ID: 27876 Updated by: [EMAIL PROTECTED] Reported By: aashley at optimiser dot com -Status: Assigned +Status: Closed Bug Type: Zend Engine 2 problem Operating System: Linux PHP Version: 5CVS-2004-04-05 (dev) Assigned To: andi New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2004-04-25 18:37:58] [EMAIL PROTECTED] I just verified this with this simple script. Derick ------------------------------------------------------------------------ [2004-04-25 17:24:53] robinv at ecosse dot net Simpler test case: <?php class TestClass { var $bar; function TestClass() { list($foo) = $this->bar = array(1); print $foo; } } $testObject = new TestClass; ?> running dbd on core dump: [...] Core was generated by `/home/robin/bin/php -f ../bug.php'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt.so.1...done. Loaded symbols for /lib/libcrypt.so.1 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /lib/i686/libm.so.6...done. Loaded symbols for /lib/i686/libm.so.6 Reading symbols from /lib/libdl.so.2...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/libnsl.so.1...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /lib/libz.so.1...done. Loaded symbols for /lib/libz.so.1 Reading symbols from /usr/lib/libxml2.so.2...done. Loaded symbols for /usr/lib/libxml2.so.2 Reading symbols from /lib/i686/libpthread.so.0...done. Loaded symbols for /lib/i686/libpthread.so.0 Reading symbols from /lib/i686/libc.so.6...done. Loaded symbols for /lib/i686/libc.so.6 Reading symbols from /lib/ld-linux.so.2...done. Loaded symbols for /lib/ld-linux.so.2 #0 zend_mm_alloc (heap=0x81ec480, size=220) at /home/robin/src/php-5.0.0RC1/Zend/zend_mm.c:308 308 if (p->size == true_size) { (gdb) list 303 } 304 } 305 } 306 307 for (p = heap->free_buckets[0]; p; p = p->next_free_block) { 308 if (p->size == true_size) { 309 best_fit = p; 310 break; 311 } 312 if ((p->size > true_size) && (!best_fit || (best_fit->size > p->size))) { /* better fit */ (gdb) print p $1 = (zend_mm_free_block *) 0x33146c00 (gdb) print p->size Cannot access memory at address 0x33146c00 (gdb) print best_fit $2 = (zend_mm_free_block *) 0x40332cab (gdb) print best_fit->size $3 = 972800 (gdb) print true_size $4 = 232 ------------------------------------------------------------------------ [2004-04-09 11:38:51] aashley at optimiser dot com I havent had much luck creating a simpler example so far. I'll have another try tomorrow... errr later today. ------------------------------------------------------------------------ [2004-04-09 10:11:10] [EMAIL PROTECTED] Please try and created a shorter reproducing script. I can't debug this bug report otherwise. ------------------------------------------------------------------------ [2004-04-06 03:05:15] [EMAIL PROTECTED] Zend Engine 2 related, assinging to Andi. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/27876 -- Edit this bug report at http://bugs.php.net/?id=27876&edit=1
