Edit report at https://bugs.php.net/bug.php?id=64966&edit=1
ID: 64966 User updated by: bfra...@php.net Reported by: bfra...@php.net Summary: reflection_method_invokeArgs core dump Status: Open Type: Bug Package: Scripting Engine problem PHP Version: Irrelevant Block user comment: N Private report: N New Comment: Sorry, this is for work and I am pretty sure the wouldn't let me give you access to a internal machine. See if this helps: sudo pear config-set auto_discover 1 sudo pear channel-discover pear.phpunit.de sudo pear install pear.phpunit.de/PHPUnit That worked for me for two clean installs this morning (5.4.13 and 5.4.14). So I think have figured out what is happening, at least with 5.4 and why it changed. Code in question is this: http://git.php.net/?p=php-src.git;a=blob;f=Zend/zend_vm_execute.h;h=bb50b4803f7143acff1c15647f5f45807d7ced16;hb=HEAD#l525 I can't figure out how to get git to let me show 5.3.13 and 5.2.14 diff, so here is a clean diff: http://www.brianfrance.com/php/5.4.14.txt The issue in 5.4.14 is that zend_verify_arg_type is throwing an exception, this means that the real function will never be called as it is now wrapped in a: if (EXPECTED(EG(exception) == NULL)) { } In 5.4.13 there wasn't an exception check, so it would call the function regardless of the zend_verify_arg_type checks (would still have a warning printed). If this is now the normal flow, I can go back to the intl our team and tell them they need to fix there test cases (in 5.4). Granted this doesn't fix 5.3 core dump, which is what I am digging into again today. Previous Comments: ------------------------------------------------------------------------ [2013-06-07 15:58:24] larue...@php.net is there any chance you can give me a access to your box? I get some problems to setup the PHPUNIT here ------------------------------------------------------------------------ [2013-06-07 15:02:40] bfra...@php.net Just to give another update, 5.4.13 works!!!! ------ 5.4.13 ------ % php -dopen_basedir= /usr/local/bin/phpunit --log-junit results.xml phpIntlTest02.php PHPUnit 3.7.21 by Sebastian Bergmann. . Time: 0 seconds, Memory: 2.50Mb OK (1 test, 116 assertions) ------ Where 5.4.14 fails: ------ 5.4.14 ------ & php -dopen_basedir= /usr/local/bin/phpunit --log-junit results.xml phpIntlTest02.php PHPUnit 3.7.21 by Sebastian Bergmann. F Time: 0 seconds, Memory: 3.50Mb There was 1 failure: 1) YPHPINTLTest::test_collator_sort Wrong type of arguments Failed asserting that two strings are equal. --- Expected +++ Actual @@ @@ -'collator_sort_internal: unable to parse input params: U_ILLEGAL_ARGUMENT_ERROR' +'U_USING_FALLBACK_WARNING' /home/bfrance/php-5.4.14/ext/intl/tests/phpIntlTest02.php:33 FAILURES! Tests: 1, Assertions: 2, Failures: 1. ------ So while 5.4 doesn't core dump, that patch from 63914 really changed the execution path to the point it breaks the test. ------------------------------------------------------------------------ [2013-06-04 16:43:17] bfra...@php.net #0 _zval_ptr_dtor (zval_ptr=0x7ffff7ebfe70) at php-5.3.24/Zend/zend_execute_API.c:441 zv = 0x600000000 #1 0x00000000007038a6 in zend_do_fcall_common_helper_SPEC (execute_data=0x7ffff7ebfa98) at php-5.3.24/Zend/zend_vm_execute.h:418 opline = <value optimized out> should_change_scope = 3 '\003' #2 0x00000000006dc948 in execute (op_array=0xfb6510) at php-5.3.24/Zend/zend_vm_execute.h:107 ret = <value optimized out> execute_data = 0x7ffff7ebfa98 nested = 1 '\001' original_in_execution = 1 '\001' #3 0x00000000006ae1b0 in zend_call_function (fci=0x7fffffffaaa0, fci_cache=<value