PHP :: Bug #60825 :: Segfault when running symfony 2 tests

Bug #60825

Segfault when running symfony 2 tests

Submitted:

2012-01-20 20:20 UTC

Modified:

2012-11-24 16:02 UTC

Votes:	2
Avg. Score:	4.0 ± 1.0
Reproduced:	2 of 2 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

php at wallbash dot com

Assigned:

laruence (profile)

Status:

Closed

Package:

Reproducible crash

PHP Version:

5.4.0RC6

OS:

Ubuntu 10.04.3 LTS

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	php at wallbash dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2012-01-20 20:20 UTC] php at wallbash dot com

Description:
------------
First off: Sorry not being able to provide a better reproduce. I tried to dig into symfony but failed as I'm not familiar with it. I was testing phpunit against frameworks when I found this.

Running the symfony 2 test suite with RC6 leads to a segfault that I had across two machines so I'll open this just in case it helps out and ask sf people to maybe provide a better reproduce.

PHP Configure: Configure Command =>  './configure'  '--enable-mbstring' '--with-readline' '--enable-pcntl' '--with-zlib' '--prefix=/opt/php-5.4.0RC6/' '--enable-debug'


Test script:
---------------
git clone git://github.com/symfony/symfony.git

cd symfony

./vendors.php

/opt/php-5.4.0RC6/bin/php `which phpunit` --debug --filter FormLoginTest


Expected result:
----------------
No segfault

Actual result:
--------------
Configuration read from /home/edo/Desktop/PHP/phpunit-dev/phpunit-testing-with-frameworks/vendor/symfony/phpunit.xml.dist


Starting test 'Symfony\Bundle\SecurityBundle\Tests\Functional\FormLoginTest::testFormLogin with data set #0 ('config.yml')'.
Segmentation fault (core dumped)


(gdb) bt
#0  _zend_mm_free_int (heap=0x1a85310, p=0x7fff9c786460) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_alloc.c:2100
#1  0x00000000006be6cd in zend_call_function (fci=0x7fff9c786210, fci_cache=<value optimized out>) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_execute_API.c:1019
#2  0x00000000006e06ff in zend_call_method (object_pp=0x7fff9c786338, obj_ce=0x5f4a370, fn_proxy=0x5f4a4d8, function_name=0xaa65b0 "__tostring", function_name_len=3, retval_ptr_ptr=<value optimized out>, param_count=0, arg1=0x0, 
    arg2=0x0) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_interfaces.c:97
#3  0x00000000006ebb11 in zend_std_cast_object_tostring (readobj=0x7fff9c786460, writeobj=0x7fff9c786390, type=<value optimized out>) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_object_handlers.c:1494
#4  0x00000000006c2ad0 in _convert_to_string (op=0x1a85310) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_operators.c:588
#5  0x000000000071212a in ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER (execute_data=0x7f33c5361908) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_vm_execute.h:27073
#6  0x0000000000730010 in execute (op_array=0x5f4c280) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_vm_execute.h:410
#7  0x00000000006be773 in zend_call_function (fci=0x7fff9c786660, fci_cache=<value optimized out>) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_execute_API.c:958
#8  0x00000000005c4020 in zim_reflection_method_invokeArgs (ht=<value optimized out>, return_value=0x58193d0, return_value_ptr=<value optimized out>, this_ptr=<value optimized out>, return_value_used=<value optimized out>)
    at /home/edo/Desktop/PHP/php-5.4.0RC6/ext/reflection/php_reflection.c:2926
#9  0x0000000000742c5c in zend_do_fcall_common_helper_SPEC (execute_data=0x7f33c53604c0) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_vm_execute.h:642
#10 0x0000000000730010 in execute (op_array=0x5c12cd8) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend_vm_execute.h:410
#11 0x00000000006c8d5a in zend_execute_scripts (type=8, retval=<value optimized out>, file_count=3) at /home/edo/Desktop/PHP/php-5.4.0RC6/Zend/zend.c:1272
#12 0x000000000066de5d in php_execute_script (primary_file=<value optimized out>) at /home/edo/Desktop/PHP/php-5.4.0RC6/main/main.c:2476
#13 0x0000000000770757 in do_cli (argc=0, argv=<value optimized out>) at /home/edo/Desktop/PHP/php-5.4.0RC6/sapi/cli/php_cli.c:983
#14 0x0000000000770e64 in main (argc=<value optimized out>, argv=<value optimized out>) at /home/edo/Desktop/PHP/php-5.4.0RC6/sapi/cli/php_cli.c:1356

