[PHP-BUG] Bug #51762 [NEW]: Segfault when registering an error.
From: Operating system: Debian PHP version: 5.3.2 Package: Reproducible crash Bug Type: Bug Bug description:Segfault when registering an error. Description: We are running a program that has some 100,000 lines and we experienced some segfaults (1 in 10 times or so) on one of 2 servers. Both servers are nearly identical. Here is a back trace (Sorry I didn't have time to debug it further) hopefully it means something to somebody more familiar with the code. (gdb) continue Continuing. Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fd8a3087710 (LWP 20068)] 0x7fd8a0605588 in ?? () from /lib/libc.so.6 (gdb) bt #0 0x7fd8a0605588 in ?? () from /lib/libc.so.6 #1 0x7fd8a0605a36 in free () from /lib/libc.so.6 #2 0x006e9ecb in php_error_cb (type=2048, error_filename=0x7fd89b4b7430 /home/webroot/blog/inc/class/blogPostInterface.class, error_lineno=17, format=value optimized out, args=value optimized out) at /usr/src/mar17/php-5.3.2/main/main.c:908 #3 0x005e37e5 in soap_error_handler (error_num=2048, error_filename=0x7fd89b4b7430 /home/webroot/blog/inc/class/blogPostInterface.class, error_lineno=17, format=0xc4fc08 Non-static method %s::%s() should not be called statically, args=0x7fffc35aa320) at /usr/src/mar17/php-5.3.2/ext/soap/soap.c:2284 #4 0x0073af54 in zend_error (type=2048, format=0xc4fc08 Non-static method %s::%s() should not be called statically) at /usr/src/mar17/php-5.3.2/Zend/zend.c:1029 #5 0x00789128 in zend_do_fcall_common_helper_SPEC (execute_data=0x136a500) at /usr/src/mar17/php-5.3.2/Zend/zend_vm_execute.h:274 #6 0x00765fd1 in execute (op_array=0x10ffb38) at /usr/src/mar17/php-5.3.2/Zend/zend_vm_execute.h:104 #7 0x0073a845 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/mar17/php-5.3.2/Zend/zend.c:1194 #8 0x006e749f in php_execute_script (primary_file=0x7fffc35aecd0) at /usr/src/mar17/php-5.3.2/main/main.c:2260 #9 0x007c3ac7 in main (argc=1, argv=0x7fffc35aef48) at /usr/src/mar17/php-5.3.2/sapi/cgi/cgi_main.c:2102 (gdb) -- Edit bug report at http://bugs.php.net/bug.php?id=51762edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=51762r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=51762r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=51762r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=51762r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=51762r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=51762r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=51762r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=51762r=needscript Try newer version: http://bugs.php.net/fix.php?id=51762r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=51762r=support Expected behavior: http://bugs.php.net/fix.php?id=51762r=notwrong Not enough info: http://bugs.php.net/fix.php?id=51762r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=51762r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=51762r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=51762r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=51762r=dst IIS Stability: http://bugs.php.net/fix.php?id=51762r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=51762r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=51762r=float No Zend Extensions: http://bugs.php.net/fix.php?id=51762r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=51762r=mysqlcfg
#48951 [Fbk-Opn]: calling get_defined_constans with any paramenter results in sigsev
