Edit report at https://bugs.php.net/bug.php?id=63055&edit=1
ID: 63055 User updated by: php at wallbash dot com Reported by: php at wallbash dot com Summary: Segfault in zend_gc with SF2 testsuite Status: Open Type: Bug Package: *General Issues Operating System: CentOS 6.3 PHP Version: 5.4.6 Block user comment: N Private report: N New Comment: Like stated on pecl: I sadly can't. Every output i generate or just executing that one test case make the segfault go away. I'm really sorry I can't provide anything more helpful but with issues like that (see the last time I ran into something like that: https://bugs.php.net/bug.php?id=60825) getting a good repro is really hard for me. I've tried for a couple of hours but gave up. I totally understand if this is not fixable for you of course but asking in php.pecl encouraged me to post it anyways :) Previous Comments: ------------------------------------------------------------------------ [2012-09-10 12:53:17] larue...@php.net I can not reproduce this with 5.4-branch... could you try to make a small reproduce test script ? thanks ------------------------------------------------------------------------ [2012-09-10 12:41:19] php at wallbash dot com He laruence, i meant the segfault happens with 5.3.16, 5.4.6 and with master but I only included two coredumps. The included coredump that produced a meaningful stacktrace is from 5.4.6 like noted. ------------------------------------------------------------------------ [2012-09-10 12:24:42] larue...@php.net you mean , you are running with 5.3? ------------------------------------------------------------------------ [2012-09-10 12:19:49] php at wallbash dot com Initially I ran into this issue with 5.3.16 but I didn't include a coredump for it. Just added it to make clear it might not be something new in 5.4 Regards, Edorian ------------------------------------------------------------------------ [2012-09-10 11:56:59] php at wallbash dot com Description: ------------ Reproduceable with php-master & 5.4.6 I'm sorry for not being able to break that down. Only running the segfaulting test works without an issue and even generating more output during the execution doesn't lead to the issue :( The best I can come with is providing all the instructions to run the whole thing. Configure: './configure' '--prefix=/opt/php-master' '--without-pear' '--with-zlib' '--with-xsl' '--enable-debug' Test script: --------------- git clone https://github.com/symfony/symfony.git git checkout 4dc197c3e1ea227e36cab7ea93877fa44ecc569b curl -s http://getcomposer.org/installer | php COMPOSER_ROOT_VERSION=dev-master php composer.phar --dev install php src/Symfony/Component/Locale/Resources/data/build-data.php export USE_INTL_ICU_DATA_VERSION=1 pear config-set auto_discover 1 pear install --alldeps pear.phpunit.de/phpunit-3.7.0RC3 pear install --alldeps pear.phpunit.de/php_codecoverage-1.2.0RC3 pear install --alldeps pear.phpunit.de/punit_mockobject-1.2.0RC4 phpunit Expected result: ---------------- No segfault Actual result: -------------- Core with 5.4.6 CORE 5.4.6: ----------- gdb /opt/php-5.4.6/bin/php /tmp/cores/core-php.17245 This GDB was configured as "x86_64-redhat-linux-gnu". Reading symbols from /opt/php-5.4.6/bin/php...done. [New LWP 17245] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `/opt/php-5.4.6/bin/php /usr/bin/phpunit'. Program terminated with signal 11, Segmentation fault. #0 0x00000000007e493f in zval_mark_grey (pz=0x12adf328) at /opt/php-5.4.6/Zend/zend_gc.c:425 425 pz = *(zval**)p->pData; (gdb) bt #0 0x00000000007e493f in zval_mark_grey (pz=0x12adf328) at /opt/php-5.4.6/Zend/zend_gc.c:425 #1 0x00000000007e4c6e in gc_mark_roots () at /opt/php-5.4.6/Zend/zend_gc.c:501 #2 0x00000000007e57cd in gc_collect_cycles () at /opt/php-5.4.6/Zend/zend_gc.c:793 #3 0x00000000007e3e96 in gc_zval_possible_root (zv=0x12adf9e8) at /opt/php-5.4.6/Zend/zend_gc.c:166 #4 0x00000000007a689e in gc_zval_check_possible_root (z=0x12adf9e8) at /opt/php-5.4.6/Zend/zend_gc.h:183 #5 _zval_ptr_dtor (zval_ptr=0x12adff00, __zend_filename=0xca8750 "/opt/php-5.4.6/Zend/zend_variables.c", __zend_lineno=180) at /opt/php-5.4.6/Zend/zend_execute_API.c:448 #6 0x00000000007b9354 in _zval_ptr_dtor_wrapper (zval_ptr=0x12adff00) at /opt/php-5.4.6/Zend/zend_variables.c:180 #7 0x00000000007cd5da in zend_hash_destroy (ht=0x12adf6a0) at /opt/php-5.4.6/Zend/zend_hash.c:560 #8 0x00000000007b8f19 in _zval_dtor_func (zvalue=0x12adf328, __zend_filename=0x97e728 "/opt/php-5.4.6/ext/pcre/php_pcre.c", __zend_lineno=550) at /opt/php-5.4.6/Zend/zend_variables.c:43 #9 0x000000000049daee in _zval_dtor (__zend_lineno=<optimized out>, __zend_filename=0x97e728 "/opt/php-5.4.6/ext/pcre/php_pcre.c", zvalue=0x12adf328) at /opt/php-5.4.6/Zend/zend_variables.h:35 #10 php_pcre_match_impl (pce=0x5a32e10, subject=0x12adf4f0 "/**\n * Note that there are some values written like -2147483647 - 1. This is the lower 32bit int max and is a known\n * behavior of PHP.\n */\n/**\n * @dataProvider formatCurrencyWithCurrencyStyleSwis"..., subject_len=225, return_value=0x12adf740, subpats=0x12adf328, global=1, use_flags=0, flags=0, start_offset=0) at /opt/php-5.4.6/ext/pcre/php_pcre.c:550 #11 0x000000000049da3b in php_do_pcre_match (ht=3, return_value=0x12adf740, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, global=1) at /opt/php-5.4.6/ext/pcre/php_pcre.c:520 #12 0x000000000049e850 in zif_preg_match_all (ht=3, return_value=0x12adf740, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /opt/php-5.4.6/ext/pcre/php_pcre.c:780 #13 0x00000000007fa7cc in zend_do_fcall_common_helper_SPEC (execute_data=0x7fc29eb16ea8) at /opt/php-5.4.6/Zend/zend_vm_execute.h:642 #14 0x0000000000801854 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x7fc29eb16ea8) at /opt/php-5.4.6/Zend/zend_vm_execute.h:2219 #15 0x00000000007f91ab in execute (op_array=0x13b37c8) at /opt/php-5.4.6/Zend/zend_vm_execute.h:410 #16 0x00000000007bc486 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /opt/php-5.4.6/Zend/zend.c:1289 #17 0x0000000000731340 in php_execute_script (primary_file=0x7fff1493dfb0) at /opt/php-5.4.6/main/main.c:2473 #18 0x00000000009020e2 in do_cli (argc=2, argv=0x7fff1493e368) at /opt/php-5.4.6/sapi/cli/php_cli.c:988 #19 0x000000000090318a in main (argc=2, argv=0x7fff1493e368) at /opt/php-5.4.6/sapi/cli/php_cli.c:1364 Core with master: gdb /opt/php-master/bin/php /tmp/cores/core-php.22349 This GDB was configured as "x86_64-redhat-linux-gnu". Reading symbols from /opt/php-master/bin/php...done. BFD: Warning: /tmp/cores/core-php.22349 is truncated: expected core file size >= 194351104, found: 122478592. [New LWP 22349] Cannot access memory at address 0x3053823268 Failed to read a valid object file image from memory. Core was generated by `/opt/php-master/bin/php -c /etc/php.ini /usr/bin/phpunit'. Program terminated with signal 11, Segmentation fault. #0 zval_mark_grey (pz=0xb9ca2a8) at /opt/php-src/Zend/zend_gc.c:421 (gdb) bt #0 zval_mark_grey (pz=0xb9ca2a8) at /opt/php-src/Zend/zend_gc.c:421 Cannot access memory at address 0x7fff7174b4a8 (gdb) . Core was generated by `/opt/php-5.4.6/bin/php /usr/bin/phpunit'. Program terminated with signal 11, Segmentation fault. #0 0x00000000007e493f in zval_mark_grey (pz=0x12adf328) at /opt/php-5.4.6/Zend/zend_gc.c:425 425 pz = *(zval**)p- ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=63055&edit=1
