#46753 [NEW]: weird crash when calling is_subclass_of under very specific conditions
From: essen at dev-extend dot eu Operating system: Linux Ubuntu 8.10 PHP version: 5.2.6 PHP Bug Type: Reproducible crash Bug description: weird crash when calling is_subclass_of under very specific conditions Description: I encountered a strange crash. I can reproduce it, it always happens, but only under very specific conditions. It first happened when I changed a completely unrelated part of my code in a different file of the project. PHP crash on an is_subclass_of call. This call worked correctly before my changes, and still works correctly on the other pages. Other is_subclass_of works fine too. I'm not sure what trigger this, as I've only changed a few methods, nothing changing the outcome of the script... Another thing. If I add a require_once before the is_subclass_of call, there is no crash. The crash only happens when the class isn't defined in the current script, which should and does trigger the autoload callback to load the class. The class is successfully loaded by the callback, the crash happens only after. I'm not sure what more can I say. If you need further details, feel free to ask. Actual result: -- Core was generated by `/usr/sbin/apache2 -k start'. Program terminated with signal 11, Segmentation fault. [New process 19175] #0 0xb72c372a in is_a_impl (ht=-47466807, return_value=0xb9a602b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, only_subclass=1 '\001') at /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c:657 657 /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c: No such file or directory. in /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c (gdb) bt #0 0xb72c372a in is_a_impl (ht=-47466807, return_value=0xb9a602b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, only_subclass=1 '\001') at /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c:657 #1 0xb72ecba3 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf854fd8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:200 #2 0xb72d803b in execute (op_array=0xb9a5c364) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #3 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf8552b8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #4 0xb72d803b in execute (op_array=0xb9a5bb8c) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #5 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf8555c8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #6 0xb72d803b in execute (op_array=0xb99d71b0) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #7 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf855e18) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #8 0xb72d803b in execute (op_array=0xb9a17614) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #9 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856248) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #10 0xb72d803b in execute (op_array=0xb9a17d94) ---Type to continue, or q to quit--- at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #11 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf8565d8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #12 0xb72d803b in execute (op_array=0xb9a06ca0) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #13 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856a08) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #14 0xb72d803b in execute (op_array=0xb9a0d344) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #15 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856cf8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #16 0xb72d803b in execute (op_array=0xb99f1c8c) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #17 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856ef8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #18 0xb72d803b in execute (op_array=0xb99f2968) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #19 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf857328) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #20 0xb72d803b in execute (op_array=0xb9a04ab4) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #21 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf857568) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 ---Type to continue, or q to quit--- #22 0xb72d803b in execute (op_array=0xb99e5de0) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #23 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf857998) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #24 0xb72d803b in execute (op_array=0xb99e60b0) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #25 0xb72ec466 in zend_do_fcall_common
#46753 [Fbk->Opn]: weird crash when calling is_subclass_of under very specific conditions
ID: 46753 User updated by: essen at dev-extend dot eu Reported By: essen at dev-extend dot eu -Status: Feedback +Status: Open Bug Type: Reproducible crash Operating System: Linux Ubuntu 8.10 PHP Version: 5.2.6 New Comment: Exactly the same problem using the snapshot. The problem also occurs from the command line (both on 5.2.6 and using the snapshot). The "bt full" made using this snapshot is available at the following address: http://blog.extend.ws/~essen/bug46753btfull.txt I can try to isolate the code leading to the segfault if you need it, but it's not going to be an easy task as it crashes inside classes querying metadata information from a MySQL database, and also because the same code works without problem for a different page. Previous Comments: [2008-12-08 11:34:58] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://windows.php.net/snapshots/ [2008-12-05 00:23:16] essen at dev-extend dot eu Description: I encountered a strange crash. I can reproduce it, it always happens, but only under very specific conditions. It first happened when I changed a