Edit report at https://bugs.php.net/bug.php?id=51425&edit=1
ID: 51425
Comment by: le4776 at gmail dot com
Reported by: jimmyxx at gmail dot com
Summary: segfaults at method_exists()
Status: Not a bug
Type: Bug
Package: Class/Object related
Operating System: Ubuntu 9.10
PHP Version: 5.2.13
Block user comment: N
Private report: N
New Comment:
This is still a problem for me.
# php --version
PHP 5.3.10 (cli) (built: Mar 8 2012 13:40:08)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
with the ionCube PHP Loader v4.0.12, Copyright (c) 2002-2011, by ionCube
Ltd., and
with Zend Guard Loader v3.3, Copyright (c) 1998-2010, by Zend Technologies
#
#
#
# php -r "echo (method_exists('c', 'm') ? 'OK' : 'FAIL');"
Segmentation fault
#
Previous Comments:
------------------------------------------------------------------------
[2012-02-12 12:40:54] eduards at cervon dot net
This also happens with PHP 5.3.3-7+squeeze7 with Suhosin-Patch (latest stable
for Debian production systems)
Code that causes crash:
class db_result extends mysqli_result
{
public function fetch_all()
{
if (method_exists('parent', 'fetch_all'))
{
$result = parent::fetch_all(MYSQLI_ASSOC);
$this->free();
return (array)$result;
}
else
{
// [...] code that emulates mysqli_result::fetch_all
functionality
}
}
}
------------------------------------------------------------------------
[2011-11-16 13:56:50] fel...@php.net
Thank you for taking the time to report a problem with PHP.
Unfortunately you are not using a current version of PHP --
the problem might already be fixed. Please download a new
PHP version from http://www.php.net/downloads.php
If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.
------------------------------------------------------------------------
[2010-07-20 16:38:44] adam dot zivner at gmail dot com
PHP 5.3.12 => PHP 5.2.13
------------------------------------------------------------------------
[2010-07-20 16:37:38] adam dot zivner at gmail dot com
Experiencing the same problem on PHP 5.3.12. PHP 5.3.1 runs fine.
------------------------------------------------------------------------
[2010-03-30 12:12:30] jimmyxx at gmail dot com
Urgh I just installed the debs I compiled but realised this it's still 5.2.10
as
I use package manager to get me the build-deps.
here is the backtrace from the compiled version:
#0 0x012d8a5d in zif_method_exists (ht=2, return_value=0x20d06588,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_builtin_functions.c:935
935 convert_to_string_ex(method_name);
(gdb) bt full
#0 0x012d8a5d in zif_method_exists (ht=2, return_value=0x20d06588,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_builtin_functions.c:935
klass = 0x20bb047c
method_name = 0x20bb0480
lcname = 0x0
ce = 0x20d0f03c
pce = 0x20b0c364
#1 0x012f0f52 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc4830c) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:200
return_reference = 0 '\000'
opline = 0x20d22008
original_return_value = 0x20d0a4c8
current_scope = 0x0
current_this = 0x0
return_value_used = 1
should_change_scope = 0 '\000'
ctor_opline = 0xbfc48314
#2 0x012f4ca9 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfc4830c) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:1739
opline = 0x20d22008
fname = 0x20d22024
#3 0x012f0a8b in execute (op_array=0x20d07aa8) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x20d22008, function_state =
{function_symbol_table = 0x20bdf8e0, function = 0x20ac7080, reserved = {0x21,
0x648855b6, 0xbfc48344, 0x20c18f24}}, fbc = 0x0,
op_array = 0x20d07aa8, object = 0x0, Ts = 0xbfc46bf0, CVs =
0xbfc46bc0, original_in_execution = 1 '\001', symbol_table = 0x20bdf550,
prev_execute_data = 0xbfc4872c,
old_error_reporting = 0x0}
op_array = 0x20d07aa8
#4 0x012f110d in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc4872c) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x20c1e9f8
original_return_value = 0xbfc488b0
current_scope = 0x20c18f24
current_this = 0x20cea3e0
return_value_used = 1
should_change_scope = 1 '\001'
ctor_opline = 0xbfc485d0
#5 0x012f1687 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc4872c)
at /home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:322
No locals.
#6 0x012f0a8b in execute (op_array=0x20c1cc9c) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x20c1e9f8, function_state =
{function_symbol_table = 0x20bdf550, function = 0x20d07aa8, reserved =
{0xbfc487c8, 0x12ea192, 0x0, 0x20c18f24}}, fbc = 0x20d07aa8,
op_array = 0x20c1cc9c, object = 0x20d00620, Ts = 0xbfc48450, CVs =
0xbfc48430, original_in_execution = 1 '\001', symbol_table = 0x20bdf48c,
prev_execute_data = 0xbfc4891c,
old_error_reporting = 0x0}
op_array = 0x20c1cc9c
#7 0x012f110d in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc4891c) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x20c1bd40
original_return_value = 0xbfc48a8c
current_scope = 0x20c18f24
current_this = 0x20cea3e0
return_value_used = 0
should_change_scope = 1 '\001'
ctor_opline = 0xbfc4a3bc
#8 0x012f1687 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc4891c)
at /home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:322
No locals.