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-01-21 04:59 UTC] rasmus@php.net

-Status: Open +Status: Critical -Assigned To: +Assigned To: stas

[2012-01-21 04:59 UTC] rasmus@php.net

Stas, this looks like a blocker for 5.4

[2012-01-21 05:23 UTC] rasmus@php.net

Can you try reproducing with the current svn code?
I went through the reproduce steps and the unit tests ran to completion for me.

However, under Valgrind I did get some complaints for one of the tests. Can you 
tell if your crash is on this same test?

Starting test 
'Symfony\Bundle\SecurityBundle\Tests\Functional\FormLoginTest::testFormLogin 
with data set #0 ('config.yml')'.
==24587== Conditional jump or move depends on uninitialised value(s)
==24587==    at 0x9DE434: zend_call_function (zend_execute_API.c:925)
==24587==    by 0xA128C3: zend_call_method (zend_interfaces.c:97)
==24587==    by 0xA2BAE6: zend_std_cast_object_tostring 
(zend_object_handlers.c:1494)
==24587==    by 0x9E582A: _convert_to_string (zend_operators.c:588)
==24587==    by 0xB05BB6: ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER 
(zend_vm_execute.h:27073)
==24587==    by 0xA342CC: execute (zend_vm_execute.h:410)
==24587==    by 0x9DE67C: zend_call_function (zend_execute_API.c:958)
==24587==    by 0x74F4C9: zim_reflection_method_invokeArgs 
(php_reflection.c:2926)
==24587==    by 0xA35C22: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==24587==    by 0xA36C1E: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:752)
==24587==    by 0xA342CC: execute (zend_vm_execute.h:410)
==24587==    by 0x9F2AEF: zend_execute_scripts (zend.c:1272)
==24587== 
==24587== Conditional jump or move depends on uninitialised value(s)
==24587==    at 0x9DBB70: _zval_ptr_dtor (zend_execute_API.c:433)
==24587==    by 0x9DED15: zend_call_function (zend_execute_API.c:1019)
==24587==    by 0xA128C3: zend_call_method (zend_interfaces.c:97)
==24587==    by 0xA2BAE6: zend_std_cast_object_tostring 
(zend_object_handlers.c:1494)
==24587==    by 0x9E582A: _convert_to_string (zend_operators.c:588)
==24587==    by 0xB05BB6: ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER 
(zend_vm_execute.h:27073)
==24587==    by 0xA342CC: execute (zend_vm_execute.h:410)
==24587==    by 0x9DE67C: zend_call_function (zend_execute_API.c:958)
==24587==    by 0x74F4C9: zim_reflection_method_invokeArgs 
(php_reflection.c:2926)
==24587==    by 0xA35C22: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==24587==    by 0xA36C1E: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:752)
==24587==    by 0xA342CC: execute (zend_vm_execute.h:410)
==24587== 
==24587== Conditional jump or move depends on uninitialised value(s)
==24587==    at 0x9DBC28: _zval_ptr_dtor (zend_execute_API.c:444)
==24587==    by 0x9DED15: zend_call_function (zend_execute_API.c:1019)
==24587==    by 0xA128C3: zend_call_method (zend_interfaces.c:97)
==24587==    by 0xA2BAE6: zend_std_cast_object_tostring 
(zend_object_handlers.c:1494)
==24587==    by 0x9E582A: _convert_to_string (zend_operators.c:588)
==24587==    by 0xB05BB6: ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER 
(zend_vm_execute.h:27073)
==24587==    by 0xA342CC: execute (zend_vm_execute.h:410)
==24587==    by 0x9DE67C: zend_call_function (zend_execute_API.c:958)
==24587==    by 0x74F4C9: zim_reflection_method_invokeArgs 
(php_reflection.c:2926)
==24587==    by 0xA35C22: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==24587==    by 0xA36C1E: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:752)
==24587==    by 0xA342CC: execute (zend_vm_execute.h:410)

[2012-01-21 07:52 UTC] php at wallbash dot com

Yes. It is that function that cases the crash rasmus.

