ID: 36825 Updated by: [EMAIL PROTECTED] Reported By: small at cybertronic dot com -Status: Assigned +Status: Closed Bug Type: SPL related Operating System: Linux PHP Version: 5.1.2 Assigned To: tony2001 New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2006-03-22 22:40:36] judas dot iscariote at gmail dot com Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 46912511254464 (LWP 861)] 0x000000000050381f in spl_array_read_dimension_ex (check_inherited=1, object=0xa13c60, offset=0xa19310, type=0) at /local/local/bodegon/php-debug/ext/spl/spl_array.c:265 265 ZVAL_ZVAL(intern->retval, rv, 1, 1); (gdb) bt full #0 0x000000000050381f in spl_array_read_dimension_ex (check_inherited=1, object=0xa13c60, offset=0xa19310, type=0) at /local/local/bodegon/php-debug/ext/spl/spl_array.c:265 is_ref = <value optimized out> refcount = <value optimized out> rv = (zval *) 0x0 intern = (spl_array_object *) 0x9f17e0 #1 0x0000000000633c07 in zend_fetch_dimension_address (result=0x7fffffdaa660, container_ptr=0xa198d8, dim=0xa19310, dim_is_tmp_var=0, type=0) at /local/local/bodegon/php-debug/Zend/zend_execute.c:1164 overloaded_result = <value optimized out> container = <value optimized out> #2 0x0000000000642fe6 in ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER (execute_data=0x7fffffdaa6f0) at zend_vm_execute.h:20430 opline = (zend_op *) 0xa192c0 dim = (zval *) 0xa19310 #3 0x0000000000628a3e in execute (op_array=0xa14cc0) at zend_vm_execute.h:92 execute_data = {opline = 0xa19518, function_state = {function_symbol_table = 0xa19790, function = 0xa14cc0, reserved = {0x7fffffdacda0, 0x8d7138, 0x2aaaab642e9c, 0xc}}, fbc = 0x0, op_array = 0xa14cc0, object = 0x0, Ts = 0x7fffffdaa570, CVs = 0x7fffffdaa550, original_in_execution = 0 '\0', symbol_table = 0x8d7368, prev_execute_data = 0x0, old_error_reporting = 0x0} #4 0x000000000060b784 in zend_execute_scripts (type=8, retval=<value optimized out>, file_count=3) at /local/local/bodegon/php-debug/Zend/zend.c:1109 files = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fffffdaa970, reg_save_area = 0x7fffffdaa880}} i = 1 file_handle = (zend_file_handle *) 0x7fffffdacda0 orig_op_array = (zend_op_array *) 0x0 local_retval = (zval *) 0x0 #5 0x00000000005caa9b in php_execute_script (primary_file=0x7fffffdacda0) at /local/local/bodegon/php-debug/main/main.c:1726 realfile = "/srv/www/htdocs/php-bugs/array-obejct.php\000a\000\000\000\000\000symlink\000�p\000\000\000\000\000`\006\000\000\000\000\000\0001\ta\000\000\000\000\000P�*\000\000\000\200]*\000\000`\006\000\000\000\000\000\000,\206\000\000\000\000\000 vj\000\000\000\000\000`�\177", '\0' <repeats 26 times>, "�*\000\000\001", '\0' <repeats 15 times>, "rawurldeP�*\000\000\000\000\000\000\000\000\000\0002O*\000\0000[j", '\0' <repeats 13 times>... prepend_file_p = (zend_file_handle *) 0x0 append_file_p = <value optimized out> prepend_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = { handle = 0x0, reader = 0, closer = 0, fteller = 0, interactive = 0}}, free_filename = 0 '\0'} append_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = { PHP 5.1.3RC2-dev (cli) (built: Mar 22 2006 15:29:32) (DEBUG) ------------------------------------------------------------------------ [2006-03-22 22:09:33] small at cybertronic dot com Description: ------------ Throwing exceptions in an overloaded offsetGet() functions seems to cause segfaults in PHP 5.1.2. Reproduce code: --------------- <?php class foo extends ArrayObject { public function __construct($obj, $flags = 0, $iterator_class = "ArrayIterator") { } public function offsetGet($key) { throw new Exception("hi"); } } $test=new foo(); try{ $a=$test['bar']; } catch (Exception $e) { echo "got exception"; } ?> Expected result: ---------------- I expect the output: got exception Actual result: -------------- I get a segfault, with backtrace as follows: #0 0x081cb2cd in spl_array_read_dimension_ex () #1 0x081cb35f in spl_array_read_dimension () #2 0x08309d27 in zend_fetch_dimension_address () #3 0x0833d89e in ZEND_FETCH_DIM_R_SPEC_CV_CONST_HANDLER () #4 0x0830a386 in execute () #5 0x082ed585 in zend_execute_scripts () #6 0x082a917e in php_execute_script () #7 0x0835039d in main () ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=36825&edit=1
