From: patrik dot lermon at gmail dot com
Operating system: Linux
PHP version: 5.3.0
PHP Bug Type: Reproducible crash
Bug description: Clone causes Segmentation fault
Description:
------------
Under certain circumstances the clone keyword causes a Segmentation fault.
This code is reproducible and tested with the same result on:
- Ubuntu 9.04 / PHP 5.2.10 (cli) (built: Jun 22 2009 12:32:02)
- Slackware 13.0.0.0.0 / PHP 5.3.0 (cli) (built: Sep 25 2009 08:58:26)
(DEBUG)
- Mac OS X 10.5.8 / PHP 5.2.10 (cli) (built: Aug 24 2009 12:47:12)
- Mac OS X 10.6.1 / PHP 5.3.0 (cli) (built: Jul 19 2009 00:34:29)
The Ubuntu and Mac OS X versions are standard builds from Zend, and the
Slackware is built by me like this:
EXTENSION_DIR=/usr/lib/php/extensions \
CFLAGS="-O2 -march=i486 -mtune=i686" \
./configure \
--enable-force-cgi-redirect \
--enable-pcntl \
--enable-sigchild \
--prefix=/usr \
--libdir=/usr/lib \
--with-libdir=lib \
--sysconfdir=/etc \
--disable-safe-mode \
--disable-magic-quotes \
--enable-zend-multibyte \
--enable-mbregex \
--enable-tokenizer=shared \
--with-config-file-scan-dir=/etc/php \
--with-config-file-path=/etc/httpd \
--enable-mod_charset \
--with-layout=PHP \
--enable-sigchild \
--enable-xml \
--with-libxml-dir=/usr \
--enable-simplexml \
--enable-spl \
--enable-filter \
--enable-debug \
--with-openssl=shared \
--with-pcre-regex=/usr \
--with-zlib=shared,/usr \
--enable-bcmath=shared \
--with-bz2=shared,/usr \
--enable-calendar=shared \
--enable-ctype=shared \
--with-curl=shared \
--with-curlwrappers \
--with-mcrypt=/usr \
--enable-dba=shared \
--with-gdbm=/usr \
--with-db4=/usr \
--enable-exif=shared \
--enable-ftp=shared \
--with-gd=shared \
--with-jpeg-dir=/usr \
--with-png-dir=/usr \
--with-zlib-dir=/usr \
--with-xpm-dir=/usr \
--with-freetype-dir=/usr \
--with-t1lib=/usr \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-gettext=shared,/usr \
--with-gmp=shared,/usr \
--with-iconv=shared \
--with-imap-ssl=/usr \
--with-imap=/usr/local/lib/c-client \
--with-ldap=shared \
--enable-mbstring=shared \
--enable-hash \
--with-mysql=shared,/usr \
--with-mysqli=shared,/usr/bin/mysql_config \
--enable-pdo=shared \
--with-pdo-mysql=shared,/usr \
--with-pdo-sqlite=shared \
--with-pspell=shared,/usr \
--with-mm=/usr \
--enable-shmop=shared \
--with-snmp=shared,/usr \
--enable-soap=shared \
--enable-sockets \
--with-sqlite=shared \
--enable-sqlite-utf8 \
--with-regex=php \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx=shared \
--with-xsl=shared,/usr \
--enable-zip=shared \
--with-tsrm-pthreads \
--enable-shared=yes \
--enable-static=no \
--with-gnu-ld \
--with-pic \
--build=i486-slackware-linux
Reproduce code:
---------------
<?php
date_default_timezone_set('America/Los_Angeles');
class Test {
public $previous, $next = NULL;
public function __clone() {
$this->previous != NULL ? $this->previous = clone $this->previous
: $this->previous = NULL;
$this->next != NULL ? $this->next = clone $this->next :
$this->next = NULL;
}
public function __toString() {
return '[' . ($this->previous != NULL ? '<' : '-') . ' ' .
($this->next != NULL ? '>' : '-') . ']';
}
}
// Create some test objects
$a = new Test(); $b = new Test();
// Link them together
$a->next =& $b; $b->previous =& $a;
// Clone and print
echo "a before cloning:\na: " . $a . "\n";
$b = clone $a;
echo "These two should not look the same:\na: " . $a . "\nb: " . $clone .
"\n";
Expected result:
----------------
a before cloning:
a: [- >]
These two should not look the same:
a: [- >]
b: [- -]
Actual result:
--------------
a before cloning:
a: [- >]
Segmentation fault
--
Edit bug report at http://bugs.php.net/?id=49664&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=49664&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=49664&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=49664&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=49664&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=49664&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=49664&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=49664&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=49664&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=49664&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=49664&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=49664&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=49664&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=49664&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=49664&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49664&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=49664&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=49664&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=49664&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=49664&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=49664&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=49664&r=mysqlcfg