Compiling php-5.4 from current SVN the tests run just fine :)

Regards,
Edorian

[2012-01-21 17:13 UTC] laruence@php.net

Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=322541
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-01-21 17:29 UTC] laruence@php.net

fixed in trunk, will commit to branch when I got the permission from stas, and a   
simple reproduce script:

<?php
class test {
    public function __toString() {
        return "aaa";
    }
}

$a = new test;

require_once $a;

[2012-01-24 02:50 UTC] laruence@php.net

-Assigned To: stas +Assigned To: laruence

[2012-01-24 02:50 UTC] laruence@php.net

assign to myself, will close after commit to 5.4 branch

[2012-01-24 14:39 UTC] laruence@php.net

Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=322678
Log: Re-fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-01-26 01:21 UTC] laruence@php.net

Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=322770
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-01-26 01:22 UTC] laruence@php.net

-Status: Critical +Status: Closed

[2012-01-26 01:22 UTC] laruence@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

[2012-03-15 10:04 UTC] maxime dot marais at gmail dot com

Could you please tell if the fix applied to version 5.4 will be applied to 
version 5.3 (maybe 5.3.11)? I am experiencing the same issue with PHP 5.3.6 
using some test classes bases on PHPUnit and Symfony's ORM Doctrine. 

In the example below, 3 test classes are tested sequentially. If I run each test 
individually, no segmentation fault occurs.

$ gdb --args php /usr/local/bin/phpunit test
GNU gdb (GDB) CentOS (7.0.1-42.el5.centos)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) r
Starting program: /usr/bin/php /usr/local/bin/phpunit test
[Thread debugging using libthread_db enabled]
PHPUnit 3.6.10 by Sebastian Bergmann.

..........................

Time: 20 seconds, Memory: 20.25Mb

OK (26 tests, 132 assertions)

Program received signal SIGSEGV, Segmentation fault.
0x000000000061f0ba in zend_call_function ()
(gdb) bt
#0  0x000000000061f0ba in zend_call_function ()
#1  0x00000000006402cf in zend_call_method ()
#2  0x0000000000648718 in zend_objects_destroy_object ()
#3  0x000000000064c159 in zend_objects_store_del_ref_by_handle_ex ()
#4  0x000000000064c183 in zend_objects_store_del_ref ()
#5  0x000000000061d9c5 in _zval_ptr_dtor ()
#6  0x0000000000636aa8 in zend_hash_destroy ()
#7  0x0000000000629f0f in _zval_dtor_func ()
#8  0x000000000061d9c5 in _zval_ptr_dtor ()
#9  0x0000000000636aa8 in zend_hash_destroy ()
#10 0x0000000000629f0f in _zval_dtor_func ()
#11 0x000000000061d9c5 in _zval_ptr_dtor ()
#12 0x0000000000636aa8 in zend_hash_destroy ()
#13 0x0000000000648469 in zend_object_std_dtor ()
#14 0x0000000000648489 in zend_objects_free_object_storage ()
#15 0x000000000064c526 in zend_objects_store_free_object_storage ()
#16 0x000000000061dc75 in ?? ()
#17 0x000000000062a4b2 in ?? ()
#18 0x00000000005d7a0e in php_request_shutdown ()
#19 0x00000000006b2d6c in ?? ()
#20 0x0000003b5b01d994 in __libc_start_main () from /lib64/libc.so.6
#21 0x0000000000422339 in _start ()
(gdb) 

Thanks.

[2012-03-15 10:26 UTC] pajoye@php.net

@maxime dot marais at gmail dot com

Please try yourself using the snapshots. But as far as I can see the fix has been 
applied to 5.3, so it should work with the snaps.

[2012-04-18 09:46 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=498d9aea7f1ac60ccefd0de5e5d854c27d603900
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-04-18 09:46 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a222954a45df7af796e3c890075010bf0213773b
Log: Re-fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-04-18 09:46 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cf54cc736bc27f18b9a27ed882ad87b1d2e7a2b3
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-05-22 14:05 UTC] php at wallbash dot com

-Status: Closed +Status: Open

[2012-05-22 14:05 UTC] php at wallbash dot com

Dear pajoye@php.net,

Sorry for answering so late. I focused my attention on other projects still now 
and did not check if the issue was solved using an higher production version. It 
seems the issue still exists with current stable version 5.3.13. I get the same 
segmentation fault when testing a project using Doctrine ORM. However, the fault 
location seems to elsewhere. See below.