completely unrelated part of my code in a different file of the project. PHP crash on an is_subclass_of call. This call worked correctly before my changes, and still works correctly on the other pages. Other is_subclass_of works fine too. I'm not sure what trigger this, as I've only changed a few methods, nothing changing the outcome of the script... Another thing. If I add a require_once before the is_subclass_of call, there is no crash. The crash only happens when the class isn't defined in the current script, which should and does trigger the autoload callback to load the class. The class is successfully loaded by the callback, the crash happens only after. I'm not sure what more can I say. If you need further details, feel free to ask. Actual result: -- Core was generated by `/usr/sbin/apache2 -k start'. Program terminated with signal 11, Segmentation fault. [New process 19175] #0 0xb72c372a in is_a_impl (ht=-47466807, return_value=0xb9a602b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, only_subclass=1 '\001') at /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c:657 657 /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c: No such file or directory. in /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c (gdb) bt #0 0xb72c372a in is_a_impl (ht=-47466807, return_value=0xb9a602b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, only_subclass=1 '\001') at /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c:657 #1 0xb72ecba3 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf854fd8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:200 #2 0xb72d803b in execute (op_array=0xb9a5c364) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #3 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf8552b8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #4 0xb72d803b in execute (op_array=0xb9a5bb8c) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #5 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf8555c8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #6 0xb72d803b in execute (op_array=0xb99d71b0) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #7 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf855e18) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #8 0xb72d803b in execute (op_array=0xb9a17614) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #9 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856248) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #10 0xb72d803b in execute (op_array=0xb9a17d94) ---Type to continue, or q to quit--- at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #11 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf8565d8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #12 0xb72d803b in execute (op_array=0xb9a06ca0) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #13 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856a08) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #14 0xb72d803b in execute (op_array=0xb9a0d344) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #15 0xb72ec466 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf856cf8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:234 #16 0xb72d803b in execute (op_array=0xb99f1c8c) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:92 #17 0xb72ec466 in zend_do_fcall_common_helper_SPEC (e
#46753 [NoF->Opn]: weird crash when calling is_subclass_of under very specific conditions
ID: 46753 User updated by: essen at dev-extend dot eu Reported By: essen at dev-extend dot eu -Status: No Feedback +Status: Open Bug Type: Scripting Engine problem Operating System: Linux Ubuntu 8.10 PHP Version: 5.2CVS-2008-12-08 New Comment: Okay I've narrowed down the bug a bit. First, the crash do not happen in PHP 5.3 using the latest snapshot. Second, I've tried to make a small example and failed. So I made all the files involved available here: http://blog.extend.ws/~essen/bug46753.tar.gz I've changed a few things in the code to make it more friendly to an environment without some specific extensions, all you need is mysql and xsl. You need however to create a database (a script is available in app/sql). The configuration for the database can be changed in app/conf/wee.cnf. There is a hack in the index.php file to make it usable from the command line. If you want to use it from a browser, remove the line and point your browser to index.php/toppage/add instead. If everything goes well, you should have an error message instead of nothing and a segfault. One last thing. I've let the .svn directory in wee/db/meta/mysql in the archive. The crash doesn't happen if you remove this specific directory. Other directories were removed for this archive. Previous Comments: [2008-12-16 01:00:00] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". [2008-12-08 22:35:36] j...@php.net Please try isolate the code. As short as possible script. You should also try the PHP 5.3 snapshot: http://snaps.php.net/php5.3- latest.tar.gz just in case this same issue is already fixed there.. -------- [2008-12-08 17:31:15] essen at dev-extend dot eu Exactly the same problem using the snapshot. The problem also occurs from the command line (both on 5.2.6 and using the snapshot). The "bt full" made using this snapshot is available at the following address: http://blog.extend.ws/~essen/bug46753btfull.txt I can try to isolate the code leading to the segfault if you need it, but it's not going to be an easy task as it crashes inside classes querying metadata information from a MySQL database, and also because the same code works without problem for a different page. [2008-12-08 11:34:58] j...