From: leon at lost dot co dot nz
Operating system: Linux 2.6 / Apache2
PHP version: 5.1.0b2
PHP Bug Type: Reproducible crash
Bug description: Reproducable segfault on complex object orientated code
Description:
------------
My fairly complex object orientated PHP5 app consistently segfaults when
trying to run code with particular parameters.
I've been trying to fix this problem since 5.1b1, through lots of recent
CVS snapshots, and now this morning with 5.1b3 -- I'm now pretty sure it's
a PHP problem.
The code in question is my apps unit test framework.
A tester object dynamically creates instances of my application's objects
as well as a test class for each app. object. The tester runs methods in
the test class against the app. object.
$testObject = new $testClassName();
The same page is run with the names of class to be tested as a parameter.
Currently, it consistantly segfaults when trying to test my PDO SQLite
wrapper, although it is giving 'unusual' warnings (I suspect memory
corruption, for reasons given below) when testing another object (a mcrypt
wrapper):
NOTICE: Use of undefined constant - assumed ''
There are about 20 other objects that test fine.
Reproduce code:
---------------
Unfortunately I have not been able to produce a snippet that reproduces
the behaviour -- the same PHP code seems to work great with some inputs.
I'm not sure what more to do for now. I'll run whatever tests you like to
try to get to the bottom of the problem.
Actual result:
--------------
As well as the segfault described above I have also seen, with the same
test, memory corruption in a previous snapshot of PHP5.1 -- PHP 'notices'
about undefined constants where the constants are long strings of what
looked like completely random data.
Backtrace of last segfault:
--------------------------
# gdb /usr/sbin/apache2
...
(gdb) run -X
....
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1214132096 (LWP 8340)]
_efree (ptr=0x0) at
/tmp/nz.php.net/distributions/php-5.1.0b3/Zend/zend_alloc.c:285
285 CALCULATE_REAL_SIZE_AND_CACHE_INDEX(p->size);
(gdb) bt
#0 _efree (ptr=0x0) at
/tmp/nz.php.net/distributions/php-5.1.0b3/Zend/zend_alloc.c:285
#1 0xb775e7ee in free_statement (stmt=0x8337d4c, tsrm_ls=0x8168258)
at /tmp/nz.php.net/distributions/php-5.1.0b3/ext/pdo/pdo_stmt.c:1937
#2 0xb78bf664 in zend_objects_store_del_ref (zobject=0x8339484,
tsrm_ls=0x8168258)
at
/tmp/nz.php.net/distributions/php-5.1.0b3/Zend/zend_objects_API.c:161
#3 0xb78a5b14 in _zval_dtor_func (zvalue=0x8339484)
at /tmp/nz.php.net/distributions/php-5.1.0b3/Zend/zend_variables.c:52
#4 0xb775a585 in zif_PDO_query (ht=1, return_value=0x8339484,
return_value_ptr=0x8168258, this_ptr=0xb792b3d0,
return_value_used=135692888,
tsrm_ls=0x8168258) at zend_variables.h:35
#5 0xb78cd42a in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa97f80,
tsrm_ls=0x8168258) at zend_vm_execute.h:184
#6 0xb78ccb2c in execute (op_array=0x82ee674, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#7 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa98150,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#8 0xb78ccb2c in execute (op_array=0x82f161c, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#9 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa98270,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#10 0xb78ccb2c in execute (op_array=0x82f12e4, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#11 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa985c0,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#12 0xb78ccb2c in execute (op_array=0x83295ec, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#13 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa98bf0,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#14 0xb78ccb2c in execute (op_array=0x83163bc, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#15 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa98e00,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#16 0xb78ccb2c in execute (op_array=0x82df884, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#17 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa98f10,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#18 0xb78ccb2c in execute (op_array=0x82df5a4, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#19 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa99400,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#20 0xb78ccb2c in execute (op_array=0x830dc34, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#21 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa995d0,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#22 0xb78ccb2c in execute (op_array=0x82e008c, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#23 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa99fb0,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#24 0xb78ccb2c in execute (op_array=0x8297b8c, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#25 0xb78ddf25 in ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER
(execute_data=0xbfa9a370,
tsrm_ls=0x8168258) at zend_vm_execute.h:7345
#26 0xb78ccb2c in execute (op_array=0x826f764, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#27 0xb78ddf25 in ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER
(execute_data=0xbfa9a660,
tsrm_ls=0x8168258) at zend_vm_execute.h:7345
#28 0xb78ccb2c in execute (op_array=0x828ce04, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#29 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa9a910,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
---Type <return> to continue, or q <return> to quit---
#30 0xb78ccb2c in execute (op_array=0x8288754, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#31 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa9b110,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#32 0xb78ccb2c in execute (op_array=0x827a9ac, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#33 0xb78cd14b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfa9b250,
tsrm_ls=0x8168258) at zend_vm_execute.h:213
#34 0xb78ccb2c in execute (op_array=0x82693bc, tsrm_ls=0x8168258)
at zend_vm_execute.h:87
#35 0xb78a81ec in zend_execute_scripts (type=8, tsrm_ls=0x8168258,
retval=0x0,
file_count=3) at
/tmp/nz.php.net/distributions/php-5.1.0b3/Zend/zend.c:1087
#36 0xb7868604 in php_execute_script (primary_file=0xbfa9d5e0,
tsrm_ls=0x8168258)
at /tmp/nz.php.net/distributions/php-5.1.0b3/main/main.c:1672
#37 0xb7922b07 in php_handler (r=0x82581e0)
at
/tmp/nz.php.net/distributions/php-5.1.0b3/sapi/apache2handler/sapi_apache2.c:555
#38 0x080783a5 in ap_run_handler ()
#39 0x080789b0 in ap_invoke_handler ()
#40 0x08069c9a in ap_process_request ()
#41 0x0806512d in _start ()
#42 0x082581e0 in ?? ()
#43 0x00000004 in ?? ()
#44 0x082581e0 in ?? ()
#45 0x0808373c in ap_run_pre_connection ()
#46 0x080835f5 in ap_run_process_connection ()
#47 0x080769a4 in ap_graceful_stop_signalled ()
#48 0x08076bbb in ap_graceful_stop_signalled ()
#49 0x08076c18 in ap_graceful_stop_signalled ()
#50 0x0807748a in ap_mpm_run ()
#51 0x0807dabd in main ()
(gdb)
--
Edit bug report at http://bugs.php.net/?id=33737&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=33737&r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=33737&r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=33737&r=trysnapshot51
Fixed in CVS: http://bugs.php.net/fix.php?id=33737&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=33737&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=33737&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=33737&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=33737&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=33737&r=support
Expected behavior: http://bugs.php.net/fix.php?id=33737&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=33737&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=33737&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=33737&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=33737&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=33737&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=33737&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=33737&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=33737&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=33737&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=33737&r=mysqlcfg