$ php --version
PHP 5.3.13 (cli) (built: May  8 2012 15:39:23) 
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies

$ gdb --args php /usr/local/bin/phpunit test
GNU gdb (GDB) CentOS (7.0.1-42.el5.centos)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) r
Starting program: /usr/bin/php /usr/local/bin/phpunit test
[Thread debugging using libthread_db enabled]
PHPUnit 3.6.10 by Sebastian Bergmann.

.......................
Program received signal SIGSEGV, Segmentation fault.
0x0000000000652700 in ?? ()
(gdb) bt
#0  0x0000000000652700 in ?? ()
#1  0x00002aaab147ae4c in ?? () from /usr/lib64/php/modules/pdo.so
#2  0x0000000000692bcd in ?? ()
#3  0x000000000065876b in execute ()
#4  0x0000000000627043 in zend_call_function ()
#5  0x000000000064830f in zend_call_method ()
#6  0x00000000006507e8 in zend_objects_destroy_object ()
#7  0x000000000064ea3c in gc_collect_cycles ()
#8  0x000000000064f00e in gc_zval_possible_root ()
#9  0x00000000006b51ed in ?? ()
#10 0x000000000065876b in execute ()
#11 0x0000000000627043 in zend_call_function ()
#12 0x0000000000535fbe in ?? ()
#13 0x0000000000659669 in ?? ()
#14 0x000000000065876b in execute ()
#15 0x0000000000631ba5 in zend_execute_scripts ()
#16 0x00000000005e1328 in php_execute_script ()
#17 0x00000000006bbdf0 in ?? ()
#18 0x00002aaaab7cb994 in __libc_start_main () from /lib64/libc.so.6
#19 0x0000000000422509 in _start ()

[2012-05-23 02:18 UTC] laruence@php.net

seems the same issue exists in 5.3 too, previous fix only fixed the bug in 5.4

[2012-05-23 02:22 UTC] laruence@php.net

-Status: Assigned +Status: Feedback

[2012-05-23 02:22 UTC] laruence@php.net

oh,, I remebered wronly, will take a look into this later,  but the new segfault 
seems not the same as this one(from the bt),  could you please try to make a 
reproducable script?  thanks

[2012-05-23 07:32 UTC] php at wallbash dot com

-Status: Feedback +Status: Assigned

[2012-05-23 07:32 UTC] php at wallbash dot com

I will take time to create a reproducible test on Saturday or Sunday. This looks 
like a kind a memory related issue as I can run each test individually, but not 
all tests in a batch. Trying to know more precisely what makes the process fail 
in scripts, I also installed XDebug extension. Here, a segmentation fault occurs 
when XDebug tries to write its coverage file. I hope this is not some kind of 
heap overflow that may introduce some vulnerability (ie. arbitrary code 
execution).

Follows a debugger dump when only one script is run with XDebug activated and 
coverage asked. An output file cover.txt is created but remains empty. The fault 
now seems to occur next to a call in XDebug Extension.  -- DUMP #1 --

If I try to run all the tests with XDebug activated and coverage asked, a 
segmentation fault still occurs but the back trace is now different, the 
segmentation fault now seems to occur next to a call in pdo.so -- DUMP #2 --

If I now try to run another single test with XDebug activated and coverage 
asked, a segmentation fault occurs again but the back trace is also different, 
the segmentation fault seems to occur also next to a call in pdo.so -- DUMP #3 -
-

$ php --version
PHP 5.3.13 (cli) (built: May  8 2012 15:39:23) 
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
    with Xdebug v2.2.0, Copyright (c) 2002-2012, by Derick Rethans


DUMPS come in next comments in order not to get the "Please do not SPAM our bug 
system." error message.

[2012-05-23 07:32 UTC] php at wallbash dot com

--------- DUMP #1 ---------

$ gdb --args php /usr/local/bin/phpunit --coverage-text=cover.txt 
test/PersistTest.php 
test/InstanciationTest.php 
GNU gdb (GDB) CentOS (7.0.1-42.el5.centos)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) r
Starting program: /usr/bin/php /usr/local/bin/phpunit --coverage-text=cover.txt 
test/PersistTest.php
[Thread debugging using libthread_db enabled]
PHPUnit 3.6.10 by Sebastian Bergmann.

