Hi: it's great, I tested, and committed. :) thanks
On Thu, Oct 18, 2012 at 7:19 PM, Dmitry Stogov <dmi...@zend.com> wrote: > I think, I've found a more simple fix (attached) that don't require > extension patching and even allow to optimize ZE a bit. > > Laruence, can you please verify it. > Sorry, I'm quite busy with other tasks. > > Thanks. Dmitry. > > > On 10/18/2012 02:56 PM, Laruence wrote: >> >> On Thu, Oct 18, 2012 at 6:45 PM, Pierre Joye <pierre....@gmail.com> wrote: >>> >>> hi Dmitry, Laruence! >>> >>> On Thu, Oct 18, 2012 at 11:46 AM, Laruence <larue...@php.net> wrote: >>>> >>>> Hey: >>>> >>>> recently we found a problem, that is "usage zval_dtor on a recursive >>>> array while gc enabled" has chance to result a segfault. >>>> >>>> a reproduce script could be found here: >>>> >>>> https://github.com/php/php-src/blob/8bd5e15ff7a57791956c4017ee8fb4a8ac0d8d2e/ext/pcre/tests/bug63055.phpt >>>> >>>> the preg_match used to call zval_dtor on the third argument. which >>>> result a segfault, reported at #63055 >>>> >>>> the segfault backtrace will looks like: http://pastebin.com/uPWBgrTZ >>>> >>>> thanks to dmitry, we got a simple solution, that is: instead of >>>> directly call to zval_dtor, please use following codes instead: >>>> " >>>> zval garbage = *subpats; >>>> array_init(subpats); >>>> zval_dtor(&garbage); >>>> " >>> >>> Nice catch! >>> >>> We could add a macro? As it looks like many will forget to do that :) >> >> maybe a seris macro: >> >> ZVAL_REPLACE_LONG() >> ZVAL_REPLACE_STRING{L}() >> ZVAL_REPLACE_ZVAL() >> >> etc; >> >> thanks , will do it later, only for trunk I think >> >> thanks >>> >>> >>> Cheers, >>> -- >>> Pierre >>> >>> @pierrejoye | http://blog.thepimp.net | http://www.libgd.org >> >> >> >> > -- Laruence Xinchen Hui http://www.laruence.com/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
