From: Operating system: 2.6.32-131.0.15.el6.x86_64 PHP version: 5.3.10 Package: Arrays related Bug Type: Bug Bug description:Segfault from array_walk modifying an array passed by reference
Description: ------------ The following code produces a segmentation fault. Interestingly, if I remove either the unset or the modifying of the array values, it seems to work fine. Also, this only segfaults when the size of the array is larger. At 1000 or lower, it worked fine. We are using Xdebug 2.2.0rc1 gdb backtrace: GNU gdb (GDB) Red Hat Enterprise Linux (7.2-50.el6) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/php...(no debugging symbols found)...done. [New Thread 8825] Reading symbols from /lib64/libcrypt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libcrypt.so.1 Reading symbols from /usr/lib64/libedit.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libedit.so.0 Reading symbols from /lib64/libncurses.so.5...(no debugging symbols found)...done. Loaded symbols for /lib64/libncurses.so.5 Reading symbols from /usr/lib64/libgmp.so.3...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libgmp.so.3 Reading symbols from /lib64/libbz2.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libbz2.so.1 Reading symbols from /lib64/libz.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libz.so.1 Reading symbols from /lib64/libpcre.so.0...(no debugging symbols found)...done. Loaded symbols for /lib64/libpcre.so.0 Reading symbols from /lib64/librt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/librt.so.1 Reading symbols from /lib64/libm.so.6...(no debugging symbols found)...done. Loaded symbols for /lib64/libm.so.6 Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libdl.so.2 Reading symbols from /lib64/libnsl.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libnsl.so.1 Reading symbols from /usr/lib64/libxml2.so.2...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libxml2.so.2 Reading symbols from /lib64/libgssapi_krb5.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libgssapi_krb5.so.2 Reading symbols from /lib64/libkrb5.so.3...(no debugging symbols found)...done. Loaded symbols for /lib64/libkrb5.so.3 Reading symbols from /lib64/libk5crypto.so.3...(no debugging symbols found)...done. Loaded symbols for /lib64/libk5crypto.so.3 Reading symbols from /lib64/libcom_err.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libcom_err.so.2 Reading symbols from /usr/lib64/libssl.so.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libssl.so.10 Reading symbols from /usr/lib64/libcrypto.so.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libcrypto.so.10 Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib64/libc.so.6 Reading symbols from /lib64/libresolv.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libresolv.so.2 Reading symbols from /lib64/libfreebl3.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libfreebl3.so Reading symbols from /lib64/libtinfo.so.5...(no debugging symbols found)...done. Loaded symbols for /lib64/libtinfo.so.5 Reading symbols from /lib64/libpthread.so.0...(no debugging symbols found)...done. [Thread debugging using libthread_db enabled] Loaded symbols for /lib64/libpthread.so.0 Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/ld-linux-x86-64.so.2 Reading symbols from /lib64/libkrb5support.so.0...(no debugging symbols found)...done. Loaded symbols for /lib64/libkrb5support.so.0 Reading symbols from /lib64/libkeyutils.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libkeyutils.so.1 Reading symbols from /lib64/libselinux.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libselinux.so.1 Reading symbols from /usr/lib64/php/modules/xdebug.so...done. Loaded symbols for /usr/lib64/php/modules/xdebug.so Reading symbols from /usr/lib64/php/modules/apc.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/apc.so Reading symbols from /usr/lib64/php/modules/curl.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/curl.so Reading symbols from /usr/lib64/libcurl.so.4...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libcurl.so.4 Reading symbols from /lib64/libidn.so.11...(no debugging symbols found)...done. Loaded symbols for /lib64/libidn.so.11 Reading symbols from /lib64/libldap-2.4.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libldap-2.4.so.2 Reading symbols from /usr/lib64/libssl3.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libssl3.so Reading symbols from /usr/lib64/libsmime3.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libsmime3.so Reading symbols from /usr/lib64/libnss3.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libnss3.so Reading symbols from /usr/lib64/libnssutil3.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libnssutil3.so Reading symbols from /lib64/libplds4.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libplds4.so Reading symbols from /lib64/libplc4.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libplc4.so Reading symbols from /lib64/libnspr4.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libnspr4.so Reading symbols from /usr/lib64/libssh2.so.1...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libssh2.so.1 Reading symbols from /lib64/liblber-2.4.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/liblber-2.4.so.2 Reading symbols from /usr/lib64/libsasl2.so.2...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libsasl2.so.2 Reading symbols from /usr/lib64/php/modules/dom.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/dom.so Reading symbols from /usr/lib64/php/modules/fileinfo.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/fileinfo.so Reading symbols from /usr/lib64/php/modules/gd.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/gd.so Reading symbols from /usr/lib64/libt1.so.5...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libt1.so.5 Reading symbols from /usr/lib64/libfreetype.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libfreetype.so.6 Reading symbols from /usr/lib64/libX11.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libX11.so.6 Reading symbols from /usr/lib64/libXpm.so.4...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libXpm.so.4 Reading symbols from /usr/lib64/libpng12.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libpng12.so.0 Reading symbols from /usr/lib64/libjpeg.so.62...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libjpeg.so.62 Reading symbols from /usr/lib64/libxcb.so.1...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libxcb.so.1 Reading symbols from /usr/lib64/libXau.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libXau.so.6 Reading symbols from /usr/lib64/php/modules/json.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/json.so Reading symbols from /usr/lib64/php/modules/ldap.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/ldap.so Reading symbols from /usr/lib64/php/modules/mbstring.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/mbstring.so Reading symbols from /usr/lib64/php/modules/mcrypt.