............

Time: 21 seconds, Memory: 21.75Mb

OK (12 tests, 59 assertions)

Generating textual code coverage report, this may take a moment.
Program received signal SIGSEGV, Segmentation fault.
0x0000000000651c85 in ?? ()
(gdb) bt
#0  0x0000000000651c85 in ?? ()
#1  0x0000000000672eee in ?? ()
#2  0x000000000065876b in execute ()
#3  0x00002aaaaf570f4f in xdebug_execute (op_array=0x17fe050)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#4  0x000000000065915d in ?? ()
#5  0x000000000065876b in execute ()
#6  0x00002aaaaf570f4f in xdebug_execute (op_array=0x17e3168)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#7  0x000000000065915d in ?? ()
#8  0x000000000065876b in execute ()
#9  0x00002aaaaf570f4f in xdebug_execute (op_array=0x17ae2c8)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#10 0x000000000065915d in ?? ()
#11 0x000000000065876b in execute ()
#12 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f64700)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#13 0x000000000065915d in ?? ()
#14 0x000000000065876b in execute ()
#15 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f64be8)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#16 0x0000000000627043 in zend_call_function ()
#17 0x000000000064830f in zend_call_method ()
---Type <return> to continue, or q <return> to quit---
#18 0x00000000006507e8 in zend_objects_destroy_object ()
#19 0x000000000064ea3c in gc_collect_cycles ()
#20 0x000000000064f00e in gc_zval_possible_root ()
#21 0x00000000006b9031 in ?? ()
#22 0x000000000065876b in execute ()
#23 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22f8c90)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#24 0x000000000065915d in ?? ()
#25 0x000000000065876b in execute ()
#26 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22d3498)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#27 0x000000000065915d in ?? ()
#28 0x000000000065876b in execute ()
#29 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22dec68)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#30 0x000000000065915d in ?? ()
#31 0x000000000065876b in execute ()
#32 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaac24700)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#33 0x000000000065915d in ?? ()
#34 0x000000000065876b in execute ()
#35 0x00002aaaaf570f4f in xdebug_execute (op_array=0x22d6a60)
    at /tmp/pear/install/xdebug/xdebug.c:1390
---Type <return> to continue, or q <return> to quit---
#36 0x000000000065915d in ?? ()
#37 0x000000000065876b in execute ()
#38 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2141e58)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#39 0x000000000065915d in ?? ()
#40 0x000000000065876b in execute ()
#41 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#42 0x000000000065915d in ?? ()
#43 0x000000000065876b in execute ()
#44 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#45 0x000000000065915d in ?? ()
#46 0x000000000065876b in execute ()
#47 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#48 0x000000000065915d in ?? ()
#49 0x000000000065876b in execute ()
#50 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2142fb0)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#51 0x000000000065915d in ?? ()
#52 0x000000000065876b in execute ()
#53 0x00002aaaaf570f4f in xdebug_execute (op_array=0x21418d8)
---Type <return> to continue, or q <return> to quit---
    at /tmp/pear/install/xdebug/xdebug.c:1390
#54 0x000000000065915d in ?? ()
#55 0x000000000065876b in execute ()
#56 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1333f80)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#57 0x000000000065915d in ?? ()
#58 0x000000000065876b in execute ()
#59 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1fa1a70)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#60 0x000000000065915d in ?? ()
#61 0x000000000065876b in execute ()
#62 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaab98870)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#63 0x000000000065915d in ?? ()
#64 0x000000000065876b in execute ()
#65 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc3f428)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#66 0x000000000065915d in ?? ()
#67 0x000000000065876b in execute ()
#68 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc3bac8)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#69 0x000000000065915d in ?? ()
#70 0x000000000065876b in execute ()
---Type <return> to continue, or q <return> to quit---
#71 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc2d908)
    at /tmp/pear/install/xdebug/xdebug.c:1390
#72 0x0000000000631ba5 in zend_execute_scripts ()
#73 0x00000000005e1328 in php_execute_script ()
#74 0x00000000006bbdf0 in ?? ()
#75 0x00002aaaab7cb994 in __libc_start_main () from /lib64/libc.so.6
#76 0x0000000000422509 in _start ()
(gdb)