#9 0x012f0a8b in execute (op_array=0x20c1a8d4) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x20c1bd40, function_state =
{function_symbol_table = 0x20bdf48c, function = 0x20c1cc9c, reserved =
{0xbfc489b8, 0x12ea192, 0x0, 0x20bc08e4}}, fbc = 0x20c1cc9c,
op_array = 0x20c1a8d4, object = 0x20cea3e0, Ts = 0xbfc48870, CVs =
0xbfc48850, original_in_execution = 1 '\001', symbol_table = 0x20bdf018,
prev_execute_data = 0xbfc48acc,
old_error_reporting = 0x0}
op_array = 0x20c1a8d4
#10 0x012f110d in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc48acc) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x20bd0acc
original_return_value = 0xbfc48c64
current_scope = 0x20bc08e4
current_this = 0x20bdec9c
return_value_used = 1
should_change_scope = 1 '\001'
ctor_opline = 0xbfc4a3bc
#11 0x012f1687 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc48acc)
at /home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:322
No locals.
#12 0x012f0a8b in execute (op_array=0x20bcf88c) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x20bd0acc, function_state =
{function_symbol_table = 0x20bdf018, function = 0x20c1a8d4, reserved =
{0xbfc48b68, 0x12ea192, 0x0, 0x20bc08e4}}, fbc = 0x20c1a8d4,
op_array = 0x20bcf88c, object = 0x20cea3e0, Ts = 0xbfc48a60, CVs =
0xbfc48a40, original_in_execution = 1 '\001', symbol_table = 0x20bbdf50,
prev_execute_data = 0xbfc48cac,
old_error_reporting = 0x0}
op_array = 0x20bcf88c
#13 0x012f110d in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc48cac) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x20bd0830
original_return_value = 0xbfc490ec
current_scope = 0x20bc08e4
current_this = 0x0
return_value_used = 1
should_change_scope = 1 '\001'
ctor_opline = 0xbfc4a3bc
#14 0x012f1687 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc48cac)
at /home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:322
No locals.
#15 0x012f0a8b in execute (op_array=0x20bcf3e0) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x20bd0830, function_state =
{function_symbol_table = 0x20bbdf50, function = 0x20bcf88c, reserved =
{0xbfc4a3bc, 0x20d00960, 0xcc27f7, 0xc}}, fbc = 0x20bcf88c,
op_array = 0x20bcf3e0, object = 0x20bdec9c, Ts = 0xbfc48c10, CVs =
0xbfc48bf0, original_in_execution = 1 '\001', symbol_table = 0x20bbf7f0,
prev_execute_data = 0xbfc491dc,
old_error_reporting = 0x0}
op_array = 0x20bcf3e0
#16 0x012f110d in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc491dc) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:234
opline = 0x20bc2e58
original_return_value = 0xbfc49278
current_scope = 0x0
current_this = 0x0
return_value_used = 0
should_change_scope = 1 '\001'
ctor_opline = 0xbfc4a398
#17 0x012f1687 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc491dc)
at /home/jimmy/php5-5.2.10.dfsg.1/Zend/zend_vm_execute.h:322
No locals.
#18 0x012f0a8b in execute (op_array=0x20bbd508) at /home/jimmy/php5-
5.2.10.dfsg.1/Zend/zend_vm_execute.h:92
execute_data = {opline = 0x20bc2e58, function_state =
{function_symbol_table = 0x20bbf7f0, function = 0x20bcf3e0, reserved =
{0xbfc4a3bc, 0x12d149f, 0x20bbdcb0, 0xbfc4926c}},
fbc = 0x20bcf3e0, op_array = 0x20bbd508, object = 0x0, Ts =
0xbfc48df0, CVs = 0xbfc48dd0, original_in_execution = 0 '\000', symbol_table =
0x1573cb0, prev_execute_data = 0x0,
old_error_reporting = 0x0}
op_array = 0x20bbd508
#19 0x012c5ddc in zend_execute_scripts (type=8, retval=0x0, file_count=3) at
/home/jimmy/php5-5.2.10.dfsg.1/Zend/zend.c:1215
files = 0xbfc492b4 ""
i = 1
file_handle = 0xbfc4b4d4
orig_op_array = 0x0
orig_retval_ptr_ptr = 0x0
local_retval = 0x0
#20 0x01269998 in php_execute_script (primary_file=0xbfc4b4d4) at
/home/jimmy/php5-5.2.10.dfsg.1/main/main.c:2046
realfile =
"\000\000\000\000\000\000\377\377\200\061\347\000\200\062\347\000\200\063\347\00
0\300\064\347\000|\244Ä¿\000\065\254 `\243\247 r\243\247 |\244Ä¿\000\065\254
\000\000\000\000\000\000\000\000\001\000\000\000\001", '\000' <repeats 15
times>,
"\001\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\001\000\000\00
0\n\027\000\000\000\000\000\000r\243\247 +5\254
\000\000\000\000/\000\000\000/\000\000\000+\000\000\000^\000\000U\000\003U\000\0
03\033\003\000\005U\000\003U\000\v\al\246Ä¿", '\000' <repeats 12 times>, "?