optimized out>) at php-5.3.24/Zend/zend_execute_API.c:969 i = <value optimized out> original_return_value = 0x7ffff7ebdc60 calling_symbol_table = 0x0 original_op_array = 0x10f1548 original_opline_ptr = 0x7ffff7ebed68 current_scope = 0x0 current_called_scope = 0xe67b90 calling_scope = 0x115e0a8 called_scope = <value optimized out> current_this = 0x115e0a8 execute_data = {opline = 0x0, function_state = {function = 0xfb6510, arguments = 0x7ffff7ebfa90}, fbc = 0x0, called_scope = 0x0, op_array = 0x0, object = 0x1191d08, Ts = 0x7ffff7ebee70, CVs = 0x7ffff7ebee00, symbol_table = 0x0, prev_execute_data = 0x7ffff7ebed68, old_error_reporting = 0x0, nested = 1 '\001', original_return_value = 0x0, current_scope = 0xfb84e0, current_called_scope = 0xfb60c8, current_this = 0x1191d08, current_object = 0x0, call_opline = 0xfe1e98} #4 0x0000000000583a8a in zim_reflection_method_invokeArgs (ht=<value optimized out>, return_value=0x115deb8, return_value_ptr=<value optimized out>, this_ptr=<value optimized out>, return_value_used=<value optimized out>) at php-5.3.24/ext/reflection/php_reflection.c:2753 retval_ptr = <value optimized out> params = 0x123a3a8 object = 0x1191d08 intern = 0x1166fe0 mptr = 0xfb6510 argc = 0 result = <value optimized out> fci = {size = 72, function_table = 0x0, function_name = 0x0, symbol_table = 0x0, retval_ptr_ptr = 0x7fffffffab38, param_count = 0, params = 0x123a3a8, object_ptr = 0x1191d08, no_separation = 1 '\001'} fcc = {initialized = 1 '\001', function_handler = 0xfb6510, calling_scope = 0xfb60c8, called_scope = 0xfb60c8, object_ptr = 0x1191d08} obj_ce = 0xfb60c8 param_array = 0x115de58 #5 0x0000000000703d37 in zend_do_fcall_common_helper_SPEC (execute_data=0x7ffff7ebed68) at php-5.3.24/Zend/zend_vm_execute.h:322 opline = <value optimized out> should_change_scope = 1 '\001' #6 0x00000000006dc948 in execute (op_array=0x10f1548) at php-5.3.24/Zend/zend_vm_execute.h:107 ret = <value optimized out> execute_data = 0x7ffff7ebed68 nested = 1 '\001' original_in_execution = 0 '\000' #7 0x00000000006b758a in zend_execute_scripts (type=8, retval=0x0, file_count=3) at php-5.3.24/Zend/zend.c:1259 files = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 0x7fffffffad50, reg_save_area = 0x7ffffffface0}} i = <value optimized out> file_handle = 0x7fffffffe160 orig_op_array = 0x0 orig_retval_ptr_ptr = 0x0 #8 0x0000000000666ace in php_execute_script (primary_file=0x7fffffffe160) at php-5.3.24/main/main.c:2316 realfile = "/usr/local/bin/phpunit\000\000\210\341\377\367\377\177", '\000' <repeats 42 times>"\340, \344\377\367\377\177\000\000p\276\377\377\377\177\000\000\000\000\000\000\000\000\000\000Xù\364\377\177\000\000\230\331\374\367\377\177\000\000\000\000\000\000\000\000\000\000\377\377\377\377", '\000' <repeats 12 times>, "\001\000\000\000\000\000\000\000p^\317", '\000' <repeats 13 times>"\213, \322\321\000\000\000\000\000\r", '\000' <repeats 15 times>, "ï\336\367\377\177\000\000\001", '\000' <repeats 23 times>, "Xù\364\377\177\000\000\210\343\271\364\377\177\000\000\270\356\317\000\000\000\000\000@\317\377\377\377\177\000\000p\374\317\000\000\000\000\000\r\000\000\000\000\000\000\000\225\026\337\367\377\177\000\000\002\000\000\000\000\000\000\000`\201\322\000\000\000\000\000\034\000\000\000\000\000\000\000\200\355\206\353\326O9\253\200g\362\364\377\177\000\000\000\000\000\000\000\000\000\000\200g\362\364\377\177"... __orig_bailout = 0x7fffffffdff0 __bailout = {{__jmpbuf = {15446400, 1175243881897479723, 140737488348848, 0, 140737488348136, 0, 1175243883034136107, -1175244725073261013}, __mask_was_saved = 