[2012-05-23 07:32 UTC] php at wallbash dot com

--------- DUMP #2 ---------

$ gdb --args php /usr/local/bin/phpunit --coverage-text=cover.txt test
GNU gdb (GDB) CentOS (7.0.1-42.el5.centos)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) r
Starting program: /usr/bin/php /usr/local/bin/phpunit --coverage-text=cover.txt 
test
[Thread debugging using libthread_db enabled]
PHPUnit 3.6.10 by Sebastian Bergmann.

.........
Program received signal SIGSEGV, Segmentation fault.
0x0000000000652700 in ?? ()
(gdb) bt
#0  0x0000000000652700 in ?? ()
#1  0x00002aaab16abe4c in ?? () from /usr/lib64/php/modules/pdo.so
#2  0x0000000000692bcd in ?? ()
#3  0x000000000065876b in execute ()
#4  0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaab428b5d8) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#5  0x000000000065915d in ?? ()
#6  0x000000000065876b in execute ()
#7  0x00002aaaaf570f4f in xdebug_execute (op_array=0x1c63328) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#8  0x000000000065915d in ?? ()
#9  0x000000000065876b in execute ()
#10 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1c29480) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#11 0x000000000065915d in ?? ()
#12 0x000000000065876b in execute ()
#13 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1c24b10) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#14 0x0000000000627043 in zend_call_function ()
#15 0x000000000064830f in zend_call_method ()
#16 0x00000000006507e8 in zend_objects_destroy_object ()
#17 0x000000000064ea3c in gc_collect_cycles ()
#18 0x000000000064f00e in gc_zval_possible_root ()
#19 0x000000000067b264 in ?? ()
#20 0x000000000065876b in execute ()
#21 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1a26d38) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#22 0x000000000065915d in ?? ()
#23 0x000000000065876b in execute ()
#24 0x00002aaaaf570f4f in xdebug_execute (op_array=0xee1008) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#25 0x000000000065915d in ?? ()
#26 0x000000000065876b in execute ()
#27 0x00002aaaaf570f4f in xdebug_execute (op_array=0xfa0e28) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#28 0x000000000065915d in ?? ()
#29 0x000000000065876b in execute ()
#30 0x00002aaaaf570f4f in xdebug_execute (op_array=0xf9e000) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#31 0x000000000065915d in ?? ()
#32 0x000000000065876b in execute ()
#33 0x00002aaaaf570f4f in xdebug_execute (op_array=0xf635d0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#34 0x000000000065915d in ?? ()
#35 0x000000000065876b in execute ()
#36 0x00002aaaaf570f4f in xdebug_execute (op_array=0x10877e0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#37 0x000000000065915d in ?? ()
#38 0x000000000065876b in execute ()
#39 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1bb08e8) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#40 0x000000000065915d in ?? ()
#41 0x000000000065876b in execute ()
#42 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1bc2610) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#43 0x000000000065915d in ?? ()
#44 0x000000000065876b in execute ()
#45 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1baf8a0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#46 0x000000000065915d in ?? ()
#47 0x000000000065876b in execute ()
#48 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1c1d658) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#49 0x000000000065915d in ?? ()
#50 0x000000000065876b in execute ()
#51 0x00002aaaaf570f4f in xdebug_execute (op_array=0x17e6270) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#52 0x000000000065915d in ?? ()
#53 0x000000000065876b in execute ()
#54 0x00002aaaaf570f4f in xdebug_execute (op_array=0x17e5898) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#55 0x000000000065915d in ?? ()
#56 0x000000000065876b in execute ()
#57 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1775330) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#58 0x000000000065915d in ?? ()
---Type <return> to continue, or q <return> to quit---
#59 0x000000000065876b in execute ()
#60 0x00002aaaaf570f4f in xdebug_execute (op_array=0xd0c5f8) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#61 0x0000000000627043 in zend_call_function ()
#62 0x0000000000535fbe in ?? ()
#63 0x00002aaaaf56ee62 in xdebug_execute_internal 
(current_execute_data=0x2aaaaaae0508, 
return_value_used=1) at /tmp/pear/install/xdebug/xdebug.c:1482
#64 0x000000000065949d in ?? ()
#65 0x000000000065876b in execute ()
#66 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1223ea0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#67 0x000000000065915d in ?? ()
#68 0x000000000065876b in execute ()
#69 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1223d48) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#70 0x000000000065915d in ?? ()
#71 0x000000000065876b in execute ()
#72 0x00002aaaaf570f4f in xdebug_execute (op_array=0x13847c0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#73 0x000000000065915d in ?? ()
#74 0x000000000065876b in execute ()
#75 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1223bf0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#76 0x000000000065915d in ?? ()
#77 0x000000000065876b in execute ()
#78 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaac69780) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#79 0x000000000065915d in ?? ()
#80 0x000000000065876b in execute ()
#81 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaac684a0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#82 0x000000000065915d in ?? ()
#83 0x000000000065876b in execute ()
#84 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaac684a0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#85 0x000000000065915d in ?? ()
#86 0x000000000065876b in execute ()
#87 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaab98678) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#88 0x000000000065915d in ?? ()
#89 0x000000000065876b in execute ()
#90 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc44c98) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#91 0x000000000065915d in ?? ()
#92 0x000000000065876b in execute ()
#93 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc41338) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#94 0x000000000065915d in ?? ()
#95 0x000000000065876b in execute ()
#96 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc33178) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#97 0x0000000000631ba5 in zend_execute_scripts ()
#98 0x00000000005e1328 in php_execute_script ()
#99 0x00000000006bbdf0 in ?? ()
#100 0x00002aaaab7cb994 in __libc_start_main () from /lib64/libc.so.6
#101 0x0000000000422509 in _start ()