\000\000\000\000\000\000\000\377\377\377\377\000\000\000\000\000\000\000\000\376
\377\377\377\377\377\377\377\000\000\000\000\223\271\232
\376\377\377\377\377\377\377\377\223\271\232
\000\000\000\000\000\000\000\000\004\246Ä¿", '\000' <repeats 12 times>"\267,
\271\232 \256\263\313\000\364\317\"\000\000\000\000\000\220\271\232
\270\251Ä¿n\a\306\000\274\325\"\000$\245Ä¿
\000\362!\000n\a\306\000\336h\030\000\224"...
__orig_bailout = 0xbfc4b438
__bailout = {{__jmpbuf = {22274036, -1077632104, -1077632068, -
1077627880, 1252126738, -1901499537}, __mask_was_saved = 0, __saved_mask =
{__val = 0xbfc4a318}}}
prepend_file_p = 0x0
append_file_p = 0x0
prepend_file = {type = 0 '\000', filename = 0x0, opened_path = 0x0,
handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, reader = 0, closer = 0,
fteller = 0, interactive = 0}},
free_filename = 0 '\000'}
append_file = {type = 0 '\000', filename = 0x0, opened_path = 0x0,
handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, reader = 0, closer = 0,
fteller = 0, interactive = 0}},
free_filename = 0 '\000'}
old_cwd = 0xbfc492d0 "/"
retval = 0
primary_file = 0xbfc4b4d4
#21 0x013485b4 in php_handler (r=0x20bfbc58) at /home/jimmy/php5-
5.2.10.dfsg.1/sapi/apache2handler/sapi_apache2.c:651
zfd = {type = 5 '\005', filename = 0x20bffdb8
"/tink/dev/gts4/gts4/index.php", opened_path = 0x0, handle = {fd = 549181156,
fp
= 0x20bbd6e4, stream = {handle = 0x20bbd6e4,
reader = 0x128293c <_php_stream_read>, closer = 0x12679bb
<stream_closer_for_zend>, fteller = 0x12679e6 <stream_fteller_for_zend>,
interactive = 0}}, free_filename = 0 '\000'}
__orig_bailout = <incomplete type>
__bailout = {{__jmpbuf = {22274036, 547868316, 3, -1077627592,
1257041938, -1434299537}, __mask_was_saved = 0, __saved_mask = {__val =
0xbfc4b454}}}
ctx = 0x20bffdd8
conf = 0x20bfb730
brigade = 0x20c00578
bucket = 0x12
rv = 476569600
parent_req = 0x0
#22 0x0060df51 in ap_run_handler () from /usr/sbin/apache2
No symbol table info available.
#23 0x00611d2f in ap_invoke_handler () from /usr/sbin/apache2
No symbol table info available.
#24 0x006213f4 in ap_internal_redirect () from /usr/sbin/apache2
No symbol table info available.
#25 0x0065b80d in ?? () from /usr/lib/apache2/modules/mod_rewrite.so
No symbol table info available.
#26 0x0060df51 in ap_run_handler () from /usr/sbin/apache2
No symbol table info available.
#27 0x00611d2f in ap_invoke_handler () from /usr/sbin/apache2
No symbol table info available.
#28 0x006215a8 in ap_process_request () from /usr/sbin/apache2
No symbol table info available.
#29 0x0061e118 in ?? () from /usr/sbin/apache2
No symbol table info available.
#30 0x006167c1 in ap_run_process_connection () from /usr/sbin/apache2
No symbol table info available.
#31 0x00626ac1 in ?? () from /usr/sbin/apache2
No symbol table info available.
#32 0x00626dee in ?? () from /usr/sbin/apache2
No symbol table info available.
#33 0x006271c2 in ap_mpm_run () from /usr/sbin/apache2
No symbol table info available.
#34 0x005f8a92 in main () from /usr/sbin/apache2
No symbol table info available.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=51425
--
Edit this bug report at https://bugs.php.net/bug.php?id=51425&edit=1