ID: 48951 User updated by: rajivk at sparklit dot com Reported By: rajivk at sparklit dot com -Status: Feedback +Status: Open Bug Type: Reproducible crash Operating System: Debian Linux PHP Version: 5.2.10, 5.3.0 New Comment: I can't reproduce it with the CLI at all. Here is the configure line: './configure' '--with-gd' '--with-mysql' '--with-apache=../apache_1.3.41' '--with-zlib' '--with-cybercash=/cybercash/mck' '--enable-memory-limit' '--enable-inline-optimization' '--with-gettext' '--with-xml' '--with-pspell' '--enable-memcache' '--with-curl' '--enable-mbstring' '--with-jpeg-dir=/usr/lib' '--enable-debug' AND gcc -v Using built-in specs. Target: i486-linux-gnu Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-targets=all --with-tune=generic --enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-linux-gnu Thread model: posix gcc version 4.2.4 (Debian 4.2.4-6) Previous Comments: [2009-07-17 13:20:27] j...@php.net I can not reproduce this with current PHP_5_2 / PHP_5_3 or HEAD branches. Exactly what was your configure line? What compiler and version? Can you reproduce it using CLI: # php -n -r 'var_dump(get_defined_constants(false));' [2009-07-16 22:59:21] rajivk at sparklit dot com Description: Calling get_defined_constants with a parameter causes a segfault. The occurs in 5.2.10 and 5.3.0 Reproduce code: --- === case 1 causes crash == ? var_dump(get_defined_constants(false)); ? = === case 2 also causes crash == ? var_dump(get_defined_constants(false)); ? = === case 3 NO CRASH == ? var_dump(get_defined_constants()); ? = Expected result: no crash Actual result: -- Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb73b1910 (LWP 15496)] 0xb77a2b01 in kill () from /lib/libc.so.6 (gdb) bt #0 0xb77a2b01 in kill () from /lib/libc.so.6 #1 0x0810ace9 in zend_mm_panic (message=0x84d1d40 zend_mm_heap corrupted) at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:94 #2 0x0810d45f in _zend_mm_alloc_int (heap=0x89f7b70, size=44, __zend_filename=0x84d57d8 /usr/src/2009july15/php-5.2.10/Zend/zend_hash.c, __zend_lineno=247, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:1895 #3 0x0810e6d6 in _emalloc (size=44, __zend_filename=0x84d57d8 /usr/src/2009july15/php-5.2.10/Zend/zend_hash.c, __zend_lineno=247, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:2300 #4 0x08135f7b in _zend_hash_add_or_update (ht=0x87cb62c, arKey=0x89d9fc0 E_STRICT, nKeyLength=9, pData=0xbfcc367c, nDataSize=4, pDest=0x0, flag=1, __zend_filename=0x84d4f30 /usr/src/2009july15/php-5.2.10/Zend/zend_hash.h, __zend_lineno=341) at /usr/src/2009july15/php-5.2.10/Zend/zend_hash.c:247 #5 0x0812e86d in zend_symtable_update (ht=0x87cb62c, arKey=0x89d9fc0 E_STRICT, nKeyLength=9, pData=0xbfcc367c, nDataSize=4, pDest=0x0) at /usr/src/2009july15/php-5.2.10/Zend/zend_hash.h:341 #6 0x0812ecb4 in add_assoc_zval_ex (arg=0x87e5838, key=0x89d9fc0 E_STRICT, key_len=9, value=0x87e4ccc) at /usr/src/2009july15/php-5.2.10/Zend/zend_API.c:1056 #7 0x0813f211 in zif_get_defined_constants (ht=1, return_value=0x87e58e0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /usr/src/2009july15/php-5.2.10/Zend/zend_builtin_functions.c:1674 #8 0x0814e496 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfcc3818) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:200 #9 0x08153ead in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfcc3818) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:1739 #10 0x0814dffa in execute (op_array=0x87c19b8) at /usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:92 #11 0x0812b810 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/2009july15/php-5.2.10/Zend/zend.c:1134 #12 0x080e4ad1 in php_execute_script (primary_file=0xbfcc5aec) at /usr/src/2009july15/php-5.2.10/main/main.c:2025 #13 0x081a47c1 in apache_php_module_main (r=0x87822bc, display_source_mode=0) at /usr/src/2009july15/php-5.2.10/sapi/apache/sapi_apache.c:53 #14 0x080d8792 in send_php () #15 0x080d87dd in send_parsed_php () #16 0x08468875 in ap_invoke_handler () #17 0x0847fe6d in process_request_internal () #18 0x0847feca
#48951 [NEW]: calling get_defined_constans with any paramenter results in sigsev
From: rajivk at sparklit dot com
Operating system: Debian Linux
PHP version: 5.2.10
PHP Bug Type: Reproducible crash
Bug description: calling get_defined_constans with any paramenter results in
sigsev
Description:
Calling get_defined_constants with a parameter causes a segfault. The
occurs in 5.2.10 and 5.3.0
Reproduce code:
---
=== case 1 causes crash ==
?
var_dump(get_defined_constants(false));
?
=
=== case 2 also causes crash ==
?
var_dump(get_defined_constants(false));
?
=
=== case 3 NO CRASH ==
?
var_dump(get_defined_constants());
?