[2012-05-23 07:33 UTC] php at wallbash dot com

--------- DUMP #3 ---------


$ gdb --args php /usr/local/bin/phpunit --coverage-text=cover.txt 
test/InstanciationTest.php 
GNU gdb (GDB) CentOS (7.0.1-42.el5.centos)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) r
Starting program: /usr/bin/php /usr/local/bin/phpunit --coverage-text=cover.txt 
test/InstanciationTest.php
[Thread debugging using libthread_db enabled]
PHPUnit 3.6.10 by Sebastian Bergmann.

.............

Time: 4 seconds, Memory: 21.00Mb

OK (13 tests, 71 assertions)

Generating textual code coverage report, this may take a moment.
Program received signal SIGSEGV, Segmentation fault.
0x0000000000652700 in ?? ()
(gdb) bt
#0  0x0000000000652700 in ?? ()
#1  0x00002aaab16abe4c in ?? () from /usr/lib64/php/modules/pdo.so
#2  0x0000000000692bcd in ?? ()
#3  0x000000000065876b in execute ()
#4  0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaab428c878) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#5  0x000000000065915d in ?? ()
#6  0x000000000065876b in execute ()
#7  0x00002aaaaf570f4f in xdebug_execute (op_array=0x179f520) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#8  0x000000000065915d in ?? ()
#9  0x000000000065876b in execute ()
#10 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1513890) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#11 0x000000000065915d in ?? ()
#12 0x000000000065876b in execute ()
#13 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1986ea8) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#14 0x0000000000627043 in zend_call_function ()
#15 0x000000000064830f in zend_call_method ()
#16 0x00000000006507e8 in zend_objects_destroy_object ()
#17 0x000000000064ea3c in gc_collect_cycles ()
#18 0x000000000064f00e in gc_zval_possible_root ()
#19 0x00000000006b9031 in ?? ()
#20 0x000000000065876b in execute ()
#21 0x00002aaaaf570f4f in xdebug_execute (op_array=0x21dedc0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#22 0x000000000065915d in ?? ()
#23 0x000000000065876b in execute ()
#24 0x00002aaaaf570f4f in xdebug_execute (op_array=0x21de378) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#25 0x000000000065915d in ?? ()
#26 0x000000000065876b in execute ()
#27 0x00002aaaaf570f4f in xdebug_execute (op_array=0x21b9718) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#28 0x000000000065915d in ?? ()
#29 0x000000000065876b in execute ()
#30 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaac245b0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#31 0x000000000065915d in ?? ()
#32 0x000000000065876b in execute ()
#33 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2086cd0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#34 0x000000000065915d in ?? ()
#35 0x000000000065876b in execute ()
#36 0x00002aaaaf570f4f in xdebug_execute (op_array=0x208d828) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#37 0x000000000065915d in ?? ()
#38 0x000000000065876b in execute ()
#39 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f90600) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#40 0x000000000065915d in ?? ()
#41 0x000000000065876b in execute ()
#42 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f90600) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#43 0x000000000065915d in ?? ()
#44 0x000000000065876b in execute ()
#45 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f90600) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#46 0x000000000065915d in ?? ()
#47 0x000000000065876b in execute ()
#48 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1f90600) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#49 0x000000000065915d in ?? ()
#50 0x000000000065876b in execute ()
#51 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1fd8f10) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#52 0x000000000065915d in ?? ()