@php.net Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://windows.php.net/snapshots/ -------------------- [2008-12-05 00:23:16] essen at dev-extend dot eu Description: I encountered a strange crash. I can reproduce it, it always happens, but only under very specific conditions. It first happened when I changed a completely unrelated part of my code in a different file of the project. PHP crash on an is_subclass_of call. This call worked correctly before my changes, and still works correctly on the other pages. Other is_subclass_of works fine too. I'm not sure what trigger this, as I've only changed a few methods, nothing changing the outcome of the script... Another thing. If I add a require_once before the is_subclass_of call, there is no crash. The crash only happens when the class isn't defined in the current script, which should and does trigger the autoload callback to load the class. The class is successfully loaded by the callback, the crash happens only after. I'm not sure what more can I say. If you need further details, feel free to ask. Actual result: -- Core was generated by `/usr/sbin/apache2 -k start'. Program terminated with signal 11, Segmentation fault. [New process 19175] #0 0xb72c372a in is_a_impl (ht=-47466807, return_value=0xb9a602b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, only_subclass=1 '\001') at /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c:657 657 /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c: No such file or directory. in /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c (gdb) bt #0 0xb72c372a in is_a_impl (ht=-47466807, return_value=0xb9a602b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, only_subclass=1 '\001') at /build/buildd/php5-5.2.6/Zend/zend_builtin_functions.c:657 #1 0xb72ecba3 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf854fd8) at /build/buildd/php5-5.2.6/Zend/zend_vm_execute.h:200 #2 0xb72d803
#46753 [Opn]: weird crash when calling is_subclass_of under very specific conditions
ID: 46753 User updated by: essen at dev-extend dot eu Reported By: essen at dev-extend dot eu Status: Open Bug Type: Scripting Engine problem Operating System: Linux Ubuntu 8.10 PHP Version: 5.2CVS-2008-12-08 New Comment: It also crashes on NetBSD running PHP 5.2.4. Previous Comments: [2008-12-17 01:12:56] essen at dev-extend dot eu Okay I've narrowed down the bug a bit. First, the crash do not happen in PHP 5.3 using the latest snapshot. Second, I've tried to make a small example and failed. So I made all the files involved available here: http://blog.extend.ws/~essen/bug46753.tar.gz I've changed a few things in the code to make it more friendly to an environment without some specific extensions, all you need is mysql and xsl. You need however to create a database (a script is available in app/sql). The configuration for the database can be changed in app/conf/wee.cnf. There is a hack in the index.php file to make it usable from the command line. If you want to use it from a browser, remove the line and point your browser to index.php/toppage/add instead. If everything goes well, you should have an error message instead of nothing and a segfault. One last thing. I've let the .svn directory in wee/db/meta/mysql in the archive. The crash doesn't happen if you remove this specific directory. Other directories were removed for this archive. [2008-12-16 01:00:00] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". [2008-12-08 22:35:36] j...@php.net Please try isolate the code. As short as possible script. You should also try the PHP 5.3 snapshot: http://snaps.php.net/php5.3- latest.tar.gz just in case this same issue is already fixed there.. -------- [2008-12-08 17:31:15] essen at dev-extend dot eu Exactly the same problem using the snapshot. The problem also occurs from the command line (both on 5.2.6 and using the snapshot). The "bt full" made using this snapshot is available at the following address: http://blog.extend.ws/~essen/bug46753btfull.txt I can try to isolate the code leading to the segfault if you need it, but it's not going to be an easy task as it crashes inside classes querying metadata information from a MySQL database, and also because the same code works without problem for a different page. [2008-12-08 11:34:58] j...@php.net Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://windows.php.net/snapshots/ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/46753 -- Edit this bug report at http://bugs.php.net/?id=46753&edit=1
#46753 [Fbk->Opn]: crash when calling is_subclass_of () (works with PHP 5.3 and above!)
ID: 46753
User updated by: essen at dev-extend dot eu
Reported By: essen at dev-extend dot eu
-Status: Feedback
+Status: Open
Bug Type: Scripting Engine problem
Operating System: Linux Ubuntu 8.10
PHP Version: 5.2CVS-2008-12-08
New Comment:
Still crashing, with a similar output pasted below.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb79dc6b0 (LWP 7735)]
0x0829fc6a in is_a_impl (ht=,
return_value=0x9b841d0,
return_value_ptr=, this_ptr=0x0,
return_value_used=1,
only_subclass=1 '\001')
at
/home/essen/tmp/php5.2-200902151330/Zend/zend_builtin_functions.c:645
645 if (Z_TYPE_PP(obj) == IS_OBJECT && !HAS_CLASS_ENTRY(**obj)) {
(gdb) bt
#0 0x0829fc6a in is_a_impl (ht=,
return_value=0x9b841d0,
return_value_ptr=, this_ptr=0x0,
return_value_used=1,
only_subclass=1 '\001')
at
/home/essen/tmp/php5.2-200902151330/Zend/zend_builtin_functions.c:645
#1 0x082c3d79 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbf80527c)
at /home/essen/tmp/php5.2-200902151330/Zend/zend_vm_execute.h:200
#2 0x082b18a0 in execute (op_array=0x9b7e18c)
at /home/essen/tmp/php5.2-200902151330/Zend/zend_vm_execute.h:92
#3 0x082c36e6 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbf80552c)
at /home/essen/tmp/php5.2-200902151330/Zend/zend_vm_execute.h:234
#4 0x082b18a0 in execute (op_array=0x9b84418)
at /home/essen/tmp/php5.2-200902151330/Zend/zend_vm_execute.h:92
It continues repeating the last 2 for a while just like before.
