[2002-05-16 14:01 UTC] gprandi at sif dot com dot ar

Hi! PHP 4.2.1 gets a SIGSEGV in sem_remove().

The code in ext/sysvsem/sysvsem.c seems to forget the allocation of the buf member of the semun struct when it calls to semctl().

I solved it adding:
   struct semid_ds semidbuf;
to the declaration of local variables, and:
   un.buf = &semidbuf;
before each call to semctl();

I configured PHP using:

configure --enable-sysvshm --enable-sysvsem --with-curl=/usr/local/lib/libcurl.a --enable-pcntl

This is the gdb stack trace:

(gdb) where
#0  0x402864e2 in __new_semctl (semid=770, semnum=0, cmd=2)
    at ../sysdeps/i386/i486/bits/string.h:315
#1  0x80be3a3 in zif_sem_remove (ht=1, return_value=0x81a13cc, this_ptr=0x0, 
    return_value_used=0) at sysvsem.c:406
#2  0x80fe6cf in execute (op_array=0x81946b8) at ./zend_execute.c:1598
#3  0x80fe889 in execute (op_array=0x8186c14) at ./zend_execute.c:1638
#4  0x80e4289 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at zend.c:810
#5  0x8062879 in php_execute_script (primary_file=0xbffffbd0) at main.c:1381
#6  0x8060850 in main (argc=5, argv=0xbffffc74) at cgi_main.c:778
#7  0x401c2b65 in __libc_start_main (main=0x8060054 <main>, argc=5, 
    ubp_av=0xbffffc74, init=0x805ec7c <_init>, fini=0x81037bc <_fini>, 
    rtld_fini=0x4000df24 <_dl_fini>, stack_end=0xbffffc6c)
    at ../sysdeps/generic/libc-start.c:111

 [2002-05-17 08:37 UTC] wez@php.net

This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at http://snaps.php.net/. In case this was a documentation 
problem, the fix will show up soon at http://www.php.net/manual/.
In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites.
Thank you for the report, and for helping us make PHP better.