=
Expected result:
no crash
Actual result:
--
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb73b1910 (LWP 15496)]
0xb77a2b01 in kill () from /lib/libc.so.6
(gdb) bt
#0 0xb77a2b01 in kill () from /lib/libc.so.6
#1 0x0810ace9 in zend_mm_panic (message=0x84d1d40 zend_mm_heap
corrupted) at /usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:94
#2 0x0810d45f in _zend_mm_alloc_int (heap=0x89f7b70, size=44,
__zend_filename=0x84d57d8
/usr/src/2009july15/php-5.2.10/Zend/zend_hash.c, __zend_lineno=247,
__zend_orig_filename=0x0, __zend_orig_lineno=0) at
/usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:1895
#3 0x0810e6d6 in _emalloc (size=44, __zend_filename=0x84d57d8
/usr/src/2009july15/php-5.2.10/Zend/zend_hash.c, __zend_lineno=247,
__zend_orig_filename=0x0,
__zend_orig_lineno=0) at
/usr/src/2009july15/php-5.2.10/Zend/zend_alloc.c:2300
#4 0x08135f7b in _zend_hash_add_or_update (ht=0x87cb62c, arKey=0x89d9fc0
E_STRICT, nKeyLength=9, pData=0xbfcc367c, nDataSize=4, pDest=0x0,
flag=1,
__zend_filename=0x84d4f30
/usr/src/2009july15/php-5.2.10/Zend/zend_hash.h, __zend_lineno=341) at
/usr/src/2009july15/php-5.2.10/Zend/zend_hash.c:247
#5 0x0812e86d in zend_symtable_update (ht=0x87cb62c, arKey=0x89d9fc0
E_STRICT, nKeyLength=9, pData=0xbfcc367c, nDataSize=4, pDest=0x0)
at /usr/src/2009july15/php-5.2.10/Zend/zend_hash.h:341
#6 0x0812ecb4 in add_assoc_zval_ex (arg=0x87e5838, key=0x89d9fc0
E_STRICT, key_len=9, value=0x87e4ccc) at
/usr/src/2009july15/php-5.2.10/Zend/zend_API.c:1056
#7 0x0813f211 in zif_get_defined_constants (ht=1, return_value=0x87e58e0,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
at /usr/src/2009july15/php-5.2.10/Zend/zend_builtin_functions.c:1674
#8 0x0814e496 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfcc3818) at
/usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:200
#9 0x08153ead in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0xbfcc3818) at
/usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:1739
#10 0x0814dffa in execute (op_array=0x87c19b8) at
/usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:92
#11 0x0812b810 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /usr/src/2009july15/php-5.2.10/Zend/zend.c:1134
#12 0x080e4ad1 in php_execute_script (primary_file=0xbfcc5aec) at
/usr/src/2009july15/php-5.2.10/main/main.c:2025
#13 0x081a47c1 in apache_php_module_main (r=0x87822bc,
display_source_mode=0) at
/usr/src/2009july15/php-5.2.10/sapi/apache/sapi_apache.c:53
#14 0x080d8792 in send_php ()
#15 0x080d87dd in send_parsed_php ()
#16 0x08468875 in ap_invoke_handler ()
#17 0x0847fe6d in process_request_internal ()
#18 0x0847feca in ap_process_request ()
#19 0x084760c0 in child_main ()
#20 0x084763f4 in make_child ()
#21 0x084767e2 in perform_idle_server_maintenance ()
#22 0x08476eb7 in standalone_main ()
#23 0x08477562 in main ()
(gdb) frame 10
#10 0x0814dffa in execute (op_array=0x87c19b8) at
/usr/src/2009july15/php-5.2.10/Zend/zend_vm_execute.h:92
92 if (EX(opline)-handler(execute_data TSRMLS_CC)
0) {
(gdb) print (char
*)(executor_globals.function_state_ptr-function)-common.function_name
$1 = 0x84d5d1b get_defined_constants
(gdb) print (char *)executor_globals.active_op_array-function_name
$2 = 0x0
(gdb) print (char *)executor_globals.active_op_array-filename
$3 = 0x87c6284
/home/rajivk/dev/webroot/forum/www/forum.sparklit.com/foobar.spark
(gdb)
--
Edit bug report at http://bugs.php.net/?id=48951edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=48951r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=48951r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=48951r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=48951r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=48951r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=48951r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=48951r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=48951r=needscript
Try newer version
