Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:63529 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 76114 invoked from network); 18 Oct 2012 12:11:47 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 18 Oct 2012 12:11:47 -0000 Authentication-Results: pb1.pair.com header.from=laruence@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=laruence@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.212.42 as permitted sender) X-PHP-List-Original-Sender: laruence@gmail.com X-Host-Fingerprint: 209.85.212.42 mail-vb0-f42.google.com Received: from [209.85.212.42] ([209.85.212.42:57311] helo=mail-vb0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 51/5A-30095-102FF705 for ; Thu, 18 Oct 2012 08:11:45 -0400 Received: by mail-vb0-f42.google.com with SMTP id fs19so9203197vbb.29 for ; Thu, 18 Oct 2012 05:11:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=gsQV/SV7xlCi8fmc1IGW80OYXPmnopPyKgaBpmW1r8U=; b=zdteH3/tGxvldERd3zuP7eJtjdfj/7VUJPgVQaiyzt7LDGfVjg28/SssCjqFE9HB2L DfJQukZQz4kqzvr+1gC8Yw2af+PPurBjOO1CneTMVvWi1Q/4Pp59PJLW9DuxkmW8ME3P aRy6rYIZyJKhBl2tPU4wXWUuHlFytXmRke/tVTCrdgTB+m8rRqi1RZ6h/Vl5gdd0n1tV godnubWMrcdpTZDzSiGFoltAB4TodQIjk5LPQxEbfcyJkSmi7VLQ5H1LUabdh4ybO723 kZHlw/tQ1B/LtcWLKZZUYlI1lLo13/iqSQhELMtz9CxPbibNl8Wb9HuNttQ/rfSMuWIQ eG/Q== Received: by 10.220.150.82 with SMTP id x18mr4908175vcv.73.1350562302153; Thu, 18 Oct 2012 05:11:42 -0700 (PDT) MIME-Version: 1.0 Sender: laruence@gmail.com Received: by 10.221.12.8 with HTTP; Thu, 18 Oct 2012 05:11:21 -0700 (PDT) In-Reply-To: <507FE5DE.8010804@zend.com> References:

<507FE5DE.8010804@zend.com> Date: Thu, 18 Oct 2012 20:11:21 +0800 X-Google-Sender-Auth: vgZ33ig-T330Dw3xfp_Vs0gZ6k0 Message-ID: To: Dmitry Stogov Cc: Pierre Joye , PHP Internals , PECL Announce , Dmitry Stogov Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] Please do not call zval_dtor on recursive array From: laruence@php.net (Laruence) Hi: it's great, I tested, and committed. :) thanks On Thu, Oct 18, 2012 at 7:19 PM, Dmitry Stogov wrote: > I think, I've found a more simple fix (attached) that don't require > extension patching and even allow to optimize ZE a bit. > > Laruence, can you please verify it. > Sorry, I'm quite busy with other tasks. > > Thanks. Dmitry. > > > On 10/18/2012 02:56 PM, Laruence wrote: >> >> On Thu, Oct 18, 2012 at 6:45 PM, Pierre Joye wrote: >>> >>> hi Dmitry, Laruence! >>> >>> On Thu, Oct 18, 2012 at 11:46 AM, Laruence wrote: >>>> >>>> Hey: >>>> >>>> recently we found a problem, that is "usage zval_dtor on a recursive >>>> array while gc enabled" has chance to result a segfault. >>>> >>>> a reproduce script could be found here: >>>> >>>> https://github.com/php/php-src/blob/8bd5e15ff7a57791956c4017ee8fb4a8ac0d8d2e/ext/pcre/tests/bug63055.phpt >>>> >>>> the preg_match used to call zval_dtor on the third argument. which >>>> result a segfault, reported at #63055 >>>> >>>> the segfault backtrace will looks like: http://pastebin.com/uPWBgrTZ >>>> >>>> thanks to dmitry, we got a simple solution, that is: instead of >>>> directly call to zval_dtor, please use following codes instead: >>>> " >>>> zval garbage = *subpats; >>>> array_init(subpats); >>>> zval_dtor(&garbage); >>>> " >>> >>> Nice catch! >>> >>> We could add a macro? As it looks like many will forget to do that :) >> >> maybe a seris macro: >> >> ZVAL_REPLACE_LONG() >> ZVAL_REPLACE_STRING{L}() >> ZVAL_REPLACE_ZVAL() >> >> etc; >> >> thanks , will do it later, only for trunk I think >> >> thanks >>> >>> >>> Cheers, >>> -- >>> Pierre >>> >>> @pierrejoye | http://blog.thepimp.net | http://www.libgd.org >> >> >> >> > -- Laruence Xinchen Hui http://www.laruence.com/