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/mcrypt.so Reading symbols from /usr/lib64/libmcrypt.so.4...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libmcrypt.so.4 Reading symbols from /usr/lib64/libltdl.so.7...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libltdl.so.7 Reading symbols from /usr/lib64/php/modules/mssql.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/mssql.so Reading symbols from /usr/lib64/libsybdb.so.5...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libsybdb.so.5 Reading symbols from /usr/lib64/libgnutls.so.26...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libgnutls.so.26 Reading symbols from /lib64/libgcrypt.so.11...(no debugging symbols found)...done. Loaded symbols for /lib64/libgcrypt.so.11 Reading symbols from /usr/lib64/libtasn1.so.3...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libtasn1.so.3 Reading symbols from /lib64/libgpg-error.so.0...(no debugging symbols found)...done. Loaded symbols for /lib64/libgpg-error.so.0 Reading symbols from /usr/lib64/php/modules/mysql.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/mysql.so Reading symbols from /usr/lib64/mysql/libmysqlclient.so.18...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/mysql/libmysqlclient.so.18 Reading symbols from /usr/lib64/libstdc++.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libstdc++.so.6 Reading symbols from /lib64/libgcc_s.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libgcc_s.so.1 Reading symbols from /usr/lib64/php/modules/mysqli.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/mysqli.so Reading symbols from /usr/lib64/php/modules/odbc.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/odbc.so Reading symbols from /usr/lib64/libodbc.so.2...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libodbc.so.2 Reading symbols from /usr/lib64/php/modules/pdo.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/pdo.so Reading symbols from /usr/lib64/php/modules/pdo_dblib.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/pdo_dblib.so Reading symbols from /usr/lib64/php/modules/pdo_mysql.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/pdo_mysql.so Reading symbols from /usr/lib64/php/modules/pdo_odbc.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/pdo_odbc.so Reading symbols from /usr/lib64/php/modules/pdo_sqlite.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/pdo_sqlite.so Reading symbols from /usr/lib64/libsqlite3.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libsqlite3.so.0 Reading symbols from /usr/lib64/php/modules/phar.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/phar.so Reading symbols from /usr/lib64/php/modules/pspell.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/pspell.so Reading symbols from /usr/lib64/libaspell.so.15...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libaspell.so.15 Reading symbols from /usr/lib64/libpspell.so.15...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libpspell.so.15 Reading symbols from /usr/lib64/php/modules/soap.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/soap.so Reading symbols from /usr/lib64/php/modules/sqlite3.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/sqlite3.so Reading symbols from /usr/lib64/php/modules/stats.so...done. Loaded symbols for /usr/lib64/php/modules/stats.so Reading symbols from /usr/lib64/php/modules/wddx.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/wddx.so Reading symbols from /usr/lib64/php/modules/xmlreader.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/xmlreader.so Reading symbols from /usr/lib64/php/modules/xmlwriter.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/xmlwriter.so Reading symbols from /usr/lib64/php/modules/xsl.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/xsl.so Reading symbols from /usr/lib64/libexslt.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libexslt.so.0 Reading symbols from /usr/lib64/libxslt.so.1...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libxslt.so.1 Reading symbols from /usr/lib64/php/modules/zip.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/php/modules/zip.so Reading symbols from /lib64/libnss_files.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/libnss_files.so.2 Core was generated by `php segfault.php'. Program terminated with signal 11, Segmentation fault. #0 0x00000000005bb5e2 in zend_hash_get_current_data_ex () Missing separate debuginfos, use: debuginfo-install php-cli-5.3.10-2.el6.remi.x86_64 (gdb) bt #0 0x00000000005bb5e2 in zend_hash_get_current_data_ex () #1 0x00000000004f0d98 in ?? () #2 0x00000000004f1538 in ?? () #3 0x00007fdc92cbc367 in xdebug_execute_internal (current_execute_data=0x7fdc4a547050, return_value_used=0) at /var/tmp/xdebug/xdebug.c:1468 #4 0x00000000005fda96 in ?? () #5 0x00000000005d5310 in execute () #6 0x00007fdc92cbcac9 in xdebug_execute (op_array=0x2276040) at /var/tmp/xdebug/xdebug.c:1376 #7 0x00000000005aee5d in zend_execute_scripts () #8 0x000000000055c0f8 in php_execute_script () #9 0x0000000000639b57 in ?? () #10 0x0000003c7601ecdd in __libc_start_main () from /lib64/libc.so.6 #11 0x0000000000422319 in _start () Test script: --------------- $myArray = array_fill(0, 10000, md5('test')); array_walk( $myArray, function($value, $key, $myArray) { if (rand(0, 1)) { unset($myArray[$key]); } else if (rand(0, 1)) { $myArray[$key] = md5(rand(0, 10000)); } }, &$myArray ); Expected result: ---------------- No segmentation fault Actual result: -------------- Segmentation fault -- Edit bug report at https://bugs.php.net/bug.php?id=61730&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=61730&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=61730&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=61730&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=61730&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=61730&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=61730&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=61730&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=61730&r=needscript Try newer version: https://bugs.php.net/fix.php?id=61730&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=61730&r=support Expected behavior: https://bugs.php.net/fix.php?id=61730&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=61730&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=61730&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=61730&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=61730&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=61730&r=dst IIS Stability: https://bugs.php.net/fix.php?id=61730&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=61730&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=61730&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=61730&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=61730&r=mysqlcfg
