php segfaults with readline

Thanks for the bug report I will revisit this again for intrepid.

Thanks
chuck

For the record, libedit is pretty much known-broken in many ways, though it's our only option (we can't legally link PHP with libreadline, thanks to license conflicts).

If we intend to keep PHP linkes with libedit (I always had readline support disabled in the past, for this very reason), we should really look at tidying up libedit's numerous bugs.

JFYI Update: The bug is still present in 8.10. You need to press [TAB] two times now to make it crash.

PHP version:
PHP 5.2.6-2ubuntu4.1 with Suhosin-Patch 0.9.6.2 (cli) (built: Feb 11 2009 20:38:24)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies

Backtrace:
#0 0xb7fcf48e in ?? () from /usr/lib/libedit.so.2
#1 0xb7a174ab in _quicksort () from /lib/tls/i686/cmov/libc.so.6
#2 0xb7a18387 in qsort_r () from /lib/tls/i686/cmov/libc.so.6
#3 0xb7a1849e in qsort () from /lib/tls/i686/cmov/libc.so.6
#4 0xb7fcf396 in fn_display_match_list () from /usr/lib/libedit.so.2
#5 0xb7fcf9c3 in fn_complete () from /usr/lib/libedit.so.2
#6 0xb7fd54b4 in rl_complete () from /usr/lib/libedit.so.2
#7 0xb7fd54f5 in ?? () from /usr/lib/libedit.so.2
#8 0xb7fc8f06 in el_gets () from /usr/lib/libedit.so.2
#9 0xb7fd6d24 in readline () from /usr/lib/libedit.so.2
#10 0x0835d087 in zif_readline ()
#11 0x08314a83 in ?? ()
#12 0x082fff1b in execute ()
#13 0x082da5c0 in zend_execute_scripts ()
#14 0x0828ef2a in php_execute_script ()
#15 0x0835ec24 in main ()

Update: The bug ist still present in 11.10, 3.5 years after I reported it. You still need to press [TAB] twice to make it crash. If you would link against libreadline instead of libedit, this bug would vanish.

iblue@nerdpol:/tmp$ lsb_release -rd
Description: Ubuntu 11.10
Release: 11.10
iblue@nerdpol:/tmp$ php -v
PHP 5.3.6-13ubuntu3.2 with Suhosin-Patch (cli) (built: Oct 13 2011 23:19:13)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
iblue@nerdpol:/tmp$ cat bug.php
<?php

function foo($part, $position) {
  return array();
}

readline_completion_function("foo");
$line = readline("Command: ");

iblue@nerdpol:/tmp$ php -q bug.php
Command: [Press TAB twice]
Segmenation Fault
iblue@nerdpol:/tmp$

Backtrace:

#0 0x001986cd in ?? () from /usr/lib/i386-linux-gnu/libedit.so.2
#1 0x007274d9 in ?? () from /lib/i386-linux-gnu/libc.so.6
#2 0x00727ef4 in qsort_r () from /lib/i386-linux-gnu/libc.so.6
#3 0x0072801f in qsort () from /lib/i386-linux-gnu/libc.so.6
#4 0x001a1b55 in fn_display_match_list ()
   from /usr/lib/i386-linux-gnu/libedit.so.2
#5 0x001a1f20 in fn_complete () from /usr/lib/i386-linux-gnu/libedit.so.2
#6 0x00195124 in rl_complete () from /usr/lib/i386-linux-gnu/libedit.so.2
#7 0x00195163 in ?? () from /usr/lib/i386-linux-gnu/libedit.so.2
#8 0x001a3847 in el_gets () from /usr/lib/i386-linux-gnu/libedit.so.2
#9 0x00192c5a in readline () from /usr/lib/i386-linux-gnu/libedit.so.2
#10 0x083b7abd in ?? ()
#11 0x083980ca in ?? ()
#12 0x08342f4e in execute ()
#13 0x0831bca9 in zend_execute_scripts ()
#14 0x082c2bde in php_execute_script ()
#15 0x0806b47f in ?? ()
#16 0x0070f113 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
#17 0x0806b521 in _start ()

According to the Free Software Foundation [1] php CANNOT be legally linked to libreadline, because libreadline is licensed under the GPL and php is licensed under the php license.

[1] http://www.gnu.org/licenses/gpl-faq.html