From:
Operating system: Linux
PHP version: 5.3.6
Package: Arrays related
Bug Type: Bug
Bug description:usort segfaults
Description:
------------
usort and uksort (and possibly other related functions) will segfault with
the given script. I believe it is related to Zend's internal array
"copy-on-write".
Test script:
---------------
class X {
function __construct($v) { $this->v = $v; }
}
function sortIt(&$list) {
usort($list, function($a, $b) use ($list) {
return $a->v - $b->v;
});
}
$list = array();
for($i = 0; $i < 10; ++$i) $list[mt_rand()] = new X(mt_rand());
echo "Sort...";
sortIt($list);
gc_collect_cycles();//segfault
echo "pass.\n";
Expected result:
----------------
"Sort...pass."
Actual result:
--------------
"Sort...Segmentation fault"
[dev@box dev]$ php --version
PHP 5.3.6 (cli) (built: Mar 17 2011 19:14:03)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
with Xdebug v2.1.1, Copyright (c) 2002-2011, by Derick Rethans
[dev@box dev]$ gdb php
<snip>
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) run usortCrash.php
Starting program: /usr/bin/php usortCrash.php
[Thread debugging using libthread_db enabled]
Sort...
Program received signal SIGSEGV, Segmentation fault.
0x00000000005db586 in ?? ()
(gdb) bt
#0 0x00000000005db586 in ?? ()
#1 0x00000000005db610 in ?? ()
#2 0x00000000005dbef5 in gc_collect_cycles ()
#3 0x00000000005cee1d in ?? ()
#4 0x00002aaaae139d0a in xdebug_execute_internal () from
/usr/lib64/php/modules/xdebug.so
#5 0x00000000005e669d in ?? ()
#6 0x00000000005e5dcb in execute ()
#7 0x00002aaaae13998e in xdebug_execute () from
/usr/lib64/php/modules/xdebug.so
#8 0x00000000005bf395 in zend_execute_scripts ()
#9 0x000000000056f628 in php_execute_script ()
#10 0x0000000000648ce0 in ?? ()
#11 0x00000033ad41d994 in __libc_start_main () from /lib64/libc.so.6
#12 0x0000000000422009 in _start ()
--
Edit bug report at https://bugs.php.net/bug.php?id=55288&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55288&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55288&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=55288&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55288&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=55288&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55288&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=55288&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=55288&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=55288&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=55288&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=55288&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=55288&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=55288&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55288&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=55288&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=55288&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=55288&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=55288&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=55288&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=55288&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=55288&r=mysqlcfg