Previous Comments:
[2009-02-10 22:24:19] fel...@php.net
Please try using this CVS snapshot:
http://snaps.php.net/php5.2-latest.tar.gz
For Windows:
http://windows.php.net/snapshots/
[2008-12-17 01:19:06] essen at dev-extend dot eu
It also crashes on NetBSD running PHP 5.2.4.
[2008-12-17 01:12:56] essen at dev-extend dot eu
Okay I've narrowed down the bug a bit.
First, the crash do not happen in PHP 5.3 using the latest snapshot.
Second, I've tried to make a small example and failed. So I made all
the files involved available here:
http://blog.extend.ws/~essen/bug46753.tar.gz
I've changed a few things in the code to make it more friendly to an
environment without some specific extensions, all you need is mysql and
xsl. You need however to create a database (a script is available in
app/sql). The configuration for the database can be changed in
app/conf/wee.cnf.
There is a hack in the index.php file to make it usable from the
command line. If you want to use it from a browser, remove the line and
point your browser to index.php/toppage/add instead.
If everything goes well, you should have an error message instead of
nothing and a segfault.
One last thing. I've let the .svn directory in wee/db/meta/mysql in the
archive. The crash doesn't happen if you remove this specific directory.
Other directories were removed for this archive.
[2008-12-08 22:35:36] j...@php.net
Please try isolate the code. As short as possible script. You should
also try the PHP 5.3 snapshot: http://snaps.php.net/php5.3-
latest.tar.gz just in case this same issue is already fixed there..
------------------------
[2008-12-08 17:31:15] essen at dev-extend dot eu
Exactly the same problem using the snapshot. The problem also occurs
from the command line (both on 5.2.6 and using the snapshot).
The "bt full" made using this snapshot is available at the following
address:
http://blog.extend.ws/~essen/bug46753btfull.txt
I can try to isolate the code leading to the segfault if you need it,
but it's not going to be an easy task as it crashes inside classes
querying metadata information from a MySQL database, and also because
the same code works without problem for a different page.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/46753
--
Edit this bug report at http://bugs.php.net/?id=46753&edit=1
#8097 [Com]: printf() and float data vs.setlocale()
ID: 8097
Comment by: essen at dev-extend dot eu
Reported By: hh at loca dot net
Status: No Feedback
Bug Type: Strings related
Operating System: Linux (SuSE 7.0)
PHP Version: 4.0.3pl1
New Comment:
Version: 5.1.6
Linux 2.4. Don't know exactly which Linux, it's the one on 1&1.
I encountered this bug on 5.1.6 but I can't test on 5.2.
Since this bug seems old and has been closed all this time I guess it
isn't fixed yet.
It works probably on all locales enabled systems. But maybe not.
I won't be able to test it because I don't have the LC_NUMERIC locales
and don't really know how to install them on NetBSD.
However I can help you reproduce this bug.
You need to use a locale from a country that uses comma (,)
as the decimal seperator, as said hh before. You must have all the
locale category installed (but LC_NUMERIC is probably the only one
really needed). You only have to do this:
This will print "42.00".
Previous Comments:
[2002-11-08 01:00:05] php-bugs at lists dot php dot net
No feedback was provided for this bug for over 2 weeks, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[2002-10-23 07:04:41] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php4-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php4-win32-latest.zip
[2002-10-23 06:53:02] kaatz at wwe dot biz
This problem also exits in our application which runs on php-4.2.3.
We use 'setlocale' there to handle gettext translations. With LC_ALL
set by 'setlocale' all prices in the shopping basket and VAT
calculations with floats are 'calculated wrong'
Thanks for that hint.
Juergen
[2001-07-31 16:14:35] [EMAIL PROTECTED]
unable to reproduce with latest version of PHP, please
upgrade and re-open if still a problem.
[2000-12-04 13:08:55] hh at loca dot net
Changing the locale setting to a country that uses comma (,)
as the decimal seperator will stip off decimal places from
the float value in printf/sprintf. Example:
MySQL table:
create table test (
name varchar(100),
value float(16,2)
);
insert into test values ('bla', 3.789);
PHP code:
setlocale("LC_ALL", "de_DE");
// mysql_connect etc.
$row = mysql_fetch_array($result);
printf("%s: %.2f",
$row["name"], $row["value"]);
Result:
bla: 3.00
--
Edit this bug report at http://bugs.php.net/?id=8097&edit=1