0, __saved_mask = {__val = {229440404087961, 0, 140737299689793, 48, 13753520, 15725344, 7103285, 532575944752, 7, 140737488342704, 153, 7, 140737488342704, 0, 15725216, 0}}}} prepend_file_p = <value optimized out> append_file_p = 0x0 prepend_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0, old_closer = 0}, reader = 0, fsizer = 0, closer = 0}}, free_filename = 0 '\000'} append_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0, old_closer = 0}, reader = 0, fsizer = 0, closer = 0}}, free_filename = 0 '\000'} old_cwd = 0x7fffffffad60 "" use_heap = 0 '\000' retval = 0 #9 0x000000000073de34 in main (argc=6, argv=0x7fffffffe3d8) at php-5.3.24/sapi/cli/php_cli.c:1189 __orig_bailout = 0x0 __bailout = {{__jmpbuf = {124, -1175245194508153301, 13630576, 13, 13750923, 13, 1175243881899576875, -1175244831334248917}, __mask_was_saved = 0, __saved_mask = {__val = {140737351936935, 4294967455, 11341735, 45, 140737299199672, 0, 140737488347696, 140737299205192, 140737299224056, 1910330751, 140737351934614, 0, 140737488347456, 140733193388095, 140737488347456, 19}}}} exit_status = 0 c = <value optimized out> file_handle = {type = ZEND_HANDLE_MAPPED, filename = 0x7fffffffe6b0 "/usr/local/bin/phpunit", opened_path = 0x0, handle = {fd = 15570712, fp = 0xed9718, stream = {handle = 0xed9718, isatty = 0, mmap = {len = 2028, pos = 0, map = 0x7ffff7eb2000, buf = 0x7ffff7eb2015 <Address 0x7ffff7eb2015 out of bounds>, old_handle = 0xefee50, old_closer = 0x6cc460 <zend_stream_stdio_closer>}, reader = 0x6cca60 <zend_stream_stdio_reader>, fsizer = 0x6cc990 <zend_stream_stdio_fsizer>, closer = 0x6cc9e0 <zend_stream_mmap_closer>}}, free_filename = 0 '\000'} behavior = 1 reflection_what = 0x0 orig_optind = 1 orig_optarg = 0x0 arg_free = <value optimized out> arg_excp = <value optimized out> script_file = <value optimized out> translated_path = 0xebb180 "/usr/local/bin/phpunit" interactive = <value optimized out> module_started = 1 request_started = 1 lineno = 2 exec_direct = 0x0 exec_run = <value optimized out> exec_begin = 0x0 exec_end = 0x0 param_error = <value optimized out> hide_argv = 0 ini_entries_len = <value optimized out> ------------------------------------------------------------------------ [2013-06-04 15:26:38] larue...@php.net hmm, maybe you can paste the full backtrace out? gdb> bt full thanks ------------------------------------------------------------------------ [2013-06-04 04:32:50] bfra...@php.net I wish I could and I have been trying. If you move line: 35 $GLOBALS['oo-mode']=false; in the test case to line 9, then the core dumps goes away with 5.3.x. When I start trimming down the test case, the core dump goes away. That is the smallest test case I have been able to come up with that core dumps 5.3.x. For 5.4.x you can trim the test case down to just the first test (line 33) and it still has issues. Just add two close braces and a closing php tag on line 34 and nuke the rest of the file. The problem is collator_sort is never called, so the global intl_get_error_message() stuff is never setup. http://git.php.net/?p=php-src.git;a=blob;f=ext/intl/collator/collator_sort.c;h=0785111c964b476da2c1d169bad65f0ab1048fa9;hb=refs/heads/PHP-5.4#l289 Line 343 PHP_FUNCTION( collator_sort ) calls collator_sort_internal from line 289. Line 299 should fail and line 302 should setup the intl_get_error_message() stuff with U_ILLEGAL_ARGUMENT_ERROR. But collator_sort (zif_collator_sort) is never called. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=64966 -- Edit this bug report at https://bugs.php.net/bug.php?id=64966&edit=1