Edit report at https://bugs.php.net/bug.php?id=60825&edit=1
ID: 60825 User updated by: php at wallbash dot com Reported by: php at wallbash dot com Summary: Segfault when running symfony 2 tests Status: Assigned Type: Bug Package: Reproducible crash Operating System: Ubuntu 10.04.3 LTS PHP Version: 5.4.0RC6 Assigned To: laruence Block user comment: N Private report: N New Comment: --------- DUMP #1 --------- $ gdb --args php /usr/local/bin/phpunit --coverage-text=cover.txt test/PersistTest.php test/InstanciationTest.php GNU gdb (GDB) CentOS (7.0.1-42.el5.centos) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/php...(no debugging symbols found)...done. (gdb) r Starting program: /usr/bin/php /usr/local/bin/phpunit --coverage-text=cover.txt test/PersistTest.php [Thread debugging using libthread_db enabled] PHPUnit 3.6.10 by Sebastian Bergmann. ............ Time: 21 seconds, Memory: 21.75Mb OK (12 tests, 59 assertions) Generating textual code coverage report, this may take a moment. Program received signal SIGSEGV, Segmentation fault. 0x0000000000651c85 in ?? () (gdb) bt #0 0x0000000000651c85 in ?? () #1 0x0000000000672eee in ?? () #2 0x000000000065876b in execute () #3 0x00002aaaaf570f4f in xdebug_execute (op_array=0x17fe050) at /tmp/pear/install/xdebug/xdebug.c:1390 #4 0x000000000065915d in ?? () #5 0x000000000065876b in execute () #6 0x00002aaaaf570f4f in xdebug_execute (op_array=0x17e3168) at /tmp/pear/install/xdebug/xdebug.c:1390 #7 0x000000000065915d in ?? () #8 0x000000000065876b in execute () #9 0x00002aaaaf570f4f in xdebug_execute (op_array=0x17ae2c8) at /tmp/pear/install/xdebug/xdebug.c:1390 #10 0x000000000065915d in ?? () #11 0x000000000065876b in execute () #12 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f64700) at /tmp/pear/install/xdebug/xdebug.c:1390 #13 0x000000000065915d in ?? () #14 0x000000000065876b in execute () #15 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f64be8) at /tmp/pear/install/xdebug/xdebug.c:1390 #16 0x0000000000627043 in zend_call_function () #17 0x000000000064830f in zend_call_method () ---Type <return> to continue, or q <return> to quit--- #18 0x00000000006507e8 in zend_objects_destroy_object () #19 0x000000000064ea3c in gc_collect_cycles () #20 0x000000000064f00e in gc_zval_possible_root () #21 0x00000000006b9031 in ?? () #22 0x000000000065876b in execute () #23 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22f8c90) at /tmp/pear/install/xdebug/xdebug.c:1390 #24 0x000000000065915d in ?? () #25 0x000000000065876b in execute () #26 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22d3498) at /tmp/pear/install/xdebug/xdebug.c:1390 #27 0x000000000065915d in ?? () #28 0x000000000065876b in execute () #29 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22dec68) at /tmp/pear/install/xdebug/xdebug.c:1390 #30 0x000000000065915d in ?? () #31 0x000000000065876b in execute () #32 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaac24700) at /tmp/pear/install/xdebug/xdebug.c:1390 #33 0x000000000065915d in ?? () #34 0x000000000065876b in execute () #35 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22d6a60) at /tmp/pear/install/xdebug/xdebug.c:1390 ---Type <return> to continue, or q <return> to quit--- #36 0x000000000065915d in ?? () #37 0x000000000065876b in execute () #38 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2141e58) at /tmp/pear/install/xdebug/xdebug.c:1390 #39 0x000000000065915d in ?? () #40 0x000000000065876b in execute () #41 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0) at /tmp/pear/install/xdebug/xdebug.c:1390 #42 0x000000000065915d in ?? () #43 0x000000000065876b in execute () #44 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0) at /tmp/pear/install/xdebug/xdebug.c:1390 #45 0x000000000065915d in ?? () #46 0x000000000065876b in execute () #47 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0) at /tmp/pear/install/xdebug/xdebug.c:1390 #48 0x000000000065915d in ?? () #49 0x000000000065876b in execute () #50 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0) at /tmp/pear/install/xdebug/xdebug.c:1390 #51 0x000000000065915d in ?? () #52 0x000000000065876b in execute () #53 0x00002aaaaf570f4f in xdebug_execute (op_array=0x21418d8) ---Type <return> to continue, or q <return> to quit--- at /tmp/pear/install/xdebug/xdebug.c:1390 #54 0x000000000065915d in ?? () #55 0x000000000065876b in execute () #56 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1333f80) at /tmp/pear/install/xdebug/xdebug.c:1390 #57 0x000000000065915d in ?? () #58 0x000000000065876b in execute () #59 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1fa1a70) at /tmp/pear/install/xdebug/xdebug.c:1390 #60 0x000000000065915d in ?? () #61 0x000000000065876b in execute () #62 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaab98870) at /tmp/pear/install/xdebug/xdebug.c:1390 #63 0x000000000065915d in ?? () #64 0x000000000065876b in execute () #65 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc3f428) at /tmp/pear/install/xdebug/xdebug.c:1390 #66 0x000000000065915d in ?? () #67 