Edit report at https://bugs.php.net/bug.php?id=50519&edit=1
ID: 50519 Comment by: mplomer at gmx dot de Reported by: robin dot kunde at gmail dot com Summary: segfault in garbage collection when using set_error_handler and DomDocument Status: Closed Type: Bug Package: Reproducible crash Operating System: * PHP Version: 5.3, 6 Assigned To: dmitry Block user comment: N Private report: N New Comment: Hi ... we currently reproduced the segfault in the same line (zend_gc.c - "pz = *(zval**)p->pData;": - PHP 5.4.7 - Very long running and memory intensive command line script - Always reproducable GDB-Backtrace: Program terminated with signal 11, Segmentation fault. #0 0x00000000006e7576 in zval_mark_grey (pz=0x2c36d00) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_gc.c:425 425 pz = *(zval**)p->pData; (gdb) bt #0 0x00000000006e7576 in zval_mark_grey (pz=0x2c36d00) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_gc.c:425 #1 0x00000000006e84ce in gc_collect_cycles () at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_gc.c:471 #2 0x00000000006e8864 in gc_zval_possible_root (zv=0x2c36d00) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_gc.c:166 #3 0x00000000006d5dbb in zend_hash_destroy (ht=0x1811dcb8) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_hash.c:560 #4 0x00000000006c8179 in _zval_dtor_func (zvalue=0x189270f0) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_variables.c:43 #5 0x00000000006bb29d in _zval_ptr_dtor (zval_ptr=0x2ac8cc0) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_variables.h:35 #6 0x00000000006d7f28 in _zend_hash_add_or_update (ht=0x7f27eb1873b0, arKey=0x18cb3870 "instruments", nKeyLength=12, pData=0x1, nDataSize=415173616, pDest=0x0, flag=6061480) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_hash.c:234 #7 0x00000000005c7da8 in T.292 (ht=0x2c36d00, arKey=0x7fff0da8a360 "\370\025\016\353'\177", nKeyLength=2, pData=0x7f27eb1a1200) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_hash.h:351 #8 0x00000000005ccd66 in spl_array_write_dimension_ex (check_inherited=415524600, object=0x18c466f8, offset=0x18bf5238, value=0x6a624f7961727241) at /usr/src/php5.4/source/php5-5.4.7/ext/spl/spl_array.c:461 #9 0x00000000005cd3b6 in zim_spl_Array_offsetSet (ht=46361856, return_value=0x7fff0da8a360, return_value_ptr=0x2, this_ptr=0x7f27eb1874f0, return_value_used=415173616) at /usr/src/php5.4/source/php5-5.4.7/ext/spl/spl_array.c:713 #10 0x00007f280964206b in xdebug_execute_internal () from /usr/lib/php5/20100525/xdebug.so #11 0x0000000000745806 in zend_do_fcall_common_helper_SPEC (execute_data=0x7f280da03108) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_vm_execute.h:644 #12 0x0000000000732978 in execute (op_array=0x7f27eb19e648) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_vm_execute.h:410 #13 0x00007f2809642509 in xdebug_execute () from /usr/lib/php5/20100525/xdebug.so #14 0x0000000000745b03 in zend_do_fcall_common_helper_SPEC (execute_data=0x7f280da01e40) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_vm_execute.h:669 #15 0x0000000000732978 in execute (op_array=0x33d0240) at /usr/src/php5.4/source/php5-5.4.7/Zend/zend_vm_execute.h:410 ... Previous Comments: ------------------------------------------------------------------------ [2010-02-03 18:07:26] s...@php.net Automatic comment from SVN on behalf of pajoye Revision: http://svn.php.net/viewvc/?view=revision&revision=294427 Log: - Fixed bug #50519 (segfault in garbage collection when using set_error_handler an.. ------------------------------------------------------------------------ [2010-01-25 16:46:55] s...@php.net Automatic comment from SVN on behalf of johannes Revision: http://svn.php.net/viewvc/?view=revision&revision=294000 Log: merge -r292624: Fixed bug #50519 (segfault in garbage collection when using set_error_handler and DomDocument (dmitry) ------------------------------------------------------------------------ [2010-01-11 10:07:52] dmi...@php.net This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2010-01-11 10:07:10] s...@php.net Automatic comment from SVN on behalf of dmitry Revision: http://svn.php.net/viewvc/?view=revision&revision=293400 Log: Fixed bug #50519 (segfault in garbage collection when using set_error_handler and DomDocument) ------------------------------------------------------------------------ [2009-12-31 18:21:00] j...@php.net Well, you fixed it only with --enable-debug being used? :) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=50519 -- Edit this bug report at https://bugs.php.net/bug.php?id=50519&edit=1