Bug #62358 [Com]: Segfault when using traits a lot

Sun, 12 Aug 2012 11:37:35 -0700 

Edit report at https://bugs.php.net/bug.php?id=62358&edit=1

 ID:                 62358
 Comment by:         maciej dot sz at gmail dot com
 Reported by:        maciej dot sz at gmail dot com
 Summary:            Segfault when using traits a lot
 Status:             Feedback
 Type:               Bug
 Package:            Reproducible crash
 Operating System:   Linux 3.2.0-25-generic Ubuntu
 PHP Version:        5.4.4
 Block user comment: N
 Private report:     N

 New Comment:

Another crash, this time in newest 5.4.6RC1 :


Program received signal SIGSEGV, Segmentation fault.
0x000000000094e409 in zend_get_function_declaration (fptr=0x1b5e240)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3059
3059                    size_t name_len = strlen(fptr->common.function_name);
(gdb) bt
#0  0x000000000094e409 in zend_get_function_declaration (fptr=0x1b5e240)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3059
#1  0x000000000094f37b in do_inheritance_check_on_method (child=0x1ba67c0, 
parent=0x1b6d2b8)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3263
#2  0x000000000094f531 in do_inherit_method_check 
(child_function_table=0x1ba8970, parent=0x1b6d2b8, 
    hash_key=0x7fffffff9dd0, child_ce=0x1ba8948)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3288
#3  0x0000000000988bf0 in zend_hash_replace_checker_wrapper (target=0x1ba8970, 
source_data=0x1b6d2b8, 
    p=0x1b79630, pParam=0x1ba8948, merge_checker_func=0x94f4aa 
<do_inherit_method_check>)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_hash.c:878
#4  0x0000000000988c71 in zend_hash_merge_ex (target=0x1ba8970, 
source=0x1b64378, 
    pCopyConstructor=0x94ddb3 <do_inherit_method>, size=240, 
    pMergeSource=0x94f4aa <do_inherit_method_check>, pParam=0x1ba8948)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_hash.c:892
#5  0x00000000009507df in zend_do_inheritance (ce=0x1ba8948, 
parent_ce=0x1b64350)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3519
#6  0x00000000009540a7 in do_bind_inherited_class (op_array=0x1ba5b10, 
opline=0x1bb74b0, 
    class_table=0x126ee70, parent_ce=0x1b64350, compile_time=0 '\000')
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:4570
#7  0x00000000009b742a in ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER 
(execute_data=0x7ffff7f95e70)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:936
#8  0x00000000009b4122 in execute (op_array=0x1ba5b10)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:410
#9  0x000000000096381c in zend_call_function (fci=0x7fffffffa410, 
fci_cache=0x7fffffffa460)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_execute_API.c:958
#10 0x0000000000717021 in zim_reflection_method_invokeArgs (ht=2, 
return_value=0x1ba72f8, 
    return_value_ptr=0x0, this_ptr=0x1b26ed0, return_value_used=1)
    at /home/maciek/Downloads/php-5.4.6RC1/ext/reflection/php_reflection.c:3024
#11 0x00000000009b5838 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x7ffff7f94728)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:642
#12 0x00000000009b66dc in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(execute_data=0x7ffff7f94728)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:752
#13 0x00000000009b4122 in execute (op_array=0x7ffff095e050)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:410
#14 0x0000000000976ca1 in zend_execute_scripts (type=8, retval=0x0, 
file_count=3)
    at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend.c:1289
#15 0x00000000008e90aa in php_execute_script (primary_file=0x7fffffffcdd0)
    at /home/maciek/Downloads/php-5.4.6RC1/main/main.c:2473
#16 0x0000000000abf8c1 in do_cli (argc=6, argv=0x7fffffffe1b8)
    at /home/maciek/Downloads/php-5.4.6RC1/sapi/cli/php_cli.c:988
#17 0x0000000000ac09fa in main (argc=6, argv=0x7fffffffe1b8)
    at /home/maciek/Downloads/php-5.4.6RC1/sapi/cli/php_cli.c:1364


Previous Comments:
------------------------------------------------------------------------
[2012-06-19 09:02:11] maciej dot sz at gmail dot com

Thank you for the response. I've compiled the snapshot (201206190730) and I got 
segfault with same BT, only this time it occured earlier in the script.

Maybe it is worth mentioning, that I was not able to reproduce the crash with 
small scripts (including only few files). The bug occurs when I use traits with 
large frameworks: PHPUnit or Zend Framework.

------------------------------------------------------------------------
[2012-06-18 23:52:10] fel...@php.net

Please try using this snapshot:

  http://snaps.php.net/php5.4-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/



------------------------------------------------------------------------
[2012-06-18 20:23:49] maciej dot sz at gmail dot com

Description:
------------
While using traits PHP crashes a lot. This does not seem to be related to any 
certain piece of code, becouse I just have to add a dummy declaration like
$tmp = '';
and the script runs normally.