0x000000000065876b in execute () #68 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc3bac8) at /tmp/pear/install/xdebug/xdebug.c:1390 #69 0x000000000065915d in ?? () #70 0x000000000065876b in execute () ---Type <return> to continue, or q <return> to quit--- #71 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc2d908) at /tmp/pear/install/xdebug/xdebug.c:1390 #72 0x0000000000631ba5 in zend_execute_scripts () #73 0x00000000005e1328 in php_execute_script () #74 0x00000000006bbdf0 in ?? () #75 0x00002aaaab7cb994 in __libc_start_main () from /lib64/libc.so.6 #76 0x0000000000422509 in _start () (gdb) Previous Comments: ------------------------------------------------------------------------ [2012-05-23 07:32:25] php at wallbash dot com I will take time to create a reproducible test on Saturday or Sunday. This looks like a kind a memory related issue as I can run each test individually, but not all tests in a batch. Trying to know more precisely what makes the process fail in scripts, I also installed XDebug extension. Here, a segmentation fault occurs when XDebug tries to write its coverage file. I hope this is not some kind of heap overflow that may introduce some vulnerability (ie. arbitrary code execution). Follows a debugger dump when only one script is run with XDebug activated and coverage asked. An output file cover.txt is created but remains empty. The fault now seems to occur next to a call in XDebug Extension. -- DUMP #1 -- If I try to run all the tests with XDebug activated and coverage asked, a segmentation fault still occurs but the back trace is now different, the segmentation fault now seems to occur next to a call in pdo.so -- DUMP #2 -- If I now try to run another single test with XDebug activated and coverage asked, a segmentation fault occurs again but the back trace is also different, the segmentation fault seems to occur also next to a call in pdo.so -- DUMP #3 - - $ php --version PHP 5.3.13 (cli) (built: May 8 2012 15:39:23) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies with Xdebug v2.2.0, Copyright (c) 2002-2012, by Derick Rethans DUMPS come in next comments in order not to get the "Please do not SPAM our bug system." error message. ------------------------------------------------------------------------ [2012-05-23 02:22:05] larue...@php.net oh,, I remebered wronly, will take a look into this later, but the new segfault seems not the same as this one(from the bt), could you please try to make a reproducable script? thanks ------------------------------------------------------------------------ [2012-05-23 02:18:15] larue...@php.net seems the same issue exists in 5.3 too, previous fix only fixed the bug in 5.4 ------------------------------------------------------------------------ [2012-05-22 14:05:51] php at wallbash dot com Dear paj...@php.net, Sorry for answering so late. I focused my attention on other projects still now and did not check if the issue was solved using an higher production version. It seems the issue still exists with current stable version 5.3.13. I get the same segmentation fault when testing a project using Doctrine ORM. However, the fault location seems to elsewhere. See below. $ php --version PHP 5.3.13 (cli) (built: May 8 2012 15:39:23) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies $ gdb --args php /usr/local/bin/phpunit test GNU gdb (GDB) CentOS (7.0.1-42.el5.centos) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/php...(no debugging symbols found)...done. (gdb) r Starting program: /usr/bin/php /usr/local/bin/phpunit test [Thread debugging using libthread_db enabled] PHPUnit 3.6.10 by Sebastian Bergmann. ....................... Program received signal SIGSEGV, Segmentation fault. 0x0000000000652700 in ?? () (gdb) bt #0 0x0000000000652700 in ?? () #1 0x00002aaab147ae4c in ?? () from /usr/lib64/php/modules/pdo.so #2 0x0000000000692bcd in ?? () #3 0x000000000065876b in execute () #4 0x0000000000627043 in zend_call_function () #5 0x000000000064830f in zend_call_method () #6 0x00000000006507e8 in zend_objects_destroy_object () #7 0x000000000064ea3c in gc_collect_cycles () #8 0x000000000064f00e in gc_zval_possible_root () #9 0x00000000006b51ed in ?? () #10 0x000000000065876b in execute () #11 0x0000000000627043 in zend_call_function () #12 0x0000000000535fbe in ?? () #13 0x0000000000659669 in ?? () #14 0x000000000065876b in execute () #15 0x0000000000631ba5 in zend_execute_scripts () #16 0x00000000005e1328 in php_execute_script () #17 0x00000000006bbdf0 in ?? () #18 0x00002aaaab7cb994 in __libc_start_main () from /lib64/libc.so.6 #19 0x0000000000422509 in _start () ------------------------------------------------------------------------ [2012-04-18 09:46:28] larue...@php.net Automatic comment on behalf of laruence Revision: http://git.php.net/?p=php-src.git;a=commit;h=cf54cc736bc27f18b9a27ed882ad87b1d2e7a2b3 Log: Fixed bug #60825 (Segfault when running symfony 2 tests) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=60825 -- Edit this bug report at https://bugs.php.net/bug.php?id=60825&edit=1
