Home Original page

Segfault or Invalid Opcode 137/1/4

Bug #35437 Segfault or Invalid Opcode 137/1/4
Submitted: 2005-11-28 04:19 UTC Modified: 2005-12-03 12:39 UTC
Votes:2
Avg. Score:2.5 ± 1.5
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: me at dither dot spb dot ru Assigned: dmitry (profile)
Status: Closed Package: Scripting Engine problem
PHP Version: 5CVS-2005-11-28 (cvs) OS: *
Private report: No CVE-ID: None

 [2005-11-28 04:19 UTC] me at dither dot spb dot ru

Description:
------------
PHP 5.1 Final Release.
(built: Nov 23 2005 23:59:35)

Easy repoducible segfault or Invalid opcode 137/1/4 Fatal Error.

Reproduce code:
---------------
<?php
function err2exception($errno, $errstr)
{
	throw new Exception("Error occuried: " . $errstr);
}

set_error_handler('err2exception');

class TestClass
{
	function testMethod()
	{
		//$GLOBALS['t'] = 'test';
		$GLOBALS['t'] = new stdClass;
	}
}

TestClass::testMethod();
?>

Expected result:
----------------
PHP Should cause Strict level Notice "Non-static method TestClass::testMethod() should not be called statically", and  after what error_handler err2exception() must be executed.

Finally, it must be an Uncaught exception 'Exception' with message 'Error occuried: Non-static method TestClass::testMethod() should not be called statically'.

Actual result:
--------------
Segfault.

Uncommenting line //$GLOBALS['t'] = 'test' causes Invalid opcode 137/1/4 Fatal Error.

Commenting both $GLOBALS lines completly fixes bug.

Marking method testMethod() as static (... static function testMethod() ...) fixes bug too, but no exception will be thrown.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

 [2005-11-28 17:43 UTC] me at dither dot spb dot ru

PHP 5.1.2-dev (cli) (built: Nov 27 2005 20:24:18) (Win32).
No changes. Problem persists. Sorry, I dont have enought time to test latest unix snapshot. If needed, I can do some testing across different unix versions tomorrow.

Omg, sorry for my bad english..

 [2005-11-28 17:53 UTC] sniper@php.net

Here's GDB backtrace:

0x0820c3bf in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe14f80) at /usr/src/php_5_1/Zend/zend_vm_execute.h:131
131             if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) {
(gdb) bt
#0  0x0820c3bf in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe14f80) at /usr/src/php_5_1/Zend/zend_vm_execute.h:131
#1  0x0820d0d7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe14f80) at /usr/src/php_5_1/Zend/zend_vm_execute.h:310
#2  0x0820c30c in execute (op_array=0x9bd5d2c) at /usr/src/php_5_1/Zend/zend_vm_execute.h:88
#3  0x0820c792 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe150d0) at /usr/src/php_5_1/Zend/zend_vm_execute.h:222
#4  0x0820d0d7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe150d0) at /usr/src/php_5_1/Zend/zend_vm_execute.h:310
#5  0x0820c30c in execute (op_array=0x9bcff0c) at /usr/src/php_5_1/Zend/zend_vm_execute.h:88
#6  0x081e3eca in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/php_5_1/Zend/zend.c:1090
#7  0x081a234e in php_execute_script (primary_file=0xbfe17500) at /usr/src/php_5_1/main/main.c:1704
#8  0x08252300 in main (argc=2, argv=0xbfe175d4) at /usr/src/php_5_1/sapi/cli/php_cli.c:1039

 [2005-11-29 05:11 UTC] me at dither dot spb dot ru

That means bug has been confirmed?

 [2005-12-01 13:56 UTC] dmitry@php.net

Fixed in CVS HEAD, PHP_5_1 and PHP_5_0.

 [2005-12-03 12:39 UTC] me at dither dot spb dot ru

thnx guys, outstanding work =)