMARY: ==27936== definitely lost: 0 bytes in 0 blocks. ==27936== possibly lost: 0 bytes in 0 blocks. ==27936== still reachable: 7,047,765 bytes in 22,064 blocks. ==27936== suppressed: 0 bytes in 0 blocks. ==27936== Rerun with --leak-check=full to see details of leaked memory. Segmentation fault Test script: --------------- print "Starting"; function throwSomeEx() { throw new Exception("booom boom its dead"); } function callThrowSomeEx() { call_user_func("callThrowSomeEx", array()); } print "\r\ncall #1\r\n"; try { throwSomeEx(); } catch(Exception $e) { print "GOTCHA"; } print "\r\ncall #2\r\n"; try { call_user_func("throwSomeEx", array()); } catch(Exception $e) { print "GOTCHA"; } print "\r\ncall #3\r\n"; try { callThrowSomeEx(); } catch(Exception $e) { print "GOTCHA"; } Expected result: ---------------- print GOTCHA on every exception calls. Actual result: -------------- Segmentation fault on the last call of the test script -- Edit bug report at http://bugs.php.net/bug.php?id=53313&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=53313&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=53313&r=trysnapshot53 Try a snapshot (trunk): http://bugs.php.net/fix.php?id=53313&r=trysnapshottrunk Fixed in SVN: http://bugs.php.net/fix.php?id=53313&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=53313&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=53313&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=53313&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=53313&r=needscript Try newer version: http://bugs.php.net/fix.php?id=53313&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=53313&r=support Expected behavior: http://bugs.php.net/fix.php?id=53313&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=53313&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=53313&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=53313&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=53313&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=53313&r=dst IIS Stability: http://bugs.php.net/fix.php?id=53313&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=53313&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=53313&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=53313&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=53313&r=mysqlcfg