#53 0x000000000065876b in execute ()
#54 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1312110) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#55 0x000000000065915d in ?? ()
#56 0x000000000065876b in execute ()
#57 0x00002aaaaf570f4f in xdebug_execute (op_array=0x1fda010) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#58 0x000000000065915d in ?? ()
---Type <return> to continue, or q <return> to quit---
#59 0x000000000065876b in execute ()
#60 0x00002aaaaf570f4f in xdebug_execute (op_array=0x2aaaaab986a0) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#61 0x000000000065915d in ?? ()
#62 0x000000000065876b in execute ()
#63 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc44ca8) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#64 0x000000000065915d in ?? ()
#65 0x000000000065876b in execute ()
#66 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc41348) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#67 0x000000000065915d in ?? ()
#68 0x000000000065876b in execute ()
#69 0x00002aaaaf570f4f in xdebug_execute (op_array=0xc33188) at 
/tmp/pear/install/xdebug/xdebug.c:1390
#70 0x0000000000631ba5 in zend_execute_scripts ()
#71 0x00000000005e1328 in php_execute_script ()
#72 0x00000000006bbdf0 in ?? ()
#73 0x00002aaaab7cb994 in __libc_start_main () from /lib64/libc.so.6
#74 0x0000000000422509 in _start ()
(gdb)

[2012-05-30 14:12 UTC] maxime dot marais at gmail dot com

Laruence,

I am unable to recreate a simple script that would trigger the segmentation 
fault I'm facing. It seems many objects have to be handled before the 
segmentation fault occurs. For example, a test script runs well with phpunit if 
ran once, but fails if ran twice or more (phpunit with --repeat N option, N > 
1). I can not neither provide my source code right here on the forum as the 
project I'm working on is not public. Anyway, I guess there would too much files 
to provide and the project would be complicated to reassemble.

However, if you accept, I suggest to send you the current code + necessary data 
and test files by private mail if you engage not to distribute this code nor 
keep any copy of it once the bug fixed. 

Please, contact me by mail.

[2012-05-31 02:16 UTC] laruence@php.net

@maxime dot marais at gmail dot com, okey,　I will write to your mail. thanks

[2012-06-27 08:37 UTC] maxime dot marais at gmail dot com

It seems this issue is solved with version 5.3.14 (http://bugs.php.net/61730). 
For my project, version 5.3.14 solved the issue that still occured with version 
5.3.13.

Could someone confirm?

[2012-07-24 23:37 UTC] rasmus@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=498d9aea7f1ac60ccefd0de5e5d854c27d603900
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-07-24 23:37 UTC] rasmus@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a222954a45df7af796e3c890075010bf0213773b
Log: Re-fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-07-24 23:37 UTC] rasmus@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cf54cc736bc27f18b9a27ed882ad87b1d2e7a2b3
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2012-11-24 16:01 UTC] laruence@php.net

close, as the previous comment.

[2012-11-24 16:02 UTC] laruence@php.net

-Status: Assigned +Status: Closed

[2013-11-17 09:34 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=498d9aea7f1ac60ccefd0de5e5d854c27d603900
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

[2013-11-17 09:34 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a222954a45df7af796e3c890075010bf0213773b
Log: Re-fixed bug #60825 (Segfault when running symfony 2 tests)

[2013-11-17 09:34 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cf54cc736bc27f18b9a27ed882ad87b1d2e7a2b3
Log: Fixed bug #60825 (Segfault when running symfony 2 tests)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Oct 29 05:00:01 2025 UTC