For example I just wrote code similar to this:

<?php

trait T1
{
   public function t1()
   {
      return 't1';
   }
}

class Foo
{
   use T1;
}

$f = new Foo();
$f->t1();
?>

and segfault occurred. But all I have to do is add the dummy declaration within 
the trait method and the script runs normally:

<?php

trait T1
{
   public function t1()
   {
      $tmp = '';
      return 't1';
   }
}

class Foo
{
   use T1;
}

$f = new Foo();
$f->t1();
?>

Sometimes the segfault error disappears by just running the script again.

All scripts are run from command line, my compile configuration is as follows:
'./configure'  '--with-mysql' '--with-pgsql' '--with-zlib' '--enable-calendar' 
'--with-curl' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-gd' '--
enable-bcmath' '--enable-soap' '--enable-fpm' '--with-pdo-mysql' '--with-pdo-
pgsql' '--with-pdo-sqlite' '--with-config-file-path=/etc/php54/cli' '--with-
config-file-scan-dir=/etc/php54/cli/conf.d' '--prefix=/usr/local/php54' '--
enable-debug' '--with-mysqli' '--enable-mbstring'

I've recompile PHP several times. This issue appears to consider all 5.4.* 
versions.

Here's a bugtrace:

Program received signal SIGSEGV, Segmentation fault.
0x000000000094dafb in zend_get_function_declaration (fptr=0x1669df0)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_compile.c:3052
3052                    memcpy(offset, fptr->common.scope->name, fptr-
>common.scope->name_length);
(gdb) bt
#0  0x000000000094dafb in zend_get_function_declaration (fptr=0x1669df0)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_compile.c:3052
#1  0x000000000094eaf9 in do_inheritance_check_on_method (child=0x16e15d8, 
parent=0x1680028)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_compile.c:3263
#2  0x000000000094ecaf in do_inherit_method_check 
(child_function_table=0x16e1118, parent=0x1680028, 
    hash_key=0x7fffffff9db0, child_ce=0x16e10f0)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_compile.c:3288
#3  0x00000000009881ec in zend_hash_replace_checker_wrapper (target=0x16e1118, 
source_data=0x1680028, 
    p=0x167ff80, pParam=0x16e10f0, merge_checker_func=0x94ec28 
<do_inherit_method_check>)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_hash.c:878
#4  0x000000000098826d in zend_hash_merge_ex (target=0x16e1118, 
source=0x1668390, 
    pCopyConstructor=0x94d531 <do_inherit_method>, size=240, 
    pMergeSource=0x94ec28 <do_inherit_method_check>, pParam=0x16e10f0)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_hash.c:892
#5  0x000000000094ff5d in zend_do_inheritance (ce=0x16e10f0, 
parent_ce=0x1668368)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_compile.c:3519
#6  0x0000000000953796 in do_bind_inherited_class (op_array=0x16e2270, 
opline=0x16eacd8, 
    class_table=0x126ce70, parent_ce=0x1668368, compile_time=0 '\000')
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_compile.c:4569
#7  0x00000000009b6a49 in ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER 
(execute_data=0x7ffff7f96538)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_vm_execute.h:936
#8  0x00000000009b3741 in execute (op_array=0x16e2270)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_vm_execute.h:410
#9  0x0000000000962f23 in zend_call_function (fci=0x7fffffffa3f0, 
fci_cache=0x7fffffffa440)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_execute_API.c:958
#10 0x0000000000716989 in zim_reflection_method_invokeArgs (ht=2, 
return_value=0x16d6960, 
---Type <return> to continue, or q <return> to quit---
    return_value_ptr=0x0, this_ptr=0x164abb0, return_value_used=1)
    at /home/maciek/Pobrane/php-5.4.4/ext/reflection/php_reflection.c:2926
#11 0x00000000009b4e57 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x7ffff7f94a38)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_vm_execute.h:642
#12 0x00000000009b5cfb in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(execute_data=0x7ffff7f94a38)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_vm_execute.h:752
#13 0x00000000009b3741 in execute (op_array=0x7ffff0d7e680)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend_vm_execute.h:410
#14 0x00000000009762b2 in zend_execute_scripts (type=8, retval=0x0, 
file_count=3)
    at /home/maciek/Pobrane/php-5.4.4/Zend/zend.c:1279
#15 0x00000000008e8a1a in php_execute_script (primary_file=0x7fffffffcda0)
    at /home/maciek/Pobrane/php-5.4.4/main/main.c:2473
#16 0x0000000000abee99 in do_cli (argc=6, argv=0x7fffffffe188)
    at /home/maciek/Pobrane/php-5.4.4/sapi/cli/php_cli.c:988
#17 0x0000000000abffb9 in main (argc=6, argv=0x7fffffffe188)
    at /home/maciek/Pobrane/php-5.4.4/sapi/cli/php_cli.c:1361

Expected result:
----------------
Script exited normally, without segfault.

Actual result:
--------------
Segmentation fault.


------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=62358&edit=1

Reply via email to